惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

W
WeLiveSecurity
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
腾讯CDC
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Blog of Author Tim Ferriss
Microsoft Azure Blog
Microsoft Azure Blog
罗磊的独立博客
F
Full Disclosure
博客园 - 【当耐特】
C
CERT Recently Published Vulnerability Notes
Engineering at Meta
Engineering at Meta
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Threatpost
I
Intezer
V2EX - 技术
V2EX - 技术
H
Hackread – Cybersecurity News, Data Breaches, AI and More
The Hacker News
The Hacker News
小众软件
小众软件
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
B
Blog RSS Feed
Microsoft Security Blog
Microsoft Security Blog
N
News | PayPal Newsroom
MyScale Blog
MyScale Blog
AI
AI
Vercel News
Vercel News
Spread Privacy
Spread Privacy
美团技术团队
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The GitHub Blog
The GitHub Blog
V
Vulnerabilities – Threatpost
Schneier on Security
Schneier on Security
Cyberwarzone
Cyberwarzone
G
GRAHAM CLULEY
Help Net Security
Help Net Security
Hacker News: Ask HN
Hacker News: Ask HN
Google DeepMind News
Google DeepMind News
MongoDB | Blog
MongoDB | Blog
L
LINUX DO - 热门话题
U
Unit 42
L
LangChain Blog
Recent Announcements
Recent Announcements

recursor on CoreDNS: DNS and Service Discovery

暂无文章

recursor
2023-01-30 · via recursor on CoreDNS: DNS and Service Discovery

Description

The recursor resolves domains using defined IP addresses or resolving other mapped domains using defined resolvers.

Syntax

recursor {   
    [external-yaml config-file-path]
    [external-json config-file-path]

    [verbose 0..2]
    zone: zone.name
    [resolver non-default {
        urls udp://ip-1:port udp://ip-n:port
        [timeout_ms 500]
    }]
    [alias alias-name | * {
        [hosts domain-1 domain-n]
        [ips ip-1 ip-n]
        [resolver_name non-default]
        [ttl custom-ttl]
    }]
}

The recursor definition:

  • zone - DNS zone for the recursor
  • verbose - stdout logs level:
    • 0 - minimal
    • 1 - middle
    • 2 - talkative
  • resolvers - other DNS servers:
    • map-key/id: name of resolver, default overrides system default resolver
    • urls: list of URL addresses, example: udp://127.0.0.1:53 (system default is represented by ://default)
    • timeout_ms: resolver connection timeout in millisecods
  • aliases - domain aliases:
    • map-key/id: name of alias, subdomain or * if you want the recursor to be a DNS repeater
    • ips: IP addresses to return as a part of answer
    • hosts: domains to be resolved so that the IP addresses obtained in this way will be returned as a part of answer
    • resolver_name: the defined resolver reference, default is… default of course :)
    • ttl: DNS record Time To Live in seconds

Metrics

If monitoring is enabled (via the prometheus directive) the following metric is exported.

Health

This plugin implements dynamic health checking. It will always return healthy though.

Examples

Corefile

recursor {   
    [external-yaml config-file-path]
    [external-json config-file-path]

    [verbose 0..2]
    zone: demo.svc
    resolver dns-c {
        urls udp://1.1.1.1:53 udp://1.0.0.1:53
        timeout_ms 500
    }
    resolver dns-g {
        urls udp://8.8.8.8:53 udp://8.8.4.4:53
    }  
    resolver demo {
        urls udp://10.0.0.1:53
    }  
    alias alias1 {
        hosts www.example.org www.example.com
        resolver_name dns-c
        ttl 11
    }
    alias alias2 {
        ips 10.0.0.1 10.0.0.2
        ttl 12
    }
    alias alias3 {
        ips 10.0.0.1 10.0.0.2
        hosts www.example.net
        resolver_name dns-g
        ttl 13
    }
    alias alias4 {
        hosts www.example.net
        ttl 14
    }  

    alias * {
        resolver_name demo
        ttl 15
    }  
}

External YAML

zone: demo.svc
resolvers:
  dns-c:
    urls: [ udp://1.1.1.1:53, udp://1.0.0.1:53 ]
    timeout_ms: 500
  dns-g:
    urls: [ udp://8.8.8.8:53, udp://8.8.4.4:53 ]
  demo:
    urls: [ udp://10.0.0.1:53 ]
aliases:
  alias1:
    hosts: [ www.example.org, www.example.com ]
    resolver_name: dns-c
    ttl: 11
  alias2:
    ips: [ 10.0.0.1, 10.0.0.2 ]
    ttl: 12
  alias3:
    ips: [ 10.0.0.1, 10.0.0.2 ]
    hosts: [ www.example.net ]
    resolver_name: dns-g
    ttl: 13
  alias4:
    hosts: [ www.example.net ]
    ttl: 14
  "*":
    resolver_name: demo
    ttl: 15

External JSON

{
  "zone": "demo.svc",
  "resolvers": {
    "dns-c": {
      "urls": [ "udp://1.1.1.1:53", "udp://1.0.0.1:53" ],
      "timeout_ms": 500
    },
    "dns-g": {
      "urls": [ "udp://8.8.8.8:53", "udp://8.8.4.4:53" ]
    },
    "demo": {
      "urls": [ "udp://10.0.0.1:53" ]
    }
  },
  "aliases": {
    "alias1": {
      "hosts": [ "www.example.org", "www.example.com" ],
      "resolver_name": "dns-c",
      "ttl": 11
    },
    "alias2": {
      "ips": [ "10.0.0.1", "10.0.0.2" ],
      "ttl": 12
    },
    "alias3": {
      "ips": [ "10.0.0.1", "10.0.0.2" ],
      "hosts": [ "www.example.net" ],
      "resolver_name": "dns-g",
      "ttl": 13
    },
    "alias4": {
      "hosts": [ "www.example.net" ],
      "ttl": 14
    },
    "*": {
      "resolver_name": "demo",
      "ttl": 15
    }
  }
}

Also See

See the manual.