惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Help Net Security
Help Net Security
S
SegmentFault 最新的问题
T
The Blog of Author Tim Ferriss
J
Java Code Geeks
博客园 - 三生石上(FineUI控件)
月光博客
月光博客
C
Check Point Blog
M
MIT News - Artificial intelligence
GbyAI
GbyAI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
U
Unit 42
D
Docker
G
Google Developers Blog
云风的 BLOG
云风的 BLOG
H
Help Net Security
D
DataBreaches.Net
Microsoft Azure Blog
Microsoft Azure Blog
B
Blog RSS Feed
Engineering at Meta
Engineering at Meta
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
B
Blog
Cloudbric
Cloudbric
Blog — PlanetScale
Blog — PlanetScale
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Troy Hunt's Blog
N
News | PayPal Newsroom
V2EX - 技术
V2EX - 技术
H
Heimdal Security Blog
S
Security @ Cisco Blogs
V
Visual Studio Blog
The Last Watchdog
The Last Watchdog
博客园 - Franky
大猫的无限游戏
大猫的无限游戏
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Webroot Blog
Webroot Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
C
Cyber Attacks, Cyber Crime and Cyber Security
Last Week in AI
Last Week in AI
爱范儿
爱范儿
博客园 - 聂微东
S
Securelist
小众软件
小众软件
酷 壳 – CoolShell
酷 壳 – CoolShell
Cisco Talos Blog
Cisco Talos Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
C
CXSECURITY Database RSS Feed - CXSecurity.com
V
Vulnerabilities – Threatpost
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
O
OpenAI News
Apple Machine Learning Research
Apple Machine Learning Research

recursor on CoreDNS: DNS and Service Discovery

暂无文章

recursor
2023-01-30 · via recursor on CoreDNS: DNS and Service Discovery

Description

The recursor resolves domains using defined IP addresses or resolving other mapped domains using defined resolvers.

Syntax

recursor {   
    [external-yaml config-file-path]
    [external-json config-file-path]

    [verbose 0..2]
    zone: zone.name
    [resolver non-default {
        urls udp://ip-1:port udp://ip-n:port
        [timeout_ms 500]
    }]
    [alias alias-name | * {
        [hosts domain-1 domain-n]
        [ips ip-1 ip-n]
        [resolver_name non-default]
        [ttl custom-ttl]
    }]
}

The recursor definition:

  • zone - DNS zone for the recursor
  • verbose - stdout logs level:
    • 0 - minimal
    • 1 - middle
    • 2 - talkative
  • resolvers - other DNS servers:
    • map-key/id: name of resolver, default overrides system default resolver
    • urls: list of URL addresses, example: udp://127.0.0.1:53 (system default is represented by ://default)
    • timeout_ms: resolver connection timeout in millisecods
  • aliases - domain aliases:
    • map-key/id: name of alias, subdomain or * if you want the recursor to be a DNS repeater
    • ips: IP addresses to return as a part of answer
    • hosts: domains to be resolved so that the IP addresses obtained in this way will be returned as a part of answer
    • resolver_name: the defined resolver reference, default is… default of course :)
    • ttl: DNS record Time To Live in seconds

Metrics

If monitoring is enabled (via the prometheus directive) the following metric is exported.

Health

This plugin implements dynamic health checking. It will always return healthy though.

Examples

Corefile

recursor {   
    [external-yaml config-file-path]
    [external-json config-file-path]

    [verbose 0..2]
    zone: demo.svc
    resolver dns-c {
        urls udp://1.1.1.1:53 udp://1.0.0.1:53
        timeout_ms 500
    }
    resolver dns-g {
        urls udp://8.8.8.8:53 udp://8.8.4.4:53
    }  
    resolver demo {
        urls udp://10.0.0.1:53
    }  
    alias alias1 {
        hosts www.example.org www.example.com
        resolver_name dns-c
        ttl 11
    }
    alias alias2 {
        ips 10.0.0.1 10.0.0.2
        ttl 12
    }
    alias alias3 {
        ips 10.0.0.1 10.0.0.2
        hosts www.example.net
        resolver_name dns-g
        ttl 13
    }
    alias alias4 {
        hosts www.example.net
        ttl 14
    }  

    alias * {
        resolver_name demo
        ttl 15
    }  
}

External YAML

zone: demo.svc
resolvers:
  dns-c:
    urls: [ udp://1.1.1.1:53, udp://1.0.0.1:53 ]
    timeout_ms: 500
  dns-g:
    urls: [ udp://8.8.8.8:53, udp://8.8.4.4:53 ]
  demo:
    urls: [ udp://10.0.0.1:53 ]
aliases:
  alias1:
    hosts: [ www.example.org, www.example.com ]
    resolver_name: dns-c
    ttl: 11
  alias2:
    ips: [ 10.0.0.1, 10.0.0.2 ]
    ttl: 12
  alias3:
    ips: [ 10.0.0.1, 10.0.0.2 ]
    hosts: [ www.example.net ]
    resolver_name: dns-g
    ttl: 13
  alias4:
    hosts: [ www.example.net ]
    ttl: 14
  "*":
    resolver_name: demo
    ttl: 15

External JSON

{
  "zone": "demo.svc",
  "resolvers": {
    "dns-c": {
      "urls": [ "udp://1.1.1.1:53", "udp://1.0.0.1:53" ],
      "timeout_ms": 500
    },
    "dns-g": {
      "urls": [ "udp://8.8.8.8:53", "udp://8.8.4.4:53" ]
    },
    "demo": {
      "urls": [ "udp://10.0.0.1:53" ]
    }
  },
  "aliases": {
    "alias1": {
      "hosts": [ "www.example.org", "www.example.com" ],
      "resolver_name": "dns-c",
      "ttl": 11
    },
    "alias2": {
      "ips": [ "10.0.0.1", "10.0.0.2" ],
      "ttl": 12
    },
    "alias3": {
      "ips": [ "10.0.0.1", "10.0.0.2" ],
      "hosts": [ "www.example.net" ],
      "resolver_name": "dns-g",
      "ttl": 13
    },
    "alias4": {
      "hosts": [ "www.example.net" ],
      "ttl": 14
    },
    "*": {
      "resolver_name": "demo",
      "ttl": 15
    }
  }
}

Also See

See the manual.