jahanson/vyos-config
Archived
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Packages Wiki Activity
This repository has been archived on 2024-04-29. You can view files and clone it, but cannot push or open issues or pull requests.
vyos-config/containers/dnsdist/config/dnsdist.conf
Joseph Hanson 31c27facb1
Initial Commit.
2023-03-29 13:30:45 -05:00

91 lines
2.3 KiB
Text
Raw Blame History

-- udp/tcp dns listening
setLocal("0.0.0.0:53", {})
-- Local CoreDNS
newServer({
address = "10.5.0.3",
pool = "coredns"
})
-- ControlD - Servers
newServer({
address = "76.76.2.22:443",
tls = "openssl",
subjectName = "dns.controld.com",
dohPath = "/14pk0z49y0u",
validateCertificates = true,
checkInterval = 10,
checkTimeout = 2000,
pool = "controld_servers"
})
-- ControlD - Trusted
newServer({
address = "76.76.2.22:443",
tls = "openssl",
subjectName = "dns.controld.com",
dohPath = "/7l9xgidtyr",
validateCertificates = true,
checkInterval = 10,
checkTimeout = 2000,
pool = "controld_trusted"
})
-- ControlD - IoT
newServer({
address = "76.76.2.22:443",
tls = "openssl",
subjectName = "dns.controld.com",
dohPath = "/227g88d4fp5",
validateCertificates = true,
checkInterval = 10,
checkTimeout = 2000,
pool = "controld_iot"
})
-- CloudFlare DNS over TLS
newServer({
address = "1.1.1.1:853",
tls = "openssl",
subjectName = "cloudflare-dns.com",
validateCertificates = true,
checkInterval = 10,
checkTimeout = 2000,
pool = "cloudflare"
})
newServer({
address = "1.0.0.1:853",
tls = "openssl",
subjectName = "cloudflare-dns.com",
validateCertificates = true,
checkInterval = 10,
checkTimeout = 2000,
pool = "cloudflare"
})
-- Enable caching
pc = newPacketCache(10000, {
maxTTL = 86400,
minTTL = 0,
temporaryFailureTTL = 60,
staleTTL = 60,
dontAge = false
})
getPool(""):setCache(pc)
-- Request logging, uncomment to log DNS requests/responses to stdout
-- addAction(AllRule(), LogAction("", false, false, true, false, false))
-- addResponseAction(AllRule(), LogResponseAction("", false, true, false, false))
-- Routing rules
addAction('unifi', PoolAction('coredns'))
addAction('hsn.dev', PoolAction('coredns'))
addAction('jahanson.tech', PoolAction('coredns'))
addAction('1.10.in-addr.arpa', PoolAction('coredns'))
addAction("10.1.0.0/24", PoolAction("controld_servers")) -- lan
addAction("10.1.1.0/24", PoolAction("controld_servers")) -- servers vlan
addAction("10.1.2.0/24", PoolAction("controld_trusted")) -- trusted vlan
addAction("10.1.3.0/24", PoolAction("controld_iot")) -- iot vlan
addAction("10.0.11.0/24", PoolAction("controld_trusted")) -- wg_trusted vlan
addAction("192.168.2.0/24", PoolAction("cloudflare")) -- guest vlan
Reference in a new issue View git blame Copy permalink