New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Is that possible to set a GEODNS for root domain when using GeoIP backend? #4276

Closed
ZE3kr opened this Issue Aug 2, 2016 · 2 comments

Comments

Projects
None yet
3 participants
@ZE3kr

ZE3kr commented Aug 2, 2016

I want to use GEODNS to my root domain, but it doesn't work.

First, i tried this, and works for www domain:

# config 1 file
- domain: example.com
  ttl: 1800
  records:
    example.com:
      - soa: ns1.example.com. support.example.com. 1 86400 3600 604800 10800
    ns1.example.com:
      - a:
          content: 10.0.0.1
          ttl: 86400
      - aaaa:
          content: ::1
          ttl: 86400
    ns2.example.com:
      - a:
          content: 10.0.0.2
          ttl: 86400
      - aaaa:
          content: ::2
          ttl: 86400
    # just a list of servers
    newyork-server.example.com: &newyork
      - a: 10.0.2.1
      - aaaa: ::2:1
    japan-server.example.com: &japan
      - a: 10.0.3.1
      - aaaa: ::3:1
    # GEODNS
    unknown.geo.example.com: *newyork
    as.geo.example.com: *japan
  services:
    www.example.com: [ '%cn.geo.example.com', 'unknown.geo.example.com' ]

And I change www.example.com to example.com, it does't work, I think it is because I set same domain in record and service. The dig return only SOA record for my root domain, but no A and AAAA.

# result 1
$ dig @localhost example.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @localhost example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1041
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;example.com.           IN  A

;; AUTHORITY SECTION:
example.com.        1800    IN  SOA ns1.example.com. support.example.com. 1 86400 3600 604800 10800

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 02 19:37:26 EDT 2016
;; MSG SIZE  rcvd: 88

Then I tried this config file:

# config 3 file
- domain: example.com
  ttl: 1800
  records:
    ns1.example.com:
      - a:
          content: 10.0.0.1
          ttl: 86400
      - aaaa:
          content: ::1
          ttl: 86400
    ns2.example.com:
      - a:
          content: 10.0.0.2
          ttl: 86400
      - aaaa:
          content: ::2
          ttl: 86400
    # just a list of servers
    unknown.geo.example.com:
      - a: 10.0.2.1
      - aaaa: ::2:1
      - soa: ns1.example.com. support.example.com. 1 86400 3600 604800 10800
    as.geo.example.com:
      - a: 10.0.3.1
      - aaaa: ::3:1
      - soa: ns1.example.com. support.example.com. 1 86400 3600 604800 10800
  services:
    example.com: [ '%cn.geo.example.com', 'unknown.geo.example.com' ]

It really works well, but when I re-add this to services block, suddenly the root domain returns nothing (just like result 1) but only www domain works!

  services:
    example.com: [ '%cn.geo.example.com', 'unknown.geo.example.com' ]
    www.example.com: [ '%cn.geo.example.com', 'unknown.geo.example.com' ]

I think it's a bug because #3747 , and also please add extra support so that I can set it up easily by config 1 file.

@ZE3kr

This comment has been minimized.

ZE3kr commented Aug 3, 2016

So now I can set it for root domain like config 3 file, and other domains set a cname to root domain, but it's a bit complex.

@Habbie Habbie added the auth label Aug 11, 2016

@zeha

This comment has been minimized.

Collaborator

zeha commented Oct 2, 2017

#3747 has been fixed a while ago, and I think everything in this ticket should work now. If not, please provide more details.

@zeha zeha closed this Oct 2, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment