Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-11-19 18:32:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add alternate option to forward plugin (#6681)

Browse Source 
Allows the forward plugin to execute the next plugin based on the return code. Similar to the externally mainted alternate plugin https://github.com/coredns/alternate

Based on the idea of chrisohaver@ in #6549 (comment)
Also incoperated the request to rename `alternate` to `next` as an option

I am having issues adding a proper test for functionality. Primarily, I do not know the code base enough and having multiple `dnstest.NewServer` with ResponseWriter does not work. From my testing these are "Singletons'' and only the last defined response writer is used for all servers

Signed-off-by: Jasper Bernhardt <jasper.bernhardt@live.de>
This commit is contained in:
Jasper Bernhardt
2024-07-01 17:20:12 +02:00
committed by GitHub
parent 3f388442cc
commit 2e9986c622
4 changed files with 84 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
plugin/forward/README.md
View File

@@ -50,6 +50,7 @@ forward FROM TO... {
policy random|round_robin|sequential
health_check DURATION [no_rec] [domain FQDN]
max_concurrent MAX
next RCODE_1 [RCODE_2] [RCODE_3...]
}
~~~
@@ -95,6 +96,7 @@ forward FROM TO... {
response does not count as a health failure. When choosing a value for **MAX**, pick a number
at least greater than the expected *upstream query rate* * *latency* of the upstream servers.
As an upper bound for **MAX**, consider that each concurrent query will use about 2kb of memory.
* `next` If the `RCODE` (i.e. `NXDOMAIN`) is returned by the remote then execute the next plugin. If no next plugin is defined, or the next plugin is not a `forward` plugin, this setting is ignored
Also note the TLS config is "global" for the whole forwarding proxy if you need a different
`tls_servername` for different upstreams you're out of luck.
@@ -268,6 +270,21 @@ Or when you have multiple DoT upstreams with different `tls_servername`s, you ca
}
~~~
The following would try 1.2.3.4 first. If the response is `NXDOMAIN`, try 5.6.7.8. If the response from 5.6.7.8 is `NXDOMAIN`, try 9.0.1.2.
~~~ corefile
. {
forward . 1.2.3.4 {
next NXDOMAIN
}
forward . 5.6.7.8 {
next NXDOMAIN
}
forward . 9.0.1.2 {
}
}
~~~
## See Also
[RFC 7858](https://tools.ietf.org/html/rfc7858) for DNS over TLS.