AdguardTeam
Multiple response records for UI DNS rewrites
Prerequisites
-
[X] I have checked the Wiki and Discussions and found no answer
-
[X] I have searched other issues and found no duplicates
-
[X] I want to request a feature or enhancement and not ask a question
The problem
How can we configure multiple IP addresses to enhance reliability for DNS rewriting, as the current setup only supports a single IP address and raises concerns about a single point of failure?
Proposed solution
steamcommunity.com 45.114.11.25,118.193.240.37,210.56.51.192
Alternatives considered and additional information
No response
||aa.xxx.net^$dnsrewrite=NOERROR;A;123.123.123.123
||aa.xxx.net^$dnsrewrite=NOERROR;A;21.21.21.21
After testing with the mentioned configuration, it was observed that only the initial IP is matched successfully. In the event of a failure in the first IP, it does not automatically switch to the subsequent parameters. Checking the resolution using 'nslookup -displaydns' reveals that the second IP, as configured, is present in the resolution.
The ability to swiftly replace the IP address assigned by CDN in the event of a failure, or to implement DNS rewriting protection features such as polling, can be achieved through various means.
I would like to support single/multiple domain rewriting with single/multiple IP addresses. Many CDN websites have similar requirements, and I hope to have a better way to achieve this, such as using the 'host' method. Thank you
I'm still not exactly sure what you're asking. Your example with two dnsrewrite rules works:
dig 'aa.xxx.net' IN A
[…]
;; QUESTION SECTION:
;aa.xxx.net. IN A
;; ANSWER SECTION:
aa.xxx.net. 10 IN A 123.123.123.123
aa.xxx.net. 10 IN A 21.21.21.21
[…]
@ainar-g I want to convey that a specific domain is bound to multiple IP addresses, and when a user makes a request, it randomly matches one IP from the list of bindings for resolution. For example: AA.XXX.COM is bound to 45.114.11.25, 118.193.240.37, 210.56.51.192. When a user requests, ADG randomly matches one IP, such as 210.56.51.192, for the end user.
Certainly! Here is the translation:
Image 1 illustrates a scenario where a single website is associated with multiple IP addresses. Image 2 depicts a situation where multiple websites are associated with multiple IP addresses. In both cases, when users access the mentioned websites, an IP is randomly or cyclically selected to fulfill individual requests.
If I understood correctly, there are basically two feature requests here. One is for the legacy rewrite UI to support multiple targets and responses. I don't think this is likely, since that makes the feature more complicated, but we might consider something like that in the future.
The other is randomization of the response records from $dnsrewrite rules (and other types of rewrites?). I'm not sure if we need that, since it is a client's choice which of the records to choose, most of the time.
如果我理解正确的话,这里基本上有两个功能请求。一种是让旧版重写 UI 支持多个目标和响应。我认为这不太可能,因为这会使功能更加复杂,但我们可能会在未来考虑类似的事情。
另一种是来自规则的响应记录的随机化(以及其他类型的重写?我不确定我们是否需要它,因为大多数时候选择哪条记录是客户的选择。
$dnsrewrite
This requirement is for certain software or programs, such as Steam, which, in the Chinese environment, relies on CDN services. It needs to be provided with correct and uncontaminated IP addresses. Simultaneously, to prevent issues in case a single IP fails, measures should be taken to ensure continuous accessibility.
That could be achieved by making the Fastest IP Address upstream mode also ping addresses from rewrites. Which is an interesting but probably separate feature.
这可以通过使_最快的 IP_ 地址上行模式也对重写的地址执行 ping 来实现。这是一个有趣但可能是独立的功能。
In my practical application, I only permit the resolution of the website to specific IP addresses, binding these fixed IPs, and utilizing VPN for traffic diversion to prevent a large volume of unrelated applications from occupying the VPN channel bandwidth.
One is for the legacy rewrite UI to support multiple targets and responses. I don't think this is likely, since that makes the feature more complicated, but we might consider something like that in the future.
I have a relatively similar request. That is, I use adguard as a local DNS server in my home network. I added a custom A record in the DNS rewrites to resolve *.pi.home into an IP of the home lab k8s cluster.
% dig test.pi.home
;; QUESTION SECTION:
;test.pi.home. IN A
;; ANSWER SECTION:
test.pi.home. 10 IN A 192.168.20.43
Because the cluster runs on multiple nodes, each node could serve the ingress requests. Thus, the DNS rewrite could technically return multiple IPs. Unfortunately, this isn't seem possible.
I'd also like to have a DNS rewrite for an A record return multiple IPs.
