If you are applying a firewall rule based on hostname, it makes sense that the firewall should be the one providing DNS recursive service to the DNS clients or to the downstream DNS caching servers, or you should resort to URL filtering.
Best Regards, Óscar Zovo. A sábado, 17/09/2022, 01:01, Djerk Geurts via Pdns-users < pdns-users@mailman.powerdns.com> escreveu: > Just ran into an issue with recursive DNS servers where the two servers > have cached a different A record for mirror.centos.org. > > This is a problem as the firewalls permit access to the FQDN, which > presumes that both the client and the firewall end up with the same A > record for the domain. > > I'm intending to swap these recursors out with PowerDNS servers, but am > wondering if there's a way to keep the record cache in sync between > multiple recursors. > > -- > Best regards, > *Djerk Geurts* > m: +44-7535-674620 > > *Maizymoo Ltd* <https://maizymoo.com> > VAT No: GB192 1529 07 > Registration Number: 6638104 (registered in England and Wales) > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users >
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
