DNS Dist Balancer ================== t2.medium EC2 instance - 2 vCPU's, 4GB RAM, 8GB Storage IP: 52.209.202.49 Setting up install ----------------------- root@ip-10-0-0-109:/home/admin# apt-get update root@ip-10-0-0-109:/home/admin# apt-get install curl root@ip-10-0-0-109:/home/admin# echo "deb [arch=amd64] http://repo.powerdns.com/debian jessie-dnsdist-12 main" > /etc/apt/sources.list.d/pdns.list cat << EOM >> /etc/apt/preferences.d/dnsdist Package: dnsdist* Pin: origin repo.powerdns.com Pin-Priority: 600 EOM root@ip-10-0-0-109:/home/admin# curl https://repo.powerdns.com/FD380FBB-pub.asc | apt-key add - root@ip-10-0-0-109:/home/admin# apt-get update root@ip-10-0-0-109:/home/admin# apt-get install dnsdist Configuring ------------- We've only built the one RequestRouter instance so far, so the initial aim is to make sure we can now pass queries to it via dnsdist. Creating new config file /etc/dnsdist/dnsdist.conf: newServer({address="34.249.69.240",useClientSubnet=true,checkName="test3.example.com"}) setServerPolicy(firstAvailable) addLocal('0.0.0.0') addACL('0.0.0.0/0') (As we're going to be running as an authoritative, accepting from anywhere is to be expected). Restarting dnsdist service dnsdist restart And testing: root@ip-10-0-0-109:/home/admin# dig @127.0.0.1 test.example.com ; <<>> DiG 9.9.5-9+deb8u14-Debian <<>> @127.0.0.1 test.example.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57748 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1680 ;; QUESTION SECTION: ;test.example.com. IN A ;; ANSWER SECTION: test.example.com. 30 IN A 3.3.3.3 test.example.com. 30 IN A 1.1.1.1 ;; Query time: 2 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Jan 14 10:41:22 UTC 2018 ;; MSG SIZE rcvd: 77 root@ip-10-0-0-109:/home/admin# netstat -lnp | grep dns tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 1840/dnsdist udp 0 0 0.0.0.0:53 0.0.0.0:* 1840/dnsdist With dig, have confirmed can resolve remotely (and that all queries get passed through). Looks like we're good to go.