From: Peter van Dijk Date: Thu, 7 Oct 2021 09:37:11 +0000 (+0200) Subject: auth, rec docs: link to dnsdist PROXY guide X-Git-Tag: dnsdist-1.7.0-alpha2~29^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=680e0d2b544aa39ca3568a083730958bcbb4a995;p=thirdparty%2Fpdns.git auth, rec docs: link to dnsdist PROXY guide --- diff --git a/docs/settings.rst b/docs/settings.rst index 1e3cdea499..e983d43195 100644 --- a/docs/settings.rst +++ b/docs/settings.rst @@ -1286,6 +1286,8 @@ Queries that are not prefixed with such a header will not be accepted from clien Note that once a Proxy Protocol header has been received, the source address from the proxy header instead of the address of the proxy will be checked against primary addresses sending NOTIFYs, and the ACLs for any client requesting AXFRs. When using this setting combined with :ref:`setting-trusted-notification-proxy`, please be aware that the trusted address will also be checked against the source address in the PROXY header. +The dnsdist docs have `more information about the PROXY protocol `_. + .. _setting-proxy-protocol-maximum-size: ``proxy-protocol-maximum-size`` diff --git a/pdns/dnsdistdist/docs/advanced/passing-source-address.rst b/pdns/dnsdistdist/docs/advanced/passing-source-address.rst index ea006fb58d..54f54c65d4 100644 --- a/pdns/dnsdistdist/docs/advanced/passing-source-address.rst +++ b/pdns/dnsdistdist/docs/advanced/passing-source-address.rst @@ -77,6 +77,8 @@ Please also note that the maximum size of a Proxy Protocol header dnsdist is wil dnsdist 1.5.0 only supports outgoing Proxy Protocol. Support for parsing incoming Proxy Protocol headers has been implemented in 1.6.0, except for DoH where it does not make sense anyway, since HTTP headers already provide a mechanism for that. +Both the PowerDNS Authoritative Server and the Recursor can parse PROXYv2 headers, if configured to do so with their `proxy-protocol-from` setting. + Influence on caching -------------------- diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index eab06acac5..0cbc18b807 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -1457,6 +1457,8 @@ Queries that are not prefixed with such a header will not be accepted from clien Note that once a Proxy Protocol header has been received, the source address from the proxy header instead of the address of the proxy will be checked against the `allow-from`_ ACL. +The dnsdist docs have `more information about the PROXY protocol `_. + .. _setting-proxy-protocol-maximum-size: ``proxy-protocol-maximum-size``