Recursive DNS
Recursive DNS
Recursive DNS service running mostly for test purposes and my internal usage.
Service is available under IPv6 only: 2001:67c:21ec::53 and 2a0f:5707:ba00::53 via dnscache.e-utp.net DNS alias.
DoT on port 853 and DoH over port 443 are enabled.
- DNSSEC enabled
- Filtering enabled, using CERT Poland malicious domains list updated hourly
- Logging disabled
- If not in cache, forward to Quad9
Hardware
Fortigate 40F act as Load Balancer using Virtual Server feature. First Alive is used as load balancer algorithm.
Node #1 (primary):
ThinkCentre M625p AMD E2-9000e 8GB RAM
Node #2A (backup):
Raspberry Pi 4 ARMv7 Processor rev 3 (v7l) 4GB RAM
Node #2B (backup):
Raspberry Pi 4 ARMv7 Processor rev 3 (v7l) 2GB RAM
Software
PowerDNS Recursor running on openSUSE Tumbleweed behind dnsdist with some dymanic block rules and caching.