PowerDNS dnsdist: The DNS and DoS Aware Load Balancer & Packetmangler

Speaker: Bert Hubert

Abstract

Recently, DNS systems have been under sustained attack via open relays or dedicated sources of malicious traffic. Simultaneously, many operators note poor support for DNS within their existing load balancing solutions.

It has been noted that load balancing DNS is not like load balancing HTTP. For example, one highly loaded server delivers better response times than 10 lightly loaded servers.

dnsdist offers realtime insight into DNS traffic patterns, and couples this with innovative blocking, modifying and query distribution strategies. Such strategies can either be implemented statically (but configured from Lua) or fully dynamically (entirely hosted by Lua).

dnsdist is open source and not PowerDNS specific.

Biography

"Geeky entrepreneur" - Bert Hubert has a 20 year track record in commercial and open source software development. He started his career by hacking the first cable Internet provider in his university town of Delft, and accepting a contracting job there to improve things.

As part of the original team, he helped scale Casema Internet from 50 to 50000 users -- a very large number at the time.

Afterwards he launched PowerDNS and later joined Dutch security firm Fox-IT in a joint venture. These days he concentrates on PowerDNS, now part of Open-Xchange.

Najaar 2015

2023-05-27
 
Vereniging NLUUG
info@nluug.nl
           postbus 8189
6710 AD Ede