Quickstart

DNSdist's configuration, based on the Lua programming language, is very versatile but is also hard to grasp. Defender offers a simple yet powerful configuration format in Yaml:

  ---
  - type: prsd
    maximum_queries_per_child_ratio: 2
    maximum_cache_hit_ratio: 0.2
    minimum_failure_ratio: 0.8
    minimum_number_of_children: 50
    minimum_number_of_labels: 2
    minimum_number_of_qps: 100
    action: refused
    comment: "Pseudo-Random Subdomain Attack"
    exclude_suffixes:
      - powerdns.com.
      - dnsdist.org.

Using that configuration in DNSdist is straightforward:

  -- import the DNSdist defender module
  local defenderModule = require('dnsdist/defender')
  -- create a new defender object, using the configuration
  -- from defender.yml
  local defender = defenderModule:new('examples/defender.yml')
  -- register the defender object, it will now be executed
  -- as part of the maintenance hook
  defender:setup()

Defender will automatically detect the version of DNSdist and select the best options to apply the required settings based on the features available in the current version.