> I initially gave bind a look, but since I just need edns-client-subnet support, I > find dnsmasq to be a more lightweight solution. I think using unbound will > lead to the same difficult as I did with dnsmasq: I ultimately need to map > client’s in-tunnel ip to client’s public ip when they do dns requests inside > ipsec, and I need to stick the public ip in ECS. So doing iptables in inevitable > IMHO. https://dnsdist.org/index.html is a rules based load balancer with various dns functionality. Maybe load balancers might be a different question to ask? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
