DNS Filter

Attention

DNS Filter is under active development and should be considered alpha and not production ready.

  • v2 API reference

  • This filter should be configured with the name envoy.filters.udp_listener.dns_filter

Overview

The DNS filter allows Envoy to respond to DNS queries as an authoritative server for any configured domains. The filter’s configuration specifies the names and addresses for which Envoy will answer as well as the configuration needed to send queries externally for unknown domains.

The filter supports per-filter configuration. An Example configuration follows that illustrates how the filter can be used.

Example Configuration

  1. listener_filters:
  2. name: "envoy.filters.udp.dns_filter"
  3. typed_config:
  4. "@type": "type.googleapis.com/envoy.config.filter.udp.dns_filter.v2alpha.DnsFilterConfig"
  5. stat_prefix: "dns_filter_prefix"
  6. server_config:
  7. inline_dns_table:
  8. external_retry_count: 3
  9. known_suffixes:
  10. - suffix: "domain1.com"
  11. - suffix: "domain2.com"
  12. - suffix: "domain3.com"
  13. virtual_domains:
  14. - name: "www.domain1.com"
  15. endpoint:
  16. address_list:
  17. address:
  18. - 10.0.0.1
  19. - 10.0.0.2
  20. - name: "www.domain2.com"
  21. endpoint:
  22. address_list:
  23. address:
  24. - 2001:8a:c1::2800:7
  25. - name: "www.domain3.com"
  26. endpoint:
  27. address_list:
  28. address:
  29. - 10.0.3.1

In this example, Envoy is configured to respond to client queries for three domains. For any other query, it will forward upstream to external resolvers.