Feature request

Yuri yvoinov at gmail.com
Thu Mar 7 16:39:55 UTC 2019


I can explain a bit more.

For DNS interception (to Unbound, of course) I'm using PBR:

ip access-list extended intercept-ports
 permit udp any any eq domain
 permit tcp any any eq domain
 deny   ip any any
!
!
route-map redirect_dns permit 30
 match ip address intercept-ports
 set ip next-hop 192.168.200.3
!

which processes on router CPU and sometimes overload them.

WCCP, instead, processes on control plane, and not touch CPU to process.

Also, WCCP is fully transparent.

Why Unbound? This is simple. Because of we're use it as best caching DNS
server in our production infrastructure.

Well, if Unbound becomes fat - why not makes WCCP as configurable
non-default module, which will build on-demand, for such idiots like me?

Anyway. WCCP is caching related. Unbound is caching related. Why not
works together?

That would be logical, wouldn’t it?

07.03.2019 22:19, Yuri пишет:
> 07.03.2019 22:14, Anand Buddhdev пишет:
>> Hi Yuri,
>>
>> Your question would be better if you:
>>
>> 1. describe what WCCPv2 is; and
> http://cauew.blogspot.com/2008/08/wccp-web-cache-communication-protocol.html
>
> https://www.cisco.com/c/en/us/tech/content-networking/web-cache-communications-protocol-wccp/index.html
>
> https://en.wikipedia.org/wiki/Web_Cache_Communication_Protocol
>
>> 2. explain why you need it in Unbound.
> WCCP supports not only 80 port, but also 53 (and any arbitrary port) ans
> very useful for transparent interception any traffic and locally cache
> it on separate server.
>
> Thus, technology can drastically reduce outboud internet traffic and/or
> increases LAN security.
>
>> Not everyone knows what WCCPv2 is, and why would might want it.
> No one can Google? Seriously? :-D You jokinly me!
>> Regards,
>> Anand
>>
>> On 07/03/2019 16:49, Yuri via Unbound-users wrote:
>>> Hi,
>>>
>>> I would like to see WCCPv2 support in Unbound.
>>>
>>> Is it possible? Or still not?
>>>
>>> WBR, Yuri
>>>
-- 
"C++ seems like a language suitable for firing other people's legs."

*****************************
* C++20 : Bug to the future *
*****************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190307/6a3de43d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190307/6a3de43d/attachment.bin>


More information about the Unbound-users mailing list