DNS Filter Table Data


This API is work-in-progress and is subject to breaking changes.

DNS Filter config overview.


[data.dns.v2alpha.DnsTable proto]

This message contains the configuration for the DNS Filter if populated from the control plane

  "external_retry_count": "...",
  "virtual_domains": [],
  "known_suffixes": []

(uint32) Control how many times envoy makes an attempt to forward a query to an external server


(data.dns.v2alpha.DnsTable.DnsVirtualDomain, REQUIRED) Fully qualified domain names for which Envoy will respond to queries


(type.matcher.StringMatcher) This field serves to help Envoy determine whether it can authoritatively answer a query for a name matching a suffix in this list. If the query name does not match a suffix in this list, Envoy will forward the query to an upstream DNS server


[data.dns.v2alpha.DnsTable.AddressList proto]

This message contains a list of IP addresses returned for a query for a known name

  "address": []

(string, REQUIRED) This field contains a well formed IP address that is returned in the answer for a name query. The address field can be an IPv4 or IPv6 address. Address family detection is done automatically when Envoy parses the string. Since this field is repeated, Envoy will return one randomly chosen entry from this list in the DNS response. The random index will vary per query so that we prevent clients pinning on a single address for a configured domain


[data.dns.v2alpha.DnsTable.DnsEndpoint proto]

This message type is extensible and can contain a list of addresses or dictate some other method for resolving the addresses for an endpoint

  "address_list": "{...}"

(data.dns.v2alpha.DnsTable.AddressList, REQUIRED)


[data.dns.v2alpha.DnsTable.DnsVirtualDomain proto]

  "name": "...",
  "endpoint": "{...}",
  "answer_ttl": "{...}"

(string) The domain name for which Envoy will respond to query requests


(data.dns.v2alpha.DnsTable.DnsEndpoint) The configuration containing the method to determine the address of this endpoint


(Duration) Sets the TTL in dns answers from Envoy returned to the client