Yeah, doing it with OpenWRT and PBR is definately much simpler than this approach. However by using hard-coded IP addresses you are at risk of breakage if they change in the future.
Also fastly-hosted services are a bit awkard to configure IP ranges to cover whole blocks as they seem to not use normal CIDR-blocks for different customers.
But you use PBR's ntfset functionality to have your dns server automatically update a set whenever an DNS entry is resolved, then set the policy rules based on the set.
Also fastly-hosted services are a bit awkard to configure IP ranges to cover whole blocks as they seem to not use normal CIDR-blocks for different customers.
But you use PBR's ntfset functionality to have your dns server automatically update a set whenever an DNS entry is resolved, then set the policy rules based on the set.