Hi Radoslaw, On Mon, 12 Feb 2018 11:32:11 +0100 Radoslaw Kamil Ejsmont <[email protected]> wrote:
> I have a question regarding recursor LUA scripting. I would like to block > AAAA replies for hosts that also have A records. Is that possible with > current LUA framework? > > My idea was to write a postresolve hook that would check if `dq.qtype == > pdns.AAAA` and the perform an A lookup. If A lookup is successful, it would > remove `AAAA` answer and add the `A` answer. I could not find a way though to > trigger an additional lookup. I also found no way to trigger more lookups > with `preresolve`. Do you guys have any hints? This won't work, as the QType is AAAA, any client on the other end would just disregard the A record in the return packet. > My goal is to successfully resolve AAAA only for hosts that are IPv6 only and > serve A only to dual-stack hosts. To be honest, your goal makes no sense from a networking perspective. When you dual-stack some hosts, your IPv6 network should be up for it. Faking IPv6 unavailability is a bad 'migration' strategy. It will also break dual-stack hosts that do DNSSEC validation. If you really want to continue on this path, I recommend getting a Lua DNS library and doing an A query and see if you like the answer before returning something to the client. In the current Lua infrastructure in the Recursor, there is no way to re-inject a query into the recursor from Lua. Best regards, Pieter -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
