> What I still need to test is if this script actually works and what will
> happen if the followupFunction also returns NXDOMAIN, if it hit the Lua
> script again then nothing else is needed, else I’ll need to add more logic to
> keep going with a chopOff() until the zone’s ‘root' wildcard record is found.
>> Otherwise, as you suggested yourself, dnsdist is very powerful. (You
>> definitely don't want to use a recursor as your authoritative server though)
>>
I’ve since tried dnsdist and it can only spoof requests, not answers. So now
I’m having a go at using a recursor in front of the authoritative server to see
if I can get things working that way and this seems promising, if it weren’t
for a weird error message I can’t make any sense of.
> Maybe if I add some examples:
>
> 1.2.3.4.5.6.e164.arpa. NAPTR “some text with sip call routing info: AAA”
> *.4.5.6.e164.arpa. NAPTR “some different sip call routing info: BBB”
>
> A query for 9.9.9.4.5.6.e164.arpa. will result in BBB
> A query for 1.2.3.4.5.6.e164.arpa. yields AAA
> A query for 3.3.3.4.5.6.e164.arpa. yields NXDOMAIN
>
> The above is all according to RFC and expected PowerDNS behaviour.
My pdns-recursor Lua script:
-- nxdomain runs after no result is found.
function nxdomain(dq)
dquery = newDN(dq.qname:toString())
pdnslog("nxdomain called for: "..dquery:toString())
if dq.qtype == pdns.NAPTR then
pdnslog("Search parent wildcard record")
if dquery:countLabels() == 12 then
dquery:chopOff()
end
if dquery:countLabels() > 9 then
dquery:chopOff()
end
cname = dquery:toString()
pdnslog("Returning CNAME for: "..cname)
dq.addAnswer(pdns.CNAME, cname)
dq.rcode = 0 -- make it a normal answer
dq.followupFunction = "followCNAMERecords"
return true
end
return false
end
The issue is the addAnswer line, it takes at least 2 parameters according to:
https://doc.powerdns.com/recursor/lua-scripting/dq.html
:addAnswer(type, content[, ttl, name])
But I keep getting this in the precursor logs, what on earth is the last line
on about?! I can’t find anything related to this online:
Jun 10 01:19:09 web08.ixbru.ipnexia.com pdns_recursor[1662087]: nxdomain called
for: 3.1.1.0.0.5.6.7.8.9.e164.arpa.
Jun 10 01:19:09 web08.ixbru.ipnexia.com pdns_recursor[1662087]: Search parent
wildcard record
Jun 10 01:19:09 web08.ixbru.ipnexia.com pdns_recursor[1662087]: Returning CNAME
for: 1.0.0.5.6.7.8.9.e164.arpa.
Jun 10 01:19:09 web08.ixbru.ipnexia.com pdns_recursor[1662087]: STL error
(3.1.1.0.0.5.6.7.8.9.e164.arpa/NAPTR from 10.*.*.*:46622): [string "chunk"]:27:
Unable to convert parameter from number to PN12RecursorLua411DNSQuestionE
Line 27 refers to `dq.addAnswer(pdns.CNAME, cname)`, is this a bug?_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
