[dns-operations] Using Lua with a authority DNS server

fredrik danerklint fda-dnsop at fredan.se
Tue Nov 15 15:03:29 UTC 2016 

My approach for using Lua within a authority DNS server is a little bit 
different from what have been posted previously on this mailing list.

What I do with fDns is it is expecting that the function call to the Lua 
function either gives back some kind of a answer or not.

To best describe this the easiest way is probably to look at how it does 
answer a question to "txt version.server".

Since there is no hard-coded queries (!), you'll have to provide that 
answer yourself. However, since it's a kind of a dynamic answer, 
depending of the version of fDns, we can have different answer's. The 
easiest way for solving this, is to make this answer when we start up 
the DNS server, during initialization.  That way, we don't have to make 
the answer for each DNS query.


version_server = nil
version_server = records.new()
version_server:_flags(FDNS_FLAG_R_ISRECORD)
version_server:txt(FDNS_VERSION .. "-" .. FDNS_VERSION_GIT, 3600,  NIL, 
FDNS_CLASS_CHAOS)

function chaos_txt_version_server(qname, qclass, qtype, forward, 
domainname, rflags, additional)
     return version_server
end


What you see here is all the Lua code needed for this. What's triggering 
the call to the Lua function is this:

"version" : { "TXT" : { "" : { "lua" : "chaos_txt_version_server", 
"class" : "chaos" } } }

This tells us that it is only when we are about to answer a txt or a any 
query, we do call the Lua function. For all other senarios, it does not 
have a answer at all.

Another way of looking of how to do this, is perhaps for a 
"_acme-challenge.*" (yes - right handed wild-card!). The Lua function 
for this DNS query, will check to see if a filename exists, and if it 
does, use the content of that filename as the answer.

The third examples is for how I handle TOECDN. There is a Lua variable, 
which, based on that value, can give back different answer's. Since this 
variable is in a file, you can set a notify to that filename, and if it 
is modified, fDns will call Lua to reload that file. This way, when 
calling the Lua function, you always have the correct value of the 
variable and you don't need to check that within your Lua function for 
each call.


As I sad in the beginning, different approach.

You can find more information about fDns here:
https://github.com/fredan/fDns

-- 
//fredrik

More information about the dns-operations mailing list