[dns-operations] Custom DNS server as backend for authoritative DNS server
edmonds at mycre.ws
Fri Mar 15 01:53:18 UTC 2019
Casey Deccio wrote:
> I've built a little authoritative DNS server that returns synthesized responses, based on the query names it receives. I would like to stand it up as a backend for an existing authoritative DNS server implementation. Most of my DNS zones would then be served right from the production authoritative server (e.g., BIND, NSD, whatever), but when a query for a given zone is received, the authoritative server looks to a backend running on (for example) some other port on the same machine and then returns it to the client that asked it. So, effectively the authoritative server does some forwarding of queries to a designated backend, but only specified zones, and it should always act as an authoritative server, in the sense that it doesn't require RD=1. I've spun my wheels a little bit and haven't found an effective solution, so I'm looking to my friends in the DNS Community. Any ideas?
If your custom nameserver is written in C, you might find it interesting
to convert it to use Knot's dlopen module interface, which lets you load
a knotd module from an external .so file. This would eliminate the
re-querying against a separate backend server, since everything is
running in the same process.
The knotd module interface is defined here:
And a relatively simple example of a module that uses it is here:
More information about the dns-operations