読者です 読者をやめる 読者になる 読者になる

PowerDNS: bind backendとpipe backendを一緒に動かす

INFRA

http://doc.powerdns.com/pipebackend-dynamic-resolution.html

yumでpipe backendをインスコ。

yum install pdns-backend-pipe

pdns.confを修正。

launch=pipe,bind
bind-config=/etc/pdns/named.conf
pipe-command=/usr/local/sbin/pdns-backend.rb

pdns-backend.rbは以前の記事の通り。

#!/usr/bin/ruby
require "syslog"

$stdout.sync = true
$syslog = Syslog.open(__FILE__)
END { $syslog.close }

line = gets
line.strip!

unless line == "HELO\t1"
  puts "FAIL"
  $syslog.err "Recevied '#{line}'"
  gets
  exit
end

puts "OK\tSample backend firing up"

while gets
  $syslog.info "#{$$} Received: #{$_}"
  $_.strip!
  arr = $_.split(/\t/)

  if (arr.length < 6)
    puts "LOG\tPowerDNS sent unparseable line"
    puts "FAIL"
    next
  end

  type, qname, qclass, qtype, id, ip = arr

  if ["A", "ANY"].any? {|i| qtype == i } and qname == "webserver.example.com"
    $syslog.info "#{$$} Sent A records"
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.4"].join("\t")
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.5"].join("\t")
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.6"].join("\t")
  elsif ["CNAME", "ANY"].any? {|i| qtype == i } and qname == "www.example.com"
    $syslog.info "#{$$} Sent CNAME records"
    puts ["DATA", qname, qclass, "CNAME", 3600, -1, "webserver.example.com"].join("\t")
  elsif qtype == "MBOXFW"
    $syslog.info "#{$$} Sent MBOXFW records"
    puts ["DATA", qname, qclass, "MBOXFW", 3600, -1, "powerdns@example.com"].join("\t")
  end

  $syslog.info "#{$$} End of data"
  puts "END"
end

PowerDNSをリロードして問い合わせてみる。


[root@ip-XXX-XXX-XXX-XXX pdns]# /etc/init.d/pdns reload
Reloading PowerDNS authoritative nameserver: requested reload
[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 webserver.example.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 webserver.example.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6329
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;webserver.example.com. IN A

;; ANSWER SECTION:
webserver.example.com. 3600 IN A 1.2.3.4
webserver.example.com. 3600 IN A 1.2.3.5
webserver.example.com. 3600 IN A 1.2.3.6

;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 11:23:09 2010
;; MSG SIZE rcvd: 87

[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 srv.example.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 srv.example.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34884
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;srv.example.com. IN A

;; ANSWER SECTION:
srv.example.com. 86400 IN A 192.168.56.101

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 11:23:12 2010
;; MSG SIZE rcvd: 49

[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 -x 192.168.56.101

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 -x 192.168.56.101
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40846
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;101.56.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
101.56.168.192.in-addr.arpa. 86400 IN PTR srv.example.com.

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 11:23:19 2010
;; MSG SIZE rcvd: 74

bindとpipe、どちらも有効のよう。