PowerDNS: bind backendとpipe backendを一緒に動かす

INFRA

http://doc.powerdns.com/pipebackend-dynamic-resolution.html

yumでpipe backendをインスコ。

yum install pdns-backend-pipe

pdns.confを修正。

launch=pipe,bind
bind-config=/etc/pdns/named.conf
pipe-command=/usr/local/sbin/pdns-backend.rb

pdns-backend.rbは以前の記事の通り。

#!/usr/bin/ruby
require "syslog"

$stdout.sync = true
$syslog = Syslog.open(__FILE__)
END { $syslog.close }

line = gets
line.strip!

unless line == "HELO\t1"
  puts "FAIL"
  $syslog.err "Recevied '#{line}'"
  gets
  exit
end

puts "OK\tSample backend firing up"

while gets
  $syslog.info "#{$$} Received: #{$_}"
  $_.strip!
  arr = $_.split(/\t/)

  if (arr.length < 6)
    puts "LOG\tPowerDNS sent unparseable line"
    puts "FAIL"
    next
  end

  type, qname, qclass, qtype, id, ip = arr

  if ["A", "ANY"].any? {|i| qtype == i } and qname == "webserver.example.com"
    $syslog.info "#{$$} Sent A records"
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.4"].join("\t")
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.5"].join("\t")
    puts ["DATA", qname, qclass, "A", 3600, -1, "1.2.3.6"].join("\t")
  elsif ["CNAME", "ANY"].any? {|i| qtype == i } and qname == "www.example.com"
    $syslog.info "#{$$} Sent CNAME records"
    puts ["DATA", qname, qclass, "CNAME", 3600, -1, "webserver.example.com"].join("\t")
  elsif qtype == "MBOXFW"
    $syslog.info "#{$$} Sent MBOXFW records"
    puts ["DATA", qname, qclass, "MBOXFW", 3600, -1, "powerdns@example.com"].join("\t")
  end

  $syslog.info "#{$$} End of data"
  puts "END"
end

PowerDNSをリロードして問い合わせてみる。



[root@ip-XXX-XXX-XXX-XXX pdns]# /etc/init.d/pdns reload

Reloading PowerDNS authoritative nameserver: requested reload

[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 webserver.example.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 webserver.example.com

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6329

;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;webserver.example.com.         IN      A
;; ANSWER SECTION:

webserver.example.com.  3600    IN      A       1.2.3.4

webserver.example.com.  3600    IN      A       1.2.3.5

webserver.example.com.  3600    IN      A       1.2.3.6
;; Query time: 5 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Mon Dec 20 11:23:09 2010

;; MSG SIZE  rcvd: 87
[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 srv.example.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 srv.example.com

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34884

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;srv.example.com.               IN      A
;; ANSWER SECTION:

srv.example.com.        86400   IN      A       192.168.56.101
;; Query time: 1 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Mon Dec 20 11:23:12 2010

;; MSG SIZE  rcvd: 49
[root@ip-XXX-XXX-XXX-XXX pdns]# dig @127.0.0.1 -x 192.168.56.101
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @127.0.0.1 -x 192.168.56.101

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40846

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;101.56.168.192.in-addr.arpa.   IN      PTR
;; ANSWER SECTION:

101.56.168.192.in-addr.arpa. 86400 IN   PTR     srv.example.com.
;; Query time: 1 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Mon Dec 20 11:23:19 2010

;; MSG SIZE  rcvd: 74

bindとpipe、どちらも有効のよう。