[dnsdist] Client query id in the dq-object?

Remi Gacogne remi.gacogne at powerdns.com
Tue Nov 15 08:52:37 UTC 2022

Hi Tom,

On 04/11/2022 08:02, Tom via dnsdist wrote:
> So the idea was to set a dnsdist rule on which I can set the 
> AllowedDebugSRC (the admin's IP, to prevent, that anybody else could 
> trigger the debug), check the QueryID and then send this kind of 
> requests to a debug-enabled BIND, which then write a debug log from the 
> received query. Someting like this:
> AllowedDebugSRC = newNMG()
> AllowedDebugSRC:addMask("")
> function qidlog(dq)
>          if(AllowedDebugSRC:match(dq.remoteaddr) and <qid> == 0) then
>                  print("Debugging from " .. dq.remoteaddr:toString() .. 
> " with query id" .. <qid>)
>                  return DNSAction.Pool, "bind-querylog"
>          end
> end
> addAction(AllRule(), LuaAction(qidlog))

I'm afraid there is currently no way in dnsdist to influence the query 
ID in outgoing queries. This would not be easy to implement as it 
touches the way dnsdist matches the responses received to the backend 
against the outstanding queries, so that logic is quite deep in the core 
code of dnsdist.

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20221115/79e72f49/attachment.sig>

More information about the dnsdist mailing list