[Pdns-users] Returning NXDOMAIN from remote backend?

Wed Jan 28 12:08:01 UTC 2015

Hi,

On 01/28/15 11:11, bert hubert wrote:
> On Wed, Jan 28, 2015 at 08:57:52AM +0100, Nagy, Attila wrote:
>> Maybe I've just overlooked something, but what JSON is needed for an
>> NXDOMAIN reply in the remote backend?
> Hi Nagy,
>
> To generate an NXDOMAIN:
>
> 1) return that there are no records matching the request.
> 2) if PowerDNS asks for ANY or SOA records for the domain, generate them
>
> If you do 1 and 2, PowerDNS will make the NXDOMAIN for you.
Oh, what was missing here is the return of SOA for the domain's ANY request.

Thanks for the quick response.

JFR, here's the communication:
REQ {"method":"initialize","parameters":{"path":"/tmp/ns.sock"}}
RESP {"result": true}
REQ 
{"method":"lookup","parameters":{"qtype":"SOA","qname":"example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
RESP {"result": [{"content": "ns1.example.com. hostmaster.example.com. 
2015012800 7200 3600 1209600 3600", "qtype": "SOA", "qname": 
"example.com", "ttl": 60}]}
REQ 
{"method":"lookup","parameters":{"qtype":"ANY","qname":"example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
RESP {"result": [{"content": "ns1.example.com. hostmaster.example.com. 
2015012800 7200 3600 1209600 3600", "qtype": "SOA", "qname": 
"example.com", "ttl": 60}]}
REQ {"method":"initialize","parameters":{"path":"/tmp/ns.sock"}}
RESP {"result": true}
REQ 
{"method":"getDomainMetadata","parameters":{"name":"example.com","kind":"PRESIGNED"}}
RESP {"result": ["NO"]}
REQ 
{"method":"getDomainMetadata","parameters":{"name":"example.com","kind":"SOA-EDIT"}}
RESP {"result": ["NO"]}
REQ {"method":"initialize","parameters":{"path":"/tmp/ns.sock"}}
RESP {"result": true}
REQ 
{"method":"lookup","parameters":{"qtype":"SOA","qname":"nxd.example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
REQ 
{"method":"lookup","parameters":{"qtype":"NS","qname":"nxd.example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
RESP {"result": false}
REQ 
{"method":"lookup","parameters":{"qtype":"ANY","qname":"nxd.example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
RESP {"result": false}
REQ 
{"method":"lookup","parameters":{"qtype":"ANY","qname":"*.example.com","remote":"127.0.0.1","local":"0.0.0.0","real-remote":"127.0.0.1/32","zone-id":-1}}
RESP {"result": false}

And now nxd.example.com returns NXDOMAIN.