[Pdns-users] Need help with PowerDNS Remote HTTP Backend

Aleksey Chudov aleksey.chudov at gmail.com
Sat Jan 9 09:10:19 UTC 2016


Finally I found the cause of the problem. PowerDNS Remote HTTP Backend
works only with 'Content-Length' header.

So, the following code works until 'Content-Length' header exists.


import BaseHTTPServer

class HTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
    def do_GET(self):
        if self.path == '/dns/lookup/example.com/SOA':
             self.wfile.write('HTTP/1.1 200 OK\r\nContent-Length:
145\r\n\r\n{"result":[{"qtype":"SOA","qname":"example.com","content":"
dns1.icann.org. hostmaster.icann.org. 2012080849 7200 3600 1209600
3600","ttl":3600}]}')

if __name__ == '__main__':
    server = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080),
HTTPRequestHandler)
    server.serve_forever()


I don't know whether this is bug in YaHTTP client used by PowerDNS or expected
behavior. But please add a note to the documentation.


On Fri, Jan 8, 2016 at 11:25 PM, Aleksey Chudov <aleksey.chudov at gmail.com>
wrote:

> Some more information.
>
> I have tested pdns-static_3.4.7-1_amd64.deb on Debian and
> pdns-3.4.7-1.el7.x86_64 + pdns-backend-remote-3.4.7-1.el7.x86_64 on CentOS
> 7.2 with no success.
>
> Also I have tried manually reply to pdns request using netcat utility. As
> can be seen pdns sends next request just after headers + newline without
> waiting for the body.
>
>
> # grep -Ev '^$|^#' /etc/powerdns/pdns.conf
> launch=remote
> remote-connection-string=http:url=http://127.0.0.1:8080/dns,timeout=60000
> cache-ttl=0
> negquery-cache-ttl=0
> query-cache-ttl=0
>
>
> # dig @127.0.0.1 example.com. SOA
>
> ; <<>> DiG 9.7.3 <<>> @127.0.0.1 example.com. SOA
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 59226
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;example.com.                   IN      SOA
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Fri Jan  8 23:22:47 2016
> ;; MSG SIZE  rcvd: 29
>
>
> # netcat -l 127.0.0.1 -p 8080
> GET /dns/lookup/example.com/SOA HTTP/1.1
> Accept: application/json
> Connection: Keep-Alive
> Host: 127.0.0.1
> User-Agent: YaHTTP v1.0
> X-Remotebackend-Local: 0.0.0.0
> X-Remotebackend-Real-Remote: 127.0.0.1/32
> X-Remotebackend-Remote: 127.0.0.1
> X-Remotebackend-Zone-Id: -1
>
> HTTP/1.1 200 OK
> Content-Type: text/javascript; charset=utf-8
>
> GET /dns/lookup/com/SOA HTTP/1.1
> Accept: application/json
> Connection: Keep-Alive
> Host: 127.0.0.1
> User-Agent: YaHTTP v1.0
> X-Remotebackend-Local: 0.0.0.0
> X-Remotebackend-Real-Remote: 127.0.0.1/32
> X-Remotebackend-Remote: 127.0.0.1
> X-Remotebackend-Zone-Id: -1
>
>
> Is this a bug or am I missing something?
>
>
> On Fri, Jan 8, 2016 at 11:42 AM, Aleksey Chudov <aleksey.chudov at gmail.com>
> wrote:
>
>> Hi,
>>
>> I'm trying to implement simple PowerDNS Remote HTTP Backend in Python.
>> Below is test code just like
>> https://doc.powerdns.com/md/authoritative/backend-remote/#scenario-soa-lookup-with-http-connector
>>
>>
>> import BaseHTTPServer
>>
>> REPLY = """{
>>   "result":
>>    [
>>      { "qtype": "SOA",
>>        "qname": "example.com",
>>        "content": "dns1.icann.org. hostmaster.icann.org. 2012080849 7200
>> 3600 1209600 3600",
>>        "ttl": 3600,
>>        "domain_id": -1
>>      }
>>    ]
>> }"""
>>
>> class HTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
>>     def do_GET(self):
>>         if self.path == '/dns/lookup/example.com/SOA':
>>             self.send_response(200)
>>             self.send_header('Content-Type', 'text/javascript;
>> charset=utf-8')
>>             self.end_headers()
>>             self.wfile.write(REPLY + '\r\n')
>>         else:
>>             self.send_error(501)
>>
>> if __name__ == '__main__':
>>     server = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080),
>> HTTPRequestHandler)
>>     server.serve_forever()
>>
>>
>> Looks pretty simple. And curl shows the result.
>>
>>
>> # curl -i http://127.0.0.1:8080/dns/lookup/example.com/SOA
>> HTTP/1.0 200 OK
>> Server: BaseHTTP/0.3 Python/2.7.5
>> Date: Fri, 08 Jan 2016 09:24:54 GMT
>> Content-Type: text/javascript; charset=utf-8
>>
>> {
>>   "result":
>>    [
>>      { "qtype": "SOA",
>>        "qname": "example.com",
>>        "content": "dns1.icann.org. hostmaster.icann.org. 2012080849 7200
>> 3600 1209600 3600",
>>        "ttl": 3600,
>>        "domain_id": -1
>>      }
>>    ]
>> }
>>
>> And Python script prints
>>
>> 127.0.0.1 - - [08/Jan/2016 11:36:31] "GET /dns/lookup/example.com/SOA
>> HTTP/1.1" 200 -
>>
>>
>> So, I've installed PoweDNS from CentOS 7 Epel repository
>>
>> # rpm -qa pdns\*
>> pdns-3.4.7-1.el7.x86_64
>> pdns-backend-remote-3.4.7-1.el7.x86_64
>>
>>
>> And my configuration file contains only the following settings
>>
>> # grep -Ev '^#|^$' /etc/pdns/pdns.conf
>> setuid=pdns
>> setgid=pdns
>> launch=remote
>> remote-connection-string=http:url=http://127.0.0.1:8080/dns
>> cache-ttl=0
>> negquery-cache-ttl=0
>> query-cache-ttl=0
>>
>>
>> But my remote backend does not work!
>>
>>
>> # dig @127.0.0.1 example.com. SOA
>>
>> ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> @127.0.0.1 example.com. SOA
>> ; (1 server found)
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 5375
>> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>> ;; WARNING: recursion requested but not available
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 1680
>> ;; QUESTION SECTION:
>> ;example.com.                   IN      SOA
>>
>> ;; Query time: 2 msec
>> ;; SERVER: 127.0.0.1#53(127.0.0.1)
>> ;; WHEN: Fri Jan 08 11:38:05 EET 2016
>> ;; MSG SIZE  rcvd: 40
>>
>>
>> There is no new messages from pdns_server
>>
>> # systemctl status pdns.service
>> ● pdns.service - PowerDNS Authoritative Server
>>    Loaded: loaded (/usr/lib/systemd/system/pdns.service; enabled; vendor
>> preset: disabled)
>>    Active: active (running) since Fri 2016-01-08 11:37:50 EET; 18s ago
>>   Process: 1581 ExecStop=/usr/bin/pdns_control quit (code=exited,
>> status=0/SUCCESS)
>>   Process: 1586 ExecStart=/usr/sbin/pdns_server --daemon (code=exited,
>> status=0/SUCCESS)
>>  Main PID: 1587 (pdns_server)
>>    CGroup: /system.slice/pdns.service
>>            └─1587 /usr/sbin/pdns_server --daemon
>>
>> Jan 08 11:37:50 localhost pdns[1587]: Listening on controlsocket in
>> '/var/run/pdns.controlsocket'
>> Jan 08 11:37:50 localhost systemd[1]: Started PowerDNS Authoritative
>> Server.
>> Jan 08 11:37:50 localhost pdns[1587]: UDP server bound to 0.0.0.0:53
>> Jan 08 11:37:50 localhost pdns[1587]: TCP server bound to 0.0.0.0:53
>> Jan 08 11:37:51 localhost pdns[1587]: PowerDNS Authoritative Server 3.4.7
>> (jenkins at autotest.powerdns.com) (C) 2001-2015 PowerDNS.COM BV
>> Jan 08 11:37:51 localhost pdns[1587]: Using 64-bits mode. Built on
>> 20151108152440 by mockbuild at buildvm-19.phx2.fedoraproject.org, gcc 4.8.3
>> 20140911 (Red Hat 4.8.3-9).
>> Jan 08 11:37:51 localhost pdns[1587]: PowerDNS comes with ABSOLUTELY NO
>> WARRANTY. This is free software, and you are welcome to redistribute it
>> according to the terms of the GPL version 2.
>> Jan 08 11:37:51 localhost pdns[1587]: Creating backend connection for TCP
>> Jan 08 11:37:51 localhost pdns[1587]: About to create 3 backend threads
>> for UDP
>> Jan 08 11:37:51 localhost pdns[1587]: Done launching threads, ready to
>> distribute questions
>>
>>
>> But Python prints
>>
>> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup/example.com/SOA
>> HTTP/1.1" 200 -
>> 127.0.0.1 - - [08/Jan/2016 11:38:05] code 501, message Not Implemented
>> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup/com/SOA HTTP/1.1"
>> 501 -
>> 127.0.0.1 - - [08/Jan/2016 11:38:05] code 501, message Not Implemented
>> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup//SOA HTTP/1.1" 501 -
>>
>>
>> Where am I wrong?
>>
>>
>> Regards,
>> Aleksey
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160109/3f1d1804/attachment-0001.html>


More information about the Pdns-users mailing list