[Pdns-users] Need help with PowerDNS Remote HTTP Backend
Aleksey Chudov
aleksey.chudov at gmail.com
Sun Jan 10 14:53:54 UTC 2016
Python BaseHTTPServer by default uses HTTP/1.0 and it does not add
content-length header automatically after switching to HTTP/1.1. Thanks for
clarifying that.
On Sat, Jan 9, 2016 at 5:23 PM, Aki Tuomi <cmouse at youzen.ext.b2.fi> wrote:
> It works if you use HTTP/1.1 compatible responses. RFC says that you either
> need to send your response chunked or set content-length. YaHTTP will check
> and enforce this.
>
> Aki
>
> On Sat, Jan 09, 2016 at 11:10:19AM +0200, Aleksey Chudov wrote:
> > Finally I found the cause of the problem. PowerDNS Remote HTTP Backend
> > works only with 'Content-Length' header.
> >
> > So, the following code works until 'Content-Length' header exists.
> >
> >
> > import BaseHTTPServer
> >
> > class HTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
> > def do_GET(self):
> > if self.path == '/dns/lookup/example.com/SOA':
> > self.wfile.write('HTTP/1.1 200 OK\r\nContent-Length:
> > 145\r\n\r\n{"result":[{"qtype":"SOA","qname":"example.com","content":"
> > dns1.icann.org. hostmaster.icann.org. 2012080849 7200 3600 1209600
> > 3600","ttl":3600}]}')
> >
> > if __name__ == '__main__':
> > server = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080),
> > HTTPRequestHandler)
> > server.serve_forever()
> >
> >
> > I don't know whether this is bug in YaHTTP client used by PowerDNS or
> expected
> > behavior. But please add a note to the documentation.
> >
> >
> > On Fri, Jan 8, 2016 at 11:25 PM, Aleksey Chudov <
> aleksey.chudov at gmail.com>
> > wrote:
> >
> > > Some more information.
> > >
> > > I have tested pdns-static_3.4.7-1_amd64.deb on Debian and
> > > pdns-3.4.7-1.el7.x86_64 + pdns-backend-remote-3.4.7-1.el7.x86_64 on
> CentOS
> > > 7.2 with no success.
> > >
> > > Also I have tried manually reply to pdns request using netcat utility.
> As
> > > can be seen pdns sends next request just after headers + newline
> without
> > > waiting for the body.
> > >
> > >
> > > # grep -Ev '^$|^#' /etc/powerdns/pdns.conf
> > > launch=remote
> > > remote-connection-string=http:url=
> http://127.0.0.1:8080/dns,timeout=60000
> > > cache-ttl=0
> > > negquery-cache-ttl=0
> > > query-cache-ttl=0
> > >
> > >
> > > # dig @127.0.0.1 example.com. SOA
> > >
> > > ; <<>> DiG 9.7.3 <<>> @127.0.0.1 example.com. SOA
> > > ; (1 server found)
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 59226
> > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > > ;; WARNING: recursion requested but not available
> > >
> > > ;; QUESTION SECTION:
> > > ;example.com. IN SOA
> > >
> > > ;; Query time: 0 msec
> > > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > > ;; WHEN: Fri Jan 8 23:22:47 2016
> > > ;; MSG SIZE rcvd: 29
> > >
> > >
> > > # netcat -l 127.0.0.1 -p 8080
> > > GET /dns/lookup/example.com/SOA HTTP/1.1
> > > Accept: application/json
> > > Connection: Keep-Alive
> > > Host: 127.0.0.1
> > > User-Agent: YaHTTP v1.0
> > > X-Remotebackend-Local: 0.0.0.0
> > > X-Remotebackend-Real-Remote: 127.0.0.1/32
> > > X-Remotebackend-Remote: 127.0.0.1
> > > X-Remotebackend-Zone-Id: -1
> > >
> > > HTTP/1.1 200 OK
> > > Content-Type: text/javascript; charset=utf-8
> > >
> > > GET /dns/lookup/com/SOA HTTP/1.1
> > > Accept: application/json
> > > Connection: Keep-Alive
> > > Host: 127.0.0.1
> > > User-Agent: YaHTTP v1.0
> > > X-Remotebackend-Local: 0.0.0.0
> > > X-Remotebackend-Real-Remote: 127.0.0.1/32
> > > X-Remotebackend-Remote: 127.0.0.1
> > > X-Remotebackend-Zone-Id: -1
> > >
> > >
> > > Is this a bug or am I missing something?
> > >
> > >
> > > On Fri, Jan 8, 2016 at 11:42 AM, Aleksey Chudov <
> aleksey.chudov at gmail.com>
> > > wrote:
> > >
> > >> Hi,
> > >>
> > >> I'm trying to implement simple PowerDNS Remote HTTP Backend in Python.
> > >> Below is test code just like
> > >>
> https://doc.powerdns.com/md/authoritative/backend-remote/#scenario-soa-lookup-with-http-connector
> > >>
> > >>
> > >> import BaseHTTPServer
> > >>
> > >> REPLY = """{
> > >> "result":
> > >> [
> > >> { "qtype": "SOA",
> > >> "qname": "example.com",
> > >> "content": "dns1.icann.org. hostmaster.icann.org. 2012080849
> 7200
> > >> 3600 1209600 3600",
> > >> "ttl": 3600,
> > >> "domain_id": -1
> > >> }
> > >> ]
> > >> }"""
> > >>
> > >> class HTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
> > >> def do_GET(self):
> > >> if self.path == '/dns/lookup/example.com/SOA':
> > >> self.send_response(200)
> > >> self.send_header('Content-Type', 'text/javascript;
> > >> charset=utf-8')
> > >> self.end_headers()
> > >> self.wfile.write(REPLY + '\r\n')
> > >> else:
> > >> self.send_error(501)
> > >>
> > >> if __name__ == '__main__':
> > >> server = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080),
> > >> HTTPRequestHandler)
> > >> server.serve_forever()
> > >>
> > >>
> > >> Looks pretty simple. And curl shows the result.
> > >>
> > >>
> > >> # curl -i http://127.0.0.1:8080/dns/lookup/example.com/SOA
> > >> HTTP/1.0 200 OK
> > >> Server: BaseHTTP/0.3 Python/2.7.5
> > >> Date: Fri, 08 Jan 2016 09:24:54 GMT
> > >> Content-Type: text/javascript; charset=utf-8
> > >>
> > >> {
> > >> "result":
> > >> [
> > >> { "qtype": "SOA",
> > >> "qname": "example.com",
> > >> "content": "dns1.icann.org. hostmaster.icann.org. 2012080849
> 7200
> > >> 3600 1209600 3600",
> > >> "ttl": 3600,
> > >> "domain_id": -1
> > >> }
> > >> ]
> > >> }
> > >>
> > >> And Python script prints
> > >>
> > >> 127.0.0.1 - - [08/Jan/2016 11:36:31] "GET /dns/lookup/example.com/SOA
> > >> HTTP/1.1" 200 -
> > >>
> > >>
> > >> So, I've installed PoweDNS from CentOS 7 Epel repository
> > >>
> > >> # rpm -qa pdns\*
> > >> pdns-3.4.7-1.el7.x86_64
> > >> pdns-backend-remote-3.4.7-1.el7.x86_64
> > >>
> > >>
> > >> And my configuration file contains only the following settings
> > >>
> > >> # grep -Ev '^#|^$' /etc/pdns/pdns.conf
> > >> setuid=pdns
> > >> setgid=pdns
> > >> launch=remote
> > >> remote-connection-string=http:url=http://127.0.0.1:8080/dns
> > >> cache-ttl=0
> > >> negquery-cache-ttl=0
> > >> query-cache-ttl=0
> > >>
> > >>
> > >> But my remote backend does not work!
> > >>
> > >>
> > >> # dig @127.0.0.1 example.com. SOA
> > >>
> > >> ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> @127.0.0.1 example.com.
> SOA
> > >> ; (1 server found)
> > >> ;; global options: +cmd
> > >> ;; Got answer:
> > >> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 5375
> > >> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> > >> ;; WARNING: recursion requested but not available
> > >>
> > >> ;; OPT PSEUDOSECTION:
> > >> ; EDNS: version: 0, flags:; udp: 1680
> > >> ;; QUESTION SECTION:
> > >> ;example.com. IN SOA
> > >>
> > >> ;; Query time: 2 msec
> > >> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > >> ;; WHEN: Fri Jan 08 11:38:05 EET 2016
> > >> ;; MSG SIZE rcvd: 40
> > >>
> > >>
> > >> There is no new messages from pdns_server
> > >>
> > >> # systemctl status pdns.service
> > >> ● pdns.service - PowerDNS Authoritative Server
> > >> Loaded: loaded (/usr/lib/systemd/system/pdns.service; enabled;
> vendor
> > >> preset: disabled)
> > >> Active: active (running) since Fri 2016-01-08 11:37:50 EET; 18s ago
> > >> Process: 1581 ExecStop=/usr/bin/pdns_control quit (code=exited,
> > >> status=0/SUCCESS)
> > >> Process: 1586 ExecStart=/usr/sbin/pdns_server --daemon (code=exited,
> > >> status=0/SUCCESS)
> > >> Main PID: 1587 (pdns_server)
> > >> CGroup: /system.slice/pdns.service
> > >> └─1587 /usr/sbin/pdns_server --daemon
> > >>
> > >> Jan 08 11:37:50 localhost pdns[1587]: Listening on controlsocket in
> > >> '/var/run/pdns.controlsocket'
> > >> Jan 08 11:37:50 localhost systemd[1]: Started PowerDNS Authoritative
> > >> Server.
> > >> Jan 08 11:37:50 localhost pdns[1587]: UDP server bound to 0.0.0.0:53
> > >> Jan 08 11:37:50 localhost pdns[1587]: TCP server bound to 0.0.0.0:53
> > >> Jan 08 11:37:51 localhost pdns[1587]: PowerDNS Authoritative Server
> 3.4.7
> > >> (jenkins at autotest.powerdns.com) (C) 2001-2015 PowerDNS.COM BV
> > >> Jan 08 11:37:51 localhost pdns[1587]: Using 64-bits mode. Built on
> > >> 20151108152440 by mockbuild at buildvm-19.phx2.fedoraproject.org, gcc
> 4.8.3
> > >> 20140911 (Red Hat 4.8.3-9).
> > >> Jan 08 11:37:51 localhost pdns[1587]: PowerDNS comes with ABSOLUTELY
> NO
> > >> WARRANTY. This is free software, and you are welcome to redistribute
> it
> > >> according to the terms of the GPL version 2.
> > >> Jan 08 11:37:51 localhost pdns[1587]: Creating backend connection for
> TCP
> > >> Jan 08 11:37:51 localhost pdns[1587]: About to create 3 backend
> threads
> > >> for UDP
> > >> Jan 08 11:37:51 localhost pdns[1587]: Done launching threads, ready to
> > >> distribute questions
> > >>
> > >>
> > >> But Python prints
> > >>
> > >> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup/example.com/SOA
> > >> HTTP/1.1" 200 -
> > >> 127.0.0.1 - - [08/Jan/2016 11:38:05] code 501, message Not Implemented
> > >> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup/com/SOA
> HTTP/1.1"
> > >> 501 -
> > >> 127.0.0.1 - - [08/Jan/2016 11:38:05] code 501, message Not Implemented
> > >> 127.0.0.1 - - [08/Jan/2016 11:38:05] "GET /dns/lookup//SOA HTTP/1.1"
> 501 -
> > >>
> > >>
> > >> Where am I wrong?
> > >>
> > >>
> > >> Regards,
> > >> Aleksey
> > >>
> > >
> > >
>
> > _______________________________________________
> > Pdns-users mailing list
> > Pdns-users at mailman.powerdns.com
> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160110/058cf50e/attachment-0001.html>
More information about the Pdns-users
mailing list