[Pdns-users] LUA createReverse to simulate $GENERATE for a range of addresses

Tue Jun 28 20:31:12 UTC 2022

Otto,
Thank you for your answer. I have continued to test ways to make PowerDNS
work for us, but even with it functioning as described I just can't find a
good way around scenarios where we have a /24 split into dynamic address
space for multiple uses/customers. Since we tend to include some "metadata"
in our reverse lookup responses for dynamically allocated address space I
run into the problem you described where I have in BIND:

$GENERATE 1-64 IN PTR place1-purpose-1-2.3-$.domain.com
$GENERATE 65-127 IN PTR place2-purpose-1-2-3-$.domain.com
$GENERATE 128-255 IN PTR place3-purpose-1-2-3-$.domain.com

I just can't see a way of doing something like this in PowerDNS with LUA
records in an authoritative server that would be comparable in convenience
and simplicity. I have decided to look more closely at BIND 9 and see if I
can get some of the features I'm after working better in BIND instead.

Erik

On Thu, Jun 23, 2022 at 9:20 AM Otto Moerbeek <otto at drijf.net> wrote:

> On Wed, Jun 22, 2022 at 01:19:33PM -0400, Erik Sejr via Pdns-users wrote:
>
> > Hi There,
> > I have been exploring a migration from BIND 9 to PowerDNS with plans to
> use
> > the pgsql backend. I have been reading over the docs and thinking
> > specifically about how I would be able to migrate our extensive use of
> > $GENERATE in our network.
> >
> > It seems that based on the way createForward() and createReverse()
> function
> > it would make the most sense to group dynamically generated DNS records
> > under subdomains rather then keeping them in one very large zone and the
> > replacement of
> >
> > $GENERATE 0-255 $ PTR 1-2-3-$.domain.com.
> >
> > with
> >
> > *.3.2.1 IN LUA PTR "createReverse('%5.domain.com.')"
> >
> > is pretty straightforward. But what about these:
> >
> > $GENERATE 10-20 $ PTR 1-2-3-$.domain.com.
> > 21 IN PTR something.domain.com
> > 22 IN PTR somethingelse.domain.com
> > $GENERATE 23-255 $ PTR 1-2-3-$.domain.com.
> >
> > How does one do a range of addresses with createReverse() rather then
> > *.3.2.1.in-addr.arpa? or *.2.1.in-addr.arpa? Is there such a thing as:
> >
> > 10-20 IN LUA PTR "createReverse('%5.domain.com.')"
> > 23-255 IN LUA PTR "createReverse('%5.domain.com.')"
> >
> > I did read up on the exceptions list and in this example utilizing
> > something like that might be suitable, but there are many examples where
> > there would be "hundreds" of exceptions within a /24 and I don't think
> the
> > exceptions list would scale well in that regard. So I am hoping for
> > alternate options but I don't see a way with the variables LUA has access
> > to that would allow me to write a snippet of LUA code to check if a given
> > PTR record already exists in the zone and just return a generated one if
> > not, or even to check if the last octet for example was within a certain
> > range and if so generate the response with createReverse?
> >
> > Thanks
>
> Explicit matches already have a higher precedence.
>
> So
>
> 21.3.2.1.mydomain IN PTR something.domain.com
> 22.3.2.1.mydomain IN PTR somethingelse.domain.comOA
> *.3.2.1.mydomain IN LUA PTR "createReverse('%4%.domain.com.')"
>
> will do what you want, making the wildcard the default, only used if
> no other name matches. If you have two ranges in the same label that
> should use different createReverse() calls this does not work. In that
> case you can write a piece of Lua that returns the proper string.
>
>         -Otto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20220628/defc59cb/attachment.htm>