<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>15. Remote Backend</title><link rel="stylesheet" href="docbook.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.75.2" /><link rel="home" href="index.html" title="PowerDNS manual" /><link rel="up" href="backends-detail.html" title="Appendix A. Backends in detail" /><link rel="prev" href="tinydnsbackend.html" title="14. TinyDNS Backend" /><link rel="next" href="pdns-internals.html" title="Appendix B. PDNS internals" /></head><body><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">15. Remote Backend</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="tinydnsbackend.html">Prev</a> </td><th width="60%" align="center">Appendix A. Backends in detail</th><td width="20%" align="right"> <a accesskey="n" href="pdns-internals.html">Next</a></td></tr></table><hr /></div><div class="sect1" title="15. Remote Backend"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="remotebackend"></a>15. Remote Backend</h2></div></div></div><div class="toc"><dl><dt><span class="sect2"><a href="remotebackend.html#remotebackend-compiling">15.1. Compiling</a></span></dt><dt><span class="sect2"><a href="remotebackend.html#remotebackend-usage">15.2. Usage</a></span></dt><dt><span class="sect2"><a href="remotebackend.html#remotebackend-api">15.3. API</a></span></dt><dt><span class="sect2"><a href="remotebackend.html#remotebackend-examples">15.4. Examples</a></span></dt></dl></div><p>
</p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><table border="0" summary="Warning"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Warning]" src="warning.png" /></td><th align="left">Warning</th></tr><tr><td align="left" valign="top"><p>
The Remote Backend is available since PowerDNS Authoritative Server 3.2. This backend is marked as experimental!
</p></td></tr></table></div><p>
</p><div class="table"><a id="idp9804016"></a><p class="title"><b>Table A.14. Remote backend capabilities</b></p><div class="table-contents"><table summary="Remote backend capabilities" border="1"><colgroup><col /><col /></colgroup><tbody><tr><td>Native</td><td>Yes</td></tr><tr><td>Master</td><td>Yes*</td></tr><tr><td>Slave</td><td> </td></tr><tr><td>Superslave</td><td> </td></tr><tr><td>Autoserial</td><td>Yes*</td></tr><tr><td>DNSSEC</td><td>Yes*</td></tr><tr><td>Multiple instances</td><td>Yes</td></tr></tbody></table></div></div><br class="table-break" /><p>
* If provided by the underlying backend.
</p><p>
This backend provides unix socket / pipe / http remoting for powerdns.
</p><div class="sect2" title="15.1. Compiling"><div class="titlepage"><div><div><h3 class="title"><a id="remotebackend-compiling"></a>15.1. Compiling</h3></div></div></div><p>
To compile this backend, you need to configure --with-modules="remote pipe", for
now. If you want to use http connector, you need libcurl and use --enable-remotebackend-http.
</p></div><div class="sect2" title="15.2. Usage"><div class="titlepage"><div><div><h3 class="title"><a id="remotebackend-usage"></a>15.2. Usage</h3></div></div></div><p>
The only configuration option for this backend is remote-connection-string. It comprises of two elements: type of backend, and parameters.
</p><p>
</p><pre class="programlisting">
remote-connection-string=<type>:<param>=<value>,<param>=<value>...
</pre><p>
</p><p>
You can pass as many parameters as you want. For unix and pipe backends, these
are passed along to the remote end as initialization. See <a class="xref" href="remotebackend.html#remotebackend-api" title="15.3. API">Section 15.3, “API”</a>.
Initialize is not called for http backend.
</p><div class="sect3" title="Unix backend"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-unix"></a>Unix backend</h4></div></div></div><p>
parameters: path, timeout (default 2000ms)
</p><p>
</p><pre class="programlisting">
remote-connection-string=unix:path=/path/to/socket
</pre><p>
</p></div><div class="sect3" title="Pipe backend"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-pipe"></a>Pipe backend</h4></div></div></div><p>
parameters: command,timeout (default 2000ms)
</p><p>
</p><pre class="programlisting">
remote-connection-string=unix:command=/path/to/executable,timeout=2000
</pre><p>
</p></div><div class="sect3" title="HTTP backend"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-HTTP"></a>HTTP backend</h4></div></div></div><p>
parameters: url, url-suffix, timeout (default 2000)
</p><p>
HTTP backend tries to do RESTful requests to your server. See examples.
</p><p>
URL should not end with /, and url-suffix is optional, but if you define it, it's
up to you to write the ".php" or ".json". Lack of dot causes lack of dot in
URL. Timeout is divided by 1000 because libcurl only supports seconds, but this is
given in milliseconds for consistency with other backends.
</p></div></div><div class="sect2" title="15.3. API"><div class="titlepage"><div><div><h3 class="title"><a id="remotebackend-api"></a>15.3. API</h3></div></div></div><div class="sect3" title="Queries"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-api-queries"></a>Queries</h4></div></div></div><p>
Unix and Pipe backend sends JSON formatted string to the remote end. Each
JSON query has two sections, 'method' and 'parameters'.
</p><p>
HTTP backend calls methods based on URL and has parameters in the query string.
Most calls are GET; see the methods listing for details.
</p></div><div class="sect3" title="Replies"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-api-replies"></a>Replies</h4></div></div></div><p>
You *must* always reply with JSON hash with at least one key, 'result'. This
must be boolean false if the query failed. Otherwise it must conform to the expected
result. For HTTP backend, to signal bare success, you can just reply with HTTP 200 OK, and omit any output. This will result in same outcome as sending {"result":true}.
</p><p>
You can optionally add 'log' array, each line in this array will be logged in
PowerDNS.
</p></div><div class="sect3" title="Methods"><div class="titlepage"><div><div><h4 class="title"><a id="remotebackend-api-methods"></a>Methods</h4></div></div></div><div class="sect4" title="Method: initialize"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-methods-initialize"></a>Method: initialize</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>Yes (except HTTP backend)</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>all parameters in connection string</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true on success / false on failure</p></dd><dt><span class="term">Description</span></dt><dd><p>Called to initialize the backend. This is not called for HTTP backend. You should
do your initializations here.</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"initialize", "parameters":{"command":"/path/to/something", "timeout":"2000", "something":"else"}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: lookup"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-methods-lookup"></a>Method: lookup</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>Yes</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>qtype, qname, zone_id</p></dd><dt><span class="term">Optional parameters:</span></dt><dd><p>remote, local, real-remote</p></dd><dt><span class="term">Reply:</span></dt><dd><p>array of <qtype,qname,content,ttl,domain_id,priority,scopeMask,auth></p></dd><dt><span class="term">Optional values:</span></dt><dd><p>domain_id, scopeMask and auth</p></dd><dt><span class="term">Description</span></dt><dd><p>This method is used to do the basic query. You can omit auth, but if you
are using DNSSEC this can lead into trouble. </p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"lookup", "parameters":{"qtype":"ANY", "qname":"www.example.com", "remote":"192.168.0.24", "local":"192.168.0.1", "real-remote":"192.168.0.24", "zone-id":-1}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":[{"qtype":"A", "qname":"www.example.com", "content":"192.168.1.2", "ttl": 60}]}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/lookup/www.example.com/ANY HTTP/1.1
X-RemoteBackend-remote: 192.168.0.24
X-RemoteBackend-local: 192.168.0.1
X-RemoteBackend-real-remote: 192.168.0.24
X-RemoteBackend-zone-id: -1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":[{"qtype":"A", "qname":"www.example.com", "content":"192.168.1.2", "ttl": 60}]}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: list"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-list"></a>Method: list</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No (Gives AXFR support)</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>zonename, domain_id</p></dd><dt><span class="term">Optional parameters:</span></dt><dd><p>domain_id</p></dd><dt><span class="term">Reply:</span></dt><dd><p>array of <qtype,qname,content,ttl,domain_id,priority,scopeMask,auth></p></dd><dt><span class="term">Optional values:</span></dt><dd><p>domain_id, scopeMask and auth</p></dd><dt><span class="term">Description</span></dt><dd><p>
Lists all records for the zonename. If you are running dnssec, you should take care of setting auth
to appropriate value, otherwise things can go wrong.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"list", "parameters":{"zonename":"example.com","domain_id":-1}}
</pre><p>
</p><p>
Response (split into lines for ease of reading)
</p><pre class="programlisting">
{"result":[
{"qtype":"SOA", "qname":"example.com", "content":"dns1.icann.org. hostmaster.icann.org. 2012081600 7200 3600 1209600 3600", "ttl": 3600},
{"qtype":"NS", "qname":"example.com", "content":"ns1.example.com", "ttl": 60},
{"qtype":"MX", "qname":"example.com", "content":"mx1.example.com.", "ttl": 60, "priority":10},
{"qtype":"A", "qname":"www.example.com", "content":"192.168.1.2", "ttl": 60},
{"qtype":"A", "qname":"ns1.example.com", "content":"192.168.0.2", "ttl": 60},
{"qtype":"A", "qname":"mx1.example.com", "content":"192.168.0.3", "ttl": 60}
]}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/list/example.com HTTP/1.1
X-RemoteBackend-domain-id: -1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":[{"qtype":"SOA", "qname":"example.com", "content":"dns1.icann.org. hostmaster.icann.org. 2012081600 7200 3600 1209600 3600", "ttl": 3600},{"qtype":"NS", "qname":"example.com", "content":"ns1.example.com", "ttl": 60},{"qtype":"MX", "qname":"example.com", "content":"mx1.example.com.", "ttl": 60, "priority":10},{"qtype":"A", "qname":"www.example.com", "content":"192.168.1.2", "ttl": 60},{"qtype":"A", "qname":"ns1.example.com", "content":"192.168.0.2", "ttl": 60},{"qtype":"A", "qname":"mx1.example.com", "content":"192.168.0.3", "ttl": 60}]}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: getBeforeAndAfterNamesAbsolute"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-getbeforeandafternamesabsolute"></a>Method: getBeforeAndAfterNamesAbsolute</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>for NSEC/NSEC3 non-narrow</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>id, qname</p></dd><dt><span class="term">Reply:</span></dt><dd><p>before, after</p></dd><dt><span class="term">Description</span></dt><dd><p>
Asks the names before and after qname. qname is given without dots or domain part. The query
can also be hashed. Care must be taken to handle wrap-around when qname is first or last in
the ordered list. Do not return nil for either one.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"getbeforeandafternamesabsolute", "params":{"id":0,"qname":"www.example.com"}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{”result":{"before":"ns1","after":""}}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
/dnsapi/getbeforeandafternamesabsolute/0/www.example.com
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{”result":{"before":"ns1","after":""}}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: getDomainMetadata"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-getdomainmetadata"></a>Method: getDomainMetadata</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, kind</p></dd><dt><span class="term">Reply:</span></dt><dd><p>array of strings</p></dd><dt><span class="term">Description</span></dt><dd><p>
Returns the value(s) for variable kind for zone name. Most commonly it's one of
NSEC3PARAM, PRESIGNED, SOA-EDIT. Can be others, too. You *must* always return
something, if there are no values, you shall return empty array or false.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"getdomainmetadata", "parameters":{"name":"example.com","kind":"PRESIGNED"}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":["NO"]}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/getdomainmetadata/example.com/PRESIGNED HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":["NO"]}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: setDomainMetadata"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-setdomainmetadata"></a>Method: setDomainMetadata </h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, kind, value</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true on success, false on failure</p></dd><dt><span class="term">Description</span></dt><dd><p>
Replaces the value(s) on domain name for variable kind to string(s) on array value. The
old value is discarded. Value can be an empty array, which can be interprepted as
deletion request.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"setdomainmetadata","parameters":{"name":"example.com","kind":"PRESIGNED","value":["YES"]}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
POST /dnsapi/setdomainmetadata/example.com/PRESIGNED HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
value1=YES&
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: getDomainKeys"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-getdomainkeys"></a>Method: getDomainKeys</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>for DNSSEC</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, kind</p></dd><dt><span class="term">Reply:</span></dt><dd><p>array of <id, flags, active, content></p></dd><dt><span class="term">Description</span></dt><dd><p>
Retrieves any keys of kind. The id, flags are unsigned integers, and active is boolean. Content must be valid key record in format that PowerDNS understands. You are encouraged to implement <a class="xref" href="remotebackend.html#remotebackend-api-method-adddomainkey" title="Method: addDomainKey">the section called “Method: addDomainKey”</a>, as you can use <a class="xref" href="pdnssec.html" title="5. 'pdnssec' for PowerDNSSEC command & control">Section 5, “'pdnssec' for PowerDNSSEC command & control”</a> to provision keys.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"getdomainkeys","parameters":{"name":"example.com","kind":0}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":[{"id":1,"flags":256,"active":true,"content":"Private-key-format: v1.2
Algorithm: 8 (RSASHA256)
Modulus: r+vmQll38ndQqNSCx9eqRBUbSOLcH4PZFX824sGhY2NSQChqt1G4ZfndzRwgjXMUwiE7GkkqU2Vbt/g4iP67V/+MYecMV9YHkCRnEzb47nBXvs9JCf8AHMCnma567GQjPECh4HevPE9wmcOfpy/u7UN1oHKSKRWuZJadUwcjbp8=
PublicExponent: AQAB
PrivateExponent: CY<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/93" target="_top">93</a>UtVnOM6wrFJZ+qA9+Yx+p5yk0CSi0Q7c+/6EVMuABQ5gNyTuu0j65lU3X81bwUk2wHPx6smfgoVDRAW5jjO4jgIFV6nE4inzk5YQKycQSL8YG3Nm9GciLFya1KUXs81sHsQpkvK7MNaSbvkaHZQ6iv16bZ4t73Wascwa/E=
Prime1: 6a165cIC0nNsGlTW/s2jRu7idq5+U203iE1HzSIddmWgx5KIKE/s3I+pwfmXYRUmq+4H9ASd/Yot1lSYW98szw==
Prime2: wLoCPKxxnuxDx6/9IKOYz8t9ZNLY74iCeQ85koqvTctkFmB9jpOUHTU9BhecaFY2euP9CuHV7z3PLtCoO8s1MQ==
Exponent1: CuzJaiR/7UboLvL4ekEy+QYCIHpX/Z6FkiHK0ZRevEJUGgCHzRqvgEBXN3Jr2WYbwL4IMShmGoxzSCn8VY9BkQ==
Exponent2: LDR9/tyu0vzuLw<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/20" target="_top">commit 20</a>B22FzNdd5rFF2wAQTQ0yF/3Baj5NAi9w84l0u07KgKQZX4g0N8qUyypnU5YDyzc6ZoagQ==
Coefficient: 6S0vhIQITWzqfQSLj+wwRzs6qCvJckHb1+SD1XpwYjSgMTEUlZhf96m8WiaE1/fIt4Zl2PC3fF7YIBoFLln22w=="}]}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/getdomainkeys/example.com/0 HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":[{"id":1,"flags":256,"active":true,"content":"Private-key-format: v1.2
Algorithm: 8 (RSASHA256)
Modulus: r+vmQll38ndQqNSCx9eqRBUbSOLcH4PZFX824sGhY2NSQChqt1G4ZfndzRwgjXMUwiE7GkkqU2Vbt/g4iP67V/+MYecMV9YHkCRnEzb47nBXvs9JCf8AHMCnma567GQjPECh4HevPE9wmcOfpy/u7UN1oHKSKRWuZJadUwcjbp8=
PublicExponent: AQAB
PrivateExponent: CY<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/93" target="_top">93</a>UtVnOM6wrFJZ+qA9+Yx+p5yk0CSi0Q7c+/6EVMuABQ5gNyTuu0j65lU3X81bwUk2wHPx6smfgoVDRAW5jjO4jgIFV6nE4inzk5YQKycQSL8YG3Nm9GciLFya1KUXs81sHsQpkvK7MNaSbvkaHZQ6iv16bZ4t73Wascwa/E=
Prime1: 6a165cIC0nNsGlTW/s2jRu7idq5+U203iE1HzSIddmWgx5KIKE/s3I+pwfmXYRUmq+4H9ASd/Yot1lSYW98szw==
Prime2: wLoCPKxxnuxDx6/9IKOYz8t9ZNLY74iCeQ85koqvTctkFmB9jpOUHTU9BhecaFY2euP9CuHV7z3PLtCoO8s1MQ==
Exponent1: CuzJaiR/7UboLvL4ekEy+QYCIHpX/Z6FkiHK0ZRevEJUGgCHzRqvgEBXN3Jr2WYbwL4IMShmGoxzSCn8VY9BkQ==
Exponent2: LDR9/tyu0vzuLw<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/20" target="_top">commit 20</a>B22FzNdd5rFF2wAQTQ0yF/3Baj5NAi9w84l0u07KgKQZX4g0N8qUyypnU5YDyzc6ZoagQ==
Coefficient: 6S0vhIQITWzqfQSLj+wwRzs6qCvJckHb1+SD1XpwYjSgMTEUlZhf96m8WiaE1/fIt4Zl2PC3fF7YIBoFLln22w=="}]}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: addDomainKey"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-adddomainkey"></a>Method: addDomainKey</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, key=<flags,active,content></p></dd><dt><span class="term">Reply:</span></dt><dd><p>true for success, false for failure</p></dd><dt><span class="term">Description</span></dt><dd><p>
Adds key into local storage. See <a class="xref" href="remotebackend.html#remotebackend-api-method-getdomainkeys" title="Method: getDomainKeys">the section called “Method: getDomainKeys”</a> for more information.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"adddomainkey", "parameters":{"key":{"id":1,"flags":256,"active":true,"content":"Private-key-format: v1.2
Algorithm: 8 (RSASHA256)
Modulus: r+vmQll38ndQqNSCx9eqRBUbSOLcH4PZFX824sGhY2NSQChqt1G4ZfndzRwgjXMUwiE7GkkqU2Vbt/g4iP67V/+MYecMV9YHkCRnEzb47nBXvs9JCf8AHMCnma567GQjPECh4HevPE9wmcOfpy/u7UN1oHKSKRWuZJadUwcjbp8=
PublicExponent: AQAB
PrivateExponent: CY<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/93" target="_top">93</a>UtVnOM6wrFJZ+qA9+Yx+p5yk0CSi0Q7c+/6EVMuABQ5gNyTuu0j65lU3X81bwUk2wHPx6smfgoVDRAW5jjO4jgIFV6nE4inzk5YQKycQSL8YG3Nm9GciLFya1KUXs81sHsQpkvK7MNaSbvkaHZQ6iv16bZ4t73Wascwa/E=
Prime1: 6a165cIC0nNsGlTW/s2jRu7idq5+U203iE1HzSIddmWgx5KIKE/s3I+pwfmXYRUmq+4H9ASd/Yot1lSYW98szw==
Prime2: wLoCPKxxnuxDx6/9IKOYz8t9ZNLY74iCeQ85koqvTctkFmB9jpOUHTU9BhecaFY2euP9CuHV7z3PLtCoO8s1MQ==
Exponent1: CuzJaiR/7UboLvL4ekEy+QYCIHpX/Z6FkiHK0ZRevEJUGgCHzRqvgEBXN3Jr2WYbwL4IMShmGoxzSCn8VY9BkQ==
Exponent2: LDR9/tyu0vzuLw<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/20" target="_top">commit 20</a>B22FzNdd5rFF2wAQTQ0yF/3Baj5NAi9w84l0u07KgKQZX4g0N8qUyypnU5YDyzc6ZoagQ==
Coefficient: 6S0vhIQITWzqfQSLj+wwRzs6qCvJckHb1+SD1XpwYjSgMTEUlZhf96m8WiaE1/fIt4Zl2PC3fF7YIBoFLln22w=="}}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
POST /dnsapi/adddomainkey/example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 965
flags=256&active=1&content=Private-key-format: v1.2
Algorithm: 8 (RSASHA256)
Modulus: r+vmQll38ndQqNSCx9eqRBUbSOLcH4PZFX824sGhY2NSQChqt1G4ZfndzRwgjXMUwiE7GkkqU2Vbt/g4iP67V/+MYecMV9YHkCRnEzb47nBXvs9JCf8AHMCnma567GQjPECh4HevPE9wmcOfpy/u7UN1oHKSKRWuZJadUwcjbp8=
PublicExponent: AQAB
PrivateExponent: CY<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/93" target="_top">93</a>UtVnOM6wrFJZ+qA9+Yx+p5yk0CSi0Q7c+/6EVMuABQ5gNyTuu0j65lU3X81bwUk2wHPx6smfgoVDRAW5jjO4jgIFV6nE4inzk5YQKycQSL8YG3Nm9GciLFya1KUXs81sHsQpkvK7MNaSbvkaHZQ6iv16bZ4t73Wascwa/E=
Prime1: 6a165cIC0nNsGlTW/s2jRu7idq5+U203iE1HzSIddmWgx5KIKE/s3I+pwfmXYRUmq+4H9ASd/Yot1lSYW98szw==
Prime2: wLoCPKxxnuxDx6/9IKOYz8t9ZNLY74iCeQ85koqvTctkFmB9jpOUHTU9BhecaFY2euP9CuHV7z3PLtCoO8s1MQ==
Exponent1: CuzJaiR/7UboLvL4ekEy+QYCIHpX/Z6FkiHK0ZRevEJUGgCHzRqvgEBXN3Jr2WYbwL4IMShmGoxzSCn8VY9BkQ==
Exponent2: LDR9/tyu0vzuLw<a class="ulink" href="http://wiki.powerdns.com/projects/trac/changeset/20" target="_top">commit 20</a>B22FzNdd5rFF2wAQTQ0yF/3Baj5NAi9w84l0u07KgKQZX4g0N8qUyypnU5YDyzc6ZoagQ==
Coefficient: 6S0vhIQITWzqfQSLj+wwRzs6qCvJckHb1+SD1XpwYjSgMTEUlZhf96m8WiaE1/fIt4Zl2PC3fF7YIBoFLln22w==
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: removeDomainKey"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-removedomainkey"></a>Method: removeDomainKey </h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, id</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true for success, false for failure</p></dd><dt><span class="term">Description</span></dt><dd><p>
Removes key id from domain name.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"removedomainkey","parameters":"{"name":"example.com","id":1}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
DELETE /dnsapi/removedomainkey/example.com/1 HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: activateDomainKey"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-activatedomainkey"></a>Method: activateDomainKey</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, id</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true for success, false for failure</p></dd><dt><span class="term">Description</span></dt><dd><p>
Activates key id for domain name.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"activatedomainkey","parameters":{"name":"example.com","id":1}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
POST /dnsapi/activatedomainkey/example.com/1 HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; utf-8
{"result": true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method deactivateDomainKey"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-deactivatedomainkey"></a>Method deactivateDomainKey</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name, id</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true for success, false for failure</p></dd><dt><span class="term">Description</span></dt><dd><p>Deactivates key id for domain name.</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"deactivatedomainkey","parameters":{"name":"example.com","id":1}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result": true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
POST /dnsapi/deactivatedomainkey/example.com/1 HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; utf-8
{"result": true}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: getTSIGKey"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-gettsigkey"></a>Method: getTSIGKey</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name</p></dd><dt><span class="term">Reply:</span></dt><dd><p>algorithm, content</p></dd><dt><span class="term">Description</span></dt><dd><p>
Retrieves the key needed to sign AXFR.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"gettsigkey","parameters":{"name":"example.com"}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":{"algorithm":"hmac-md5","content:"kp4/24gyYsEzbuTVJRUMoqGFmN3LYgVDzJ/3oRSP7ys="}}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/gettsigkey/example.com
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":{"algorithm":"hmac-md5","content:"kp4/24gyYsEzbuTVJRUMoqGFmN3LYgVDzJ/3oRSP7ys="}}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: getDomainInfo"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-getdomaininfo"></a>Method: getDomainInfo</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>name</p></dd><dt><span class="term">Reply:</span></dt><dd><p>zone</p></dd><dt><span class="term">Optional values:</span></dt><dd><p>serial, kind, id, notified_serial, last_check, masters</p></dd><dt><span class="term">Description</span></dt><dd><p>
Retrieves information about given domain from the backend. If your return value has no zone
attribute, the backend will signal error. Everything else will default to something.
Default values: serial:0, kind:NATIVE, id:-1, notified_serial:-1, last_check:0, masters: [].
Masters, if present, must be array of strings.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"getdomaininfo","parameters":{"name":"example.com"}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":{id:1,"zone":"example.com","kind":"NATIVE","serial":2002010100}}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
GET /dnsapi/getdomaininfo/example.com HTTP/1.1
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
content-Type: text/javascript: charset=utf-8
{"result":{id:1,"zone":"example.com","kind":"NATIVE","serial":2002010100}}
</pre><p>
</p></dd></dl></div></div><div class="sect4" title="Method: setNotified"><div class="titlepage"><div><div><h5 class="title"><a id="remotebackend-api-method-setnotified"></a>Method: setNotified</h5></div></div></div><div class="variablelist"><dl><dt><span class="term">Mandatory:</span></dt><dd><p>No</p></dd><dt><span class="term">Parameters:</span></dt><dd><p>id, serial</p></dd><dt><span class="term">Reply:</span></dt><dd><p>true for success, false for failure</p></dd><dt><span class="term">Description</span></dt><dd><p>
Updates last notified serial for the domain id. Any errors are ignored.
</p></dd><dt><span class="term">Example JSON/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
{"method":"setnotified","parameters":{"id":1,"serial":2002010100}}
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
{"result":true}
</pre><p>
</p></dd><dt><span class="term">Example HTTP/RPC:</span></dt><dd><p>
Query:
</p><pre class="programlisting">
POST /dnsapi/setnotified/1
Content-Type: application/x-www-form-urlencoded
Content-Length: 17
serial=2002010100
</pre><p>
</p><p>
Response:
</p><pre class="programlisting">
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
{"result":true}
</pre><p>
</p></dd></dl></div></div></div></div><div class="sect2" title="15.4. Examples"><div class="titlepage"><div><div><h3 class="title"><a id="remotebackend-examples"></a>15.4. Examples</h3></div></div></div><p>
Scenario: SOA lookup via pipe or unix
</p><p>
Query:
</p><pre class="programlisting">
{
"method": "lookup",
"parameters": {
"qname": "example.com",
"qtype": "SOA",
"zone_id": "-1"
}
}
</pre><p>
</p><p>
Reply:
</p><pre class="programlisting">
{
"result":
[
{ "qtype": "SOA",
"qname": "example.com",
"content": "dns1.icann.org. hostmaster.icann.org. 2012080849 7200 3600 1209600 3600",
"ttl": 3600,
"priority": 0,
"domain_id": -1
}
]
}
</pre><p>
</p><p>
Scenario: SOA lookup via HTTP backend
</p><p>
Query:
</p><pre class="programlisting">
/dns/lookup/example.com/SOA
</pre><p>
Reply:
</p><pre class="programlisting">
{
"result":
[
{ "qtype": "SOA",
"qname": "example.com",
"content": "dns1.icann.org. hostmaster.icann.org. 2012080849 7200 3600 1209600 3600",
"ttl": 3600,
"priority": 0,
"domain_id": -1
}
]
}
</pre><p>
</p></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="tinydnsbackend.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="backends-detail.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="pdns-internals.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">14. TinyDNS Backend </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Appendix B. PDNS internals</td></tr></table></div></body></html>
