<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >Backends in detail</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REL="HOME" TITLE="PowerDNS manual" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Tools to analyse DNS traffic" HREF="analysis.html"><LINK REL="NEXT" TITLE="MySQL backend" HREF="mysqlbackend.html"></HEAD ><BODY CLASS="APPENDIX" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >PowerDNS manual</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="analysis.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="mysqlbackend.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="APPENDIX" ><H1 ><A NAME="BACKENDS-DETAIL" ></A >Appendix A. Backends in detail</H1 ><P > This appendix lists several of the available backends in more detail </P ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="PIPEBACKEND" >A.1. PipeBackend</A ></H1 ><P > <DIV CLASS="TABLE" ><A NAME="AEN4489" ></A ><P ><B >Table A-1. PipeBackend capabilities</B ></P ><TABLE BORDER="1" CLASS="CALSTABLE" ><COL><COL><TBODY ><TR ><TD >Native</TD ><TD >Yes</TD ></TR ><TR ><TD >Master</TD ><TD >No</TD ></TR ><TR ><TD >Slave</TD ><TD >No</TD ></TR ><TR ><TD >Superslave</TD ><TD >No</TD ></TR ><TR ><TD >Autoserial</TD ><TD >No</TD ></TR ><TR ><TD >Case</TD ><TD >Depends</TD ></TR ><TR ><TD >Module name</TD ><TD >pipe</TD ></TR ><TR ><TD >Launch name</TD ><TD >pipe</TD ></TR ></TBODY ></TABLE ></DIV > </P ><P > The PipeBackend allows for easy dynamic resolution based on a 'Coprocess' which can be written in any programming language that can read a question on standard input and answer on standard output. </P ><P > <DIV CLASS="NOTE" ><P ></P ><TABLE CLASS="NOTE" WIDTH="100%" BORDER="0" ><TR ><TD WIDTH="25" ALIGN="CENTER" VALIGN="TOP" ><IMG SRC="../images/note.gif" HSPACE="5" ALT="Note"></TD ><TD ALIGN="LEFT" VALIGN="TOP" ><P > The Pipe Backend currently does not function under FreeBSD 4.x and 5.x, probably due to unfavorable interactions between its threading implementation and the fork system call. </P ><P > Interestingly, the Linux PowerDNS binary running under the Linuxulator on FreeBSD does work. </P ></TD ></TR ></TABLE ></DIV > </P ><P > To configure, the following settings are available: <P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT >pipe-command</DT ><DD ><P > Command to launch as backend. Mandatory. </P ></DD ><DT >pipe-timeout</DT ><DD ><P > Number of milliseconds to wait for an answer from the backend. If this time is ever exceeded, the backend is declared dead and a new process is spawned. Available since 2.7. </P ></DD ><DT >pipe-regex</DT ><DD ><P > If set, only questions matching this regular expression are even sent to the backend. This makes sure that most of PowerDNS does not slow down if you you reploy a slow backend. A query for the A record of 'www.powerdns.com' would be presented to the regex as 'www.powerdns.com;A'. A matching regex would be '^www.powerdns.com;.*$'. </P ><P > To match only ANY and A queries for www.powerdns.com, use '^www.powerdns.com;(A|ANY)$'. Available since 2.8. </P ></DD ><DT >pipebackend-abi-version</DT ><DD ><P > This is the version of the question format that is sent to the co-process (pipe-command) for the pipe backend. </P ><P > If not set the default pipebackend-abi-version is 1. When set to 2, the local-ip-address field is added after the remote-ip-address. (the local-ip-address refers to the IP address the question was received on) </P ></DD ></DL ></DIV > </P ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="PIPEBACKEND-PROTOCOL" >A.1.1. PipeBackend protocol</A ></H2 ><P > Questions come in over a file descriptor, by default standard input. Answers are sent out over another file descriptor, standard output by default. </P ><DIV CLASS="SECT3" ><H3 CLASS="SECT3" ><A NAME="AEN4545" >A.1.1.1. Handshake</A ></H3 ><P > PowerDNS sends out 'HELO\t1', indicating that it wants to speak the protocol as defined in this document, version 1. A PowerDNS CoProcess must then send out a banner, prefixed by 'OK\t', indicating it launched successfully. If it does not support the indicated version, it should respond with FAIL, but not exit. Suggested behaviour is to try and read a further line, and wait to be terminated. </P ></DIV ><DIV CLASS="SECT3" ><H3 CLASS="SECT3" ><A NAME="AEN4548" >A.1.1.2. Questions</A ></H3 ><P > Questions come in three forms and are prefixed by a tag indicating the kind: <P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT >Q</DT ><DD ><P > Regular queries </P ></DD ><DT >AXFR</DT ><DD ><P > List requests, which mean that an entire zone should be listed </P ></DD ><DT >PING</DT ><DD ><P > Check if the coprocess is functioning </P ></DD ></DL ></DIV > The question format: pipebackend-abi-version = 1 [default] <PRE CLASS="SCREEN" >type qname qclass qtype id remote-ip-address</PRE > pipebackend-abi-version = 2 <PRE CLASS="SCREEN" >type qname qclass qtype id remote-ip-address local-ip-address</PRE > Fields are tab separated, and terminated with a single \n. The remote-ip-address is the IP address of the nameserver asking the question; the local-ip-address is the IP address on which the question was received. Type is the tag above, qname is the domain the question is about. qclass is always 'IN' currently, denoting an INternet question. qtype is the kind of information desired, the record type, like A, CNAME or AAAA. id can be specified to help your backend find an answer if the id is already known from an earlier query. You can ignore it. remote-ip-address is the ip-address of the nameserver asking the question. local-ip-address is the ip-address that was querried locally. </P ></DIV ><DIV CLASS="SECT3" ><H3 CLASS="SECT3" ><A NAME="AEN4566" >A.1.1.3. Answers</A ></H3 ><P > Each answer starts with a tag, possibly followed by a TAB and more data. <P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT >DATA</DT ><DD ><P > Indicating a successful line of DATA </P ></DD ><DT >END</DT ><DD ><P > Indicating the end of an answer - no further data </P ></DD ><DT >FAIL</DT ><DD ><P > Indicating a lookup failure. Also serves as 'END'. No further data. </P ></DD ><DT >LOG</DT ><DD ><P > For specifying things that should be logged. Can only be sent after a query and before an END line. After the tab, the message to be logged </P ></DD ></DL ></DIV > So letting it be known that there is no data consists if sending 'END' without anything else. The answer format: <PRE CLASS="SCREEN" >DATA qname qclass qtype ttl id content </PRE > 'content' is as specified in <A HREF="types.html" >Chapter 17</A >. A sample dialogue may look like this: <PRE CLASS="SCREEN" >Q www.ds9a.nl IN CNAME -1 213.244.168.210 DATA www.ds9a.nl IN CNAME 3600 1 ws1.ds9a.nl Q ws1.ds9a.nl IN CNAME -1 213.244.168.210 END Q wd1.ds9a.nl IN A -1 213.244.168.210 DATA ws1.ds9a.nl IN A 3600 1 1.2.3.4 DATA ws1.ds9a.nl IN A 3600 1 1.2.3.5 DATA ws1.ds9a.nl IN A 3600 1 1.2.3.6 END</PRE > This would correspond to a remote webserver 213.244.168.210 wanting to resolve the IP address of www.ds9a.nl, and PowerDNS traversing the CNAMEs to find the IP addresses of ws1.ds9a.nl Another dialogue might be: <PRE CLASS="SCREEN" >Q ds9a.nl IN SOA -1 213.244.168.210 DATA ds9a.nl IN SOA 86400 1 ahu.ds9a.nl ... END AXFR 1 DATA ds9a.nl IN SOA 86400 1 ahu.ds9a.nl ... DATA ds9a.nl IN NS 86400 1 ns1.ds9a.nl DATA ds9a.nl IN NS 86400 1 ns2.ds9a.nl DATA ns1.ds9a.nl IN A 86400 1 213.244.168.210 DATA ns2.ds9a.nl IN A 86400 1 63.123.33.135 . . END</PRE > This is a typical zone transfer. </P ></DIV ><DIV CLASS="SECT3" ><H3 CLASS="SECT3" ><A NAME="AEN4590" >A.1.1.4. Sample perl backend</A ></H3 ><P > <PRE CLASS="SCREEN" >#!/usr/bin/perl -w # sample PowerDNS Coprocess backend # use strict; $|=1; # no buffering my $line=<>; chomp($line); unless($line eq "HELO\t1") { print "FAIL\n"; print STDERR "Recevied '$line'\n"; <>; exit; } print "OK Sample backend firing up\n"; # print our banner while(<>) { print STDERR "$$ Received: $_"; chomp(); my @arr=split(/\t/); if(@arr<6) { print "LOG PowerDNS sent unparseable line\n"; print "FAIL\n"; next; } my ($type,$qname,$qclass,$qtype,$id,$ip)=split(/\t/); if(($qtype eq "A" || $qtype eq "ANY") && $qname eq "webserver.example.com") { print STDERR "$$ Sent A records\n"; print "DATA $qname $qclass A 3600 -1 1.2.3.4\n"; print "DATA $qname $qclass A 3600 -1 1.2.3.5\n"; print "DATA $qname $qclass A 3600 -1 1.2.3.6\n"; } elsif(($qtype eq "CNAME" || $qtype eq "ANY") && $qname eq "www.example.com") { print STDERR "$$ Sent CNAME records\n"; print "DATA $qname $qclass CNAME 3600 -1 webserver.example.com\n"; } elsif($qtype eq "MBOXFW") { print STDERR "$$ Sent MBOXFW records\n"; print "DATA $qname $qclass MBOXFW 3600 -1 powerdns\@example.com\n"; } print STDERR "$$ End of data\n"; print "END\n"; } </PRE > </P ></DIV ></DIV ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="analysis.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="mysqlbackend.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Tools to analyse DNS traffic</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >MySQL backend</TD ></TR ></TABLE ></DIV ></BODY ></HTML >