Skip to content

Lua Examples (Authoritative LUA records)

Jump to bottom Edit New page
Peter van Dijk edited this page Jul 6, 2023 · 6 revisions

Using Lua to simulate CNAME-like behaviour on the zone apex

If you cannot use ALIAS records because you depend on the DNSSEC live signing feature, you can use LUA-records as an alternative. The example below utilizes a CNAME record (www.example.com) inside the zone to point the actual target and provides an A (IPv4) and AAAA (IPv6) record.

example.com     3600 IN LUA   A ";local r=resolve('www.mycdn.example.net', pdns.A) local t={} for _,v in ipairs(r) do table.insert(t, v:toString()) end return t"
example.com     3600 IN LUA   AAAA ";local r=resolve('www.mycdn.example.net', pdns.AAAA) local t={} for _,v in ipairs(r) do table.insert(t, v:toString()) end return t"
www.example.com 3600 IN CNAME example.com

The basics:

  • Hello world:
test.example.org  60 IN LUA TXT ";pdnslog('Hello world'); return 'Hello world TXT record'"
  • Debugging the inputs and outputs of a function (note: pickclosest() needs the city-level Maxmind database, not country-level):
test2.example.org 60 IN LUA A ";pdnslog('bestwho=' .. (bestwho:toString()) .. ' countryCode=' .. countryCode() .. ' latlon=' .. latlon()); local vpn=pickclosest({'11.11.11.11','22.22.22.22','33.33.33.33'}); pdnslog('vpn=' .. vpn); return vpn"
  • Creating an object, generating a debug trace, converting an object to a string:
test3.example.org 60 IN LUA TXT ";local x=newDN('wtest4.int.netskrt.org');pdnslog(debug.traceback());return x:toString()"
  • Generating a random number (without math.randomseed or enable-lua-records=shared, it's always the same. os.time() isn't cryptographically strong, but it's something):
test4.example.org 60 IN LUA TXT ";math.randomseed(os.time());return math.random(10000)"
  • Running a command to get a random seed: better randomness, but slower:
test5.example.org     60      IN      LUA     TXT ";math.randomseed(io.popen('od -An -tu4 -N 4 /dev/urandom'):read()); return math.random()"
  • Reading a file:
test6.example.org     60      IN      LUA     TXT ";local r=io.open('/dev/urandom'):read(4); local v=string.format('%d,%d,%d,%d',r:byte(1,4)); return v"

Note: The default log level is 5, but 6 is required to see errors in LUA records:

loglevel=6
log-dns-details=yes
log-dns-queries=yes

Note2: See the appropriate Lua manual for the version of Lua linked to pdns_server (ldd /usr/sbin/pdns_server | grep liblua):

Note3: PowerDNS uses the Lua JIT library, which has additional backported features described here

Please also read the PowerDNS Documentation that is available from https://doc.powerdns.com/

Add a custom sidebar
Clone this wiki locally