Lua Examples (Authoritative LUA records) - PowerDNS/pdns GitHub Wiki

Using Lua to simulate CNAME-like behaviour on the zone apex

If you cannot use ALIAS records because you depend on the DNSSEC live signing feature, you can use LUA-records as an alternative. The example below utilizes a CNAME record (www.example.com) inside the zone to point the actual target and provides an A (IPv4) and AAAA (IPv6) record.

example.com     3600 IN LUA   A ";local r=resolve('www.mycdn.example.net', pdns.A) local t={} for _,v in ipairs(r) do table.insert(t, v:toString()) end return t"
example.com     3600 IN LUA   AAAA ";local r=resolve('www.mycdn.example.net', pdns.AAAA) local t={} for _,v in ipairs(r) do table.insert(t, v:toString()) end return t"
www.example.com 3600 IN CNAME example.com

The basics:

• Hello world:

test.example.org  60 IN LUA TXT ";pdnslog('Hello world'); return 'Hello world TXT record'"

• Debugging the inputs and outputs of a function (note: pickclosest() needs the city-level Maxmind database, not country-level):

test2.example.org 60 IN LUA A ";pdnslog('bestwho=' .. (bestwho:toString()) .. ' countryCode=' .. countryCode() .. ' latlon=' .. latlon()); local vpn=pickclosest({'11.11.11.11','22.22.22.22','33.33.33.33'}); pdnslog('vpn=' .. vpn); return vpn"

• Creating an object, generating a debug trace, converting an object to a string:

test3.example.org 60 IN LUA TXT ";local x=newDN('wtest4.int.netskrt.org');pdnslog(debug.traceback());return x:toString()"

• Generating a random number (without math.randomseed or enable-lua-records=shared, it's always the same. os.time() isn't cryptographically strong, but it's something):

test4.example.org 60 IN LUA TXT ";math.randomseed(os.time());return math.random(10000)"

• Running a command to get a random seed: better randomness, but slower:

test5.example.org     60      IN      LUA     TXT ";math.randomseed(io.popen('od -An -tu4 -N 4 /dev/urandom'):read()); return math.random()"

• Reading a file:

test6.example.org     60      IN      LUA     TXT ";local r=io.open('/dev/urandom'):read(4); local v=string.format('%d,%d,%d,%d',r:byte(1,4)); return v"

Note: The default log level is 5, but 6 is required to see errors in LUA records:

loglevel=6
log-dns-details=yes
log-dns-queries=yes

Note2: See the appropriate Lua manual for the version of Lua linked to pdns_server (ldd /usr/sbin/pdns_server | grep liblua):

• Lua 5.1 manual
• Lua 5.4 manual

Note3: PowerDNS uses the Lua JIT library, which has additional backported features described here