Sunday, November 14, 2010

PowerDNS Recursor additional Lua hooks for IPv6 DNS64 and Renumbering

Dear PowerDNS Community,

The PowerDNS Recursor is currently being extended with additional Lua hooks
and extra infrastructure to support flexible DNS64 operations, plus perform
on-the-fly IPv4 or IPv6 renumbering.

DNS64 is described on
and in brief: 

  "DNS64 is a mechanism for synthesizing AAAA records from A records.  DNS64
   is used with an IPv6/IPv4 translator to enable client-server communication
   between an IPv6-only client and an IPv4-only server, without requiring any
   changes to either the IPv6 or the IPv4 node"

Those of you with an interest in these features are invited to test out the
following *pre-release*, specifically to let us know if the API is sufficient
for your needs:

It can be compiled like any other PowerDNS Recursor release. 

New in the version are the 'nodata()' and 'postresolve()' Lua hooks. Nodata
functions just like nxdomain(), except that it gets called when a domain
exists, but the requested type doesn't. This is where DNS64 happens.

Postresolve() is different, and very powerful - it gets handed the complete
DNS answer as it would be sent out, ready for modification from Lua. This is
where one might for example perform on the fly IP address renumbering.

In the release you can find powerdns-example-script.lua which contains a
working sample for both of the new hooks. This script can also be viewed on

Note: DO NOT TAKE THIS SCRIPT INTO PRODUCTION - it blacks out important

To get going without disturbing any existing nameservers on your computer,
compile the PowerDNS Recursor, and start like this:
 $ ./pdns_recursor --local-address= --local-port=5300 --daemon=no
   --socket-dir=./ --lua-dns-script=powerdns-example-script.lua 

Known defects are:
 postresolve() can't yet access the original dns rcode
 there is no way for nodata() to set the TTL to the SOA minimum value
  as specified by draft-ietf-behave-dns64

Please let us know your thoughts so we can make sure the API has everything
needed for great DNS64 and renumbering operations!

Kind regards,

Bert Hubert


  1. hi bert,

    i was able to set up a dns64 and nat64 (tayga) service in our corporate environment (testing ofcourse). i notice the pdns is unstable, and every few requests, it crashes:

    Feb 4 16:25:23 oak pdns_recursor[7456]: STL error: lua error in 'nodata': attempt to index a nil value
    Feb 4 16:25:23 oak kernel: [90754.002810] pdns_recursor[7458]: segfault at b789d000 ip b7652b16 sp 08db4d48 error 4 in[b75de000+140000]

    we usally use bind and windows dns in our environment, but the powerdns is the first one we tried. not sure whether we are going to keep it, but i thought you wanted to know this.

  2. same here:

    Oct 21 12:33:12 From Lua script: postresolve resolveName 1 pre
    Request from Lua to resolveName '', 1
    Result: 0
    Have 3 answers for Lua, rcode=0
    Oct 21 12:33:12 From Lua script: postresolve resolveName 1 post
    Oct 21 12:33:17 From Lua script: postresolve resolveName 2 pre
    Request from Lua to resolveName '', 1
    Oct 21 12:33:17 STL error: lua error in 'postresolve': attempt to index a nil value
    Segmentation fault