This is a drop-in replacement for Prosodys internal DNS library.
Merged
These modules have been merged into Prosody and these installation steps will no longer be needed after the 0.12 release.
Why use it
This module can be used with mod_s2s_auth_dane
to support secure delegation and for DANE.
DNS commands in the prosody telnet console will also show DNSSEC status.
Downloading
TBD pending repository split.
Dependencies
luaunbound can be installed using LuaRocks
luarocks install luaunbound
Alternatively, LuaJIT is used, a FFI version can be used:
luarocks install luaunbound-ffi
Building
./squish.sh > use_unbound.lua
Installation
Put
use_unbound.lua
in/etc/prosody
or where yourprosody.cfg.lua
lives.In the global section of your
prosody.cfg.lua
, add the following:RunScript “use_unbound.lua”
Then start Prosody.
If you have debug logging enabled, you should see logs from ‘unbound’ about lookups performed.
Configuration
The defaults should be sane, but should you wish to override them you can set options like this:
unbound = {
resolvconf = "/etc/resolv.conf";
trustfile = "/usr/share/dns/root.ds";
}
See luaunbound documentation for more info.
Modules
net.unbound
- API-compatible with prosodys
net.adns
DNS library. util.dns
- DNS parsing library.
util.dns API
The most interesting part of util.dns
is probably the RR parsers, available in the parsers
table on the module. For example, to parse an A record, dns.parsers.A(data)
returns a formatted IPv4 address. Parsers return either a string for simple types or a table for more complicated types, such as SOA, MX or SRV.
- The
classes
,types
,errors
andparams
tables map various DNS parameters to string names. classes
andtypes
map integer types to names and vice versa.errors
maps thercode
integer to an abbreviated error name, and that name to a friendlier message.- Finally,
params
contain symbolic names for some record types.