I'm trying to make pnds-recursor resolve a host name to a different A record when the query comes from the internal network (as this will be routed through VPN then).
For that I've set up a LUA script which is implementing a preresolve function:
pdnslog("pdns-recursor Lua script starting!", pdns.loglevels.Warning)
function preresolve(dq)
if dq.qtype == pdns.A
then
if dq.qname:equal("<host.to.resolve>")
then
dq.rcode=0 -- make it a normal answer
netMask = newNMG()
netMask:addMask("172.28.0.0/14")
netMask:addMask("xxxx:xxx:5:f1:0:0:0:0/64")
if netMask:match(dq.remoteaddr)
then
dq:addAnswer(pdns.A, "<internal IP>")
else
dq:addAnswer(pdns.A, "<public IP>")
end
return true
end
end
return false
end
Now the weird thing: For some client which come from 192.168.23.x this works, for others, it returns the internal IP although the remote IP of the client is not within the ranges specified above.
Anyone has a clue why it is not working as expected?
Thanks
Ok, indeed the option
in recursor.conf did the trick. Just in case someone else has a similar problem.