[bind10-dev] hooks in recursive server processing

Stephen Morris stephen at isc.org
Fri Jan 21 11:24:24 UTC 2011

On 21 Jan 2011, at 00:45, Jerry Scharf wrote:

> In response to the comment of "adding their own code." One subtle point of this is it would be best if the work could be done externally to the auth or recursive modules. That way a set of binary modules for the basic server could remain unchanged and have the alternate query processing added by starting a new module and doing some config changes. (It can work that way in my fantasy world, reality is often a different matter.)

The more general case allows the simple addition of processing at various points in the code.  For example, the case given was to examine the received packet before the resolver starts processing it.  Another callout could be to examine the answer before it is sent back.  And it might be useful to have callouts to examine queries sent to authoritative servers before they are sent and to inspect the responses.

For performance reasons, I don't think these could be done by external modules.  The way I was thinking of would be to load a dynamic library at run-time.  So we supply a default library in the distribution directory, each function comprising nothing more than a return statement.  This is loaded at run-time unless a configuration option is set, in which case we load a user-supplied one.  (As Michal pointed out, we might want to enable this feature by a compile-time option to avoid the overhead of calling empty functions.)

(And if there are problems with BIND, one of the first things Support does is to check if there is an external library.  If there is, the standing instruction is for the customer to reset the option and run again with the default library.  If the problem goes away, then the customer's code is at fault and it's their problem :-)


More information about the bind10-dev mailing list