#  -*- text -*-
#
#
#  $Id: cf9cc6ba0951a10910bc5187ef8c389aaeb4c2a2 $

#######################################################################
#
#  = The DNS Virtual Server
#
#  The `dns` virtual server is an example of using `dns` style functionality in FreeRADIUS.
#
#  ## The Virtual Server
#
#  This is the `dns` virtual server.
#
#  It's not meant to be fast.  Don't use it as a root server, or as a server for an ISP
#  with millions of users.  But it should be able to do thousands to tens of thousands
#  of queries per second, without really trying hard.
#
#  It's meant to be a _flexible_ DNS server.  Want to give different answers to VoIP phones
#  and desktops, or other types of split horizon?  It can do that.
#
#  Because DNS uses the &Header.Rcode to communicate the result of a query (instead of opcode)
#  the DNS state machine works differently to other protocols.
#
#  Requests will pass through the following processing sections:
#  - A `recv { ... }` section matching the opcode. e.g. `recv Query { ... }`.  Query processing
#    and response formulation should be done here.
#    If this section returns anything other than `ok` or `updated`, a &reply.Header.Rcode value is
#    set.
#  - An `error { ... }` section matching &reply.Header.Rcode. e.g. `error Server-Fail { ... }`.
#    If the `recv { ... }` section produced a &reply.Header.Rcode value other than `No-Error`
#    and a `error { ... } section matching the &reply.Header.Rcode is provided, it is executed.
#    Error sections are intended only for simplifying logging, and as such, the rcode of the section is ignored.
#    Error sections can manipulate the reply, e.g. setting a new value for &reply.Header.Rcode, but
#    this will not cause additional `error { ... }` section to be executed.
#  - A `send { ... }` section matching the opcode. e.g. `send Query-Response { ... }`.  This can be
#    used for general massaging of the reply.  Return codes are ignored.
#
server dns {
	#
	#  namespace:: The protocol / dictionary to use.
	#
	namespace = dns

	listen {
		type = Query

		transport = udp

		#
		#  Dont use "port = 53" unless you want to break things
		#
		udp {
			ipaddr = *
			port = 53
		}
	}


recv Query {
	if (&Question[0].Name == 'foo.example.com') {
		&reply.Resource-Record := {
			&Name = 'foo.example.com'
			&Type = A
			&Class = ::Internet
			&TTL = 0
			&Type.A.IP = 127.0.0.1
		}
	}

	ok
}

send Query-Response {
	ok
}
}
