Getting API error 422 {"error": "Name '$c-record6.us1.sysops.io.' contains unsupported characters"}

[chavan-dinesh]

• Program: Authoritative, Recursor, dnsdist
• Issue type: Feature request

Short description

Not able to create record with special character in the beginning of name field. I can see * at the beginning works as per https://github.com/tuxis-ie/nsedit/issues/77 also , it adds this record using pdnsutil , but using API calls it fails.

pdnsutil add-record us1.sysops.io "\$c-record6" A 1.2.2.2 New rrset: $c-record6.us1.sysops.io. 3600 IN A 1.2.2.2

Usecase

Adding a record starting with $ , % , #, * should be able to add.

Description

curl -v -X PATCH -H 'X-API-Key: XXXXX' --data @us1.dctest.io.json http://X.X.X:8081/api/v1/servers/localhost/zones/us1.sysops.io should return success

cat us1.dctest.io.json

{
"rrsets": [
  {
    "comments": [],
    "name": "$c-record6.us1.sysops.io.",
    "type": "A",
    "ttl": 3600,
    "changetype": "REPLACE",
    "records": [
      {
        "content": "1.2.2.2",
        "disabled": false
      },
      {
        "content": "3.4.4.4",
        "disabled": false
      }
    ]
  }
]
}

[Habbie]

The API is stricter than pdnsutil on purpose, to prevent users from making mistakes. Can you explain the usecase for these records?

[chavan-dinesh]

Hello @Habbie .. Our users are allowed to use below PSV (Preconfigured Selectable Values) , wherein they can transform record name and also switch between enabled / disabled for change in values of record. For this we are using terraform provider for powerDNS , which fires API I mentioned in previous comment and failing due to strict checking for special character.

Let me know if you still need more information.

dc-record4:
    type: A-MULTI
    ttl: 30
    active: disabled
    options:  
      disabled:
        transform:
          first_char: "%"
        values:
          - 2.2.2.2
          - 4.4.4.4
      enabled:
        transform:
          first_char: "$"
        values:
          - 1.1.1.1
          - 2.2.2.2

[Habbie]

This makes about 70% sense to me (which is a good start), got any direct pointers to relevant docs?

[chavan-dinesh]

@Habbie First of all Thanks for your quick response! Really appreciate it!

This is application specific functionality that we rely on using Bind (where we can use the % or $ characters). We'd like to move some of that functionality to PowerDNS.

In our app, we register what could be considered as "standby" records which are prefixed with a % sign, in the event the primary SRV/A records do not respond, we query for the standby records.

[Habbie]

in BIND I assume this means you disabled some of the default checks?

[Habbie]

When you say "we query", what exactly queries for it? What DNS client library?

[chavan-dinesh]

in BIND I assume this means you disabled some of the default checks?

we use a fairly standard Bind configuration, no checks specifically disabled.

[chavan-dinesh]

When you say "we query", what exactly queries for it? What DNS client library?

It's Java application which does query. Not sure about client library getting used for this, need to check.

[chavan-dinesh]

@Habbie Any update on this feature ?

[Habbie]

@Habbie Any update on this feature ?

no

[Habbie]

(if you are in a rush, you might be interested in engaging us commercially: https://www.open-xchange.com/about-ox/contact-us/dns-solutions/ )