Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access client subnet in question #3

Open
aaronpeterson opened this issue Aug 6, 2019 · 3 comments
Open

Access client subnet in question #3

aaronpeterson opened this issue Aug 6, 2019 · 3 comments

Comments

@aaronpeterson
Copy link

Using example query in dig 9.1+

dig @localhost -p 5300 example.com +subnet=208.67.222.0/24

Wondering if there is a way to do this without passing the datagram into something like dns-packet

Very cool and thanks!
@zbjornson
Copy link
Member

I'm not certain, but the flags required to work with EDNS0 are available, so I think you could construct a client subnet option manually and still use this library. If you're interested in that, let me know and I can try to work out an example.

@aaronpeterson
Copy link
Author

Thanks for the response. I am still trying to figure out where these flags are or would be using this package. This is the only package I've found that allows me to successfully return an answer. That part works; however, digging through the ServerRequest has proven quite difficult.

All I can find in request is req.additional which doesn't have the subnet just an empty buffer.

The test I'm using is simple:

dig @localhost -p 5300 example.com +subnet=208.67.222.0/24

Decoding the raw dgram query myself (with mafintosh/dns-packet) works but with this package I can't seem to figure out where the raw incoming message is.

@aaronpeterson aaronpeterson reopened this Aug 21, 2020
zbjornson added a commit that referenced this issue Aug 22, 2020
@zbjornson
Fix rest() parsing
e88cc12 
This was slicing off a zero-length buffer.

Test with `dig @localhost -p 53 example.com +subnet=192.168.100.0/24` -> `00 08 00 07 00 01 18 00 c0 a8 64`

Ref #3
@zbjornson
Copy link
Member

This is the first I've looked at EDNS, and I'm only going off of RFCs, so bear with me please.

Can you try the branch zb/3 (with the commit e88cc12) please? With that branch, the dig example you gave yields an additional RR with

MessageRR {
    name: '.',
    type: 41,
    class: 4096,
    ttl: 0,
    rdata: [ <Buffer 00 08 00 07 00 01 18 00 d0 43 de> ]
}

which decodes (RFC 7871 section 6) to

  • OPTION-CODE 0x00 0x08
  • OPTION-LENGTH 0x00 0x07
  • FAMILY 0x00 0x01 (IPv4)
  • SOURCE PREFIX-LENGTH 0x18 (24 bits)
  • SCOPE PREFIX-LENGTH 0x00
  • ADDRESS 0xd0 0x43 0xde (208.67.222)

Which looks right to me, although it's not in a very friendly format. I see mafintosh/dns-packet decodes this.

By the way, I haven't had use for this library recently, so I haven't looked into making it support some important features like DNSSEC, EDNS, DNS-over-TLS and TCP fallback. Depending on how hard those are, I might look instead at a wasm build of a C DNS library. I'm confused how libbind-6, netresolv and bind9 relate now. In fossies I see "libbind provides the standard UNIX resolver library. Originally written for BIND 8, it was included in BIND 9 as optionally-compiled code through release 9.5 but is now provided as a separate package. At present, NetBSD maintains libbind code, now known as 'netresolv'."

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zbjornson @aaronpeterson