[ldns-users] Ldns responses

Petr Mensik pemensik at redhat.com
Tue Oct 9 08:54:55 UTC 2018


Hi Harish,

more below.

On 09/21/2018 06:11 PM, Harish Holenarsipura Viswanatha wrote:
> Hello Wouter,
> 
> Thank you for the reply.
> I have another doubt , does unbound resolver be integrated with LDNS server
> and return DNS responses to a query in wire format ?
I think wire format can be obtained for example from Wireshark or
tcpdump. Right-click on packet in Wireshark, select Copy, Bytes, Hex stream.

It is actually the other way around, part of ldns is integrated into
unbound server. LDNS has no real server, just an example ldns-testns.
Ldns used to be used by unbound, but it has only some parts of code in
current versions. Check sldns folder in unbound sources.
> 
> Thanks
> Harish Holenarsipura Viswanatha
> Contact No: +12132453716
> https://www.linkedin.com/in/harishhv-usc
> 
> 
> 
> On Fri, Sep 21, 2018 at 12:54 AM Wouter Wijngaards <wouter at nlnetlabs.nl>
> wrote:
> 
>> Hi Harish,
>>
>>
>> Not really.  In ldns there are functions to find information, like
>> ldns_dnssec_zone_find_rrset that finds by name and rrset type in the
>> information and that could be useful (depending on what you need).
>>
>> But unbound has libunbound, and it can return responses to a function
>> call, and recent unbound versions have the auth-zone functionality.  This
>> can be used to create a libunbound instance that returns authority zone
>> responses for a query from zone file contents.  Right now that needs the
>> libunbound call to read a unbound.conf file, that contains an auth-zone
>> directive, with a zonefile pointed at where you want it.  And with
>> for-downstream: yes specified; that makes it return authority responses to
>> the libunbound calls, without that it would return recursive responses.
>>
>> If you then want to put that DNS response on the wire, and not do
>> something else with it, then there are authority DNS servers that do the
>> whole thing (a bit obvious, but I thought I would mention it), like NSD and
>> unbound with auth-zone configured.
>>
>> If the something else you want to do just means change a couple of names,
>> then unbound's local-data is in front of the auth-zone, and would be
>> processed first.  It can do some things, eg. return that data instead.
>>
>> Best regards, Wouter
>>
>> On 20/09/18 18:58, Harish Holenarsipura Viswanatha wrote:
>>
>> Hi,
>>
>> Is there away to generate DNS response  for a particular query from the
>> zone file contents.
>>
>> Thanks
>> Harish
>>
>>
>> _______________________________________________
>> ldns-users mailing listldns-users at nlnetlabs.nlhttps://open.nlnetlabs.nl/mailman/listinfo/ldns-users <https://urldefense.proofpoint.com/v2/url?u=https-3A__open.nlnetlabs.nl_mailman_listinfo_ldns-2Dusers&d=DwMDaQ&c=clK7kQUTWtAVEOVIgvi0NU5BOUHhpN0H8p7CSfnc_gI&r=mI_VoarRNHFnhitvUZnW1w&m=hzQjjXNFOW3bT5bgYZBUi4P_DiMaq6p_kPykvkZ2AnU&s=jjKKlSJ5rTSzsAF9xjxUuos5AHThT5MD86YZGcML3KI&e=>
>>
>>
>> _______________________________________________
>> ldns-users mailing list
>> ldns-users at nlnetlabs.nl
>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__open.nlnetlabs.nl_mailman_listinfo_ldns-2Dusers&d=DwICAg&c=clK7kQUTWtAVEOVIgvi0NU5BOUHhpN0H8p7CSfnc_gI&r=mI_VoarRNHFnhitvUZnW1w&m=hzQjjXNFOW3bT5bgYZBUi4P_DiMaq6p_kPykvkZ2AnU&s=jjKKlSJ5rTSzsAF9xjxUuos5AHThT5MD86YZGcML3KI&e=
>>
> 
> 
> 
> _______________________________________________
> ldns-users mailing list
> ldns-users at nlnetlabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users
> 

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com  PGP: 65C6C973



More information about the ldns-users mailing list