From charles.hubbard at edgeintelligence.com Thu Sep 20 15:30:49 2018 From: charles.hubbard at edgeintelligence.com (Charles Hubbard) Date: Thu, 20 Sep 2018 16:30:49 +0100 Subject: [ldns-users] TTL Parsing Message-ID: Hi, I noticed that the TTL is defined as a signed int32 https://www.ietf.org/rfc/rfc1035.txt but as an unsigned int32 by ldns. Is this a bug? Thanks Charlie -------------- next part -------------- An HTML attachment was scrubbed... URL: From charles.hubbard at edgeintelligence.com Thu Sep 20 15:50:51 2018 From: charles.hubbard at edgeintelligence.com (Charles Hubbard) Date: Thu, 20 Sep 2018 16:50:51 +0100 Subject: [ldns-users] TTL Parsing In-Reply-To: References: Message-ID: Thanks Tony, that's very helpful. Charlie On Thu, Sep 20, 2018 at 4:44 PM, Tony Finch wrote: > Charles Hubbard wrote: > > > > I noticed that the TTL is defined as a signed int32 > > https://www.ietf.org/rfc/rfc1035.txt > > but as an unsigned int32 by ldns. > > > > Is this a bug? > > RFC 2181 says it is a bug in RFC 1035 :-) > > https://tools.ietf.org/html/rfc2181#section-8 > > The definition of values appropriate to the TTL field in STD 13 is > not as clear as it could be, with respect to how many significant > bits exist, and whether the value is signed or unsigned. It is > hereby specified that a TTL value is an unsigned number, with a > minimum value of 0, and a maximum value of 2147483647. That is, a > maximum of 2^31 - 1. When transmitted, this value shall be encoded > in the less significant 31 bits of the 32 bit TTL field, with the > most significant, or sign, bit set to zero. > > Implementations should treat TTL values received with the most > significant bit set as if the entire value received was zero. > > Tony. > -- > f.anthony.n.finch http://dotat.at/ > Rockall, Malin: West, veering northwest, 5 to 7, increasing gale 8 at > times. > Rough or very rough, occasionally moderate in Malin. Squally showers. > Moderate > or good. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dot at dotat.at Thu Sep 20 15:44:34 2018 From: dot at dotat.at (Tony Finch) Date: Thu, 20 Sep 2018 16:44:34 +0100 Subject: [ldns-users] TTL Parsing In-Reply-To: References: Message-ID: Charles Hubbard wrote: > > I noticed that the TTL is defined as a signed int32 > https://www.ietf.org/rfc/rfc1035.txt > but as an unsigned int32 by ldns. > > Is this a bug? RFC 2181 says it is a bug in RFC 1035 :-) https://tools.ietf.org/html/rfc2181#section-8 The definition of values appropriate to the TTL field in STD 13 is not as clear as it could be, with respect to how many significant bits exist, and whether the value is signed or unsigned. It is hereby specified that a TTL value is an unsigned number, with a minimum value of 0, and a maximum value of 2147483647. That is, a maximum of 2^31 - 1. When transmitted, this value shall be encoded in the less significant 31 bits of the 32 bit TTL field, with the most significant, or sign, bit set to zero. Implementations should treat TTL values received with the most significant bit set as if the entire value received was zero. Tony. -- f.anthony.n.finch http://dotat.at/ Rockall, Malin: West, veering northwest, 5 to 7, increasing gale 8 at times. Rough or very rough, occasionally moderate in Malin. Squally showers. Moderate or good. From holenars at usc.edu Thu Sep 20 16:58:46 2018 From: holenars at usc.edu (Harish Holenarsipura Viswanatha) Date: Thu, 20 Sep 2018 09:58:46 -0700 Subject: [ldns-users] Ldns responses Message-ID: Hi, Is there away to generate DNS response for a particular query from the zone file contents. Thanks Harish -------------- next part -------------- An HTML attachment was scrubbed... URL: From wouter at nlnetlabs.nl Fri Sep 21 07:54:24 2018 From: wouter at nlnetlabs.nl (Wouter Wijngaards) Date: Fri, 21 Sep 2018 09:54:24 +0200 Subject: [ldns-users] Ldns responses In-Reply-To: References: Message-ID: <5f9fb0f0-8fe8-1f90-f5c5-8c41670aa5d6@nlnetlabs.nl> Hi Harish, Not really.? In ldns there are functions to find information, like ldns_dnssec_zone_find_rrset that finds by name and rrset type in the information and that could be useful (depending on what you need). But unbound has libunbound, and it can return responses to a function call, and recent unbound versions have the auth-zone functionality.? This can be used to create a libunbound instance that returns authority zone responses for a query from zone file contents.? Right now that needs the libunbound call to read a unbound.conf file, that contains an auth-zone directive, with a zonefile pointed at where you want it.? And with for-downstream: yes specified; that makes it return authority responses to the libunbound calls, without that it would return recursive responses. If you then want to put that DNS response on the wire, and not do something else with it, then there are authority DNS servers that do the whole thing (a bit obvious, but I thought I would mention it), like NSD and unbound with auth-zone configured. If the something else you want to do just means change a couple of names, then unbound's local-data is in front of the auth-zone, and would be processed first.? It can do some things, eg. return that data instead. Best regards, Wouter On 20/09/18 18:58, Harish Holenarsipura Viswanatha wrote: > Hi,? > > Is there away to generate DNS response? for a particular query from > the zone file contents.? > > Thanks > Harish? > > > _______________________________________________ > ldns-users mailing list > ldns-users at nlnetlabs.nl > https://open.nlnetlabs.nl/mailman/listinfo/ldns-users -------------- next part -------------- An HTML attachment was scrubbed... URL: From holenars at usc.edu Fri Sep 21 16:11:48 2018 From: holenars at usc.edu (Harish Holenarsipura Viswanatha) Date: Fri, 21 Sep 2018 09:11:48 -0700 Subject: [ldns-users] Ldns responses In-Reply-To: <5f9fb0f0-8fe8-1f90-f5c5-8c41670aa5d6@nlnetlabs.nl> References: <5f9fb0f0-8fe8-1f90-f5c5-8c41670aa5d6@nlnetlabs.nl> Message-ID: Hello Wouter, Thank you for the reply. I have another doubt , does unbound resolver be integrated with LDNS server and return DNS responses to a query in wire format ? Thanks Harish Holenarsipura Viswanatha Contact No: +12132453716 https://www.linkedin.com/in/harishhv-usc On Fri, Sep 21, 2018 at 12:54 AM Wouter Wijngaards wrote: > Hi Harish, > > > Not really. In ldns there are functions to find information, like > ldns_dnssec_zone_find_rrset that finds by name and rrset type in the > information and that could be useful (depending on what you need). > > But unbound has libunbound, and it can return responses to a function > call, and recent unbound versions have the auth-zone functionality. This > can be used to create a libunbound instance that returns authority zone > responses for a query from zone file contents. Right now that needs the > libunbound call to read a unbound.conf file, that contains an auth-zone > directive, with a zonefile pointed at where you want it. And with > for-downstream: yes specified; that makes it return authority responses to > the libunbound calls, without that it would return recursive responses. > > If you then want to put that DNS response on the wire, and not do > something else with it, then there are authority DNS servers that do the > whole thing (a bit obvious, but I thought I would mention it), like NSD and > unbound with auth-zone configured. > > If the something else you want to do just means change a couple of names, > then unbound's local-data is in front of the auth-zone, and would be > processed first. It can do some things, eg. return that data instead. > > Best regards, Wouter > > On 20/09/18 18:58, Harish Holenarsipura Viswanatha wrote: > > Hi, > > Is there away to generate DNS response for a particular query from the > zone file contents. > > Thanks > Harish > > > _______________________________________________ > ldns-users mailing listldns-users at nlnetlabs.nlhttps://open.nlnetlabs.nl/mailman/listinfo/ldns-users > > > _______________________________________________ > ldns-users mailing list > ldns-users at nlnetlabs.nl > > https://urldefense.proofpoint.com/v2/url?u=https-3A__open.nlnetlabs.nl_mailman_listinfo_ldns-2Dusers&d=DwICAg&c=clK7kQUTWtAVEOVIgvi0NU5BOUHhpN0H8p7CSfnc_gI&r=mI_VoarRNHFnhitvUZnW1w&m=hzQjjXNFOW3bT5bgYZBUi4P_DiMaq6p_kPykvkZ2AnU&s=jjKKlSJ5rTSzsAF9xjxUuos5AHThT5MD86YZGcML3KI&e= > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wouter at nlnetlabs.nl Mon Sep 24 07:14:14 2018 From: wouter at nlnetlabs.nl (Wouter Wijngaards) Date: Mon, 24 Sep 2018 09:14:14 +0200 Subject: [ldns-users] Ldns responses In-Reply-To: References: <5f9fb0f0-8fe8-1f90-f5c5-8c41670aa5d6@nlnetlabs.nl> Message-ID: <65637064-27f3-1889-b92d-7f46cb37bce8@nlnetlabs.nl> Hi Harish, On 9/21/18 6:11 PM, Harish Holenarsipura Viswanatha wrote: > Hello Wouter, > > Thank you for the reply. Of course. The unbound library returns also the query in wire format in the returned structure. That could be used by ldns library functions in some way. Best regards, Wouter > I have another doubt , does unbound resolver be integrated with LDNS > server and return DNS responses to a query in wire format ? > > Thanks? > Harish Holenarsipura Viswanatha > Contact No: +12132453716 > https://www.linkedin.com/in/harishhv-usc > > > > On Fri, Sep 21, 2018 at 12:54 AM Wouter Wijngaards > wrote: > > Hi Harish, > > > Not really.? In ldns there are functions to find information, like > ldns_dnssec_zone_find_rrset that finds by name and rrset type in the > information and that could be useful (depending on what you need). > > But unbound has libunbound, and it can return responses to a > function call, and recent unbound versions have the auth-zone > functionality.? This can be used to create a libunbound instance > that returns authority zone responses for a query from zone file > contents.? Right now that needs the libunbound call to read a > unbound.conf file, that contains an auth-zone directive, with a > zonefile pointed at where you want it.? And with for-downstream: yes > specified; that makes it return authority responses to the > libunbound calls, without that it would return recursive responses. > > If you then want to put that DNS response on the wire, and not do > something else with it, then there are authority DNS servers that do > the whole thing (a bit obvious, but I thought I would mention it), > like NSD and unbound with auth-zone configured. > > If the something else you want to do just means change a couple of > names, then unbound's local-data is in front of the auth-zone, and > would be processed first.? It can do some things, eg. return that > data instead. > > Best regards, Wouter > > > On 20/09/18 18:58, Harish Holenarsipura Viswanatha wrote: >> Hi,? >> >> Is there away to generate DNS response? for a particular query >> from the zone file contents.? >> >> Thanks >> Harish? >> >> >> _______________________________________________ >> ldns-users mailing list >> ldns-users at nlnetlabs.nl >> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users > > _______________________________________________ > ldns-users mailing list > ldns-users at nlnetlabs.nl > https://urldefense.proofpoint.com/v2/url?u=https-3A__open.nlnetlabs.nl_mailman_listinfo_ldns-2Dusers&d=DwICAg&c=clK7kQUTWtAVEOVIgvi0NU5BOUHhpN0H8p7CSfnc_gI&r=mI_VoarRNHFnhitvUZnW1w&m=hzQjjXNFOW3bT5bgYZBUi4P_DiMaq6p_kPykvkZ2AnU&s=jjKKlSJ5rTSzsAF9xjxUuos5AHThT5MD86YZGcML3KI&e= > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: