Append a Hard-coded Text Tuple into Additional Section of "dig" Feature
Jun Xiang X Tee
jtee at purdue.edu
Wed Jun 15 20:12:06 UTC 2016
Dear Kevin,
Thank you for your reply! I wish to include some random information about a domain. I think your suggestion is great. I will look more on how to create an experimental record type. Do you mind to point me to an existing post about how to create it? Thanks!
Regards,
Jun Xiang Tee
________________________________
From: bind-users-bounces at lists.isc.org <bind-users-bounces at lists.isc.org> on behalf of Darcy Kevin (FCA) <kevin.darcy at fcagroup.com>
Sent: Wednesday, June 15, 2016 3:05:08 PM
To: bind-users at lists.isc.org
Subject: RE: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature
That's not really consistent with the DNS standards, and will break if you have intermediate caching servers. Why? Because of this clause from RFC 2181:
Unauthenticated RRs received and cached from the least trustworthy of
those groupings, that is data from the additional data section, and
data from the authority section of a non-authoritative answer, should
not be cached in such a way that they would ever be returned as
answers to a received query.
It'll also, irrespective of caching, break DNSSEC.
What information are you trying to "piggyback" on responses to regular queries? If it's a point-to-point thing, then create your own experimental record type, or EDNS option (you already indicated you were willing to do modifications of the BIND code and/or client-resolver code) in order to provide a "channel" for this data between the client and its closest resolver. If it's an end-to-end thing, understand that the authoritative nameservers "own" one end of that transaction, and any attempts to manipulate the flow via an intermediate device, reduces the integrity and trustworthiness of the data, making it look like forgery, and possibly to the point where it gets rejected.
- Kevin
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Jun Xiang X Tee
Sent: Wednesday, June 15, 2016 2:43 PM
To: bind-users at lists.isc.org
Subject: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature
Dear members,
This is my first time posting a question to the mailing list. I am not sure whether I should post my technical question to this list or not. If it is not, I apologize for any inconvenience caused.
When I query for "google.com", the additional section returned is:
;; ADDITIONAL SECTION:
ns1.google.com. 200487 IN A 216.239.32.10
ns2.google.com. 197774 IN A 216.239.34.10
ns3.google.com. 246981 IN A 216.239.36.10
ns4.google.com. 193728 IN A 216.239.38.10
I wish to append a hard-coded text tuple into end of the section. An example after the change is:
;; ADDITIONAL SECTION:
ns1.google.com. 200487 IN A 216.239.32.10
ns2.google.com. 197774 IN A 216.239.34.10
ns3.google.com. 246981 IN A 216.239.36.10
ns4.google.com. 193728 IN A 216.239.38.10
google.com 123456 IN TXT "some information that I want to include"
I have searched through the code base for several days, but do not find a good place to start with. Any suggestion? I am currently examining "resolver.c" and "lookup.c" files. Thanks!
Regards,
Jun Xiang Tee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160615/0c81e0ff/attachment.html>
More information about the bind-users
mailing list