[Twisted-Python] Current twisted dns client just doesn't work
spam tam
kuchaspama at gmail.com
Fri Dec 11 07:23:49 MST 2020
Dis you read the whole my email?
Did you read this:
https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/
ANY is not supported by internet. Sometime works sometime not
Пт, 11 дек. 2020 г. в 12:26, Barry Scott <barry.scott at forcepoint.com>:
> On Thursday, 10 December 2020 23:29:33 GMT spam tam wrote:
> > I would like to find problems with ANY. But I think that there is no
> > problem.
> > DNS servers don't provide standard response for ANY request. My local
> > machine doesn't provide correct response for request:
>
> So you need to fix your network infra not twisted right?
>
> Barry
>
>
> >
> > $ dig amazon.in any
> >
> > ; <<>> DiG 9.16.1-Ubuntu <<>> amazon.in any
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
> >
> > My VPS server provide such response:
> >
> > ; <<>> DiG 9.10.3-P4-Ubuntu <<>> amazon.in any
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54130
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> >
> > ;; OPT PSEUDOSECTION:
> > ; EDNS: version: 0, flags:; udp: 512
> > ;; QUESTION SECTION:
> > ;amazon.in. IN ANY
> >
> > ;; ANSWER SECTION:
> > amazon.in. 3599 IN HINFO "RFC8482" ""
> >
> > ;; Query time: 40 msec
> > ;; SERVER: 8.8.8.8#53(8.8.8.8)
> > ;; WHEN: Thu Dec 10 22:10:39 UTC 2020
> > ;; MSG SIZE rcvd: 59
> >
> > It sometimes provides another response. But the problem is that behaviour
> > with ANY is not stable.
> > The present and the future of ANY are hazy. Read more here:
> > https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/
> >
> > If you don't see the problem please provide your opinion. I would like to
> > find solution with ANY but it seems it is impossible.
> >
> > So what do you think?
> >
> > On Thu, Dec 10, 2020 at 8:30 PM Barry Scott <barry.scott at forcepoint.com>
> > wrote:
> >
> > > Answers to but your emails in line.
> > >
> > > I've added the twisted list back in so others can comment.
> > >
> > > On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> > > > As additional information you can check how operation system works
> with
> > > dns.
> > > > You can run
> > > >
> > > > *sudo tcpdump -i lo -v port 53*
> > > > as UDP local sniffer.
> > >
> > > Agreed great tool to debug this stuff with.
> > > And use wireshark to decode the output.
> > >
> > > > And run
> > > >
> > > > *dig google.com <http://google.com>*
> > > >
> > > > And you will see that it makes A request. Not ANY
> > >
> > > That is the dig default to use A. Use this to do a any query.
> > >
> > > dig google.com any
> > >
> > > I checked the man page to see if anything extra can be printed but it
> > > looks like
> > > the default is to print everything dig knows how to print. The options
> only
> > > remove output it seems.
> > >
> > > > On Wed, Dec 9, 2020 at 11:42 PM spam tam <kuchaspama at gmail.com>
> wrote:
> > > >
> > > > > Yes. You are correct. My local dns just is not stable. But try
> this:
> > > > >
> > > > > python3.8 dns_lookup6.py amazon.in
> > > > >
> > > > > It provides response:
> > > > >
> > > > > --- dnsLookupDone ([<RR name=amazon.in type=HINFO class=IN
> ttl=3599s
> > > > > auth=False>], [], [])
> > > > > --- dnsLookupDone RR <RR name=amazon.in type=HINFO class=IN
> ttl=3599s
> > > > > auth=False> type 13 payload <HINFO cpu='RFC8482' os='' ttl=3599>
> > > > >
> > > > > There are not CNAME, A, AAAA or NS records. This means that current
> > > > > twisted.names.common.extractRecord will not provide IP.
> > > > > What do you think about this? May be we should replace dns ANY
> request
> > > > > with A and AAAA?
> > >
> > > Now that is interesting because dig returns 54 lines of output from:
> > >
> > > dig amazon.in any
> > >
> > > (I won't paste the 54 lines).
> > >
> > > I good question is why did twisted not see that huge set of records?
> > >
> > > I'd want to understand why twisted is only seeing the HINFO and not all
> > > the other
> > > records. Fixing that would, I'm guessing, fix a lot of things.
> > >
> > > I'm not sure when I can look at this. Do you want to look at the
> packets
> > > that
> > > twisted sends and receives and compared to dig?
> > >
> > > Barry
> > >
> > >
> > >
> > > > >
> > > > > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <
> > > barry.scott at forcepoint.com>
> > > > > wrote:
> > > > > >
> > > > > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > > > > I continue to investigate the issue. I try to call your script
> like
> > > > > this:
> > > > > > >
> > > > > > > python dns_lookup6.py www.washingtonexaminer.com
> > > > > > >
> > > > > > > And get response:
> > > > > > > dnsLookupFailed <twisted.python.failure.Failure
> > > > > > > twisted.names.error.DNSServerError: <Message id=55958 rCode=2
> > > > > > > maxSize=0 flags=answer,recDes,recAv
> > > > > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > > > > result.value.__dict__ {}
> > > > > > >
> > > > > > > Is that ok?
> > > > > > >
> > > > > > The output I get is this:
> > > > > >
> > > > > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > > > > Took: 0.029293
> > > > > > --- dnsLookupDone ([<RR name=www.washingtonexaminer.com
> type=CNAME
> > > > > class=IN ttl=37s auth=False>], [], [])
> > > > > > --- dnsLookupDone RR <RR name=www.washingtonexaminer.com
> type=CNAME
> > > > > class=IN ttl=37s auth=False> type 5 payload <CNAME name=
> > > > > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > > > > >
> > > > > > And this is the output of dig:
> > > > > >
> > > > > > $ dig www.washingtonexaminer.com
> > > > > >
> > > > > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>>
> > > www.washingtonexaminer.com
> > > > > > ;; global options: +cmd
> > > > > > ;; Got answer:
> > > > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0,
> ADDITIONAL: 1
> > > > > >
> > > > > > ;; OPT PSEUDOSECTION:
> > > > > > ; EDNS: version: 0, flags:; udp: 4000
> > > > > > ;; QUESTION SECTION:
> > > > > > ;www.washingtonexaminer.com. IN A
> > > > > >
> > > > > > ;; ANSWER SECTION:
> > > > > > www.washingtonexaminer.com. 599 IN CNAME
> > > > > 4067e1ed38.10005.sucurifirewall.com.
> > > > > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A 192.124.249.5
> > > > > >
> > > > > > ;; Query time: 50 msec
> > > > > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > > > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > > > > ;; MSG SIZE rcvd: 117
> > > > > >
> > > > > > Barry
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > >
> > >
> >
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20201211/b99b8525/attachment-0001.htm>
More information about the Twisted-Python
mailing list