[Twisted-Python] Current twisted dns client just doesn't work
spam tam
kuchaspama at gmail.com
Fri Dec 11 08:30:30 MST 2020
Yes. I would like to replace ANY with A and AAAA requests.
I created pull request: https://github.com/twisted/twisted/pull/1488
It's an easy solution. I just request for A records and if A doesn't
provide IP I create AAAA request.
On Fri, Dec 11, 2020 at 6:03 PM Barry Scott <barry.scott at forcepoint.com>
wrote:
> On Friday, 11 December 2020 14:23:49 GMT spam tam wrote:
> > Dis you read the whole my email?
> > Did you read this:
> > https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/
> >
> > ANY is not supported by internet. Sometime works sometime not
>
> Oh I missed that. That is very interesting.
> Is that what you are trying to fix in twisted? The use of ANY?
>
> Barry
>
> >
> > Пт, 11 дек. 2020 г. в 12:26, Barry Scott <barry.scott at forcepoint.com>:
> >
> > > On Thursday, 10 December 2020 23:29:33 GMT spam tam wrote:
> > > > I would like to find problems with ANY. But I think that there is no
> > > > problem.
> > > > DNS servers don't provide standard response for ANY request. My local
> > > > machine doesn't provide correct response for request:
> > >
> > > So you need to fix your network infra not twisted right?
> > >
> > > Barry
> > >
> > >
> > > >
> > > > $ dig amazon.in any
> > > >
> > > > ; <<>> DiG 9.16.1-Ubuntu <<>> amazon.in any
> > > > ;; global options: +cmd
> > > > ;; connection timed out; no servers could be reached
> > > >
> > > > My VPS server provide such response:
> > > >
> > > > ; <<>> DiG 9.10.3-P4-Ubuntu <<>> amazon.in any
> > > > ;; global options: +cmd
> > > > ;; Got answer:
> > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54130
> > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> > > >
> > > > ;; OPT PSEUDOSECTION:
> > > > ; EDNS: version: 0, flags:; udp: 512
> > > > ;; QUESTION SECTION:
> > > > ;amazon.in. IN ANY
> > > >
> > > > ;; ANSWER SECTION:
> > > > amazon.in. 3599 IN HINFO "RFC8482" ""
> > > >
> > > > ;; Query time: 40 msec
> > > > ;; SERVER: 8.8.8.8#53(8.8.8.8)
> > > > ;; WHEN: Thu Dec 10 22:10:39 UTC 2020
> > > > ;; MSG SIZE rcvd: 59
> > > >
> > > > It sometimes provides another response. But the problem is that
> behaviour
> > > > with ANY is not stable.
> > > > The present and the future of ANY are hazy. Read more here:
> > > > https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/
> > > >
> > > > If you don't see the problem please provide your opinion. I would
> like to
> > > > find solution with ANY but it seems it is impossible.
> > > >
> > > > So what do you think?
> > > >
> > > > On Thu, Dec 10, 2020 at 8:30 PM Barry Scott <
> barry.scott at forcepoint.com>
> > > > wrote:
> > > >
> > > > > Answers to but your emails in line.
> > > > >
> > > > > I've added the twisted list back in so others can comment.
> > > > >
> > > > > On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> > > > > > As additional information you can check how operation system
> works
> > > with
> > > > > dns.
> > > > > > You can run
> > > > > >
> > > > > > *sudo tcpdump -i lo -v port 53*
> > > > > > as UDP local sniffer.
> > > > >
> > > > > Agreed great tool to debug this stuff with.
> > > > > And use wireshark to decode the output.
> > > > >
> > > > > > And run
> > > > > >
> > > > > > *dig google.com <http://google.com>*
> > > > > >
> > > > > > And you will see that it makes A request. Not ANY
> > > > >
> > > > > That is the dig default to use A. Use this to do a any query.
> > > > >
> > > > > dig google.com any
> > > > >
> > > > > I checked the man page to see if anything extra can be printed but
> it
> > > > > looks like
> > > > > the default is to print everything dig knows how to print. The
> options
> > > only
> > > > > remove output it seems.
> > > > >
> > > > > > On Wed, Dec 9, 2020 at 11:42 PM spam tam <kuchaspama at gmail.com>
> > > wrote:
> > > > > >
> > > > > > > Yes. You are correct. My local dns just is not stable. But try
> > > this:
> > > > > > >
> > > > > > > python3.8 dns_lookup6.py amazon.in
> > > > > > >
> > > > > > > It provides response:
> > > > > > >
> > > > > > > --- dnsLookupDone ([<RR name=amazon.in type=HINFO class=IN
> > > ttl=3599s
> > > > > > > auth=False>], [], [])
> > > > > > > --- dnsLookupDone RR <RR name=amazon.in type=HINFO class=IN
> > > ttl=3599s
> > > > > > > auth=False> type 13 payload <HINFO cpu='RFC8482' os=''
> ttl=3599>
> > > > > > >
> > > > > > > There are not CNAME, A, AAAA or NS records. This means that
> current
> > > > > > > twisted.names.common.extractRecord will not provide IP.
> > > > > > > What do you think about this? May be we should replace dns ANY
> > > request
> > > > > > > with A and AAAA?
> > > > >
> > > > > Now that is interesting because dig returns 54 lines of output
> from:
> > > > >
> > > > > dig amazon.in any
> > > > >
> > > > > (I won't paste the 54 lines).
> > > > >
> > > > > I good question is why did twisted not see that huge set of
> records?
> > > > >
> > > > > I'd want to understand why twisted is only seeing the HINFO and
> not all
> > > > > the other
> > > > > records. Fixing that would, I'm guessing, fix a lot of things.
> > > > >
> > > > > I'm not sure when I can look at this. Do you want to look at the
> > > packets
> > > > > that
> > > > > twisted sends and receives and compared to dig?
> > > > >
> > > > > Barry
> > > > >
> > > > >
> > > > >
> > > > > > >
> > > > > > > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <
> > > > > barry.scott at forcepoint.com>
> > > > > > > wrote:
> > > > > > > >
> > > > > > > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > > > > > > I continue to investigate the issue. I try to call your
> script
> > > like
> > > > > > > this:
> > > > > > > > >
> > > > > > > > > python dns_lookup6.py www.washingtonexaminer.com
> > > > > > > > >
> > > > > > > > > And get response:
> > > > > > > > > dnsLookupFailed <twisted.python.failure.Failure
> > > > > > > > > twisted.names.error.DNSServerError: <Message id=55958
> rCode=2
> > > > > > > > > maxSize=0 flags=answer,recDes,recAv
> > > > > > > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > > > > > > result.value.__dict__ {}
> > > > > > > > >
> > > > > > > > > Is that ok?
> > > > > > > > >
> > > > > > > > The output I get is this:
> > > > > > > >
> > > > > > > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > > > > > > Took: 0.029293
> > > > > > > > --- dnsLookupDone ([<RR name=www.washingtonexaminer.com
> > > type=CNAME
> > > > > > > class=IN ttl=37s auth=False>], [], [])
> > > > > > > > --- dnsLookupDone RR <RR name=www.washingtonexaminer.com
> > > type=CNAME
> > > > > > > class=IN ttl=37s auth=False> type 5 payload <CNAME name=
> > > > > > > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > > > > > > >
> > > > > > > > And this is the output of dig:
> > > > > > > >
> > > > > > > > $ dig www.washingtonexaminer.com
> > > > > > > >
> > > > > > > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>>
> > > > > www.washingtonexaminer.com
> > > > > > > > ;; global options: +cmd
> > > > > > > > ;; Got answer:
> > > > > > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > > > > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0,
> > > ADDITIONAL: 1
> > > > > > > >
> > > > > > > > ;; OPT PSEUDOSECTION:
> > > > > > > > ; EDNS: version: 0, flags:; udp: 4000
> > > > > > > > ;; QUESTION SECTION:
> > > > > > > > ;www.washingtonexaminer.com. IN A
> > > > > > > >
> > > > > > > > ;; ANSWER SECTION:
> > > > > > > > www.washingtonexaminer.com. 599 IN CNAME
> > > > > > > 4067e1ed38.10005.sucurifirewall.com.
> > > > > > > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A
> 192.124.249.5
> > > > > > > >
> > > > > > > > ;; Query time: 50 msec
> > > > > > > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > > > > > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > > > > > > ;; MSG SIZE rcvd: 117
> > > > > > > >
> > > > > > > > Barry
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > >
> > >
> >
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20201211/de5bed61/attachment-0001.htm>
More information about the Twisted-Python
mailing list