[Twisted-Python] Current twisted dns client just doesn't work
Barry Scott
barry.scott at forcepoint.com
Thu Dec 10 10:30:05 MST 2020
Answers to but your emails in line.
I've added the twisted list back in so others can comment.
On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> As additional information you can check how operation system works with dns.
> You can run
>
> *sudo tcpdump -i lo -v port 53*
> as UDP local sniffer.
Agreed great tool to debug this stuff with.
And use wireshark to decode the output.
> And run
>
> *dig google.com <http://google.com>*
>
> And you will see that it makes A request. Not ANY
That is the dig default to use A. Use this to do a any query.
dig google.com any
I checked the man page to see if anything extra can be printed but it looks like
the default is to print everything dig knows how to print. The options only
remove output it seems.
> On Wed, Dec 9, 2020 at 11:42 PM spam tam <kuchaspama at gmail.com> wrote:
>
> > Yes. You are correct. My local dns just is not stable. But try this:
> >
> > python3.8 dns_lookup6.py amazon.in
> >
> > It provides response:
> >
> > --- dnsLookupDone ([<RR name=amazon.in type=HINFO class=IN ttl=3599s
> > auth=False>], [], [])
> > --- dnsLookupDone RR <RR name=amazon.in type=HINFO class=IN ttl=3599s
> > auth=False> type 13 payload <HINFO cpu='RFC8482' os='' ttl=3599>
> >
> > There are not CNAME, A, AAAA or NS records. This means that current
> > twisted.names.common.extractRecord will not provide IP.
> > What do you think about this? May be we should replace dns ANY request
> > with A and AAAA?
Now that is interesting because dig returns 54 lines of output from:
dig amazon.in any
(I won't paste the 54 lines).
I good question is why did twisted not see that huge set of records?
I'd want to understand why twisted is only seeing the HINFO and not all the other
records. Fixing that would, I'm guessing, fix a lot of things.
I'm not sure when I can look at this. Do you want to look at the packets that
twisted sends and receives and compared to dig?
Barry
> >
> > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <barry.scott at forcepoint.com>
> > wrote:
> > >
> > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > I continue to investigate the issue. I try to call your script like
> > this:
> > > >
> > > > python dns_lookup6.py www.washingtonexaminer.com
> > > >
> > > > And get response:
> > > > dnsLookupFailed <twisted.python.failure.Failure
> > > > twisted.names.error.DNSServerError: <Message id=55958 rCode=2
> > > > maxSize=0 flags=answer,recDes,recAv
> > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > result.value.__dict__ {}
> > > >
> > > > Is that ok?
> > > >
> > > The output I get is this:
> > >
> > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > Took: 0.029293
> > > --- dnsLookupDone ([<RR name=www.washingtonexaminer.com type=CNAME
> > class=IN ttl=37s auth=False>], [], [])
> > > --- dnsLookupDone RR <RR name=www.washingtonexaminer.com type=CNAME
> > class=IN ttl=37s auth=False> type 5 payload <CNAME name=
> > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > >
> > > And this is the output of dig:
> > >
> > > $ dig www.washingtonexaminer.com
> > >
> > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>> www.washingtonexaminer.com
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > >
> > > ;; OPT PSEUDOSECTION:
> > > ; EDNS: version: 0, flags:; udp: 4000
> > > ;; QUESTION SECTION:
> > > ;www.washingtonexaminer.com. IN A
> > >
> > > ;; ANSWER SECTION:
> > > www.washingtonexaminer.com. 599 IN CNAME
> > 4067e1ed38.10005.sucurifirewall.com.
> > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A 192.124.249.5
> > >
> > > ;; Query time: 50 msec
> > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > ;; MSG SIZE rcvd: 117
> > >
> > > Barry
> > >
> > >
> > >
> >
>
More information about the Twisted-Python
mailing list