[Twisted-Python] Current twisted dns client just doesn't work

spam tam kuchaspama at gmail.com
Thu Dec 10 16:29:33 MST 2020 

I would like to find problems with ANY. But I think that there is no
problem.
DNS servers don't provide standard response for ANY request. My local
machine doesn't provide correct response for request:

$ dig amazon.in any

; <<>> DiG 9.16.1-Ubuntu <<>> amazon.in any
;; global options: +cmd
;; connection timed out; no servers could be reached

My VPS server provide such response:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> amazon.in any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54130
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;amazon.in.                     IN      ANY

;; ANSWER SECTION:
amazon.in.              3599    IN      HINFO   "RFC8482" ""

;; Query time: 40 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Dec 10 22:10:39 UTC 2020
;; MSG SIZE  rcvd: 59

It sometimes provides another response. But the problem is that behaviour
with ANY is not stable.
The present and the future of ANY are hazy. Read more here:
https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/

If you don't see the problem please provide your opinion. I would like to
find solution with ANY but it seems it is impossible.

So what do you think?

On Thu, Dec 10, 2020 at 8:30 PM Barry Scott <barry.scott at forcepoint.com>
wrote:

> Answers to but your emails in line.
>
> I've added the twisted list back in so others can comment.
>
> On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> > As additional information you can check how operation system works with
> dns.
> > You can run
> >
> > *sudo tcpdump -i lo -v port 53*
> > as UDP local sniffer.
>
> Agreed great tool to debug this stuff with.
> And use wireshark to decode the output.
>
> > And run
> >
> > *dig google.com <http://google.com>*
> >
> > And you will see that it makes A request. Not ANY
>
> That is the dig default to use A. Use this to do a any query.
>
>    dig google.com any
>
> I checked the man page to see if anything extra can be printed but it
> looks like
> the default is to print everything dig knows how to print. The options only
> remove output it seems.
>
> > On Wed, Dec 9, 2020 at 11:42 PM spam tam <kuchaspama at gmail.com> wrote:
> >
> > > Yes. You are correct. My local dns just is not stable. But try this:
> > >
> > > python3.8 dns_lookup6.py amazon.in
> > >
> > > It provides response:
> > >
> > > --- dnsLookupDone ([<RR name=amazon.in type=HINFO class=IN ttl=3599s
> > > auth=False>], [], [])
> > > --- dnsLookupDone RR <RR name=amazon.in type=HINFO class=IN ttl=3599s
> > > auth=False> type 13 payload <HINFO cpu='RFC8482' os='' ttl=3599>
> > >
> > > There are not CNAME, A, AAAA or NS records. This means that current
> > > twisted.names.common.extractRecord will not provide IP.
> > > What do you think about this? May be we should replace dns ANY request
> > > with A and AAAA?
>
> Now that is interesting because dig returns 54 lines of output from:
>
>    dig amazon.in any
>
> (I won't paste the 54 lines).
>
> I good question is why did twisted not see that huge set of records?
>
> I'd want to understand why twisted is only seeing the HINFO and not all
> the other
> records. Fixing that would, I'm guessing, fix a lot of things.
>
> I'm not sure when I can look at this. Do you want to look at the packets
> that
> twisted sends and receives and compared to dig?
>
> Barry
>
>
>
> > >
> > > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <
> barry.scott at forcepoint.com>
> > > wrote:
> > > >
> > > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > > I continue to investigate the issue. I try to call your script like
> > > this:
> > > > >
> > > > > python dns_lookup6.py www.washingtonexaminer.com
> > > > >
> > > > > And get response:
> > > > > dnsLookupFailed <twisted.python.failure.Failure
> > > > > twisted.names.error.DNSServerError: <Message id=55958 rCode=2
> > > > > maxSize=0 flags=answer,recDes,recAv
> > > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > > result.value.__dict__ {}
> > > > >
> > > > > Is that ok?
> > > > >
> > > > The output I get is this:
> > > >
> > > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > > Took: 0.029293
> > > > --- dnsLookupDone ([<RR name=www.washingtonexaminer.com type=CNAME
> > > class=IN ttl=37s auth=False>], [], [])
> > > > --- dnsLookupDone RR <RR name=www.washingtonexaminer.com type=CNAME
> > > class=IN ttl=37s auth=False> type 5 payload <CNAME name=
> > > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > > >
> > > > And this is the output of dig:
> > > >
> > > > $ dig www.washingtonexaminer.com
> > > >
> > > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>>
> www.washingtonexaminer.com
> > > > ;; global options: +cmd
> > > > ;; Got answer:
> > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > > >
> > > > ;; OPT PSEUDOSECTION:
> > > > ; EDNS: version: 0, flags:; udp: 4000
> > > > ;; QUESTION SECTION:
> > > > ;www.washingtonexaminer.com.    IN      A
> > > >
> > > > ;; ANSWER SECTION:
> > > > www.washingtonexaminer.com. 599 IN      CNAME
> > > 4067e1ed38.10005.sucurifirewall.com.
> > > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A  192.124.249.5
> > > >
> > > > ;; Query time: 50 msec
> > > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > > ;; MSG SIZE  rcvd: 117
> > > >
> > > > Barry
> > > >
> > > >
> > > >
> > >
> >
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20201211/975a33ef/attachment.htm>

More information about the Twisted-Python mailing list