[Twisted-Python] Current twisted dns client just doesn't work

Barry Scott barry.scott at forcepoint.com
Fri Dec 11 02:25:53 MST 2020


On Thursday, 10 December 2020 23:29:33 GMT spam tam wrote:
> I would like to find problems with ANY. But I think that there is no
> problem.
> DNS servers don't provide standard response for ANY request. My local
> machine doesn't provide correct response for request:

So you need to fix your network infra not twisted right?

Barry


> 
> $ dig amazon.in any
> 
> ; <<>> DiG 9.16.1-Ubuntu <<>> amazon.in any
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> My VPS server provide such response:
> 
> ; <<>> DiG 9.10.3-P4-Ubuntu <<>> amazon.in any
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54130
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;amazon.in.                     IN      ANY
> 
> ;; ANSWER SECTION:
> amazon.in.              3599    IN      HINFO   "RFC8482" ""
> 
> ;; Query time: 40 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Thu Dec 10 22:10:39 UTC 2020
> ;; MSG SIZE  rcvd: 59
> 
> It sometimes provides another response. But the problem is that behaviour
> with ANY is not stable.
> The present and the future of ANY are hazy. Read more here:
> https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/
> 
> If you don't see the problem please provide your opinion. I would like to
> find solution with ANY but it seems it is impossible.
> 
> So what do you think?
> 
> On Thu, Dec 10, 2020 at 8:30 PM Barry Scott <barry.scott at forcepoint.com>
> wrote:
> 
> > Answers to but your emails in line.
> >
> > I've added the twisted list back in so others can comment.
> >
> > On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> > > As additional information you can check how operation system works with
> > dns.
> > > You can run
> > >
> > > *sudo tcpdump -i lo -v port 53*
> > > as UDP local sniffer.
> >
> > Agreed great tool to debug this stuff with.
> > And use wireshark to decode the output.
> >
> > > And run
> > >
> > > *dig google.com <http://google.com>*
> > >
> > > And you will see that it makes A request. Not ANY
> >
> > That is the dig default to use A. Use this to do a any query.
> >
> >    dig google.com any
> >
> > I checked the man page to see if anything extra can be printed but it
> > looks like
> > the default is to print everything dig knows how to print. The options only
> > remove output it seems.
> >
> > > On Wed, Dec 9, 2020 at 11:42 PM spam tam <kuchaspama at gmail.com> wrote:
> > >
> > > > Yes. You are correct. My local dns just is not stable. But try this:
> > > >
> > > > python3.8 dns_lookup6.py amazon.in
> > > >
> > > > It provides response:
> > > >
> > > > --- dnsLookupDone ([<RR name=amazon.in type=HINFO class=IN ttl=3599s
> > > > auth=False>], [], [])
> > > > --- dnsLookupDone RR <RR name=amazon.in type=HINFO class=IN ttl=3599s
> > > > auth=False> type 13 payload <HINFO cpu='RFC8482' os='' ttl=3599>
> > > >
> > > > There are not CNAME, A, AAAA or NS records. This means that current
> > > > twisted.names.common.extractRecord will not provide IP.
> > > > What do you think about this? May be we should replace dns ANY request
> > > > with A and AAAA?
> >
> > Now that is interesting because dig returns 54 lines of output from:
> >
> >    dig amazon.in any
> >
> > (I won't paste the 54 lines).
> >
> > I good question is why did twisted not see that huge set of records?
> >
> > I'd want to understand why twisted is only seeing the HINFO and not all
> > the other
> > records. Fixing that would, I'm guessing, fix a lot of things.
> >
> > I'm not sure when I can look at this. Do you want to look at the packets
> > that
> > twisted sends and receives and compared to dig?
> >
> > Barry
> >
> >
> >
> > > >
> > > > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <
> > barry.scott at forcepoint.com>
> > > > wrote:
> > > > >
> > > > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > > > I continue to investigate the issue. I try to call your script like
> > > > this:
> > > > > >
> > > > > > python dns_lookup6.py www.washingtonexaminer.com
> > > > > >
> > > > > > And get response:
> > > > > > dnsLookupFailed <twisted.python.failure.Failure
> > > > > > twisted.names.error.DNSServerError: <Message id=55958 rCode=2
> > > > > > maxSize=0 flags=answer,recDes,recAv
> > > > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > > > result.value.__dict__ {}
> > > > > >
> > > > > > Is that ok?
> > > > > >
> > > > > The output I get is this:
> > > > >
> > > > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > > > Took: 0.029293
> > > > > --- dnsLookupDone ([<RR name=www.washingtonexaminer.com type=CNAME
> > > > class=IN ttl=37s auth=False>], [], [])
> > > > > --- dnsLookupDone RR <RR name=www.washingtonexaminer.com type=CNAME
> > > > class=IN ttl=37s auth=False> type 5 payload <CNAME name=
> > > > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > > > >
> > > > > And this is the output of dig:
> > > > >
> > > > > $ dig www.washingtonexaminer.com
> > > > >
> > > > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>>
> > www.washingtonexaminer.com
> > > > > ;; global options: +cmd
> > > > > ;; Got answer:
> > > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > > > >
> > > > > ;; OPT PSEUDOSECTION:
> > > > > ; EDNS: version: 0, flags:; udp: 4000
> > > > > ;; QUESTION SECTION:
> > > > > ;www.washingtonexaminer.com.    IN      A
> > > > >
> > > > > ;; ANSWER SECTION:
> > > > > www.washingtonexaminer.com. 599 IN      CNAME
> > > > 4067e1ed38.10005.sucurifirewall.com.
> > > > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A  192.124.249.5
> > > > >
> > > > > ;; Query time: 50 msec
> > > > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > > > ;; MSG SIZE  rcvd: 117
> > > > >
> > > > > Barry
> > > > >
> > > > >
> > > > >
> > > >
> > >
> >
> >
> >
> >
> >
> 






More information about the Twisted-Python mailing list