[getdns-users] Using EDNS and ECS in Getdns query

Willem Toorop willem at nlnetlabs.nl
Tue Mar 2 15:06:22 UTC 2021


Op 01-03-2021 om 10:58 schreef supraja sridhar:
> Thanks Willem. Does the option code 12 stand for ENDS ?

No it's padding (see:
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-11),
like 8 is for edns-client-subnet. You asked about sending a string along
an ECS option, so I though padding might me good as an example.

> And in tht
> option data in extensions_str can I have a string (for eg- "1,2,3,4") ?

Yes, you can for example put content in the padding option (or your own
custom option) defined by a string, but beware to escape the '"'
character then. So, in the .c like this:

const char *extensions_str =
    "{ header: { rd: 0 }"
    ", add_opt_parameters: { options: [ { option_code: 8 }"
                                    " , { option_code: 12    "
                                    "   , option_data: \"1,2,3,4\" }"
                                    " ] } }";

-- Willem

> 
> On Fri, Feb 26, 2021 at 3:26 PM Willem Toorop <willem at nlnetlabs.nl
> <mailto:willem at nlnetlabs.nl>> wrote:
> 
>     Hi Supraja,
> 
>     Here is an example of a query sending a ECS option (containing
>     185.49.140.0/22 <http://185.49.140.0/22>), a NSID option and a
>     Client Cookie to an authoritative
>     server. Because it is an authoritative server, the Recursion Desired bit
>     is set to 0.
> 
>     getdns_query -s @216.239.32.10 <http://216.239.32.10> '{
>         header: { rd: 0 }
>       , add_opt_parameters:
>         { options: [ { option_code: 3
>                      , option_data: "" }
>                    , { option_code: 8
>                      , option_data: 0x00011600B9318C }
>                    ]
>         }
>       }' o-o.myaddr.l.google.com <http://o-o.myaddr.l.google.com>. TXT
>     +edns_cookies
> 
>     This authoritative (which is one of Google's b.t.w.) does not respond to
>     the NSID and COOKIE option, but it does return the ECS option in a
>     TXT RR:
> 
>     {
>       "answer_type": GETDNS_NAMETYPE_DNS,
>       "canonical_name": <bindata for o-o.myaddr.l.google.com
>     <http://o-o.myaddr.l.google.com>.>,
>       "replies_full":
>       [
>          <bindata of 0x0c4384000001000200000001036f2d6f...>
>       ],
>       "replies_tree":
>       [
>         {
>           "additional":
>           [
>             {
>               "do": 0,
>               "extended_rcode": 0,
>               "rdata":
>               {
>                 "options":
>                 [
>                   {
>                     "option_code": 8,
>                     "option_data": <bindata of 0x00011616b9318c>
>                   }
>                 ],
>                 "rdata_raw": <bindata of 0x0008000700011616b9318c>
>               },
>               "type": GETDNS_RRTYPE_OPT,
>               "udp_payload_size": 512,
>               "version": 0,
>               "z": 0
>             }
>           ],
>           "answer":
>           [
>             {
>               "class": GETDNS_RRCLASS_IN,
>               "name": <bindata for o-o.myaddr.l.google.com
>     <http://o-o.myaddr.l.google.com>.>,
>               "rdata":
>               {
>                 "rdata_raw": <bindata of 0x0d3138352e34392e3134312e3237>,
>                 "txt_strings":
>                 [
>                    <bindata of "185.49.141.27">
>                 ]
>               },
>               "ttl": 60,
>               "type": GETDNS_RRTYPE_TXT
>             },
>             {
>               "class": GETDNS_RRCLASS_IN,
>               "name": <bindata for o-o.myaddr.l.google.com
>     <http://o-o.myaddr.l.google.com>.>,
>               "rdata":
>               {
>                 "rdata_raw": <bindata of
>     0x2365646e73302d636c69656e742d7375...>,
>                 "txt_strings":
>                 [
>                    <bindata of "edns0-client-subnet 185.49.140.0"...>
>                 ]
>               },
>               "ttl": 60,
>               "type": GETDNS_RRTYPE_TXT
>             }
>           ],
>           "answer_type": GETDNS_NAMETYPE_DNS,
>           "authority": [],
>           "canonical_name": <bindata for o-o.myaddr.l.google.com
>     <http://o-o.myaddr.l.google.com>.>,
>           "header":
>           {
>             "aa": 1,
>             "ad": 0,
>             "ancount": 2,
>             "arcount": 1,
>             "cd": 0,
>             "id": 3139,
>             "nscount": 0,
>             "opcode": GETDNS_OPCODE_QUERY,
>             "qdcount": 1,
>             "qr": 1,
>             "ra": 0,
>             "rcode": GETDNS_RCODE_NOERROR,
>             "rd": 0,
>             "tc": 0,
>             "z": 0
>           },
>           "question":
>           {
>             "qclass": GETDNS_RRCLASS_IN,
>             "qname": <bindata for o-o.myaddr.l.google.com
>     <http://o-o.myaddr.l.google.com>.>,
>             "qtype": GETDNS_RRTYPE_TXT
>           }
>         }
>       ],
>       "status": GETDNS_RESPSTATUS_GOOD
>     }
> 
>     Does this help you further?
> 
>     Cheers,
> 
>     -- Willem
> 
>     Op 24-02-2021 om 19:49 schreef supraja sridhar via Users:
>     > Hi,
>     >
>     > I want to send ECS and a string in the EDNS field to a DNS resolver
>     > using a Getdns query.
>     >
>     > Following are the steps I am following to implement the same - 
>     >
>     > A dict for opt parameters.
>     > A list for options.
>     > A dict for the ECS option and another one EDNS. 
>     > Set the ECS options at index 0 in the options list and EDNS in the
>     > options list at index 1.
>     >
>     > But I see neither the ECS nor the EDNS option being set. It would be
>     > helpful if someone can share an example snippet to achieve the same.
>     >
>     > Thanks,
>     > Supraja
>     >
>     > _______________________________________________
>     > Users mailing list
>     > Users at lists.getdnsapi.net <mailto:Users at lists.getdnsapi.net>
>     > https://lists.getdnsapi.net/mailman/listinfo/users
>     <https://lists.getdnsapi.net/mailman/listinfo/users>
>     >
> 
> 
> 
> -- 
> Regards,
> S.SUPRAJA
> MIT


More information about the Users mailing list