Menu
▾
▴
dnsjava-users — The dnsjava mailing list
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(5) |
Feb
(1) |
Mar
(7) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
(5) |
Oct
(6) |
Nov
(4) |
Dec
|
| 2003 |
Jan
(2) |
Feb
(2) |
Mar
|
Apr
(5) |
May
(5) |
Jun
(1) |
Jul
|
Aug
(2) |
Sep
(1) |
Oct
(3) |
Nov
(2) |
Dec
|
| 2004 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
|
| 2005 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(6) |
Aug
(2) |
Sep
|
Oct
(3) |
Nov
(13) |
Dec
|
| 2006 |
Jan
(3) |
Feb
(3) |
Mar
(4) |
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
(1) |
Oct
(6) |
Nov
|
Dec
|
| 2007 |
Jan
|
Feb
|
Mar
(2) |
Apr
(4) |
May
|
Jun
(3) |
Jul
(6) |
Aug
(2) |
Sep
|
Oct
|
Nov
(3) |
Dec
|
| 2008 |
Jan
(2) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
(9) |
Sep
(5) |
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
|
Feb
(2) |
Mar
|
Apr
|
May
(13) |
Jun
(7) |
Jul
(2) |
Aug
(2) |
Sep
(2) |
Oct
(2) |
Nov
(3) |
Dec
(1) |
| 2010 |
Jan
|
Feb
|
Mar
(5) |
Apr
|
May
|
Jun
|
Jul
(7) |
Aug
|
Sep
(2) |
Oct
|
Nov
(12) |
Dec
(3) |
| 2011 |
Jan
|
Feb
|
Mar
(7) |
Apr
|
May
(8) |
Jun
(6) |
Jul
|
Aug
|
Sep
(11) |
Oct
(8) |
Nov
(3) |
Dec
(2) |
| 2012 |
Jan
(9) |
Feb
(3) |
Mar
(5) |
Apr
|
May
|
Jun
|
Jul
|
Aug
(9) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2013 |
Jan
|
Feb
(3) |
Mar
(6) |
Apr
|
May
(8) |
Jun
|
Jul
(5) |
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(5) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
(1) |
Nov
(1) |
Dec
(2) |
| 2018 |
Jan
|
Feb
(3) |
Mar
(4) |
Apr
|
May
|
Jun
(2) |
Jul
(5) |
Aug
|
Sep
(4) |
Oct
(2) |
Nov
(1) |
Dec
(2) |
| 2019 |
Jan
(2) |
Feb
(4) |
Mar
(4) |
Apr
|
May
(8) |
Jun
(3) |
Jul
|
Aug
(1) |
Sep
(3) |
Oct
(1) |
Nov
|
Dec
(2) |
| 2020 |
Jan
(4) |
Feb
|
Mar
(2) |
Apr
(1) |
May
(6) |
Jun
(3) |
Jul
(2) |
Aug
(1) |
Sep
(3) |
Oct
|
Nov
(3) |
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2024 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Brian W. <bwe...@xb...> - 2009-05-06 21:21:19
|
On Wed, 6 May 2009, Eman wrote: > So I have dnsjava working just fine but I can't seem to replace a host with a > dynamic address.. here is my code > > [snip] > > This is the output I get (assuming blah works..) > > > www.blah.com. 176400 IN A X.X.X.X > 2009-05-06 13:39:28,192 [main] INFO - BEFORE X.X.X.X > java.net.ConnectException: Connection refused Your problem is that you're sending the update to the wrong place, hence the Connection Refused. > I guess I don't understand what Message response = res.send(update); is > doing and how that updates the resolving of the hostname? Can someone > enlighten me? It's sending the update to the DNS server, so that the DNS server can return the new data next time it's asked. You're not sending it to the DNS server, so it's not working. Brian |
|
From: Eman <and...@gm...> - 2009-05-06 19:46:50
|
So I have dnsjava working just fine but I can't seem to replace a host with a
dynamic address.. here is my code
[code]
Lookup lookup = new Lookup(HOST, Type.ANY);
for (Record record : lookup.run()){
System.out.println(record);
}
LOGGER.info("BEFORE
"+InetAddress.getByName("www.blah.com").getHostAddress() );
Name zone = Name.fromString("com.blah.");
Name host = Name.fromString("host", zone);
Update update = new Update(zone);
update.replace(host, Type.A, 3600, IP);
Resolver res = new SimpleResolver("10.0.0.1");
res.setTSIGKey(new TSIG(host, base64.fromString("1234")));
res.setTCP(true);
54 Message response = res.send(update);
lookup = new Lookup("www.blah.com", Type.ANY);
for (Record record : lookup.run()){
System.out.println(record);
}
LOGGER.info("AFTER
"+InetAddress.getByName("www.blah.com").getHostAddress() );
[/code]
This is the output I get (assuming blah works..)
www.blah.com. 176400 IN A X.X.X.X
2009-05-06 13:39:28,192 [main] INFO - BEFORE X.X.X.X
java.net.ConnectException: Connection refused
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:574)
at org.xbill.DNS.TCPClient.connect(TCPClient.java:30)
at org.xbill.DNS.TCPClient.sendrecv(TCPClient.java:118)
at org.xbill.DNS.SimpleResolver.send(SimpleResolver.java:253)
at com.blah.test(EricTest.java:54)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.junit.internal.runners.TestMethod.invoke(TestMethod.java:59)
at
org.junit.internal.runners.MethodRoadie.runTestMethod(MethodRoadie.java:98)
at org.junit.internal.runners.MethodRoadie$2.run(MethodRoadie.java:79)
at
org.junit.internal.runners.MethodRoadie.runBeforesThenTestThenAfters(MethodRoadie.java:87)
at org.junit.internal.runners.MethodRoadie.runTest(MethodRoadie.java:77)
at org.junit.internal.runners.MethodRoadie.run(MethodRoadie.java:42)
at
org.junit.internal.runners.JUnit4ClassRunner.invokeTestMethod(JUnit4ClassRunner.java:88)
at
org.junit.internal.runners.JUnit4ClassRunner.runMethods(JUnit4ClassRunner.java:51)
at
org.junit.internal.runners.JUnit4ClassRunner$1.run(JUnit4ClassRunner.java:44)
at
org.junit.internal.runners.ClassRoadie.runUnprotected(ClassRoadie.java:27)
at org.junit.internal.runners.ClassRoadie.runProtected(ClassRoadie.java:37)
at
org.junit.internal.runners.JUnit4ClassRunner.run(JUnit4ClassRunner.java:42)
at
org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:45)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
I guess I don't understand what Message response = res.send(update); is
doing and how that updates the resolving of the hostname? Can someone
enlighten me?
--
View this message in context: http://www.nabble.com/example-replace-address-for-host-not-working...-tp23414092p23414092.html
Sent from the dnsjava-users mailing list archive at Nabble.com.
|
|
From: Brian W. <bwe...@xb...> - 2009-02-12 22:38:09
|
On Thu, 12 Feb 2009, Luis Silva wrote: > Hi all, > I'm facing a problem regarding the Cache. While doing iterative queries one > of the external servers returns in the answer the list of nameservers with > no additional A Records information. My application receives that > information and adds it on the cache. The problem is that I need to consult > that nameservers. So I start a new lookup searching for the A record of the > nameservers. I search the cache and the detects a referral because I add the > nameservers with no A record. This is causing a loop. Do you have a solution > for this problem? Shouldn't the cache validates if the name searched in the > cache is the same as the target of the ns records returned by the cache. Any > alternative? Thanks in advance. Without seeing specifics, it's hard to tell, but I don't see what the problem is. If you're looking up a name in the cache and it's returning a referral, then your application (assuming it's trying to be more intelligent than a stub resolver) should attempt to resolve the addresses of the nameservers before attempting to make any more progress. Brian |
|
From: Luis S. <lui...@gm...> - 2009-02-12 16:43:31
|
Hi all, I'm facing a problem regarding the Cache. While doing iterative queries one of the external servers returns in the answer the list of nameservers with no additional A Records information. My application receives that information and adds it on the cache. The problem is that I need to consult that nameservers. So I start a new lookup searching for the A record of the nameservers. I search the cache and the detects a referral because I add the nameservers with no A record. This is causing a loop. Do you have a solution for this problem? Shouldn't the cache validates if the name searched in the cache is the same as the target of the ns records returned by the cache. Any alternative? Thanks in advance. Kind Regards Luis |
|
From: Brian W. <bwe...@xb...> - 2008-09-01 17:36:50
|
On Mon, 1 Sep 2008, Luis Silva wrote: > You are responding to my first or second email? I'm responding to the text that I quoted. > Regarding the first I think that it might help insert the negative element > inside the SetResponse. Regarding the second, the ttl value must be the > minimum value and not the ttl value from the soa record. Adding the SOA record to the NXDOMAIN/NXRRSET SetResponse sounds reasonable, but I believe that any server code using the SetResponse can deal with TTL issues itself. If you want to send a patch to implement the first part, you can. Otherwise I might implement it at some point, but I don't expect to have any time to work on dnsjava for a few weeks. Brian |
|
From: Luis S. <lui...@gm...> - 2008-09-01 17:30:20
|
You are responding to my first or second email?
Regarding the first I think that it might help insert the negative element
inside the SetResponse. Regarding the second, the ttl value must be the
minimum value and not the ttl value from the soa record.
Kind Regards,
Luis
On Mon, Sep 1, 2008 at 6:23 PM, Brian Wellington <bwe...@xb...> wrote:
> On Mon, 1 Sep 2008, Luis Silva wrote:
>
> Hi!
>> Sorry for this last email since I noticed that in this cases you case the
>> negative element with the soa record. But I also noticed that you used the
>> ttl value from the soa record instead of the minimum. According with the
>> rfc
>> 2308 it says that the minimum value is used in these situations:
>>
>> "The remaining of the current meanings, of being the TTL to be used
>> for negative responses, is the new defined meaning of the SOA minimum
>> field."
>>
>> you see the opposite in the addNegative method in Cache.java:
>>
>> addNegative(Name name, *int* type, SOARecord soa, *int* cred) {
>> *long* ttl = 0;
>> *if* (soa != *null*)
>> ttl = soa.getTTL();
>> ...
>> }
>> Do you agree?
>>
>
> I don't see a problem here. The cache is caching the records as
> transmitted, which looks fine. If a caching server is planning to use the
> records from the cache, it might need to do additional work, just as any
> other caching server would do.
>
> Brian
>
|
|
From: Brian W. <bwe...@xb...> - 2008-09-01 17:23:57
|
On Mon, 1 Sep 2008, Luis Silva wrote:
> Hi!
> Sorry for this last email since I noticed that in this cases you case the
> negative element with the soa record. But I also noticed that you used the
> ttl value from the soa record instead of the minimum. According with the rfc
> 2308 it says that the minimum value is used in these situations:
>
> "The remaining of the current meanings, of being the TTL to be used
> for negative responses, is the new defined meaning of the SOA minimum
> field."
>
> you see the opposite in the addNegative method in Cache.java:
>
> addNegative(Name name, *int* type, SOARecord soa, *int* cred) {
> *long* ttl = 0;
> *if* (soa != *null*)
> ttl = soa.getTTL();
> ...
> }
> Do you agree?
I don't see a problem here. The cache is caching the records as
transmitted, which looks fine. If a caching server is planning to use the
records from the cache, it might need to do additional work, just as any
other caching server would do.
Brian
|
|
From: Luis S. <lui...@gm...> - 2008-09-01 17:17:00
|
Hi!
Sorry for this last email since I noticed that in this cases you case the
negative element with the soa record. But I also noticed that you used the
ttl value from the soa record instead of the minimum. According with the rfc
2308 it says that the minimum value is used in these situations:
"The remaining of the current meanings, of being the TTL to be used
for negative responses, is the new defined meaning of the SOA minimum
field."
you see the opposite in the addNegative method in Cache.java:
addNegative(Name name, *int* type, SOARecord soa, *int* cred) {
*long* ttl = 0;
*if* (soa != *null*)
ttl = soa.getTTL();
...
}
Do you agree?
On Mon, Sep 1, 2008 at 12:24 PM, Luis Silva <lui...@gm...> wrote:
> Hi all!
> When sending NXDOMAIN and NXRRSET from a nameserver to a client, the
> response, in the authoritive section, might contain the SOA record of the
> authoritive zone. Using the dnsjava Cache, when looking for this records,
> the SetResponse will not contain this Record. Is this feature planned to be
> implemented or you just search again for the SOA record if you want to send
> it in the response?
>
> Kind Regards,
> Luis
>
|
|
From: Luis S. <lui...@gm...> - 2008-09-01 11:24:20
|
Hi all! When sending NXDOMAIN and NXRRSET from a nameserver to a client, the response, in the authoritive section, might contain the SOA record of the authoritive zone. Using the dnsjava Cache, when looking for this records, the SetResponse will not contain this Record. Is this feature planned to be implemented or you just search again for the SOA record if you want to send it in the response? Kind Regards, Luis |
|
From: Luis S. <lui...@gm...> - 2008-08-21 08:51:28
|
Now I think everything is ok.
Regards,
Luis
On Thu, Aug 21, 2008 at 12:20 AM, Brian Wellington <bwe...@xb...>wrote:
> On Wed, 20 Aug 2008, Brian Wellington wrote:
>
> On Wed, 20 Aug 2008, Luis Silva wrote:
>>
>> 2 - You added this: "if (rcode == Rcode.NXDOMAIN) {"
>>> This way you are not treating the NODATA cases. They are considered
>>> referrals
>>>
>>
>> Good catch. I'll try and come up with a more correct fix.
>>
>
> Unless I'm missing something (which is possible), changing:
>
> if (soa != null || ns == null) {
>
> to
>
> if (rcode == Rcode.NXDOMAIN || soa != null || ns == null)
>
> should be sufficient, to catch a Type 4 NXDOMAIN response. Assuming it's
> correct, I have no problem with forgetting about the other changes and just
> committing this.
>
> Brian
>
|
|
From: Brian W. <bwe...@xb...> - 2008-08-20 23:20:06
|
On Wed, 20 Aug 2008, Brian Wellington wrote:
> On Wed, 20 Aug 2008, Luis Silva wrote:
>
>> 2 - You added this: "if (rcode == Rcode.NXDOMAIN) {"
>> This way you are not treating the NODATA cases. They are considered
>> referrals
>
> Good catch. I'll try and come up with a more correct fix.
Unless I'm missing something (which is possible), changing:
if (soa != null || ns == null) {
to
if (rcode == Rcode.NXDOMAIN || soa != null || ns == null)
should be sufficient, to catch a Type 4 NXDOMAIN response. Assuming it's
correct, I have no problem with forgetting about the other changes and
just committing this.
Brian
|
|
From: Brian W. <bwe...@xb...> - 2008-08-20 16:52:11
|
On Wed, 20 Aug 2008, Luis Silva wrote:
> Hi again,
> After a better look I think I found this issues:
>
> 1 - You added this: "if (rcode == Rcode.NOERROR &&"
> I don't think this is necessary since in case of a NXDOMAIN error there is
> not going to be records in the answer section, with the exception of the
> CNAME records and the DNAME (I think...).
I believe this part is correct. The intent was that if there are records
in the answer section of an NXDOMAIN, we don't want them to be treated as
an answer. This won't affect CNAME/DNAME answers, as it's also checking
"(type == qtype || qtype == Type.ANY)".
> 2 - You added this: "if (rcode == Rcode.NXDOMAIN) {"
> This way you are not treating the NODATA cases. They are considered
> referrals
Good catch. I'll try and come up with a more correct fix.
Brian
|
|
From: Luis S. <lui...@gm...> - 2008-08-20 11:09:37
|
Hi again,
After a better look I think I found this issues:
1 - You added this: "if (rcode == Rcode.NOERROR &&"
I don't think this is necessary since in case of a NXDOMAIN error there is
not going to be records in the answer section, with the exception of the
CNAME records and the DNAME (I think...).
2 - You added this: "if (rcode == Rcode.NXDOMAIN) {"
This way you are not treating the NODATA cases. They are considered
referrals
Regards
Luis
On Wed, Aug 20, 2008 at 11:50 AM, Luis Silva <lui...@gm...> wrote:
> My first impression is that everything is ok. Thanks for the quick reply.
>
> Kind Regards
> Luis
>
> On Tue, Aug 19, 2008 at 8:17 PM, Brian Wellington <bwe...@xb...>wrote:
>
>> On Tue, 19 Aug 2008, Luis Silva wrote:
>>
>> :) Ok sorry for this. The problem is that I sent this email first and got
>>> an
>>> error and forgot to format the second time. I'm sending you the code in
>>> attached.
>>>
>>
>> OK. I think you're correct that a type 4 NXDOMAIN could be cached
>> incorrectly. Does the patch below look correct?
>>
>> Brian
>>
>> Index: org/xbill/DNS/Cache.java
>> ===================================================================
>> RCS file: /cvsroot/dnsjava/dnsjava/org/xbill/DNS/Cache.java,v
>> retrieving revision 1.116
>> diff -u -r1.116 Cache.java
>> --- org/xbill/DNS/Cache.java 5 Dec 2006 01:05:06 -0000 1.116
>> +++ org/xbill/DNS/Cache.java 19 Aug 2008 19:16:56 -0000
>> @@ -628,7 +628,8 @@
>> int type = answers[i].getType();
>> Name name = answers[i].getName();
>> cred = getCred(Section.ANSWER, isAuth);
>> - if ((type == qtype || qtype == Type.ANY) &&
>> + if (rcode == Rcode.NOERROR &&
>> + (type == qtype || qtype == Type.ANY) &&
>> name.equals(curname))
>> {
>> addRRset(answers[i], cred);
>> @@ -679,14 +680,13 @@
>> }
>> if (!completed) {
>> /* This is a negative response or a referral. */
>> - int cachetype = (rcode == Rcode.NXDOMAIN) ? 0 : qtype;
>> - if (soa != null || ns == null) {
>> + if (rcode == Rcode.NXDOMAIN) {
>> /* Negative response */
>> cred = getCred(Section.AUTHORITY, isAuth);
>> SOARecord soarec = null;
>> if (soa != null)
>> soarec = (SOARecord) soa.first();
>> - addNegative(curname, cachetype, soarec, cred);
>> + addNegative(curname, 0, soarec, cred);
>> if (response == null) {
>> int responseType;
>> if (rcode == Rcode.NXDOMAIN)
>> @@ -695,8 +695,8 @@
>> responseType = SetResponse.NXRRSET;
>> response =
>> SetResponse.ofType(responseType);
>> }
>> - /* NXT records are not cached yet. */
>> - } else {
>> + /* DNSSEC records are not cached. */
>> + } else if (ns != null) {
>>
>> /* Referral response */
>> cred = getCred(Section.AUTHORITY, isAuth);
>> addRRset(ns, cred);
>>
>
>
|
|
From: Luis S. <lui...@gm...> - 2008-08-20 10:51:00
|
My first impression is that everything is ok. Thanks for the quick reply.
Kind Regards
Luis
On Tue, Aug 19, 2008 at 8:17 PM, Brian Wellington <bwe...@xb...>wrote:
> On Tue, 19 Aug 2008, Luis Silva wrote:
>
> :) Ok sorry for this. The problem is that I sent this email first and got
>> an
>> error and forgot to format the second time. I'm sending you the code in
>> attached.
>>
>
> OK. I think you're correct that a type 4 NXDOMAIN could be cached
> incorrectly. Does the patch below look correct?
>
> Brian
>
> Index: org/xbill/DNS/Cache.java
> ===================================================================
> RCS file: /cvsroot/dnsjava/dnsjava/org/xbill/DNS/Cache.java,v
> retrieving revision 1.116
> diff -u -r1.116 Cache.java
> --- org/xbill/DNS/Cache.java 5 Dec 2006 01:05:06 -0000 1.116
> +++ org/xbill/DNS/Cache.java 19 Aug 2008 19:16:56 -0000
> @@ -628,7 +628,8 @@
> int type = answers[i].getType();
> Name name = answers[i].getName();
> cred = getCred(Section.ANSWER, isAuth);
> - if ((type == qtype || qtype == Type.ANY) &&
> + if (rcode == Rcode.NOERROR &&
> + (type == qtype || qtype == Type.ANY) &&
> name.equals(curname))
> {
> addRRset(answers[i], cred);
> @@ -679,14 +680,13 @@
> }
> if (!completed) {
> /* This is a negative response or a referral. */
> - int cachetype = (rcode == Rcode.NXDOMAIN) ? 0 : qtype;
> - if (soa != null || ns == null) {
> + if (rcode == Rcode.NXDOMAIN) {
> /* Negative response */
> cred = getCred(Section.AUTHORITY, isAuth);
> SOARecord soarec = null;
> if (soa != null)
> soarec = (SOARecord) soa.first();
> - addNegative(curname, cachetype, soarec, cred);
> + addNegative(curname, 0, soarec, cred);
> if (response == null) {
> int responseType;
> if (rcode == Rcode.NXDOMAIN)
> @@ -695,8 +695,8 @@
> responseType = SetResponse.NXRRSET;
> response = SetResponse.ofType(responseType);
> }
> - /* NXT records are not cached yet. */
> - } else {
> + /* DNSSEC records are not cached. */
> + } else if (ns != null) {
>
> /* Referral response */
> cred = getCred(Section.AUTHORITY, isAuth);
> addRRset(ns, cred);
>
|
|
From: Brian W. <bwe...@xb...> - 2008-08-19 19:17:32
|
On Tue, 19 Aug 2008, Luis Silva wrote:
> :) Ok sorry for this. The problem is that I sent this email first and got an
> error and forgot to format the second time. I'm sending you the code in
> attached.
OK. I think you're correct that a type 4 NXDOMAIN could be cached
incorrectly. Does the patch below look correct?
Brian
Index: org/xbill/DNS/Cache.java
===================================================================
RCS file: /cvsroot/dnsjava/dnsjava/org/xbill/DNS/Cache.java,v
retrieving revision 1.116
diff -u -r1.116 Cache.java
--- org/xbill/DNS/Cache.java 5 Dec 2006 01:05:06 -0000 1.116
+++ org/xbill/DNS/Cache.java 19 Aug 2008 19:16:56 -0000
@@ -628,7 +628,8 @@
int type = answers[i].getType();
Name name = answers[i].getName();
cred = getCred(Section.ANSWER, isAuth);
- if ((type == qtype || qtype == Type.ANY) &&
+ if (rcode == Rcode.NOERROR &&
+ (type == qtype || qtype == Type.ANY) &&
name.equals(curname))
{
addRRset(answers[i], cred);
@@ -679,14 +680,13 @@
}
if (!completed) {
/* This is a negative response or a referral. */
- int cachetype = (rcode == Rcode.NXDOMAIN) ? 0 : qtype;
- if (soa != null || ns == null) {
+ if (rcode == Rcode.NXDOMAIN) {
/* Negative response */
cred = getCred(Section.AUTHORITY, isAuth);
SOARecord soarec = null;
if (soa != null)
soarec = (SOARecord) soa.first();
- addNegative(curname, cachetype, soarec, cred);
+ addNegative(curname, 0, soarec, cred);
if (response == null) {
int responseType;
if (rcode == Rcode.NXDOMAIN)
@@ -695,8 +695,8 @@
responseType = SetResponse.NXRRSET;
response = SetResponse.ofType(responseType);
}
- /* NXT records are not cached yet. */
- } else {
+ /* DNSSEC records are not cached. */
+ } else if (ns != null) {
/* Referral response */
cred = getCred(Section.AUTHORITY, isAuth);
addRRset(ns, cred);
|
|
From: Luis S. <lui...@gm...> - 2008-08-19 08:59:22
|
/* This is a negative response or a referral. */
int cachetype = (rcode == Rcode.NXDOMAIN) ? 0 : qtype;
if (soa != null || ns == null) {
/* Negative response */
cred = getCred(Section.AUTHORITY, isAuth);
SOARecord soarec = null;
if (soa != null)
soarec = (SOARecord) soa.first();
addNegative(curname, cachetype, soarec, cred);
if (response == null) {
int responseType;
if (rcode == Rcode.NXDOMAIN)
responseType = SetResponse.NXDOMAIN;
else
responseType = SetResponse.NXRRSET;
response = SetResponse.ofType(responseType);
}
/* NXT records are not cached yet. */
} else {
/*LFS@ I think that a NXDOMAIN Type 4 answer will enter here*/
/* Referral response */
cred = getCred(Section.AUTHORITY, isAuth);
addRRset(ns, cred);
markAdditional(ns, additionalNames);
if (response == null)
response = new SetResponse(
SetResponse.DELEGATION,
ns);
}
|
|
From: Brian W. <bwe...@xb...> - 2008-08-18 23:08:10
|
On Mon, 18 Aug 2008, Luis Silva wrote: > Hi all, > Sorry if this is not the correct mailing list for my email. I'm analysing > the Cache from the DNSJava and I found something that I don't understand if > it is correct. In the piece of code below isn't it possible to enter the > code in green having the rcode equals to NXDOMAIN. According with the RFC, > when dealing with delegation, the RCode must be "ok", which is not the case > (at least is my interpretation). Am I wrong? > For example consider the case of a NXDOMAIN Type 4 answer. What exactly is the "code in green"? The text/plain version of your message obviously has no color, and I don't see any color in the html version either. The code that you pasted has also lost all of its formatting, which makes it exceedingly difficult to look at. If you have a question about code, please correctly include it in the message and make it clear which parts you're asking about (preferably using text notation, not colors). Brian |
|
From: Luis S. <lui...@gm...> - 2008-08-18 15:23:36
|
Hi all,
Sorry if this is not the correct mailing list for my email. I'm analysing
the Cache from the DNSJava and I found something that I don't understand if
it is correct. In the piece of code below isn't it possible to enter the
code in green having the rcode equals to NXDOMAIN. According with the RFC,
when dealing with delegation, the RCode must be "ok", which is not the case
(at least is my interpretation). Am I wrong?
For example consider the case of a NXDOMAIN Type 4 answer.
Kind Regards,
Luis
if
(!completed) {
/* This is a negative response or a referral. */
int cachetype = (rcode == Rcode.NXDOMAIN) ? 0 : qtype;
if (soa != null || ns == null) {
/* Negative response */
cred = getCred(Section.
AUTHORITY, isAuth);
SOARecord soarec =
null;
if (soa != null)
soarec = (SOARecord) soa.first();
addNegative(curname, cachetype, soarec, cred);
if (response == null) {
int responseType;
if (rcode == Rcode.NXDOMAIN)
responseType = SetResponse.
NXDOMAIN;
else
responseType = SetResponse.
NXRRSET;
response = SetResponse.ofType(responseType);
}
/* NXT records are not cached yet. */
}
else {
/* Referral response */
cred = getCred(Section.
AUTHORITY, isAuth);
addRRset(ns, cred);
markAdditional(ns, additionalNames);
if (response == null)
response =
new SetResponse(
SetResponse.
DELEGATION,
ns);
}
}
|
|
From: Alex K. <ak...@we...> - 2008-07-26 23:41:12
|
I cannot resist saying "hi" to the list and kudos to the project, Brian and developers. We're going to use the dnsjava in Scalr project. Thanks God I've found it. Sign, we semi-completed out own implementation. Not as advanced, just all general types of records and constructing/parsing zones. Now going to switch to dnsjava for sure. Alex |
|
From: Brian W. <bwe...@xb...> - 2008-02-12 17:31:19
|
On Tue, 12 Feb 2008, Saran1 wrote:
> I want to resolve the DNS names for the internal and external IPAddresses
> using Java and DNSJava. Below java code resolve the names from 'hosts' file
> first and then contact the DNS Server for resolution.
>
> System.setProperty("sun.net.spi.nameservice.provider.1","dns,dnsjava");
> InetAddress addr = InetAddress.getByName(ipaddress);
> String dnsname = addr.getCanonicalHostName().trim();
> System.out.println("DNS...........:" + dnsname);
>
> But after setting the "dnsjava-2.0.3.jar" in classpath, the above code
> doesn't look my 'hosts' file. Please let me know for any reason behind the
> same.
Because dnsjava is a library implementing the DNS protocol, and /etc/hosts
is not part of the DNS protocol.
> My Requirement:
> 1. Faster the DNS Resolve [using dnsjava.jar]
> 2. First look for 'hosts' file, then contact DNS Server.
>
> Please help me to solve the problem. Any help will be highly appreciated.
You have several options:
1) Do the /etc/hosts lookup yourself.
2) Find or create a patch to dnsjava which implements /etc/hosts file
lookups, and submit it.
Brian
|
|
From: Saran1 <har...@re...> - 2008-02-12 11:32:33
|
Hi,
I want to resolve the DNS names for the internal and external IPAddresses
using Java and DNSJava. Below java code resolve the names from 'hosts' file
first and then contact the DNS Server for resolution.
System.setProperty("sun.net.spi.nameservice.provider.1","dns,dnsjava");
InetAddress addr = InetAddress.getByName(ipaddress);
String dnsname = addr.getCanonicalHostName().trim();
System.out.println("DNS...........:" + dnsname);
But after setting the "dnsjava-2.0.3.jar" in classpath, the above code
doesn't look my 'hosts' file. Please let me know for any reason behind the
same.
My Requirement:
1. Faster the DNS Resolve [using dnsjava.jar]
2. First look for 'hosts' file, then contact DNS Server.
Please help me to solve the problem. Any help will be highly appreciated.
Thanks.
Saravanan
--
View this message in context: http://www.nabble.com/DNS-Resolve-from-hosts-file-first-then-DNS-Server-tp15431381p15431381.html
Sent from the dnsjava-users mailing list archive at Nabble.com.
|
|
From: Brian W. <bwe...@xb...> - 2008-01-07 15:08:23
|
On Mon, 7 Jan 2008, Sujie wrote: > How do i add a A record and PTR record using dnsjava? > > Do i just need to call the constructor? Do i need to initialize few > variables for it to talk to dns ? > > I am new to this concept, any help is appreciated. Read the documentation and the examples on the web page. Brian |
|
From: Sujie <suj...@ya...> - 2008-01-07 10:59:37
|
Hi all, How do i add a A record and PTR record using dnsjava? Do i just need to call the constructor? Do i need to initialize few variables for it to talk to dns ? I am new to this concept, any help is appreciated. Thanks Sujatha -- View this message in context: http://www.nabble.com/Add-A-record-and-PTR-record-tp14663041p14663041.html Sent from the dnsjava-users mailing list archive at Nabble.com. |
|
From: Hontvari J. <hon...@so...> - 2007-11-14 08:18:02
|
Regarding the issue I wrote about, I don't think that it is specific to=20
jnamed.
Moving the mentioned condition two lines down, so that it will follow the=
List records =3D xfrin.run();
line, does solve the problem. But this may not be the optimal solution.
This bug was introduced by the bugfix of the issue [ 1565317 ]=20
Zone.fromXFR Bug.
Before that fix the Zone.fromXFR verified the query type, which is=20
obviously already availabe before the query runs. After that fix was=20
applied the query result became the verified value. This new=20
verification fails, because the result is not availabe at that point.=20
By moving the verification, as I suggested above, the transfer is first=20
run and only then queried about the result type. So it will not fail.
I think the analysis of the issue 1565317 was wrong, but please note=20
that I have zero experience in this area. It says that it should be=20
possible to create a zone from an IXFR query if the result was finally=20
an AXFR type result for whatever reason. This seems to be right, but the =
proposed fix doesn't consider that the fromXFR method will itself run=20
the query. In other words it must receive a ZoneTransferIn object which=20
is not yet run. I guess it is not possible to know beforehand that a=20
remote server will return an AXFR type response on an IXFR request.=20
Therefore it is incorrect to pass a ZoneTransferIn object with an IXFR=20
query. This is exactly what the original code verified, so the code=20
change should be reverted. To propose a correct solution to the issue=20
1565317, undestanding the actual use case were necessary. Among others=20
it may be the introduction of a new function (and constructor) which=20
receives an already run ZoneTransferIn object.
Brian Wellington =EDrta:
> On Tue, 13 Nov 2007, Hontvari Jozsef wrote:
>
>> I am trying to configure a slave jnamed server. I can do an AXFR reque=
st
>> using DNSJAVA dig to the master server which is also a jnamed instance=
=2E
>> The slave jnamed instance cannot start.
>>
>> This condition throws the exception in Zone.fromXFR
>>
>> if (!xfrin.isAXFR())
>> throw new IllegalArgumentException("zones can only be " +
>> "created from AXFRs");
>>
>> As I understand the javadoc of isAXFR() it is related to the answer
>> message. However following the short code with and without debugger an=
d
>> I cannot see anywhere that a message was sent at all at this point.
>>
>> Btw. I have been successfully using jnamed as a locale dnsbl server fo=
r
>> a year. Now I plan to setup a master slave configuration for our
>> *unused* domains. I know you don't recommend it for production uses, a=
nd
>> this is not really production. DNS servers are required for the
>> registration of the domains, and I don't want to install two bind
>> instances. It would open a new attack vector for a small benefit.
>
> Sorry, but the documentation clearly states:
>
> jnamed should not be used for production, and should probably
> not be used for testing. If the above documentation is not=20
> enough,
> please do not ask for more, because it really should not be use=
d.
>
> Brian
>
|
|
From: Brian W. <bwe...@xb...> - 2007-11-13 20:19:57
|
On Tue, 13 Nov 2007, Hontvari Jozsef wrote:
> I am trying to configure a slave jnamed server. I can do an AXFR request
> using DNSJAVA dig to the master server which is also a jnamed instance.
> The slave jnamed instance cannot start.
>
> This condition throws the exception in Zone.fromXFR
>
> if (!xfrin.isAXFR())
> throw new IllegalArgumentException("zones can only be " +
> "created from AXFRs");
>
> As I understand the javadoc of isAXFR() it is related to the answer
> message. However following the short code with and without debugger and
> I cannot see anywhere that a message was sent at all at this point.
>
> Btw. I have been successfully using jnamed as a locale dnsbl server for
> a year. Now I plan to setup a master slave configuration for our
> *unused* domains. I know you don't recommend it for production uses, and
> this is not really production. DNS servers are required for the
> registration of the domains, and I don't want to install two bind
> instances. It would open a new attack vector for a small benefit.
Sorry, but the documentation clearly states:
jnamed should not be used for production, and should probably
not be used for testing. If the above documentation is not enough,
please do not ask for more, because it really should not be used.
Brian
|
26 messages has been excluded from this view by a project administrator.
