DelphinusDNS Blog

(the latest about delphinusdnsd)

Previous Page

Delphinusdnsd 1.4.2 Released (minor fix)

July 9th, 2020

Even though the 1.4.2 tarball doesn't update the internal version string to 1.4.2 (I forgot this rolling it this morning), it does feature a slight DNS header query flags fix to REFUSED answers. This bug was found 6 days ago, so I finally was able to backport it. So, only 1 source file is different from 1.4.1 featuring a 3 line diff.


Working forwarding setup with delphinusdnsd and unbound

July 3rd, 2020

I have just check in my work, it will be in tomorrows snapshot or you can github it in 3 minutes. The work is far from finished but I got a working forwarding with a TSIG secure channel, utilizing 2 delphinusdnsd's and one unbound (bound to localhost). One delphinusdnsd takes on queries for forwarding and send them to the second delphinusdnsd upstream at my server. It's forwarding config looks something like this:

forward "to these hosts" {
        incoming-tsig no;
        destination port 8053 key newsecret;
;       destination 2a01:4f8:162:1167::2 port 8053 key newsecret;
        destination port 8053 key newsecret;
;       destination 2a01:4f8:a0:5135::2 port 8053 key newsecret;
So on port 8053 at the upstream server(s) is another delphinusdnsd that has a similar config only incoming-tsig is set to yes, and it will forward to localhost (some port). Thus far it works and it is quick too. I'm sure I'll iron out the bugs next week though. I'm very proud I got this working so far, I dedicated the entire month of july for this, so there is plenty of time to test this.


reply_refused fixed, (before would answer NOTIFY)

July 2nd, 2020

I have made a fix for reply_refused() it was giving bogus answers. here is a diff for the fix. As you can see it was a misplaced memset() and then it didn't answer authoritatively which I added.



July 1st, 2020

I have added a "Donate" link to the main page. If you use delphinusdnsd and can donate a little bit I'd be grateful. I chose what I do with this money (it mostly goes to my living), and I chose what to with the development of delphinusdnsd, in other words, the donation would be a gift, with no strings attached. If you donate over 100 EUR I'm going to allow you to link to a hyperlink with your name or your corporation. The link has to be in taste with this site. You can go to the donate page directly through here. Thanks!


Coding ambition for July 2020

June 30th, 2020

I'm hoping to be putting in a forwarding feature to delphinusdnsd. This is the next closest thing to having a recursive server but not really. My goal is to have TSIG protection and different ports as the forwarding destination. So a sample entry may look like:

forward "to these hosts" {
	incoming-key pass;
	destination port 53 key NOKEY;
	destination fcfc:fcfc:8::1 port 5353 key routerpass;
So this forces incoming questions to only reply when the incoming key pass matches (a TSIG key), and the destinations either have NOKEY or a set key. I hope I can get this finished in July, then there is a priority to do something else in August and I'll be back for September, October, November and December to get started on the Dynamic DNS Updates. The DNS Updates won't be finished for 1.5.0 but will be aimed for 1.6.0 release. I'm hoping to make use of the cooler months to get ahead. Perhaps to get non-DNSSEC Updates for 1.5.0 and work on the DNSSEC part in 2021.


New process in delphinusdnsd in the works

June 20th, 2020

As you may know delphinusdnsd is spread over several processes and the plumbing for the IPC is hard to do. So I'm introducing the CORTEX process. Here is a rough chart on how it looks like:

Each connection between the cortex is called a neuron. It is sorta like the brain of the human :-). I haven't lost my mind. This is just a way of making sense for me, so I don't fall asleep to it. I hope to have the cortex work finished and tried in around three weeks to a month.


Administrivia: Just a test

June 15th, 2020

Just a test. Ignore please.


Does delphinusdnsd have a slight memory leak?

May 25th, 2020

Really interested to what people are observing out there. Here is what I saw on a delphinusdnsd that was up 11 days:

_ddd     77316  0.0  0.1 18368 21128 ??  Sp     14May20    \
0:03.99 /usr/local/sbin/delphinusdnsd -l    
When restarting it and ps auxwww again, this is what I see:
_ddd     69292  0.0  0.1 16852 18192 ??  Sp      5:32PM    \
0:00.04 /usr/local/sbin/delphinusdnsd -l
The OS currently is OpenBSD 6.6 with all patches. I don't know if I have the energy in the next month to seriously look into this, right now I don't want to do the work. But it looks like there is a slight memory leak since this is the parent process and there can be no CoW (copy on write) paging. Hmm anyhow. That particular delphinusdnsd runs 10 zones. So rather small.

1 comment

What is iodine and how does it relate to DNS?

May 17th, 2020

I've been thinking of making an iodine-like feature in delphinusdnsd. Only I don't know when and if DNS Updates takes precedence. I was thinking of this for version 1.6 perhaps, or higher. So next year. So what's iodine? Iodine is a substance they give out to radiation victims in the vicinity of a nuclear disaster :-|. It has the atomic number 53 in the periodic table of the elements as far as I can remember. So it has something in common with DNS which uses the ports 53 (tcp and udp) for communication. The program iodine is a way to tunnel IP over DNS.

This in effect, if implanted into delphinusdnsd , would be going against the reason why delphinusdnsd was first created. Let me explain. When I first programmed wildcarddnsd (I was living in frankfurt at the time) it was to make a secure portal, and fake websites answers. But it didn't work because of DNS caching in solaris and windows. So you could say that delphinusdnsd is in a transformation from good to evil. The way I was envisioning doing the iodine-functionality would be with a tunnel connecting more than one nameservers to the master so that only the master answers the end-point. It won't be an IP tunnel but rather a tty tunnel and it would use /usr/bin/login for an operator of this tunnel to log in and get a pseudo terminal. This is just thoughts, I hope I can implement this some day.

1 comment

If you track -current be vigilant

May 7th, 2020

I just did some commits that, if they have a mistake, could be detrimental to the operation of delphinusdnsd. If you read this on the 7th of may and you want an up to date copy you can download a snapshot in the next 8 hours. and it will not have this change. If however you have nothing to lose, you can continue getting the newest. It takes me some time, as noticed on april 27th after two weeks roughly, to noticed bugs. I tested this change on so if anything breaks it will break big time for me. We'll see I guess.

1 comment

Next Page


RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries

Powered by BCHS