DelphinusDNS Blog

(the latest about delphinusdnsd)
  

Previous Page


Cookies in dddctl query

August 20th, 2022

I have added cookies to dddctl query and committed the code. If you are using dddctl to sign zones make sure you adjust this script if you're using it. It greps (with -v) for '^;;' and with this change it will possibly produce misoutput. It should grep -v for '^;'. I had to update all my signing scripts too. Cheers!

0 comments

Please familiarize yourself with this config change

August 14th, 2022

A config change took place, anything downloaded and built after this date needs new configs. Check out the commit message. Some will rejoice perhaps at this. I'm glad I listened to Ricardo.

0 comments

delphinusdnsd 1.7 will have a change in the AXFR port syntax

August 13th, 2022

Before a configspecifying an axfrport would look like this:

options "some options" {
	...
}

axfrport "10053";
...
This has been changed:
options "some options" {
	axfrport 10053;
	...
}
...
So I moved this option into the proper options block. There is also another change called "strictaxfr;" in options. If you set this, you must have an authenticating key before it spits back anything. If you don't it will hang up. Otherwise the behaviour is as before plain non-authenticated (non-TSIG) AXFR's would go through.

0 comments

RFC 9276 - Guidance for NSEC3 Parameter Settings

August 13th, 2022

I just skimmed over this RFC. I think everything is done right. Drop me an email if you see something from the implementation aspect that is wrong.

0 comments

Going on (virtual) holiday, virtually

July 15th, 2022

Whenever I code I build up stress with it. Right now I don't need more stress as I'm soaking in serenity. Maybe in the future I'll get back at doing DNS Updates, but it isn't in the foreseeable future. To those who have been looking forward to this, I hate to disappoint you, but the program is good as it is even without DNS Updates, I feel it's nearly finished and doing the last few touches won't affect it much. Have a happy holiday season all, stay safe.

0 comments

A new profile picture

July 3rd, 2022

Just so you know I have replaced my profile picture with a self portrait.

Enjoy!

0 comments

My Inspiration

June 26th, 2022

I'm sitting here in my parents living room writing this. It's been two weeks since I committed any code and it'll likely be anoter two weeks before I start committing again. The outside temperatures are sheerly too hot and as most germans I do not, and my family does not own an air conditioner. The temperatures are expected to hit 36C soon and have been doing so in the past two weeks. Though while I'm not coding I can think around what I want to do and write a blog article or something. So I thought I'd write about my inspiration for writing this DNS server.

Back around 1996 I bought a book by W.R. Stevens on UNIX Network Programming and bought followup books ever since. The 2 volume set of the 2nd edition was what inspired me directly to write a DNS server. All the foundations were laid in the book and I occasionally used the book (one is already falling apart) as a reference on socket code. So who is W.R. Stevens? He was a professor and worked at an observatory for astronomy. All the things pretty well that interest me, he did it. Unfortunately he died before Y2K which made his books so much more a legend.

After partially reading his books on network programming I concluded that this is the foundation for building a dns server with udp, tcp and even raw sockets. Which is what delphinusdnsd uses, it explains well known ports and ephemeral ports, it explains connecting UDP sockets and so on. Thanks Mr. Stevens for guiding me maybe we'll meet some day in the after-life.

0 comments

Stalled development? Nothing new for summer season

June 16th, 2022

I just want you to know that I haven't given up. We're approaching the warmest part of the year and for me that means little coding. I wrote to someone recently that I center my best coding around the equinoxes with some additional coding near the winter solstice. In the summer the trend is to chill on IRC or whatever and wait out the heat. I do have some minor things to do which aren't really DNS Updates related (forwarder giving me gripes) so you may see something there in the next few weeks. Have a great summer!

0 comments

Shared memory gets a zebra striping (guard pages)

June 6th, 2022

Today I put in guard pages between slots in the three major shared memory regions. These shared memory regions usually transfer packet metadata, cache and full packet data. They are contiguous regions that I changed guard pages on between slots (I hope slots is the right term here). It looks a little like this:

        start of memory ------> +------------------------+
                                //slot #0               //
                                //                      //
        guardpage (pagesize) -> +------------------------+
                                +------------------------+
                                //slot #1               //
                                //                      //
        guardpage (pagesize) -> +------------------------+
                                +------------------------+
                                //slot #2               //
				... (to slot 199 or 399)

This ensures that at no time you can overrun a slot's boundary as you'll hit a guard page. I changed the page protection with mprotect() to PROT_NONE, so even reading from this area is akin to reading from non-allocated memory and will signal 15 afaik.

I worked on this today because I previously worked on send_to_parser() which is a routine to send a DNS raw packet to the sandbox'ed parser process. Right now we have a limitation of 16K or something in the imsg framework to send data to this parser process. I plan on increasing this to the DNS maximum of 64K and do it with shared memory which will speed up things (memory is the fastest way of IPC (when shared)). We just gotta get the locking right, right now we have a ghetto lock which isn't really a lock. I think I may create a file where delphinusdnsd will serialize around a file lock. This should be ultra safe.

Anyhow this relates to the DNS Updates work that I'm slowly easing into.

0 comments

The old AXFR behaviour flag

June 3rd, 2022

I had a bit of a shocker the other day. I made a 12,000 RR zone and wanted it to be axfr'ed. But the replicant would not take it. I was stunned. I hoped that I wouldn't have to repair code in this moment. After a few tries and nothing. Then I remembered I had put in a hack around to a peculiar change in AXFR and called it "replicant-axfr-old-behaviour" and similar on the primary "primary-axfr-old-behaviour". This behaviour had something to do with copying back the question of the AXFR. Judging by the comment in the code it seems that new behaviour is not to copy the question header. Anyhow needless to say I had this flag set on the primary but not the replicant thus it failed copying. When synced it worked immediately. Yes I admit I totally forgot about this feature. I will remove it in the future release (probably at 1.7 time, granted I don't forget *smile*).

I'll be adding probably another 20,000 RR's to this particular zone and it'll be a great test to see how well AXFR's work.

0 comments

Next Page

Search

RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries


Powered by BCHS