about those queries, you are exactly correct.
I guess I should change my methodology then.
Thanks...
On 10/13/22 01:39, Guillermo wrote:
> El mié, 12 oct 2022 a las 21:10, Amelia Bjornsdottir escribió:
>> I'm passing skadns_send an s6dns_domain_t straight out of an
>> s6dns_message_rr_srv_t (case 1) or a s6dns_message_rr_mx_t (case 2).Is
>> that in packet format or in string format?
> Um, neither? As far as I can tell, skadns_send() always takes a domain
> name encoded in a s6dns_domain_t object, and the type of resource
> record that you want as the "qtype" argument, which go straight to the
> "question" section of a DNS query. Objects of types
> s6dns_message_rr_srv_t and s6dns_message_rr_mx_t are used for parsing
> RRs in the DNS response that skadns_packet() gives you after the
> client gets if from skadnsd using skadns_update().
>
> After learning a bit about skadnsd's texclient protocol, looking at
> HardenedBSD's truss output, it looks like your program does 3 queries
> for SRV RRs, 1 query for an MX RR, 9 queries for A RRs, and 9 queries
> for AAAA RRs. I suppose that on OmniOS, the program does the exact
> same 22 queries. In both cases you get responses with no error for the
> SRV and MX queries. On Vultr's network,the A and AAAA queries all seem
> to get a response with a "format error" RCODE, presumably because the
> resulting DNS packet is malformed, and on Shaw's network they don't
> seem get a response at all. One possible explanation being that, if
> packets are really malformed, Shaw's caches might just not bother
> responding to them. This:
>
> sendto(17,"\^?!\^A\0\0\^A\0\0\0\0\0\0.perih"...,44,0,NULL,0) = 44 (0x2c)
>
> makes me very suspicious. That looks like a dot followed by the label
> "perihelion", i.e. like coming from a s6dns_domain_t object in string
> form.
>
> G.
--
Amelia Bjornsdottir (she, they)
sysadmin umbrellix.net, deputy sysadmin chatspeed.net
jabber: eamon.aka.amy.malik ~on~ umbrellix.net
Received on Thu Oct 13 2022 - 03:40:46 CEST