Documentation
¶
Overview ¶
Package dns implement DNS client and server.
This library implemented in reference to,
- RFC1034 DOMAIN NAMES - CONCEPTS AND FACILITIES
- RFC1035 DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION
- RFC1886 DNS Extensions to support IP version 6.
- RFC2782 A DNS RR for specifying the location of services (DNS SRV)
- RFC6891 Extension Mechanisms for DNS (EDNS(0))
- RFC8484 DNS Queries over HTTPS (DoH)
Index ¶
- Constants
- Variables
- func GetQueryTypeFromAddress(addr []byte) (qtype uint16)
- func GetSystemHosts() string
- func GetSystemNameServers(path string) []string
- func LoadHostsDir(dir string) (hostsFiles map[string]*HostsFile, err error)
- func LoadZoneDir(dir string) (zoneFiles map[string]*ZoneFile, err error)
- func LookupPTR(client Client, ip net.IP) (answer string, err error)
- func ParseNameServers(nameservers []string) ([]*net.UDPAddr, error)
- type Answer
- type Client
- type DoHClient
- func (cl *DoHClient) Close() error
- func (cl *DoHClient) Get(msg *Message) (*Message, error)
- func (cl *DoHClient) Lookup(allowRecursion bool, qtype, qclass uint16, qname string) (*Message, error)
- func (cl *DoHClient) Post(msg *Message) (*Message, error)
- func (cl *DoHClient) Query(msg *Message) (*Message, error)
- func (cl *DoHClient) RemoteAddr() string
- func (cl *DoHClient) SetRemoteAddr(addr string) (err error)
- func (cl *DoHClient) SetTimeout(t time.Duration)
- func (cl *DoHClient) Write(packet []byte) (n int, err error)
- type DoTClient
- func (cl *DoTClient) Close() error
- func (cl *DoTClient) Lookup(allowRecursion bool, qtype, qclass uint16, qname string) (res *Message, err error)
- func (cl *DoTClient) Query(msg *Message) (*Message, error)
- func (cl *DoTClient) RemoteAddr() string
- func (cl *DoTClient) SetRemoteAddr(addr string) (err error)
- func (cl *DoTClient) SetTimeout(t time.Duration)
- func (cl *DoTClient) Write(msg []byte) (n int, err error)
- type HostsFile
- type Message
- func (msg *Message) AddAnswer(rr *ResourceRecord) (err error)
- func (msg *Message) FilterAnswers(t uint16) (answers []ResourceRecord)
- func (msg *Message) IsExpired() bool
- func (msg *Message) Pack() ([]byte, error)
- func (msg *Message) RemoveAnswer(rr *ResourceRecord) (err error)
- func (msg *Message) Reset()
- func (msg *Message) ResetRR()
- func (msg *Message) SetAuthorativeAnswer(isAA bool)
- func (msg *Message) SetID(id uint16)
- func (msg *Message) SetQuery(isQuery bool)
- func (msg *Message) SetRecursionDesired(isRD bool)
- func (msg *Message) SetResponseCode(code ResponseCode)
- func (msg *Message) String() string
- func (msg *Message) SubTTL(n uint32)
- func (msg *Message) Unpack() (err error)
- func (msg *Message) UnpackHeaderQuestion() (err error)
- type OpCode
- type RDataHINFO
- type RDataMINFO
- type RDataMX
- type RDataOPT
- type RDataSOA
- type RDataSRV
- type RDataWKS
- type ResourceRecord
- type ResponseCode
- type SectionHeader
- type SectionQuestion
- type Server
- func (srv *Server) CachesLRU() []*Answer
- func (srv *Server) ListenAndServe() (err error)
- func (srv *Server) PopulateCaches(msgs []*Message, from string)
- func (srv *Server) PopulateCachesByRR(listRR []*ResourceRecord, from string) (err error)
- func (srv *Server) RemoveCachesByNames(names []string)
- func (srv *Server) RemoveCachesByRR(rr *ResourceRecord) error
- func (srv *Server) RemoveLocalCachesByNames(names []string)
- func (srv *Server) RestartForwarders(nameServers, fallbackNS []string)
- func (srv *Server) SearchCaches(re *regexp.Regexp) []*Message
- func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)
- func (srv *Server) Stop()
- type ServerOptions
- type TCPClient
- func (cl *TCPClient) Close() error
- func (cl *TCPClient) Connect(raddr *net.TCPAddr) (err error)
- func (cl *TCPClient) Lookup(allowRecursion bool, qtype, qclass uint16, qname string) (*Message, error)
- func (cl *TCPClient) Query(msg *Message) (*Message, error)
- func (cl *TCPClient) RemoteAddr() string
- func (cl *TCPClient) SetRemoteAddr(addr string) (err error)
- func (cl *TCPClient) SetTimeout(t time.Duration)
- func (cl *TCPClient) Write(msg []byte) (n int, err error)
- type UDPClient
- func (cl *UDPClient) Close() error
- func (cl *UDPClient) Lookup(allowRecursion bool, qtype, qclass uint16, qname string) (*Message, error)
- func (cl *UDPClient) Query(msg *Message) (*Message, error)
- func (cl *UDPClient) RemoteAddr() string
- func (cl *UDPClient) SetRemoteAddr(addr string) (err error)
- func (cl *UDPClient) SetTimeout(t time.Duration)
- func (cl *UDPClient) Write(msg []byte) (n int, err error)
- type UDPClientPool
- type ZoneFile
Examples ¶
Constants ¶
const ( // DefaultPort define default DNS remote or listen port for UDP and // TCP connection. DefaultPort uint16 = 53 // DefaultTLSPort define default remote and listen port for DNS over // TLS. DefaultTLSPort uint16 = 853 // DefaultHTTPPort define default port for DNS over HTTPS. DefaultHTTPPort uint16 = 443 )
const ( QueryTypeZERO uint16 = iota // Empty query type. QueryTypeA // 1 - A host address QueryTypeNS // 2 - An authoritative name server QueryTypeMD // 3 - A mail destination (Obsolete - use MX) QueryTypeMF // 4 - A mail forwarder (Obsolete - use MX) QueryTypeCNAME // 5 - The canonical name for an alias QueryTypeSOA // 6 - Marks the start of a zone of authority QueryTypeMB // 7 - A mailbox domain name (EXPERIMENTAL) QueryTypeMG // 8 - A mail group member (EXPERIMENTAL) QueryTypeMR // 9 - A mail rename domain name (EXPERIMENTAL) QueryTypeNULL // 10 - A null RR (EXPERIMENTAL) QueryTypeWKS // 11 - A well known service description QueryTypePTR // 12 - A domain name pointer QueryTypeHINFO // 13 - Host information QueryTypeMINFO // 14 - Mailbox or mail list information QueryTypeMX // 15 - Mail exchange QueryTypeTXT // 16 - Text strings QueryTypeAAAA uint16 = 28 // IPv6 address QueryTypeSRV uint16 = 33 // A SRV RR for locating service. QueryTypeOPT uint16 = 41 // An OPT pseudo-RR (sometimes called a meta-RR) QueryTypeAXFR uint16 = 252 // A request for a transfer of an entire zone QueryTypeMAILB uint16 = 253 // A request for mailbox-related records (MB, MG or MR) QueryTypeMAILA uint16 = 254 // A request for mail agent RRs (Obsolete - see MX) QueryTypeALL uint16 = 255 // A request for all records )
List of code for known DNS query types.
const ( QueryClassZERO uint16 = iota // Empty query class. QueryClassIN // The Internet QueryClassCS // The CSNET class (Obsolete - used only for examples in some obsolete RFCs) QueryClassCH // The CHAOS class QueryClassHS // Hesiod [Dyer 87] QueryClassANY uint16 = 255 // Any class )
List of code known DNS query class.
const ( HostsFilePOSIX = "/etc/hosts" HostsFileWindows = "C:\\Windows\\System32\\Drivers\\etc\\hosts" )
List of known hosts file by OS.
Variables ¶
var ( ErrNewConnection = errors.New("lookup: can't create new connection") ErrLabelSizeLimit = errors.New("labels should be 63 octet or less") ErrInvalidAddress = errors.New("invalid address") ErrIPv4Length = errors.New("invalid length of A RDATA format") ErrIPv6Length = errors.New("invalid length of AAAA RDATA format") )
List of error messages.
var QueryClassName = map[uint16]string{ QueryClassIN: "IN", QueryClassCH: "CH", QueryClassHS: "HS", }
QueryClassName contains a mapping between the query class and its string representation.
var QueryClasses = map[string]uint16{ "IN": QueryClassIN, "CH": QueryClassCH, "HS": QueryClassHS, }
QueryClasses contains a mapping between string representation of DNS query class with their decimal value.
var QueryTypeNames = map[uint16]string{ QueryTypeA: "A", QueryTypeNS: "NS", QueryTypeCNAME: "CNAME", QueryTypeSOA: "SOA", QueryTypeMB: "MB", QueryTypeMG: "MG", QueryTypeMR: "MR", QueryTypeNULL: "NULL", QueryTypeWKS: "WKS", QueryTypePTR: "PTR", QueryTypeHINFO: "HINFO", QueryTypeMINFO: "MINFO", QueryTypeMX: "MX", QueryTypeTXT: "TXT", QueryTypeAAAA: "AAAA", QueryTypeSRV: "SRV", QueryTypeOPT: "OPT", }
QueryTypeNames contains mapping between query type and and their string representation.
var QueryTypes = map[string]uint16{ "A": QueryTypeA, "NS": QueryTypeNS, "CNAME": QueryTypeCNAME, "SOA": QueryTypeSOA, "MB": QueryTypeMB, "MG": QueryTypeMG, "MR": QueryTypeMR, "NULL": QueryTypeNULL, "WKS": QueryTypeWKS, "PTR": QueryTypePTR, "HINFO": QueryTypeHINFO, "MINFO": QueryTypeMINFO, "MX": QueryTypeMX, "TXT": QueryTypeTXT, "AAAA": QueryTypeAAAA, "SRV": QueryTypeSRV, "OPT": QueryTypeOPT, }
QueryTypes contains a mapping between string representation of DNS query type with their decimal value.
Functions ¶
func GetQueryTypeFromAddress ¶ added in v0.19.0
GetQueryTypeFromAddress return QueryTypeA or QueryTypeAAAA if addr is valid IPv4 or IPv6 address, otherwise it will return 0.
func GetSystemNameServers ¶
GetSystemNameServers return list of system name servers by reading resolv.conf formatted file in path.
Default path is "/etc/resolv.conf".
func LoadHostsDir ¶ added in v0.16.0
LoadHostsDir load all of hosts formatted files inside a directory. On success, it will return map of filename and the content of hosts file as list of Message. On fail, it will return partial loadeded hosts files and an error.
func LoadZoneDir ¶ added in v0.23.0
LoadZoneDir load DNS record from zone formatted files in directory "dir". On success, it will return map of file name and ZoneFile content as list of Message. On fail, it will return possible partially parse zone file and an error.
Types ¶
type Answer ¶ added in v0.23.0
type Answer struct {
// ReceivedAt contains time when message is received. If answer is
// from local cache (host or zone file), its value is 0.
ReceivedAt int64
// AccessedAt contains time when message last accessed. This field
// is used to prune old answer from caches.
AccessedAt int64
// QName contains DNS question name, a copy of msg.Question.Name.
QName string
// qtype contains DNS question type, a copy of msg.Question.Type.
QType uint16
// qclass contains DNS question class, a copy of msg.Question.Class.
QClass uint16
// contains filtered or unexported fields
}
Answer maintain the record of DNS response for cache.
type Client ¶
type Client interface {
Close() error
Lookup(allowRecursion bool, qtype, qclass uint16, qname string) (*Message, error)
Query(req *Message) (*Message, error)
RemoteAddr() string
SetRemoteAddr(addr string) error
SetTimeout(t time.Duration)
}
Client is interface that implement sending and receiving DNS message.
type DoHClient ¶
type DoHClient struct {
// contains filtered or unexported fields
}
DoHClient client for DNS over HTTPS.
func NewDoHClient ¶
NewDoHClient will create new DNS client with HTTP connection.
func (*DoHClient) Get ¶
Get send query to name server using HTTP GET and return the response as unpacked message.
func (*DoHClient) Lookup ¶
func (cl *DoHClient) Lookup( allowRecursion bool, qtype, qclass uint16, qname string, ) ( *Message, error, )
Lookup will query the DoH server with specific type, class, and name in synchronous mode.
func (*DoHClient) Post ¶
Post send query to name server using HTTP POST and return the response as unpacked message.
func (*DoHClient) Query ¶
Query send DNS query to name server. This is an alias to Get method, to make it consistent with other DNS clients.
func (*DoHClient) RemoteAddr ¶
RemoteAddr return client remote nameserver address.
func (*DoHClient) SetRemoteAddr ¶
SetRemoteAddr set the remote address for sending the packet.
func (*DoHClient) SetTimeout ¶
SetTimeout set the timeout for sending and receiving packet.
type DoTClient ¶ added in v0.10.1
type DoTClient struct {
// contains filtered or unexported fields
}
DoTClient client for DNS over TLS.
func NewDoTClient ¶ added in v0.10.1
NewDoTClient will create new DNS client over TLS connection.
The nameserver contains the IP address, not host name, of parent DNS server. Default port is 853, if not set.
func (*DoTClient) Lookup ¶ added in v0.10.1
func (cl *DoTClient) Lookup( allowRecursion bool, qtype, qclass uint16, qname string, ) ( res *Message, err error, )
Lookup specific type, class, and name in synchronous mode.
func (*DoTClient) RemoteAddr ¶ added in v0.10.1
RemoteAddr return client remote nameserver address.
func (*DoTClient) SetRemoteAddr ¶ added in v0.10.1
SetRemoteAddr no-op.
func (*DoTClient) SetTimeout ¶ added in v0.10.1
SetTimeout for sending and receiving packet.
type HostsFile ¶ added in v0.16.0
type HostsFile struct {
Path string `json:"-"`
Name string
Records []*ResourceRecord `json:"-"`
// contains filtered or unexported fields
}
HostsFile represent content of single hosts file.
func NewHostsFile ¶ added in v0.19.0
func NewHostsFile(path string, records []*ResourceRecord) ( hfile *HostsFile, err error, )
NewHostsFile create and store the host records in file defined by "path".
func ParseHostsFile ¶ added in v0.16.0
ParseHostsFile parse the content of hosts file as packed DNS message. If path is empty, it will load from the system hosts file.
func (*HostsFile) AppendAndSaveRecord ¶ added in v0.19.0
func (hfile *HostsFile) AppendAndSaveRecord(rr *ResourceRecord) (err error)
AppendAndSaveRecord append new record and save it to hosts file.
func (*HostsFile) RemoveRecord ¶ added in v0.19.0
RemoveRecord remove single record from hosts file by domain name. It will return true if record found and removed.
type Message ¶
type Message struct {
Header SectionHeader
Question SectionQuestion
Answer []ResourceRecord
Authority []ResourceRecord
Additional []ResourceRecord
// contains filtered or unexported fields
}
Message represent a DNS message.
All communications inside of the domain protocol are carried in a single format called a message. The top level format of message is divided into 5 sections (some of which are empty in certain cases) shown below:
+---------------------+ | Header | +---------------------+ | Question | the question for the name server +---------------------+ | Answer | RRs answering the question +---------------------+ | Authority | RRs pointing toward an authority +---------------------+ | Additional | RRs holding additional information +---------------------+
The names of the sections after the header are derived from their use in standard queries. The question section contains fields that describe a question to a name server. These fields are a query type (QTYPE), a query class (QCLASS), and a query domain name (QNAME). The last three sections have the same format: a possibly empty list of concatenated resource records (RRs). The answer section contains RRs that answer the question; the authority section contains RRs that point toward an authoritative name server; the additional records section contains RRs which relate to the query, but are not strictly answers for the question. [1]
[1] RFC 1035 - 4.1. Format
func NewMessageAddress ¶ added in v0.18.0
NewMessageAddress create new DNS message for hostname that contains one or more A or AAAA addresses. The addresses must be all IPv4 or IPv6, the first address define the query type. If hname is not valid hostname or one of the address is not valid IP address it will return nil.
func NewMessageFromRR ¶ added in v0.19.0
func NewMessageFromRR(rr *ResourceRecord) (msg *Message, err error)
NewMessageFromRR create new message with one RR as an answer.
func (*Message) AddAnswer ¶ added in v0.19.0
func (msg *Message) AddAnswer(rr *ResourceRecord) (err error)
AddAnswer to the Answer field and re-pack it again.
func (*Message) FilterAnswers ¶
func (msg *Message) FilterAnswers(t uint16) (answers []ResourceRecord)
FilterAnswers return resource record in Answer that match only with specific query type.
func (*Message) IsExpired ¶
IsExpired will return true if at least one resource record in answers is expired, where their TTL value is equal to 0. As long as the answers RR exist and no TTL is 0, it will return false.
If RR answers is empty, then the TTL on authority RR will be checked for zero.
There is no check to be done on additional RR, since its may contain EDNS with zero TTL.
func (*Message) Pack ¶
Pack convert message into datagram packet. The result of packing a message will be saved in Packet field and returned.
func (*Message) RemoveAnswer ¶ added in v0.19.0
func (msg *Message) RemoveAnswer(rr *ResourceRecord) (err error)
RemoveAnswer remove the RR from list of answer.
func (*Message) ResetRR ¶
func (msg *Message) ResetRR()
ResetRR free allocated resource records in message. This function can be used to release some memory after message has been packed, but the raw packet may still be in use.
func (*Message) SetAuthorativeAnswer ¶ added in v0.6.0
SetAuthorativeAnswer set the header authoritative answer to true (1) or false (0).
func (*Message) SetQuery ¶ added in v0.6.0
SetQuery set the message as query (0) or as response (1) in header and in packet. Setting the message as query will also turning off AA, TC, and RA flags.
func (*Message) SetRecursionDesired ¶ added in v0.6.0
SetRecursionDesired set the message to allow recursion (true=1) or not (false=0) in header and packet.
func (*Message) SetResponseCode ¶ added in v0.6.0
func (msg *Message) SetResponseCode(code ResponseCode)
SetResponseCode in message header and in packet.
func (*Message) SubTTL ¶
SubTTL subtract TTL in each resource records and in packet by n seconds. If TTL is less than n, it will set to 0.
func (*Message) UnpackHeaderQuestion ¶
UnpackHeaderQuestion extract only DNS header and question from message packet. This method assume that message.packet already set to DNS raw message.
type RDataHINFO ¶
RDataHINFO HINFO records are used to acquire general information about a host. The main use is for protocols such as FTP that can use special procedures when talking between machines or operating systems of the same type.
func (*RDataHINFO) String ¶
func (hinfo *RDataHINFO) String() string
String return readable representation of HINFO record.
type RDataMINFO ¶
type RDataMINFO struct {
// A <domain-name> which specifies a mailbox which is responsible for
// the mailing list or mailbox. If this domain name names the root,
// the owner of the MINFO RR is responsible for itself. Note that
// many existing mailing lists use a mailbox X-request for the RMAILBX
// field of mailing list X, e.g., Msgroup-request for Msgroup. This
// field provides a more general mechanism.
RMailBox string
// A <domain-name> which specifies a mailbox which is to receive error
// messages related to the mailing list or mailbox specified by the
// owner of the MINFO RR (similar to the ERRORS-TO: field which has
// been proposed). If this domain name names the root, errors should
// be returned to the sender of the message.
EmailBox string
}
RDataMINFO define a resource record for type MINFO.
func (*RDataMINFO) String ¶
func (minfo *RDataMINFO) String() string
String return readable representation of MINFO record.
type RDataMX ¶
type RDataMX struct {
// A 16 bit integer which specifies the preference given to this RR
// among others at the same owner. Lower values are preferred.
Preference int16
// A <domain-name> which specifies a host willing to act as a mail
// exchange for the owner name.
Exchange string
}
RDataMX MX records cause type A additional section processing for the host specified by EXCHANGE. The use of MX RRs is explained in detail in [RFC-974].
type RDataOPT ¶
type RDataOPT struct {
// Forms the upper 8 bits of extended 12-bit RCODE (together with the
// 4 bits defined in [RFC1035]. Note that EXTENDED-RCODE value 0
// indicates that an unextended RCODE is in use (values 0 through 15).
ExtRCode byte
// Indicates the implementation level of the setter. Full conformance
// with this specification is indicated by version '0'. Requestors
// are encouraged to set this to the lowest implemented level capable
// of expressing a transaction, to minimise the responder and network
// load of discovering the greatest common implementation level
// between requestor and responder. A requestor's version numbering
// strategy MAY ideally be a run-time configuration option.
Version byte
// DNSSEC OK bit as defined by [RFC3225].
DO bool
// Assigned by the Expert Review process as defined by the DNSEXT
// working group and the IESG.
Code uint16
// Size (in octets) of OPTION-DATA.
Length uint16
// Varies per OPTION-CODE. MUST be treated as a bit field.
Data []byte
}
RDataOPT define format of RDATA for OPT.
The extended RCODE and flags, which OPT stores in the RR Time to Live (TTL) field, contains ExtRCode, Version
type RDataSOA ¶
type RDataSOA struct {
// The <domain-name> of the name server that was the original or
// primary source of data for this zone.
MName string
// A <domain-name> which specifies the mailbox of the person
// responsible for this zone.
RName string
// The unsigned 32 bit version number of the original copy of the
// zone. Zone transfers preserve this value. This value wraps and
// should be compared using sequence space arithmetic.
Serial uint32
// A 32 bit time interval before the zone should be refreshed.
Refresh int32
// A 32 bit time interval that should elapse before a failed refresh
// should be retried.
Retry int32
// A 32 bit time value that specifies the upper limit on the time
// interval that can elapse before the zone is no longer
// authoritative.
Expire int32
// The unsigned 32 bit minimum TTL field that should be exported with
// any RR from this zone.
Minimum uint32
}
RDataSOA marks the Start Of a zone of Authority RDATA format in resource record.
All times are in units of seconds.
Most of these fields are pertinent only for name server maintenance operations. However, MINIMUM is used in all query operations that retrieve RRs from a zone. Whenever a RR is sent in a response to a query, the TTL field is set to the maximum of the TTL field from the RR and the MINIMUM field in the appropriate SOA. Thus MINIMUM is a lower bound on the TTL field for all RRs in a zone. Note that this use of MINIMUM should occur when the RRs are copied into the response and not when the zone is loaded from a zone file or via a zone transfer. The reason for this provison is to allow future dynamic update facilities to change the SOA RR with known semantics.
type RDataSRV ¶
type RDataSRV struct {
// The symbolic name of the desired service, as defined in Assigned
// Numbers [STD 2] or locally. An underscore (_) is prepended to
// the service identifier to avoid collisions with DNS labels that
// occur in nature.
//
// Some widely used services, notably POP, don't have a single
// universal name. If Assigned Numbers names the service
// indicated, that name is the only name which is legal for SRV
// lookups. The Service is case insensitive.
Service string
// The symbolic name of the desired protocol, with an underscore
// (_) prepended to prevent collisions with DNS labels that occur
// in nature. _TCP and _UDP are at present the most useful values
// for this field, though any name defined by Assigned Numbers or
// locally may be used (as for Service). The Proto is case
// insensitive.
Proto string
// The domain this RR refers to. The SRV RR is unique in that the
// name one searches for is not this name; the example near the end
// shows this clearly.
Name string
// The priority of this target host. A client MUST attempt to
// contact the target host with the lowest-numbered priority it can
// reach; target hosts with the same priority SHOULD be tried in an
// order defined by the weight field. The range is 0-65535. This
// is a 16 bit unsigned integer in network byte order.
Priority uint16
// A server selection mechanism. The weight field specifies a
// relative weight for entries with the same priority. Larger
// weights SHOULD be given a proportionately higher probability of
// being selected. The range of this number is 0-65535. This is a
// 16 bit unsigned integer in network byte order. Domain
// administrators SHOULD use Weight 0 when there isn't any server
// selection to do, to make the RR easier to read for humans (less
// noisy). In the presence of records containing weights greater
// than 0, records with weight 0 should have a very small chance of
// being selected.
//
// In the absence of a protocol whose specification calls for the
// use of other weighting information, a client arranges the SRV
// RRs of the same Priority in the order in which target hosts,
// specified by the SRV RRs, will be contacted. The following
// algorithm SHOULD be used to order the SRV RRs of the same
// priority:
//
// To select a target to be contacted next, arrange all SRV RRs
// (that have not been ordered yet) in any order, except that all
// those with weight 0 are placed at the beginning of the list.
//
// Compute the sum of the weights of those RRs, and with each RR
// associate the running sum in the selected order. Then choose a
// uniform random number between 0 and the sum computed
// (inclusive), and select the RR whose running sum value is the
// first in the selected order which is greater than or equal to
// the random number selected. The target host specified in the
// selected SRV RR is the next one to be contacted by the client.
// Remove this SRV RR from the set of the unordered SRV RRs and
// apply the described algorithm to the unordered SRV RRs to select
// the next target host. Continue the ordering process until there
// are no unordered SRV RRs. This process is repeated for each
// Priority.
Weight uint16
// The port on this target host of this service. The range is 0-
// 65535. This is a 16 bit unsigned integer in network byte order.
// This is often as specified in Assigned Numbers but need not be.
Port uint16
// The domain name of the target host. There MUST be one or more
// address records for this name, the name MUST NOT be an alias (in
// the sense of RFC 1034 or RFC 2181). Implementors are urged, but
// not required, to return the address record(s) in the Additional
// Data section. Unless and until permitted by future standards
// action, name compression is not to be used for this field.
//
// A Target of "." means that the service is decidedly not
// available at this domain.
Target string
}
RDataSRV define a resource record for type SRV.
type RDataWKS ¶
RDataWKS The WKS record is used to describe the well known services supported by a particular protocol on a particular internet address. The PROTOCOL field specifies an IP protocol number, and the bit map has one bit per port of the specified protocol. The first bit corresponds to port 0, the second to port 1, etc. If the bit map does not include a bit for a protocol of interest, that bit is assumed zero. The appropriate values and mnemonics for ports and protocols are specified in [RFC-1010].
For example, if PROTOCOL=TCP (6), the 26th bit corresponds to TCP port 25 (SMTP). If this bit is set, a SMTP server should be listening on TCP port 25; if zero, SMTP service is not supported on the specified address.
The purpose of WKS RRs is to provide availability information for servers for TCP and UDP. If a server supports both TCP and UDP, or has multiple Internet addresses, then multiple WKS RRs are used.
type ResourceRecord ¶
type ResourceRecord struct {
// A domain name to which this resource record pertains.
Name string
// Two octets containing one of the RR type codes. This field
// specifies the meaning of the data in the RDATA field.
Type uint16
// Two octets which specify the class of the data in the RDATA field.
Class uint16
// A 32 bit unsigned integer that specifies the time interval (in
// seconds) that the resource record may be cached before it should be
// discarded. Zero values are interpreted to mean that the RR can
// only be used for the transaction in progress, and should not be
// cached.
TTL uint32
// Value hold the generic value for all record types.
Value interface{}
// contains filtered or unexported fields
}
ResourceRecord The answer, authority, and additional sections all share the same format: a variable number of resource records, where the number of records is specified in the corresponding count field in the header. Each resource record has the following format:
func (*ResourceRecord) String ¶
func (rr *ResourceRecord) String() string
String return the text representation of ResourceRecord for human.
type ResponseCode ¶
type ResponseCode byte
ResponseCode define response code in message header.
const ( RCodeOK ResponseCode = iota // No error condition // Format error - The name server was unable to interpret the query. RCodeErrFormat // Server failure - The name server was unable to process this query // due to a problem with the name server. RCodeErrServer // Name Error - Meaningful only for responses from an authoritative // name server, this code signifies that the domain name referenced in // the query does not exist. RCodeErrName // Not Implemented - The name server does not support the requested // kind of query. RCodeNotImplemented // Refused - The name server refuses to perform the specified // operation for policy reasons. For example, a name server may not // wish to provide the information to the particular requester, or a // name server may not wish to perform a particular operation (e.g., // zone transfer) for particular data. RCodeRefused )
List of response codes.
type SectionHeader ¶
type SectionHeader struct {
//
// A 16 bit identifier assigned by the program that generates
// any kind of query. This identifier is copied the corresponding
// reply and can be used by the requester to match up replies to
// outstanding queries.
//
ID uint16
//
// A one bit field that specifies whether this message is a query (0),
// or a response (1).
//
IsQuery bool
//
// A four bit field that specifies kind of query in this message.
// This value is set by the originator of a query and copied into the
// response.
//
Op OpCode
//
// Authoritative Answer - this bit is valid in responses, and
// specifies that the responding name server is an authority for the
// domain name in question section. Note that the contents of the
// answer section may have multiple owner names because of aliases.
// The AA bit corresponds to the name which matches the query name, or
// the first owner name in the answer section.
//
IsAA bool
//
// TrunCation - specifies that this message was truncated due to
// length greater than that permitted on the transmission channel.
//
IsTC bool
//
// Recursion Desired - this bit may be set in a query and is copied
// into the response. If RD is set, it directs the name server to
// pursue the query recursively. Recursive query support is optional.
//
IsRD bool
//
// Recursion Available - this bit is set or cleared in a response, and
// denotes whether recursive query support is available in the name
// server.
//
IsRA bool
//
// Response code - this 4 bit field is set as part of responses.
//
RCode ResponseCode
// An unsigned 16 bit integer specifying the number of entries in the
// question section.
QDCount uint16
// An unsigned 16 bit integer specifying the number of resource
// records in the answer section.
ANCount uint16
// An unsigned 16 bit integer specifying the number of name server
// resource records in the authority records section.
NSCount uint16
// An unsigned 16 bit integer specifying the number of resource
// records in the additional records section.
ARCount uint16
}
SectionHeader The header section is always present. The header includes fields that specify which of the remaining sections are present, and also specify whether the message is a query or a response, a standard query or some other opcode, etc. [1]
[1] RFC 1035 P-25 - 4.1. Format
func (*SectionHeader) Reset ¶
func (hdr *SectionHeader) Reset()
Reset the header to default (query) values.
type SectionQuestion ¶
type SectionQuestion struct {
// A domain name represented as a sequence of labels, where each label
// consists of a length octet followed by that number of octets. The
// domain name terminates with the zero length octet for the null
// label of the root. Note that this field may be an odd number of
// octets; no padding is used.
Name string
// A two octet code which specifies the type of the query. The values
// for this field include all codes valid for a TYPE field, together
// with some more general codes which can match more than one type of
// RR.
Type uint16
// A two octet code that specifies the class of the query. For
// example, the QCLASS field is IN for the Internet.
Class uint16
}
SectionQuestion The question section is used to carry the "question" in most queries, i.e., the parameters that define what is being asked. The section contains QDCOUNT (usually 1) entries, each of the following format:
func (*SectionQuestion) Reset ¶
func (question *SectionQuestion) Reset()
Reset the message question field to it's default values for query.
func (*SectionQuestion) String ¶
func (question *SectionQuestion) String() string
String will return the string representation of section question structure.
type Server ¶
Server defines DNS server.
Services ¶
The server will listening for DNS over TLS only if certificates file is exist and valid.
Caches ¶
There are two type of answer: local and non-local. Local answer is a DNS record that is loaded from hosts or zone file. Non-local answer is a DNS record that is received from parent name servers.
Server caches the DNS answers in two storages: map and list. The map caches store local and non local answers, using domain name as a key and list of answers as value,
domain-name -> [{A,IN,...},{AAAA,IN,...}]
The list caches store non-local answers, ordered by last accessed time, it is used to prune least frequently accessed answers. Local caches will never get pruned.
Debugging ¶
If debug.Value is set to value greater than 1, server will print each processed request, forward, and response. The debug information prefixed with single character to differentiate single action,
> : incoming request from client
< : the answer is sent to client
! : no answer found on cache and the query is not recursive, or
response contains error code
^ : request is forwarded to parent name server
* : request is dropped from queue
~ : answer exist on cache but its expired
- : answer is pruned from caches
+ : new answer is added to caches
# : the expired answer is renewed and updated on caches
Following the prefix is connection type, parent name server address, message ID, and question.
Example ¶
package main
import (
"fmt"
"log"
"time"
"github.com/shuLhan/share/lib/dns"
)
func clientLookup(nameserver string) {
cl, err := dns.NewUDPClient(nameserver)
if err != nil {
log.Println(err)
return
}
msg, err := cl.Lookup(false, dns.QueryTypeA, dns.QueryClassIN,
"kilabit.info")
if err != nil {
log.Println(err)
return
}
fmt.Printf("Receiving DNS message: %s\n", msg)
for x, answer := range msg.Answer {
fmt.Printf("Answer %d: %s\n", x, answer.Value)
}
for x, auth := range msg.Authority {
fmt.Printf("Authority %d: %s\n", x, auth.Value)
}
for x, add := range msg.Additional {
fmt.Printf("Additional %d: %s\n", x, add.Value)
}
}
func main() {
serverAddress := "127.0.0.1:5300"
serverOptions := &dns.ServerOptions{
ListenAddress: "127.0.0.1:5300",
HTTPPort: 8443,
TLSCertFile: "testdata/domain.crt",
TLSPrivateKey: "testdata/domain.key",
TLSAllowInsecure: true,
}
server, err := dns.NewServer(serverOptions)
if err != nil {
log.Fatal(err)
}
// Load records to be served from zone file.
zoneFile, err := dns.ParseZoneFile("testdata/kilabit.info", "", 0)
if err != nil {
log.Fatal(err)
}
server.PopulateCaches(zoneFile.Messages(), zoneFile.Path)
go func() {
err = server.ListenAndServe()
if err != nil {
log.Fatal(err)
}
}()
// Wait for all listeners running.
time.Sleep(500 * time.Millisecond)
clientLookup(serverAddress)
server.Stop()
}
Output:
func NewServer ¶ added in v0.6.0
func NewServer(opts *ServerOptions) (srv *Server, err error)
NewServer create and initialize server using the options and a .handler.
func (*Server) CachesLRU ¶ added in v0.23.0
CachesLRU return list of non-local caches ordered by the least recently used.
func (*Server) ListenAndServe ¶
ListenAndServe start listening and serve queries from clients.
func (*Server) PopulateCaches ¶ added in v0.16.0
PopulateCaches add list of message to caches.
func (*Server) PopulateCachesByRR ¶ added in v0.19.0
func (srv *Server) PopulateCachesByRR(listRR []*ResourceRecord, from string) ( err error, )
PopulateCachesByRR update or insert new ResourceRecord into caches.
func (*Server) RemoveCachesByNames ¶ added in v0.18.0
RemoveCachesByNames remove the caches by domain names.
func (*Server) RemoveCachesByRR ¶ added in v0.19.0
func (srv *Server) RemoveCachesByRR(rr *ResourceRecord) error
RemoveCachesByRR remove the answer from caches by ResourceRecord name, type, class, and value.
func (*Server) RemoveLocalCachesByNames ¶ added in v0.19.0
RemoveLocalCachesByNames remove local caches by domain names.
func (*Server) RestartForwarders ¶ added in v0.8.0
RestartForwarders stop and start new forwarders with new nameserver address and protocol. Empty nameservers means server will run without forwarding request.
func (*Server) SearchCaches ¶ added in v0.19.0
SearchCaches search caches by query (domain) name that match with the regular expresion.
type ServerOptions ¶
type ServerOptions struct {
// ListenAddress ip address and port number to serve query.
// This field is optional, default to "0.0.0.0:53".
ListenAddress string `ini:"dns:server:listen"`
// HTTPIdleTimeout number of seconds before considering the client of
// HTTP connection to be closed.
// This field is optional, default to 120 seconds.
HTTPIdleTimeout time.Duration `ini:"dns:server:http.idle_timeout"`
// HTTPPort port for listening DNS over HTTP (DoH), default to 0.
// If its zero, the server will not serve DNS over HTTP.
HTTPPort uint16 `ini:"dns:server:http.port"`
// TLSPort port for listening DNS over TLS, default to 0.
// If its zero, the server will not serve DNS over TLS.
TLSPort uint16 `ini:"dns:server:tls.port"`
//
// NameServers contains list of parent name servers.
//
// Answer that does not exist on local will be forwarded to parent
// name servers. If this field is empty, any query that does not have
// an answer in local caches, will be returned with response code
// RCodeErrName (3).
//
// The name server use the URI format,
//
// nameserver = [ scheme "://" ] ( ip-address / domain-name ) [:port]
// scheme = ( "udp" / "tcp" / "https" )
// ip-address = ( ip4 / ip6 )
// domain-name = ; fully qualified domain name
//
// If no scheme is given, it will default to "udp".
// The domain-name MUST only used if scheme is "https".
//
// Example,
//
// udp://35.240.172.103
// tcp://35.240.172.103:5353
// https://35.240.172.103:853 (DNS over TLS)
// https://kilabit.info/dns-query (DNS over HTTPS)
//
NameServers []string `ini:"dns:server:parent"`
//
// FallbackNS contains list of parent name servers that will be
// queried if the primary NameServers return an error.
//
// This field use the same format as NameServers.
//
FallbackNS []string
// TLSCertFile contains path to certificate for serving DNS over TLS
// and HTTPS.
// This field is optional, if its empty, server will listening on
// unsecure HTTP connection only.
TLSCertFile string `ini:"dns:server:tls.certificate"`
// TLSPrivateKey contains path to certificate private key file.
TLSPrivateKey string `ini:"dns:server:tls.private_key"`
// TLSAllowInsecure option to allow to serve DoH with self-signed
// certificate.
// This field is optional.
TLSAllowInsecure bool `ini:"dns:server:tls.allow_insecure"`
// DoHBehindProxy allow serving DNS over insecure HTTP, even if
// certificate file is defined.
// This option allow serving DNS request forwarded by another proxy
// server.
DoHBehindProxy bool `ini:"dns:server:doh.behind_proxy"`
// PruneDelay define a delay where caches will be pruned.
// This field is optional, minimum value is 1 minute, and default
// value is 1 hour.
// For example, if its set to 1 hour, every 1 hour the caches will be
// inspected to remove answers that has not been accessed more than or
// equal to PruneThreshold.
PruneDelay time.Duration `ini:"dns:server:cache.prune_delay"`
// PruneThreshold define negative duration where answers will be
// pruned from caches.
// This field is optional, minimum value is -1 minute, and default
// value is -1 hour,
// For example, if its set to -1 minute, any answers that has not been
// accessed in the last 1 minute will be removed from cache.
PruneThreshold time.Duration `ini:"dns:server:cache.prune_threshold"`
// contains filtered or unexported fields
}
ServerOptions describes options for running a DNS server.
type TCPClient ¶
type TCPClient struct {
// contains filtered or unexported fields
}
TCPClient for DNS with TCP connection and list of remote addresses.
func NewTCPClient ¶
NewTCPClient will create new DNS client with TCP network connection.
The nameserver contains the IP address, not host name, of parent DNS server. Default port is 53, if not set.
func (*TCPClient) Lookup ¶
func (cl *TCPClient) Lookup( allowRecursion bool, qtype, qclass uint16, qname string, ) ( *Message, error, )
Lookup will query one of the name server with specific type, class, and name in synchronous mode.
Name could be a host name for standard query or IP address for inverse query.
This function is safe to be used concurrently.
Example ¶
package main
import (
"fmt"
"log"
"github.com/shuLhan/share/lib/dns"
)
func main() {
cl, err := dns.NewTCPClient("127.0.0.1:53")
if err != nil {
log.Println(err)
return
}
msg, err := cl.Lookup(false, dns.QueryTypeA, dns.QueryClassIN,
"kilabit.info")
if err != nil {
log.Println(err)
return
}
fmt.Printf("Receiving DNS message: %s\n", msg)
for x, answer := range msg.Answer {
fmt.Printf("Answer %d: %s\n", x, answer.Value)
}
for x, auth := range msg.Authority {
fmt.Printf("Authority %d: %s\n", x, auth.Value)
}
for x, add := range msg.Additional {
fmt.Printf("Additional %d: %s\n", x, add.Value)
}
}
Output:
func (*TCPClient) RemoteAddr ¶
RemoteAddr return client remote nameserver address.
func (*TCPClient) SetRemoteAddr ¶
SetRemoteAddr set the remote address for sending the packet.
func (*TCPClient) SetTimeout ¶
SetTimeout for sending and receiving packet.
type UDPClient ¶
UDPClient for DNS with UDP connection.
Any implementation that need to query DNS message in multiple Go routines should create one client per routine.
Example ¶
The following example show how to use send and Recv to query domain name address.
package main
import (
"fmt"
"log"
"github.com/shuLhan/share/lib/dns"
)
func main() {
cl, err := dns.NewUDPClient("127.0.0.1:53")
if err != nil {
log.Println(err)
return
}
req := &dns.Message{
Header: dns.SectionHeader{},
Question: dns.SectionQuestion{
Name: "kilabit.info",
Type: dns.QueryTypeA,
Class: dns.QueryClassIN,
},
}
_, err = req.Pack()
if err != nil {
log.Fatal(err)
return
}
res, err := cl.Query(req)
if err != nil {
log.Fatal(err)
return
}
fmt.Printf("Receiving DNS message: %s\n", res)
for x, answer := range res.Answer {
fmt.Printf("Answer %d: %s\n", x, answer.Value)
}
for x, auth := range res.Authority {
fmt.Printf("Authority %d: %s\n", x, auth.Value)
}
for x, add := range res.Additional {
fmt.Printf("Additional %d: %s\n", x, add.Value)
}
}
Output:
func NewUDPClient ¶
NewUDPClient will create new DNS client with UDP network connection.
The nameserver contains the IP address, not host name, of parent DNS server. Default port is 53, if not set.
func (*UDPClient) Lookup ¶
func (cl *UDPClient) Lookup( allowRecursion bool, qtype, qclass uint16, qname string, ) ( *Message, error, )
Lookup will query one of the name server with specific type, class, and name in synchronous mode.
Name could be a host name for standard query or IP address for inverse query.
This function is safe to be used concurrently.
Example ¶
package main
import (
"fmt"
"log"
"github.com/shuLhan/share/lib/dns"
)
func main() {
cl, err := dns.NewUDPClient("127.0.0.1:53")
if err != nil {
log.Println(err)
return
}
msg, err := cl.Lookup(false, dns.QueryTypeA, dns.QueryClassIN,
"kilabit.info")
if err != nil {
log.Println(err)
return
}
fmt.Printf("Receiving DNS message: %s\n", msg)
for x, answer := range msg.Answer {
fmt.Printf("Answer %d: %s\n", x, answer.Value)
}
for x, auth := range msg.Authority {
fmt.Printf("Authority %d: %s\n", x, auth.Value)
}
for x, add := range msg.Additional {
fmt.Printf("Additional %d: %s\n", x, add.Value)
}
}
Output:
func (*UDPClient) Query ¶
Query send DNS query to name server "ns" and return the unpacked response.
func (*UDPClient) RemoteAddr ¶
RemoteAddr return client remote nameserver address.
func (*UDPClient) SetRemoteAddr ¶
SetRemoteAddr set the remote address for sending the packet.
func (*UDPClient) SetTimeout ¶
SetTimeout for sending and receiving packet.
type UDPClientPool ¶
UDPClientPool contains a pool of UDP client connections.
Any implementation that access UDPClient in multiple Go routines should create one client per Go routine; instead of using a single UDP client. The reason for this is because UDP packet is asynchronous.
WARNING: using pooling is only works if client only call Lookup or Query. If implementation call Send() n client connection, make sure, it also call Recv on the same routine before putting the client back to pool.
func NewUDPClientPool ¶
func NewUDPClientPool(nameServers []string) (ucp *UDPClientPool, err error)
NewUDPClientPool create pool for UDP connection using list of name servers. If no name servers is defined it will return nil.
func (*UDPClientPool) Put ¶
func (ucp *UDPClientPool) Put(cl interface{})
Put the UDP client into pool.
WARNING: any client connection that call Send(), MUST call Recv() before putting client back to pool. You have been warned.
type ZoneFile ¶ added in v0.19.0
type ZoneFile struct {
Path string `json:"-"`
Name string
SOA ResourceRecord
Records zoneRecords
// contains filtered or unexported fields
}
ZoneFile represent content of single zone file. A zone file contains at least one SOA record.
func NewZoneFile ¶ added in v0.19.0
NewZoneFile create and initialize new zone file.
func ParseZoneFile ¶ added in v0.19.0
ParseZoneFile parse zone file and return it as list of Message. The file name will be assumed as origin if parameter origin or $ORIGIN is not set.
func (*ZoneFile) Add ¶ added in v0.19.0
func (zone *ZoneFile) Add(rr *ResourceRecord) (err error)
Add add new ResourceRecord to ZoneFile.
func (*ZoneFile) Remove ¶ added in v0.19.0
func (zone *ZoneFile) Remove(rr *ResourceRecord) (err error)
Remove a ResourceRecord from zone file.
Source Files
¶
- answer.go
- answers.go
- caches.go
- client.go
- dns.go
- dohclient.go
- dotclient.go
- funcs.go
- hosts_file.go
- idpool.go
- message.go
- rdatahinfo.go
- rdataminfo.go
- rdatamx.go
- rdataopt.go
- rdatasoa.go
- rdatasrv.go
- rdatawks.go
- request.go
- resourcerecord.go
- sectionheader.go
- sectionquestion.go
- server.go
- serveroptions.go
- tcpclient.go
- udpclient.go
- udpclientpool.go
- zone_file.go
- zone_parser.go
- zone_records.go