Skip to content
/ DNS-oops Public

work on the personal draft for DNS out of protocol signaling

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DNS-Hackathon-2023/DNS-oops

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
bind-notifyd
bind-notifyd
 
 
knot-dbus
knot-dbus
 
 
master-config
master-config
 
 
nsd-zone-verifier
nsd-zone-verifier
 
 
presentation
presentation
 
 
README.md
README.md
 
 

Repository files navigation

DNS-oops

The DNS Out-Of-Protocol Signalling (DNS oops) project had two goals:

  1. To implement server signalling described in dns-oops in nsd, and

  2. To create a proof of concept (PoC) that event signalling can be used in a system of servers using different software.

KnotDNS has implmented dbus events, described here, to provide a mechanism for programs outside of KnotDNS to react to events in the DNS server. This is based on the description on the Internet draft mentioned above, and step 1 of the project was to implement a similar mechanism in nsd.

Step 2 was to utilise this mechanism in a PoC where BGP announcements can be managed automagically based on the status of the DNS server daemon. Just for fun, a system of three virtual DNS servers using different DNS software were deployed as virtual machines in different geographic locations using a cloud service. The signalling mechanism was used to configure the servers to react to zone updates.

In this PoC, the serial number is used to determine which of the three servers to enable. Depending on the serial number, one specific will announce the services prefixes and the others will withdraw the prefixes.

The signalling algorithm overloads the serial number with information other than just the version number of the zone. On the secondary servers, the serial number is first divided by 3. If the remainder is 0, then one server A will engage. If the remainder is 1, then server B will engage, and if the remainder is 2, then server C will engage.

Server A was fitted with a regular unmodified BIND (named) DNS server configured to send DNS NOTIFY messages to a nsnotifyd daemon, which in turn interacted with an exabgp BGP routing daemon. This was merely to highlight that unmodified software can interact with the modified software.

Server B was fitted with a KnotDNS DNS server interacting with a BIRD routing daemon.

Server C was fitted with a doctored nsd DNS server interacting with a BIRD routing daemon.

The various subprojects are described in the respective subdirectories below.

Some Ansible playbooks are available to ease deployment of the PoC.

Live Demonstration Screenshot dns-oops_screenshot

About

work on the personal draft for DNS out of protocol signaling

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages