Re: [Twisted-Python] Current twisted dns client just doesn't work

2020-12-10 Thread Barry Scott 
Answers to but your emails in line.

I've added the twisted list back in so others can comment.

On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> As additional information you can check how operation system works with dns.
> You can run
> 
> *sudo tcpdump -i lo -v port 53*
> as UDP local sniffer.

Agreed great tool to debug this stuff with.
And use wireshark to decode the output.

> And run
> 
> *dig google.com *
> 
> And you will see that it makes A request. Not ANY

That is the dig default to use A. Use this to do a any query.

   dig google.com any

I checked the man page to see if anything extra can be printed but it looks like
the default is to print everything dig knows how to print. The options only
remove output it seems.

> On Wed, Dec 9, 2020 at 11:42 PM spam tam  wrote:
> 
> > Yes. You are correct. My local dns just is not stable. But try this:
> >
> > python3.8 dns_lookup6.py amazon.in
> >
> > It provides response:
> >
> > --- dnsLookupDone ([ > auth=False>], [], [])
> > --- dnsLookupDone RR  > auth=False> type 13 payload 
> >
> > There are not CNAME, A,  or NS records. This means that current
> > twisted.names.common.extractRecord will not provide IP.
> > What do you think about this? May be we should replace dns ANY request
> > with A and ?

Now that is interesting because dig returns 54 lines of output from:

   dig amazon.in any

(I won't paste the 54 lines).

I good question is why did twisted not see that huge set of records?

I'd want to understand why twisted is only seeing the HINFO and not all the 
other
records. Fixing that would, I'm guessing, fix a lot of things.

I'm not sure when I can look at this. Do you want to look at the packets that
twisted sends and receives and compared to dig?

Barry



> >
> > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott 
> > wrote:
> > >
> > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > I continue to investigate the issue. I try to call your script like
> > this:
> > > >
> > > > python dns_lookup6.py www.washingtonexaminer.com
> > > >
> > > > And get response:
> > > > dnsLookupFailed  > > > twisted.names.error.DNSServerError:  > > > maxSize=0 flags=answer,recDes,recAv
> > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > result.value.__dict__ {}
> > > >
> > > > Is that ok?
> > > >
> > > The output I get is this:
> > >
> > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > Took: 0.029293
> > > --- dnsLookupDone ([ > class=IN ttl=37s auth=False>], [], [])
> > > --- dnsLookupDone RR  > class=IN ttl=37s auth=False> type 5 payload  > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > >
> > > And this is the output of dig:
> > >
> > > $ dig www.washingtonexaminer.com
> > >
> > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>> www.washingtonexaminer.com
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > >
> > > ;; OPT PSEUDOSECTION:
> > > ; EDNS: version: 0, flags:; udp: 4000
> > > ;; QUESTION SECTION:
> > > ;www.washingtonexaminer.com.IN  A
> > >
> > > ;; ANSWER SECTION:
> > > www.washingtonexaminer.com. 599 IN  CNAME
> > 4067e1ed38.10005.sucurifirewall.com.
> > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A  192.124.249.5
> > >
> > > ;; Query time: 50 msec
> > > ;; SERVER: 10.5.10.11#53(10.5.10.11)
> > > ;; WHEN: Wed Dec 09 09:13:54 GMT 2020
> > > ;; MSG SIZE  rcvd: 117
> > >
> > > Barry
> > >
> > >
> > >
> >
> 




___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Current twisted dns client just doesn't work

2020-12-10 Thread spam tam 
I would like to find problems with ANY. But I think that there is no
problem.
DNS servers don't provide standard response for ANY request. My local
machine doesn't provide correct response for request:

$ dig amazon.in any

; <<>> DiG 9.16.1-Ubuntu <<>> amazon.in any
;; global options: +cmd
;; connection timed out; no servers could be reached

My VPS server provide such response:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> amazon.in any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54130
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;amazon.in. IN  ANY

;; ANSWER SECTION:
amazon.in.  3599IN  HINFO   "RFC8482" ""

;; Query time: 40 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Dec 10 22:10:39 UTC 2020
;; MSG SIZE  rcvd: 59

It sometimes provides another response. But the problem is that behaviour
with ANY is not stable.
The present and the future of ANY are hazy. Read more here:
https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/

If you don't see the problem please provide your opinion. I would like to
find solution with ANY but it seems it is impossible.

So what do you think?

On Thu, Dec 10, 2020 at 8:30 PM Barry Scott 
wrote:

> Answers to but your emails in line.
>
> I've added the twisted list back in so others can comment.
>
> On Wednesday, 9 December 2020 21:17:51 GMT spam tam wrote:
> > As additional information you can check how operation system works with
> dns.
> > You can run
> >
> > *sudo tcpdump -i lo -v port 53*
> > as UDP local sniffer.
>
> Agreed great tool to debug this stuff with.
> And use wireshark to decode the output.
>
> > And run
> >
> > *dig google.com *
> >
> > And you will see that it makes A request. Not ANY
>
> That is the dig default to use A. Use this to do a any query.
>
>dig google.com any
>
> I checked the man page to see if anything extra can be printed but it
> looks like
> the default is to print everything dig knows how to print. The options only
> remove output it seems.
>
> > On Wed, Dec 9, 2020 at 11:42 PM spam tam  wrote:
> >
> > > Yes. You are correct. My local dns just is not stable. But try this:
> > >
> > > python3.8 dns_lookup6.py amazon.in
> > >
> > > It provides response:
> > >
> > > --- dnsLookupDone ([ > > auth=False>], [], [])
> > > --- dnsLookupDone RR  > > auth=False> type 13 payload 
> > >
> > > There are not CNAME, A,  or NS records. This means that current
> > > twisted.names.common.extractRecord will not provide IP.
> > > What do you think about this? May be we should replace dns ANY request
> > > with A and ?
>
> Now that is interesting because dig returns 54 lines of output from:
>
>dig amazon.in any
>
> (I won't paste the 54 lines).
>
> I good question is why did twisted not see that huge set of records?
>
> I'd want to understand why twisted is only seeing the HINFO and not all
> the other
> records. Fixing that would, I'm guessing, fix a lot of things.
>
> I'm not sure when I can look at this. Do you want to look at the packets
> that
> twisted sends and receives and compared to dig?
>
> Barry
>
>
>
> > >
> > > On Wed, Dec 9, 2020 at 12:16 PM Barry Scott <
> barry.sc...@forcepoint.com>
> > > wrote:
> > > >
> > > > On Tuesday, 8 December 2020 21:01:56 GMT spam tam wrote:
> > > > > I continue to investigate the issue. I try to call your script like
> > > this:
> > > > >
> > > > > python dns_lookup6.py www.washingtonexaminer.com
> > > > >
> > > > > And get response:
> > > > > dnsLookupFailed  > > > > twisted.names.error.DNSServerError:  > > > > maxSize=0 flags=answer,recDes,recAv
> > > > > queries=[Query('www.washingtonexaminer.com', 255, 1)]>>
> > > > > result.value.__dict__ {}
> > > > >
> > > > > Is that ok?
> > > > >
> > > > The output I get is this:
> > > >
> > > > $ python3.8 dns_lookup6.py www.washingtonexaminer.com
> > > > Took: 0.029293
> > > > --- dnsLookupDone ([ > > class=IN ttl=37s auth=False>], [], [])
> > > > --- dnsLookupDone RR  > > class=IN ttl=37s auth=False> type 5 payload  > > 4067e1ed38.10005.sucurifirewall.com ttl=37>
> > > >
> > > > And this is the output of dig:
> > > >
> > > > $ dig www.washingtonexaminer.com
> > > >
> > > > ; <<>> DiG 9.11.24-RedHat-9.11.24-2.fc32 <<>>
> www.washingtonexaminer.com
> > > > ;; global options: +cmd
> > > > ;; Got answer:
> > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61831
> > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > > >
> > > > ;; OPT PSEUDOSECTION:
> > > > ; EDNS: version: 0, flags:; udp: 4000
> > > > ;; QUESTION SECTION:
> > > > ;www.washingtonexaminer.com.IN  A
> > > >
> > > > ;; ANSWER SECTION:
> > > > www.washingtonexaminer.com. 599 IN  CNAME
> > > 4067e1ed38.10005.sucurifirewall.com.
> > > > 4067e1ed38.10005.sucurifirewall.com. 7199 IN A  192.124.249.5
> > > >
> > > > ;; Query time: 50 msec
> > > >