Here are some DNS-OARC development highlights from the past couple of months. These updates are sent out on a bi-monthly basis and the previous updates can be found on our Medium page.
The next alpha version of dnsjit is now available in our pre-release package channels. A lot of work has gone into cleaning up code, pulling code from submodules, finalizing core modules and making it ready for a beta release.
A few of the highlights are:
- New examples!
Check examples/dumpdns-qr.lua for a quick and dirty way to match queries with responses and output QNAME and RCODE.
- New output respdiff!
This output is a result of the collaboration between DNS-OARC and CZ.NIC to use the respdiff tool-chain, from the Knot Resolver benchmarking project, to compare responses between systems. CZ.NIC uses this to compare responses between different resolver software and their own, and drool will use it to compare responses received with those found in the PCAP being replayed.
For more information about this tool-chain see https://gitlab.labs.nic.cz/knot/respdiff.
- Rework threads and new core.channel!
filter.thread has been reworked into core.thread and is now just about threads. core.channel has been added to be a thread-safe way to pass objects between threads.
- Removed a bunch of modules!
Quite a few modules has been removed because their functionality can be done in more efficient ways. For example both filter.coro and filter.lua has been removed because it is a lot (x100!) faster to use the producer interface!
Other modules removed are input.pcapthread and output.cpool which was a major part of drool but the same functionality can now be done in Lua with the help of other modules.
- No more submodules!
The last submodule to be merged into the code base was omg-dns, this is now part of core.object.dns.
With dnsjit’s stabilization for a beta release I’ve also worked on updating the develop branch of drool to use the latest. This branch was already rewritten into Lua using an earlier version of dnsjit and it was compatible with earlier version of drool, using the configure file etc.
As dnsjit was developed to be the solution for the scenarios in drool, e.g. code whatever DNS replay or testing you want in Lua, I took a hard look at the usability of drool and reworked it completely!
The next major version of drool will not have configuration files, it will instead work with commands (think git) for various scenarios:
drool replay --no-tcp dns.pcap 127.0.0.1 53
Before moving drool into beta, more commands need to be added. The next in line is respdiff. This command will replay a PCAP and store the queries, responses received and responses found in the PCAP in an LMDB database that can be used together with the respdiff tool-chain to do various analysis and comparisons of the responses.
For now, please enjoy and play with the alpha version! Here are some installation instructions for various distributions, more packages for other distributions are available in our pre-release channels.
wget -O - https://pkg.dns-oarc.net/dns-oarc.distribution.key.gpg | apt-key add -
echo “deb http://pkg.dns-oarc.net/deb-pr stretch main” | tee /etc/apt/sources.list.d/dns-oarc-pr.list
apt-get install drool
apt-get install drool
zypper addrepo https://download.opensuse.org/repositories/network:dns-oarc:prereleases/openSUSE_Leap_42.3/network:dns-oarc:prereleases.repo
zypper install drool
yum install yum-plugin-copr epel-release
yum copr enable @dnsoarc/drool-pr
yum install drool
dnf install dnf-plugins-core
dnf copr enable @dnsoarc/drool-pr
dnf install drool
drool replay --no-tcp --no-responses --threads dns.pcap 127.0.0.1 53 -vvvvv