[Pdns-dev] DNSSEC experiments, DNSSEC interest? Plus: new parser
bert hubert
bert.hubert at netherlabs.nl
Sun Oct 2 22:14:08 CEST 2005
Hi everybody,
Summary: this message tells of DNSSEC developments, and will ask you about your
DNSSEC interest. Furthermore it details some technical details.
We've been looking into DNSSEC again, or DNSSEC-bis as it is called these
days. I've written a small article on how DNSSEC-bis, it is on
http://ds9a.nl/dnssec
It appears DNSSEC support, at least in the authoritative part of PowerDNS,
is more or less doable.
We wonder though if there is any real interest so far. If you use PowerDNS,
or plan to use PowerDNS, and have DNSSEC plans, can you drop me a line? We'd
like to hear about your needs and desires.
Thanks!
Now for the techie bits, if you run from Subversion (see
http://wiki.powerdns.com/projects/trac/wiki/HACKING ) you can test our new
DNSSEC packet parsing abilities:
$ ./sdig 192.36.133.107 53 powerdns.se a
All packet parsing code is dnsrecords.cc. All common record types have been
ported to the new infrastructure, which is lovely.
Here for example is the entire NAPTR implementation - one of the most complex
records:
boilerplate_conv(NAPTR, ns_t_naptr,
conv.xfr16BitInt(d_order);
conv.xfr16BitInt(d_preference);
conv.xfrText(d_flags);
conv.xfrText(d_services);
conv.xfrText(d_regexp);
conv.xfrLabel(d_replacement);
)
This serves for generating packets, parsing packets, generating zone content
(for in the database, or on disk) and parsing zone content. All from these
few lines.
If you want to become the PowerDNS contributor of the month, port the LOC
parsing code to this new infrastructure!
Regards,
bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-dev
mailing list