Development Update #2111

Here are some DNS-OARC development highlights from the past couple of months. These updates are usually bi-monthly and previous ones are available on our Medium blog.

Spooky releases… boo!

DNS-over-HTTPS support in dnsperf & resperf

With the release of dnsperf v2.7.0 in August, we have added support for DNS-over-HTTPS!

This work was possible by funding from the Mozilla Open Source Support (MOSS) program and the Comcast Innovation Fund. Many thanks for the support!

There’s been two releases since v2.7.0, and the latest is v2.8.0 which:

  • Fixed issues with constructing wire-format DNS when the domain names includes escaped characters such as `\123` or `\.`
  • Fixed response handling for DNS-over-HTTPS when multiple responses are received within the same receive cycle
  • Added a new option to suppress some of the normal and verbose output

To recap, this project was divided into 3 phases and the first phase focused on removing the dependency of BIND’s internal development libraries. These libraries have been distributed along side BIND for many years as libraries for others to use, but recently that has changed and they are now only really for BIND (which is understandable because maintaining libraries like that costs a lot). Some of the functionality that dnsperf depended on has been added to dnsperf, such as parsing query names from datafiles. Other functionality have been covered by using LDNS, like construction of dynamic update queries. This first phase was concluded with the v2.4.0 release of dnsperf in December 2020.

The second phase refactored the network code into modules to make it easier to add the upcoming DNS-over-HTTPS support. It also added re-connection support for TCP and TLS along with new statistics around connections such as re-connections made and connection latency. This phase was concluded with the v2.5.0 release in March 2021.

And the final phase added DNS-over-HTTPS support as already mentioned. I hope this new functionality is useful for you, and if you run into any problems feel free to create an issue on dnsperf’s GitHub.

DSC Grafana Geomap

While I was running the DSC+Grafana crash courses, someone noticed a new panel in Grafana called Geomap.

Grafana Geomap Panel showing Queries per Country
Grafana Geomap Panel showing Queries per Country
Grafana Geomap Panel showing Queries per Country

With some tinkering I managed to use the Client Subnet dataset together with dsc-datatool’s generator for Client Subnet Country, to map what country queries comes from in Grafana. Instructions on how I did this can be found in the Wiki section on dsc-datatool’s GitHub.

This could be extended to generate city or even latitude and longitude from subnets using MaxMind’s databases, but it might have negative impact on InfluxDB because it would generate a lot of unique tag values. If this peaked your interest or if you wanna help develop it then let me know!

Help develop dsc-datatool Prometheus support?

There were also a few attendees that asked about Prometheus support in dsc-datatool during my crash courses and I’m hoping that someone out there could help with adding this? :) If that is you then please head over to this GitHub issue so we can start collaborating!

Check My DNS — IPv6 Client Achievement

There’s been some changes to the IPv6 check and it’s now hopefully a bit clearer that it checks whether or not the resolver you’re using has IPv6 or not. I’ve also changed how it checks that. Before it watched for AAAA queries, but now it only checks if queries goes over IPv6 or not.

https://cmdns.dev.dns-oarc.net/

With that, the client IPv6 part has been moved out of the check into it’s own achievement which is granted if the client has IPv6 support. And the client’s IPv6 support (or lack thereof) no longer affects the scoring for the IPv6 check.

OARC36

Our next upcoming 2-day conference (online) takes places on the 29–30th November and start at 10:00 UTC on both days.

I usually do something around the break, like AMA or show&tell, but I’m a bit short on ideas right now. If you have any ideas on what I could do or any specific requests then please let me know!

Hope to see/hear you there!

Cheers,
Jerry

Domain Name System Operations Analysis and Research Center