DNS name compression with BIND9
Kevin Darcy
kcd at daimlerchrysler.com
Fri May 26 01:08:24 UTC 2006
Mark Andrews wrote:
>> pascalpoirier at gmail.com wrote:
>>
>>
>>> Hi there,
>>>
>>> I am working on a testsuite for DNS server. I would like to know if
>>> there is something to do to remove the name compression used by BIND9.
>>>
>>>
>> Just stick to using names that have nothing in common with each other,
>> so that label compression is not possible. For your (in)convenience
>> there are plenty of TLDs from which to choose.
>>
>> Seriously, how valid can it be to test anything in DNS with
>> label-compression disabled? Label compression is pervasive in day-to-day
>> DNS. It would be like trying to do automotive crash-testing with
>> vehicles that include no glass, rubber or plastic in their construction.
>> Sure you could test like that, but would the results have any value?
>>
>>
>> - Kevin
>>
>
> It's useful if you want to test that the resolver can also
> handle uncompressed responses. There is atleast one firewall
> that assumes that the first record in the answer section
> to a query will be a compression pointer to octet 12 of the
> reply.
>
> The is not true with DNAME.
>
> Being able to disable compression is a easy way to find
> implementation bugs like this.
>
> See lib/dns/compress.c / lib/dns/include/dns/compress.h for
> the code which handles compression.
>
>
People are still writing new DNS resolvers from scratch? How many times
does that wheel need to be re-invented?
- Kevin
More information about the bind-users
mailing list