DNS name compression with BIND9

Mark Andrews Mark_Andrews at isc.org
Fri May 26 01:26:49 UTC 2006 

> Mark Andrews wrote:
> >> pascalpoirier at gmail.com wrote:
> >>
> >>     
> >>> Hi there,
> >>>
> >>> I am working on a testsuite for DNS server. I would like to know if
> >>> there is something to do to remove the name compression used by BIND9.
> >>>
> >>>       
> >> Just stick to using names that have nothing in common with each other, 
> >> so that label compression is not possible. For your (in)convenience 
> >> there are plenty of TLDs from which to choose.
> >>
> >> Seriously, how valid can it be to test anything in DNS with 
> >> label-compression disabled? Label compression is pervasive in day-to-day 
> >> DNS. It would be like trying to do automotive crash-testing with 
> >> vehicles that include no glass, rubber or plastic in their construction. 
> >> Sure you could test like that, but would the results have any value?
> >>
> >>                                                                          
> >>                                                    - Kevin
> >>     
> >
> > 	It's useful if you want to test that the resolver can also
> > 	handle uncompressed responses.  There is atleast one firewall
> > 	that assumes that the first record in the answer section
> > 	to a query will be a compression pointer to octet 12 of the
> > 	reply.
> >
> > 	The is not true with DNAME.
> >
> > 	Being able to disable compression is a easy way to find
> > 	implementation bugs like this.
> >
> > 	See lib/dns/compress.c / lib/dns/include/dns/compress.h for
> > 	the code which handles compression.
> >
> >   
> People are still writing new DNS resolvers from scratch? How many times 
> does that wheel need to be re-invented?
> 
>                                                                          
>    - Kevin

	The semantics associated with the compression routines in
	libresolv are just plain wrong.

	It only allows you to add a name as a compression target
	if you want to potentially compress it.

	If reality you want to add all names within the first 16k
	(if not already existing) regardless of whether you could
	legally compress it at the time you are adding it to the
	message.

	Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list