REST API for recursive queries
tale
d.lawrence at salesforce.com
Tue May 4 14:26:31 UTC 2021
On Tue, May 4, 2021 at 8:42 AM Roee Mayerowicz <roee at cyberpion.com> wrote:
> Do you know of a way to ask multiple DNS queries in a recursive bind server at the same packet\request?
> Using DoH might work? How? Is there a plugin which does that?
The short answer is no, but it might not be answering the question
you're really trying to ask.
In strict terms of what would constitute "the same request", though,
no. While you could conceive of
a legally-formed DNS packet that had multiple questions in the
Question section, a server has no way
to acceptably indicate the proper response for all questions. In some
cases, it might be obvious --
say, asking for the address of a.example.com and b.example.com, and
them both having addresses --
but things quickly get out of hand when you look at the problems of
indicating the many other ways
that DNS can answer, like NXDOMAIN, NODATA, or delegation.
With various forms of DNS TCP connections -- vanilla DNS, DNS over TLS
(DoT), DNS over
HTTPS (DoH) -- you can put multiple DNS request messages over the same
connection. But that's
not quite the same as "at the same packet\request". It also can
depend on the end points; you
might want to shove 1000 requests down a TCP connection, but server
policy might limit the
number it will actually process before terminating the link.
And plugins are specific to a particular software package. Plugin to
what? BIND and other major
DNS resolvers and authoritative servers support TCP technologies
natively. The clients that talk
to them are numerous, with varying degrees of support for both TCP
initiation and multi-request
streaming.
--
tale
More information about the bind-users
mailing list