Possibly invalid SRV records generated

Question

Possibly invalid SRV records generated

Closed this issue 10 years ago · 6 comments

I'm no expert on tinydns, but the SRV records generated by bind-to-tinydns are possibly invalid. At least, they don't work with my provider's tinydns, and browsing around the web, it seems that the consensus is that SRV records should look different to how bind-to-tinydns generates them.

Currently bind-to-tinydns generates them looking like this: (a.example.com has an SRV record with priority 5 pointing to b.example.com:10):
:a.example.com:33:\000\005\000\000\000\012\016b.example.com:3600

whereas other SRV record generators for tinydns (e.g. http://anders.com/projects/sysadmin/djbdnsRecordBuilder/#SRV) generate something like this, which seems to work:
:a.example.com:33:\000\005\000\000\000\012\001b\007example\003com\000:3600

Note how the second example has the dots in the destination encoded.

Answer 1 · 2014-07-03T23:24:25.000Z

It's been ten years since I last ran a DNS server and even longer since I wrote this program, so I can guarantee that I'm even less of an expert on tinydns. :-P

I'm unsure of whether the formatting that you described is a requirement of tinydns or of the SRV specification itself -- I'm thoroughly unable to find any RFCs documenting how this is supposed to work. http://tools.ietf.org/html/rfc2782 unhelpfully just describes the BIND zone file format for specifying SRV records.

Looking at the source of the CGI script used by record-builder page you linked to at http://anders.com/projects/sysadmin/djbdnsRecordBuilder/buildRecord.txt, I can see that the beginning of the target hostname and each period in it are replaced by the escaped octal length of the label appearing after it, e.g. "\001" before "b", then "\007" before "example", then "\003" before "com", and finally "\000" in the place of the terminal period.

Is tinydns choking on the SRV records emitted by bind-to-tinydns, or are they just being rejected by programs that are supposed to interpret them? If the former, what's the error message?

Answer 2 · 2014-07-10T22:05:32.000Z

The records emitted by bind-to-tinydns seem to be accepted (as far as I can tell; I don't have access to my provider's DNS), but then I don't get any response looking them up in DNS.

Answer 3 · 2014-07-21T13:18:55.000Z

Sorry for the slow reply. Would you mind testing whether https://shell.erat.org/bind-to-tinydns-srv.patch resolves the problem?

Answer 4 · 2014-07-21T19:11:40.000Z

Looks great! Thank you very much indeed for helping, especially since I realise you're not actively developing this. I'll update the package shipped with EPEL (https://fedoraproject.org/wiki/EPEL) to include this patch.

Answer 5 · 2014-07-22T04:07:36.000Z

Thanks for testing it! I probably won't be able to commit it until next week, as I don't have access to a trusted shell account at the moment and can't find any way to upload a patch to GitHub via the web. :-/

Answer 6 · 2014-07-28T01:27:15.000Z

Committed. Please let me know if you notice any problems.