Today’s tutorial is an opportunity to start or continue working on the DICT client. You will also learn about how DNS works.
In addition to creating TCP connections to existing servers, netcat can also be used as a server. This is useful if you want to test how your DICT client handles unexpected responses from the server. To run netcat as a server, use the command nc -l <port_number>
. (On some machines, you may need to add a -p
flag, nc -l -p <port_number>
.) Once netcat is running as a server, you can connect to it using the hostname localhost (netcat will need to be running on the same machine as your DICT client for this to work properly). You can manually type responses into the terminal window; however, this can get tedious after a while. Instead, place the responses you want your server to send into a text file and then pipe it to the netcat command: nc -l 2628 < server_responses.txt
. You can obtain some sample responses by connecting to a real DICT server (e.g. dict.org) and copying the responses into the server_responses.txt file.
Now it’s your turn. Prepare a text file with some responses you’d expect from the DICT server and start netcat
in server mode. Connect to it with your DICT
client and see if it works! It’s important that the order of responses in your text file should correspond to the order in which commands are sent by the DICT
client. The DICT client will always start by connecting to the server, and then immediately sending a SHOW DB
then a SHOW STRAT
command.
Note: Netcat should come preinstalled on Macs and is available on most Linux distributions via your default package manager. Windows users can install netcat by following these instructions: https://www.configserverfirewall.com/windows-10/netcat-windows/. Windows users will need to use ncat
instead of nc
in the provided commands.
Let's introduce a couple of tools and techniques that you’ll find useful for understanding the DNS protocol. We will use dig to make DNS queries, and Wireshark to investigate the format of DNS Messages.
The DNS protocol is declared in multiple RFCs, including revisions and added features. You can refer to these RFCs throughout the tutorial
Try answering the following questions by looking up the RFCs.
Let's decode the bytes of a DNS message by hand and understand how message compression is implemented in DNS. Message compression is described in RFC 1035 Section 4.1.4.
If you haven’t already done so in tutorial 1, please download Wireshark and open dns.pcap (File -> Open). This file contains a single DNS request and its corresponding response. See if you can answer the following questions about this request:
Dig is a command line program for making DNS queries. You may find it useful when developing your DNS client to ensure that your code produces the correct result. We’ll be using the version of dig that’s installed on the department’s linux servers. You may already have dig installed locally – it’s likely that these exercises will work with any version of dig, but if something isn’t working as expected locally you should try using the department’s linux servers instead.
Some alternatives to dig
are
drill
: drill [@nameserver] name [type]
resolvectl
: resolvectl query [--type type] name
The syntax of a dig query is dig [@nameserver] name [type]
. By default, dig requests the A record (IPv4 address) for the provided host name. You can specify the type of record after the name if you want to retrieve a different kind of record. If you don’t specify a nameserver to serve your DNS query, dig will use the system default (as specified in the /etc/resolv.conf file). Try to answer the following questions using dig:
Walking through the SHOW DB
command:
Section 2.4 of RFC2229 says that a Dict Server’s responses will be made of 2 parts: a status and a textual section. Answer the following questions based on this section of the RFC. Note that the codes given aren’t necessarily real codes that the RFC implements.
Now that responses are somewhat clear, we will go through how the RFC implements the <SHOW DB>
command (Section 3.5.1 of RFC2229).
First, we will look at the General Status Responses. Using netcat
, we can connect to a dict server and try to make some of the responses occur. Which ones could you make happen and which ones couldn’t you?
Along with the general responses, the SHOW DB
command has 2 distinct responses: 1) 110 n databases present - text follows
, 2) 554 No databases present
. Based on the description of the command, we will expect that when we use a correct SHOW DB command that the response will be of the form:
110 n databases present - text follows
database1 description1
database2 description2
database3 description3
Notice how the string is terminated. Now, let's test the command using netcat.
In order to process this response programmatically, we use what we have done in this tutorial section, along with the last tutorial’s socket programming (essentially the programmatic version of netcat)!
Review the list of functions that you’ll be implementing and map them to the relevant command in the RFC2229.
getDefinitions()
getMatchList()
getDatabaseList()
getStrategyList()
getDatabaseInfo()
Once you’ve determined which commands you need to use, test them in netcat to see what the responses look like. Try sending responses that are malformed and seeing what error codes are returned; in the assignment you will have to handle returned errors correctly!
You’ll also probably have to manipulate the responses to produce the data structure(s) expected by the GUI application that uses your DICT client. Take a look at the additional classes we’ve provided for the assignment - you may find them useful for parsing responses...
Some answers for the questions above. Please post on piazza for mistakes or clarification :)
A
record is an ipv4 record.dig github.com
)dig github.com AAAA
)dig github.com MX
)dig github.com A +nssearch
to get the name servers for github.com