DNS protocol message example

Question

I am trying to figure out how to send out DNS messages from an application socket adapter to a DNSBL. I spent the last two days understanding the basics, including experimenting with WireShark to catch an example of message exchanged. Now I would like to query the DNS without using dig or host command (I'm using Ubuntu); how can I perform this action at low level, without the help of these tools in wrapping the request in a proper DNS message format? How the message should be post it? Hex or String?

Thanks in advance for any help. Regards

Alessandro Ilardo

Comment added

I am investigating on JDev and Oracle SOA. The platform provides a Socket Adapter which simply apply a transformation (XSLT) and send the message straight to the socket. How the payload parameters (ex. the host I'm looking up) are wrapped within the message is left to the developer. So basically I have an idea on how the all DNS message is structured, but rather than put everything on JDev stright away I'd like to make some tests on my own just to make sure I got a valid message format.

So, I am not using any specific language (I don't even understand why they moved my question from serverfault) and I don't want to use any tools which would hide part of the message, such as the header. I know they work well btw. I guess this stuff has something to do with packet injection. Someone suggested me to use telnet, but I've only used for SMTP or HTTP, I haven't got a clue on how it works for DNS request. Does it make more sense now?

Answer 1

Ewww... instead of constructing the DNS protocol by hand, you really should be using some sort of library provided by your programming environment to do the lookup.

Don't construct protocol by hand without a Really Good Reason. Seriously. Don't Do That.

---

@Synetech: no, the OP didn't consider using a library. He just wants to not use the command-line tools. As far as a sample library, you don't need to look far. How about the dns library? This isn't exactly a lot of effort.

#!/usr/bin/python3
import dns
import dns.message
import dns.query

from ipaddress import IPv6Address, IPv6Network

query = dns.message.make_query('www.google.ca', dns.rdatatype.ANY)
resp = dns.query.tcp(query, '2001:4860:4860::8888', timeout=5)
aaaa_data = resp.get_rrset(resp.answer, resp.question[0].name,
                           dns.rdataclass.IN, dns.rdatatype.AAAA)

aaaa_addrs = (IPv6Address(x) for x in aaaa_data)
for addr in aaaa_addrs:
    if addr in IPv6Network('2607:F8B0::/32'):
        print("{} is in Google's network".format(addr))
    else:
        print("{} is NOT in Google's network".format(addr))

Answer 2

The protocol is very fully described in lots of RFCs starting with RFC 1035, but really, don't re-invent the wheel. Looking at other people's implementations "over the wire" is a sure way to get it wrong.

If using 'C', check out ldns. For Perl the default solution is Net::DNS, available from CPAN. Similar libraries exist for other languages.