domain 0.12.0

A DNS library for Rust.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194

; Based on: https://github.com/NLnetLabs/unbound/blob/49e425810275917e7fd09a24bae3b97d83b55c13/testdata/edns_keepalive.rpl

;------------ Server configuration --------------------------------------------

server:
    edns-tcp-keepalive: yes
    ; specify the timeout that the client should honour, in milliseconds
    edns-tcp-keepalive-timeout: 30000

    ; Define an in-memory zone to be served by the server.
    local-data: "test.  3600  IN  SOA  ns.test. hostmaster.test. 1 3600 900 86400 3600"
    local-data: "test.            TXT  test"
CONFIG_END

;------------ Test definition ------------------------------------------------

SCENARIO_BEGIN Test RFC 7828 DNS TCP keep-alive support.

;--- Mock replies

; None

;--- Test steps

; https://datatracker.ietf.org/doc/html/rfc7828#section-3.2.1
;   "Clients MUST specify an OPTION-LENGTH of 0 and omit the TIMEOUT
;    value."
STEP 10 QUERY
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY RD
SECTION QUESTION
    test. IN TXT
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 02  ; Length 2 - this should be zero
    00 ff  ; Timeout - these bytes should not be present
HEX_EDNSDATA_END
ENTRY_END
; ... get a FORMERR answer.
STEP 11 CHECK_ANSWER
ENTRY_BEGIN
MATCH TCP
REPLY RD FORMERR
SECTION QUESTION
    test. IN TXT
ENTRY_END

; https://datatracker.ietf.org/doc/html/rfc7828#section-3.3.1
;   "A DNS server that receives a query using UDP transport that includes the
;    edns-tcp-keepalive option MUST ignore the option."
STEP 20 QUERY
ENTRY_BEGIN
MATCH UDP ednsdata
REPLY RD
SECTION QUESTION
    test. IN TXT
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 00  ; Length 0
HEX_EDNSDATA_END
ENTRY_END
; ... get a FORMERR answer.
STEP 21 CHECK_ANSWER
ENTRY_BEGIN
MATCH UDP
REPLY QR RD RA NOERROR
SECTION QUESTION
    test. IN TXT
SECTION ANSWER
    test. IN TXT "test"
ENTRY_END

; https://datatracker.ietf.org/doc/html/rfc7828#section-3.2.1
;   "DNS clients MAY include the edns-tcp-keepalive option in the first query
;    sent to a server using TCP transport to signal their desire to keep the
;    connection open when idle.
;    ...
;    Clients MUST specify an OPTION-LENGTH of 0 and omit the TIMEOUT value."
STEP 30 QUERY
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY RD
SECTION QUESTION
    test. IN TXT
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 00  ; Length 0
HEX_EDNSDATA_END
ENTRY_END
; ... get a NOERROR answer with the servers timeout for this TCP session.
STEP 31 CHECK_ANSWER
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY QR RD RA NOERROR
SECTION QUESTION
    test. IN TXT
SECTION ANSWER
    test. IN TXT "test"
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 02  ; Length 2
    01 2c  ; 300, to be interpreted as 300 * 100ms = 30000ms as configured.
HEX_EDNSDATA_END
ENTRY_END

; https://datatracker.ietf.org/doc/html/rfc7828#section-1
; 1. Introduction
;   ...
;   "If a server is to perform adequately with a significant query load received
;    over TCP, it must manage its available resources to ensure that all
;    established TCP sessions are well-used, and idle connections are closed
;    after an appropriate amount of time."
; And:
; https://datatracker.ietf.org/doc/html/rfc7828#section-3.2.2
;   "A DNS client that receives a response using TCP transport that includes the
;    edns-tcp-keepalive option MAY keep the existing TCP session open when it is
;    idle.  It SHOULD honour the timeout received in that response (overriding
;    any previous timeout) and initiate close of the connection before the
;    timeout expires."
; And:
; https://datatracker.ietf.org/doc/html/rfc7828#section-3.4
;   "DNS clients and servers MAY close a TCP session at any time in order to
;    manage local resource constraints."
; And:
; https://datatracker.ietf.org/doc/html/rfc7828#section-5
;   "When a DNS server detects abusive behaviour, it SHOULD immediately close
;    the TCP connection and free the resources used."
;
; In our case the edns-tcp-keepalive-timeout value is passed to
; net::server::stream via the connection::Config::idle_timeout setting, and
; the server will close the connection after that much idle time has elapsed.
; So just before the timeout the connection should still be open, and just
; after it the connection should have been closed.
 
STEP 40 TIME_PASSES ELAPSE 29 ; (25 seconds < 30000 milliseconds)

STEP 50 QUERY
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY RD
SECTION QUESTION
    test. IN TXT
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 00  ; Length 0
HEX_EDNSDATA_END
ENTRY_END
; ... get a NOERROR answer with the servers timeout for this TCP session.
STEP 51 CHECK_ANSWER
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY QR RD RA NOERROR
SECTION QUESTION
    test. IN TXT
SECTION ANSWER
    test. IN TXT "test"
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 02  ; Length 2
    01 2c  ; 300, to be interpreted as 300 * 100ms = 30000ms as configured.
HEX_EDNSDATA_END
ENTRY_END

STEP 60 TIME_PASSES ELAPSE 31 ; (31 seconds > 30000 milliseconds)

STEP 70 QUERY
ENTRY_BEGIN
MATCH TCP ednsdata
REPLY RD
SECTION QUESTION
    test. IN TXT
SECTION ADDITIONAL
HEX_EDNSDATA_BEGIN
    00 0b  ; Opcode 11
    00 00  ; Length 0
HEX_EDNSDATA_END
ENTRY_END
; ... get a connection closed error.
STEP 71 CHECK_ANSWER
ENTRY_BEGIN
MATCH TCP CONNECTION_CLOSED
REPLY RD FORMERR
SECTION QUESTION
    test. IN TXT
ENTRY_END

SCENARIO_END