Struct trust_dns_proto::xfer::dns_response::DnsResponse [−][src]
pub struct DnsResponse(_);Expand description
A DNS response object
For Most DNS requests, only one response is expected, the exception is a multicast request.
Implementations
Retrieves the SOA from the response. This will only exist if it was an authoritative response.
Looks in the authority section for an SOA record from the response, and returns the negative_ttl, None if not available.
[RFC 2308](https://tools.ietf.org/html/rfc2308#section-5) DNS NCACHE March 1998
5 - Caching Negative Answers
Like normal answers negative answers have a time to live (TTL). As
there is no record in the answer section to which this TTL can be
applied, the TTL must be carried by another method. This is done by
including the SOA record from the zone in the authority section of
the reply. When the authoritative server creates this record its TTL
is taken from the minimum of the SOA.MINIMUM field and SOA's TTL.
This TTL decrements in a similar manner to a normal cached answer and
upon reaching zero (0) indicates the cached negative answer MUST NOT
be used again.
A negative answer that resulted from a name error (NXDOMAIN) should
be cached such that it can be retrieved and returned in response to
another query for the same <QNAME, QCLASS> that resulted in the
cached negative response.
A negative answer that resulted from a no data error (NODATA) should
be cached such that it can be retrieved and returned in response to
another query for the same <QNAME, QTYPE, QCLASS> that resulted in
the cached negative response.
The NXT record, if it exists in the authority section of a negative
answer received, MUST be stored such that it can be be located and
returned with SOA record in the authority section, as should any SIG
records in the authority section. For NXDOMAIN answers there is no
"necessary" obvious relationship between the NXT records and the
QNAME. The NXT record MUST have the same owner name as the query
name for NODATA responses.
Negative responses without SOA records SHOULD NOT be cached as there
is no way to prevent the negative responses looping forever between a
pair of servers even with a short TTL.
Despite the DNS forming a tree of servers, with various mis-
configurations it is possible to form a loop in the query graph, e.g.
two servers listing each other as forwarders, various lame server
configurations. Without a TTL count down a cache negative response
when received by the next server would have its TTL reset. This
negative indication could then live forever circulating between the
servers involved.
As with caching positive responses it is sensible for a resolver to
limit for how long it will cache a negative response as the protocol
supports caching for up to 68 years. Such a limit should not be
greater than that applied to positive answers and preferably be
tunable. Values of one to three hours have been found to work well
and would make sensible a default. Values exceeding one day have
been found to be problematic.Does the response contain any records matching the query name and type?
Retrieve the type of the negative response. The Various types should be handled when caching or otherwise differently.
See NegativeType
Methods from Deref<Target = Message>
Truncates a Message, this blindly removes all response fields and sets truncated to true
see Header::set_message_type
see Header::set_op_code
see Header::set_authoritative
see Header::set_truncated
see Header::set_recursion_desired
see Header::set_recursion_available
see Header::set_authentic_data
see Header::set_checking_disabled
see Header::set_response_code
Add a query to the Message, either the query response from the server, or the request Query.
pub fn add_queries<Q, I>(&mut self, queries: Q) -> &mut Self where
Q: IntoIterator<Item = Query, IntoIter = I>,
I: Iterator<Item = Query>,
pub fn add_queries<Q, I>(&mut self, queries: Q) -> &mut Self where
Q: IntoIterator<Item = Query, IntoIter = I>,
I: Iterator<Item = Query>,
Adds an iterator over a set of Queries to be added to the message
Add an answer to the Message
pub fn add_answers<R, I>(&mut self, records: R) -> &mut Self where
R: IntoIterator<Item = Record, IntoIter = I>,
I: Iterator<Item = Record>,
pub fn add_answers<R, I>(&mut self, records: R) -> &mut Self where
R: IntoIterator<Item = Record, IntoIter = I>,
I: Iterator<Item = Record>,
Add all the records from the iterator to the answers section of the Message
Sets the answers to the specified set of Records.
Panics
Will panic if answer records are already associated to the message.
Add a name server record to the Message
pub fn add_name_servers<R, I>(&mut self, records: R) -> &mut Self where
R: IntoIterator<Item = Record, IntoIter = I>,
I: Iterator<Item = Record>,
pub fn add_name_servers<R, I>(&mut self, records: R) -> &mut Self where
R: IntoIterator<Item = Record, IntoIter = I>,
I: Iterator<Item = Record>,
Add all the records in the Iterator to the name server section of the message
Sets the name_servers to the specified set of Records.
Panics
Will panic if name_servers records are already associated to the message.
Add an additional Record to the message
Sets the additional to the specified set of Records.
Panics
Will panic if additional records are already associated to the message.
This is supported on crate feature dnssec only.
dnssec only.Add a SIG0 record, i.e. sign this message
This must be used only after all records have been associated. Generally this will be handled by the client and not need to be used directly
This is supported on crate feature dnssec only.
dnssec only.Add a TSIG record, i.e. authenticate this message
This must be used only after all records have been associated. Generally this will be handled by the client and not need to be used directly
see Header::message_type()
see Header::authoritative()
see Header::recursion_desired()
see Header::recursion_available()
see Header::authentic_data()
see Header::checking_disabled()
Return value
The ResponseCode, if this is an EDNS message then this will join the section from the OPT
record to create the EDNS ResponseCode
Provides mutable access to queries
Removes all the answers from the Message
Provides mutable access to answers
Removes all the answers from the Message
Authority Carries RRs which describe other authoritative servers.
May optionally carry the SOA RR for the authoritative
data in the answer section.Provides mutable access to name_servers
Remove the name servers from the Message
Additional Carries RRs which may be helpful in using the RRs in the
other sections.Provides mutable access to additionals
Remove the additional Records from the Message
All sections chained
RFC 6891, EDNS(0) Extensions, April 2013
6.1.1. Basic Elements
An OPT pseudo-RR (sometimes called a meta-RR) MAY be added to the
additional data section of a request.
The OPT RR has RR type 41.
If an OPT record is present in a received request, compliant
responders MUST include an OPT record in their respective responses.
An OPT record does not carry any DNS data. It is used only to
contain control information pertaining to the question-and-answer
sequence of a specific transaction. OPT RRs MUST NOT be cached,
forwarded, or stored in or loaded from Zone Files.
The OPT RR MAY be placed anywhere within the additional data section.
When an OPT RR is included within any DNS message, it MUST be the
only OPT RR in that message. If a query message with more than one
OPT RR is received, a FORMERR (RCODE=1) MUST be returned. The
placement flexibility for the OPT RR does not override the need for
the TSIG or SIG(0) RRs to be the last in the additional section
whenever they are present.Return value
Returns the EDNS record if it was found in the additional section.
Return value
the max payload value as it’s defined in the EDNS section.
Return value
the version as defined in the EDNS record
RFC 2535, Domain Name System Security Extensions, March 1999
A DNS request may be optionally signed by including one or more SIGs
at the end of the query. Such SIGs are identified by having a "type
covered" field of zero. They sign the preceding DNS request message
including DNS header but not including the IP header or any request
SIGs at the end and before the request RR counts have been adjusted
for the inclusions of any request SIG(s).Return value
The sig0 and tsig, i.e. signed record, for verifying the sending and package integrity
RFC 2535, Domain Name System Security Extensions, March 1999
A DNS request may be optionally signed by including one or more SIGs
at the end of the query. Such SIGs are identified by having a "type
covered" field of zero. They sign the preceding DNS request message
including DNS header but not including the IP header or any request
SIGs at the end and before the request RR counts have been adjusted
for the inclusions of any request SIG(s).Return value
The sig0 and tsig, i.e. signed record, for verifying the sending and package integrity
Remove signatures from the Message
pub fn finalize<MF: MessageFinalizer>(
&mut self,
finalizer: &MF,
inception_time: u32
) -> ProtoResult<Option<MessageVerifier>>
pub fn finalize<MF: MessageFinalizer>(
&mut self,
finalizer: &MF,
inception_time: u32
) -> ProtoResult<Option<MessageVerifier>>
Finalize the message prior to sending.
Subsequent to calling this, the Message should not change.
Trait Implementations
Performs the conversion.
Performs the conversion.
Auto Trait Implementations
impl RefUnwindSafe for DnsResponse
impl Send for DnsResponse
impl Sync for DnsResponse
impl Unpin for DnsResponse
impl UnwindSafe for DnsResponse
Blanket Implementations
Mutably borrows from an owned value. Read more
Instruments this type with the provided Span, returning an
Instrumented wrapper. Read more
pub fn vzip(self) -> V
Attaches the provided Subscriber to this type, returning a
WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a
WithDispatch wrapper. Read more