[DNSOP] tdns teachable from scratch authoritative server 'official launch'
bert hubert <bert.hubert@powerdns.com> Fri, 20 April 2018 13:01 UTC
Return-Path: <bert@hubertnet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99A4912D77A for <dnsop@ietfa.amsl.com>; Fri, 20 Apr 2018 06:01:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.651
X-Spam-Level:
X-Spam-Status: No, score=-1.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qwTlPt9FpmxS for <dnsop@ietfa.amsl.com>; Fri, 20 Apr 2018 06:01:22 -0700 (PDT)
Received: from xs.powerdns.com (xs.powerdns.com [82.94.213.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CB7D127601 for <dnsop@ietf.org>; Fri, 20 Apr 2018 06:01:22 -0700 (PDT)
Received: from server.ds9a.nl (unknown [86.82.68.237]) by xs.powerdns.com (Postfix) with ESMTPS id C443B9FB55 for <dnsop@ietf.org>; Fri, 20 Apr 2018 13:01:19 +0000 (UTC)
Received: by server.ds9a.nl (Postfix, from userid 1000) id 787A8AC5462; Fri, 20 Apr 2018 15:01:19 +0200 (CEST)
Date: Fri, 20 Apr 2018 15:01:19 +0200
From: bert hubert <bert.hubert@powerdns.com>
To: dnsop@ietf.org
Message-ID: <20180420130119.GD3577@server.ds9a.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/P7FCD6FdnWZUTKoIMnuvMQPJZ9I>
Subject: [DNSOP] tdns teachable from scratch authoritative server 'official launch'
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2018 13:01:24 -0000
Hi everyone, I'm happy to announce that RIPE Labs allowed me some prime space on their site to announce 'tdns'. I posted about this before, but your help is really welcome right now. https://labs.ripe.net/Members/bert_hubert/introducing-tdns-the-teachable-authoritative-dns-server has the contents with clickable links. [side note, also read Geoff Huston's excellent "Stuffing the Camel into the Bikeshed": https://blog.apnic.net/2018/04/10/opinion-stuffing-the-camel-into-the-bikeshed/ ] "tdns is part of the 'hello-dns' effort to provide a good entry point into DNS. This project was started with my 'DNS Camel' presentation at the IETF 101 in London in which I showed that DNS standards have now grown to 2,500 pages, and that we can no longer expect new entrants to the field to read all that. After 30 years, DNS deserves a fresh explanation and hello-dns is an attempt to do just that. Even though the 'hello-dns' documentation describes how basic DNS works, and how an authoritative server should function, nothing quite says how to do things like actual running code. tdns is small enough to read in one sitting and shows how DNS packets are parsed and generated. tdns is currently written in C++ 2014, and is MIT licensed. Reimplementations in other languages are highly welcome, as these may be more accessible to programmers not fluent in C++." Of specific note are these paragraphs: "That sounds like hubris In a sense, this is by design. tdns attempts to do everything not only correctly but also in a best practice fashion. It wants to be an excellent nameserver that is fully compliant to all relevant standards and DNS operational lore. I hope that the DNS community will rally to this cause and pore over the tdns source code to spot everything that could potentially be wrong or could be done better. In other words, where tdns is currently not right, we hope that with sufficient attention it soon will be. Bikeshed away!" I kindly request your best bikeshedding efforts. What is not yet best practice? What learnings have I missed? For example, there is debate how malformed a packet must be before it is best not to answer it. QR=1 is clear, but what about other forms of breakage? Not answering opens seconds of room for Kaminsky spoofing etc. To dive in, here is Doxygen annotated source: https://powerdns.org/hello-dns/tdns/codedocs/html/ Or the long form description: https://powerdns.org/hello-dns/tdns/README.md.html Or GitHub: https://github.com/ahuPowerDNS/hello-dns Thanks! Bert