Re: [DNSOP] DNS-in-JSON draft
Philip Homburg <pch-dnsop-1@u-1.phicoh.com> Tue, 06 September 2016 07:37 UTC
Return-Path: <pch-bF054DD66@u-1.phicoh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B828212B104 for <dnsop@ietfa.amsl.com>; Tue, 6 Sep 2016 00:37:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.575
X-Spam-Level:
X-Spam-Status: No, score=0.575 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URI_OBFU_WWW=2.475] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQRs8bhfcJy9 for <dnsop@ietfa.amsl.com>; Tue, 6 Sep 2016 00:37:16 -0700 (PDT)
Received: from stereo.hq.phicoh.net (stereo6-he.hq.phicoh.net [IPv6:2001:470:d16a:10:2a0:c9ff:fe9f:17a9]) by ietfa.amsl.com (Postfix) with ESMTP id AA46F12B144 for <dnsop@ietf.org>; Tue, 6 Sep 2016 00:37:15 -0700 (PDT)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (Smail #91) id m1bhAwV-0000CjC; Tue, 6 Sep 2016 09:37:15 +0200
Message-Id: <m1bhAwV-0000CjC@stereo.hq.phicoh.net>
To: dnsop@ietf.org
From: Philip Homburg <pch-dnsop-1@u-1.phicoh.com>
Sender: pch-bF054DD66@u-1.phicoh.com
References: <DB336274-A631-471E-8277-D6690A87C834@vpnc.org> <20160905154737.5a1c67e5@pallas.home.time-travellers.org>
In-reply-to: Your message of "Mon, 5 Sep 2016 15:47:37 +0800 ." <20160905154737.5a1c67e5@pallas.home.time-travellers.org>
Date: Tue, 06 Sep 2016 09:37:15 +0200
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/PDtwy5XT_JrykcMC1LDSpD3AI8w>
Subject: Re: [DNSOP] DNS-in-JSON draft
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 07:37:18 -0000
In your letter dated Mon, 5 Sep 2016 15:47:37 +0800 you wrote:
>Finally, I note that the RIPE Atlas system uses a type of DNS JSON
>representation when you use their API to query for DNS measurement
>results. You can get a sample here:
>
>https://atlas.ripe.net/api/v2/measurements/5009360/results?start=3D14728608=
>00&stop=3D1472947199&format=3Dtxt
>
>The RIPE Atlas results match your proposal pretty well - you can see
>it in the "results" object there - although they use "abuf" instead of
>"messageOctets!".
What you are referring is sort of the unofficial Atlas format. This what Atlas probes
provide. The real format is the 'abuf decoder' in Sagan.
Here's an example of the output of the abuf decoder, when converted to JSON (by
itself the abuf decoder results in python objects):
{"HEADER": {"AA": true, "QR": true, "AD": false, "NSCOUNT": 1, "QDCOUNT": 1, "ANCOUNT": 0, "TC": false, "RD": false, "ARCOUNT": 1, "CD": false, "ReturnCode": "NXDOMAIN", "OpCode": "QUERY", "RA": false, "Z": 0, "ID": 36316}, "AuthoritySection": [{"Retry": 900, "Name": ".", "NegativeTtl": 86400, "Refresh": 1800, "MasterServerName": "www.yeti-dns.org.", "Expire": 604800, "MaintainerName": "hostmaster.yeti-dns.org.", "TTL": 86400, "Serial": 2016050801, "Type": "SOA", "Class": "IN", "RDlength": 51}], "QuestionSection": [{"Qclass": "IN", "Qtype": "SOA", "Qname": "yetiroot."}], "EDNS0": {"ExtendedReturnCode": 0, "Option": [{"OptionCode": 3, "OptionName": "NSID", "NSID": "dahu1.yeti.eu.org", "OptionLength": 17}], "UDPsize": 4096, "Version": 0, "Z": 0, "Type": "OPT", "Name": "."}}
Two obvious differences are the use of 'true' and 'false' for boolean bit fields and
the use of names ("Class": "IN") instead of a number of a name.
I'd like to point out the DNSSEC tends to use base64. So we also use that, for example:
{"AuthoritySection": [{"Target": "sec3.apnic.net.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 13, "Name": "ripe.net."}, {"Target": "pri.authdns.ripe.net.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 14, "Name": "ripe.net."}, {"Target": "tinnie.arin.net.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 14, "Name": "ripe.net."}, {"Target": "sns-pb.isc.org.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 16, "Name": "ripe.net."}, {"Target": "sec1.apnic.net.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 7, "Name": "ripe.net."}, {"Target": "ns3.nic.fr.", "TTL": 2941, "Type": "NS", "Class": "IN", "RDlength": 12, "Name": "ripe.net."}, {"KeyTag": 11587, "Name": "ripe.net.", "Algorithm": 5, "SignerName": "ripe.net.", "Labels": 2, "Signature": "C4WMH46cBWT/hhWvVrStIdXrqHA2fwfphGkx9+6wbss+mHg8mbfKvaFfcg43/MZh/PwdyAQkRN8I+v/OZ1JA3Gt3KvDc00PebtQZBYlXxssZVNtcx45DG5a3M/RGzhqjM5hfuigLmghIEhuvMhtrhmC4WS/7B3KrYOenFQUJmxk=", "Class": "IN", "TTL": 2941, "O
riginalTTL": 3600, "SignatureInception": 1403074827, "SignatureExpiration": 1405670427, "Type": "RRSIG", "TypeCovered": "NS", "RDlength": 156}], "QuestionSection": [{"Qclass": "IN", "Qtype": "A", "Qname": "www.ripe.net."}], "AdditionalSection": [{"Name": "pri.authdns.ripe.net.", "TTL": 1688, "Address": "193.0.9.5", "Type": "A", "Class": "IN", "RDlength": 4}, {"Name": "pri.authdns.ripe.net.", "TTL": 1688, "Address": "2001:67c:e0:0:0:0:0:5", "Type": "AAAA", "Class": "IN", "RDlength": 16}], "HEADER": {"AA": false, "QR": true, "AD": true, "NSCOUNT": 7, "QDCOUNT": 1, "ANCOUNT": 2, "TC": false, "RD": true, "ARCOUNT": 5, "CD": false, "ReturnCode": "NOERROR", "OpCode": "QUERY", "RA": true, "Z": 0, "ID": 22575}, "ERROR": [["_do_rr", 576, "offset out of range: buf size = 576"], ["additional", 574, "_do_rr failed, additional record 2"]], "AnswerSection": [{"Name": "www.ripe.net.", "TTL": 20941, "Address": "193.0.6.139", "Type": "A", "Class": "IN", "RDlength": 4}, {"KeyTag": 11587, "Name": "www
.ripe.net.", "Algorithm": 5, "SignerName": "ripe.net.", "Labels": 3, "Signature": "I7lQZF9ia3X83KTY01/orh3qRqAS0BYeozB7SZ/juSk0RfeTngWoIIkLzvbBV11ORrmr93FkH5xPrPtT9Wf4c0QAqZRN+RyyP8K5JaMI4TGT9cc2mAS5Gf8elg2c/fI2LvIMjVXKpkxMcEh/bSrbpBiS8tjR8z2p60CWOir0sE0=", "Class": "IN", "TTL": 20941, "OriginalTTL": 21600, "SignatureInception": 1403074827, "SignatureExpiration": 1405670427, "Type": "RRSIG", "TypeCovered": "A", "RDlength": 156}]}
Another thing worth pointing out is that getdns has its own set of field names for
representing DNS. So it may be worth aligning this document as much as possible
with getdns.
- [DNSOP] DNS-in-JSON draft Paul Hoffman
- Re: [DNSOP] DNS-in-JSON draft Robert Edmonds
- Re: [DNSOP] DNS-in-JSON draft Shane Kerr
- Re: [DNSOP] DNS-in-JSON draft Jerry Lundström
- Re: [DNSOP] DNS-in-JSON draft Ray Bellis
- Re: [DNSOP] DNS-in-JSON draft Tony Finch
- Re: [DNSOP] DNS-in-JSON draft John Levine
- Re: [DNSOP] DNS-in-JSON draft Paul Hoffman
- Re: [DNSOP] DNS-in-JSON draft Paul Hoffman
- Re: [DNSOP] DNS-in-JSON draft Paul Hoffman
- [DNSOP] Self-describing RTYPE in the DNS, draft-l… Shane Kerr
- Re: [DNSOP] DNS-in-JSON draft Shane Kerr
- Re: [DNSOP] DNS-in-JSON draft Shane Kerr
- Re: [DNSOP] DNS-in-JSON draft Jerry Lundström
- Re: [DNSOP] DNS-in-JSON draft Philip Homburg
- Re: [DNSOP] DNS-in-JSON draft Philip Homburg
- Re: [DNSOP] DNS-in-JSON draft Tony Finch
- Re: [DNSOP] Self-describing RTYPE in the DNS, dra… John R Levine
- Re: [DNSOP] Self-describing RTYPE in the DNS, dra… Tony Finch
- Re: [DNSOP] Self-describing RTYPE in the DNS, dra… John R Levine
- Re: [DNSOP] Self-describing RTYPE in the DNS, dra… Tony Finch
- Re: [DNSOP] DNS-in-JSON draft Paul Hoffman
- Re: [DNSOP] DNS-in-JSON draft Paul Hoffman