[MaraDNS list] Fwd: MaraDNS doesn't respond to queries from the bind addr subnet

Sam Trenholme maradns at gmail.com
Fri Jun 14 14:13:57 EDT 2013


> Yesterday I ran captures both on our DNS node (it indeed sends the reply)
> and on the other side of our edge router (no reply is seen).  Our colo
> provider says they aren't doing any deep packet inspection around this...

I want to know how this gets resolved--so I can add this information
to the MaraDNS FAQ (which is horribly outdated and needs a serious
revamp).  There is a small chance it’s a case of “MaraDNS makes a
weird DNS packet which this route doesn’t like”. One way to normalize
against that is to have another computer whose packets go through the
same route use a different DNS server to send out the 192.168.50.141
DNS reply.

For example, here’s a DNS server I wrote a few years ago:

$ cat > nanodns.c
/*Placed in the public domain by Sam Trenholme*/
#include <arpa/inet.h>
#include <string.h>
#include <stdint.h>
#define Z struct sockaddr
#define Y sizeof(d)
int main(int a,char **b){uint32_t i;char q[512]
,p[17]="\xc0\f\0\x01\0\x01\0\0\0\0\0\x04";if(a>
1){struct sockaddr_in d;socklen_t f=511;bzero(&
d,Y);a=socket(AF_INET,SOCK_DGRAM,0);*((uint32_t
*)(p+12))=inet_addr(b[1]);d.sin_family=AF_INET;
d.sin_port=htons(53);bind(a,(Z*)&d,Y);for(;;){i
=recvfrom(a,q,255,0,(Z*)&d,&f);if(i>9&&q[2]>=0)
{q[2]|=128;q[11]?q[3]|=4:1;q[7]++;memcpy(q+i,p,
16);sendto(a,q,i+16,0,(Z*)&d,Y);}}}return 0;}
// Hit control-D to end this file here
$ gcc -g -O nanodns nanodns.c
$ su
Password:
# ./nanodns 192.168.50.141

At this point, the machine is running a tiny little DNS server which
will reply to all DNS queries with the IP 192.168.50.141.

I have a more readable version of that DNS server here:

http://samiam.org/software/microdns.html

- Sam


More information about the list mailing list