Not long ago, I found out that ICANN fairly recently approved
the domain name '.internal' as an official domain name to be used internally
by any network. https://www.theregister.com/2024/08/08/dot_internal_ratified/
This actually gave me the idea of using that TLD (top level domain) in my
wireguard VPN (virtual private network) used to link my various remote servers
together. I already have a list of the VPN's static IP for each of the remote
server and what was missing was running a dns server that would link the
'.internal' names to the corresponding IPs in the VPN.
Right away, busybox dnsd came to mind.
According to busybox documentation, dnsd can be used for that purpose by
using the '-s' argument which actually makes it not respond if a query
does not result in a positive response from the server. This is actually
quite perfect as it would enable the use of this nameserver as the primary dns
server on my systems and whenever a query does not match it would naturally
cascade to the next nameserver for the other queries.
So I tried it, I made a dnsd config file containing all the correct entries,
added the nameserver to /etc/resolv.conf.head and ran the dnsd service.
It actually did exactly what it was supposed to do. However, every single
query would have an incredible amount of delay in them. This delay seems
to be in the order of magnitude of 10 seconds and it seems to apply to
everything. This actually makes it impossible to use on any system.
The alternative would be to use a much bulkier dns server like unbound and
maybe even ISC bind. But to be honest, I'd so much rather
use an easy to use static dns server that only use a simple list for this
purpose, exactly like what busybox dnsd provides.
This is why I started to make tests with the dnsd code to see if
there could be a way to make it faster. I actually thought of returning a
server failure return code rather than not returning anything, which seems
to have speeded up the process radically. At this point, I could actually
use busybox dnsd for my exact purpose and I was wondering if this method
would be sound enough to be useful for anyone else wanting something similar.
I attached a first draft of the patch in this email.
diff --git a/networking/dnsd.c b/networking/dnsd.c
index a11d83f49..5d8145537 100644
--- a/networking/dnsd.c
+++ b/networking/dnsd.c
@@ -40,6 +40,10 @@
//usage: "\n to use /etc/resolv.conf with two nameserver lines:"
//usage: "\n nameserver DNSD_SERVER"
//usage: "\n nameserver NORMAL_DNS_SERVER"
+//usage: "\n Note that this can add high delays. See -g"
+//usage: "\n -g Send a server failure error when a name was not"
+//usage: "\n found in the config file so the same effect as"
+//usage: "\n '-s' can happen without any delay."
#include "libbb.h"
#include <syslog.h>
@@ -87,6 +91,7 @@ struct dns_entry {
#define OPT_verbose (option_mask32 & 1)
#define OPT_silent (option_mask32 & 2)
+#define OPT_errOnNotFound (option_mask32 & (1 << 7))
/*
@@ -460,6 +465,11 @@ static int process_packet(struct dns_entry *conf_data,
* RCODE = 3 "Name Error" */
err_msg = "name is not found";
outr_flags = htons(0x8000 | 0x0400 | 3);
+
+ if (OPT_errOnNotFound) {
+ /* Return code 2 (server failure) so the client can cascade to the next nameserver */
+ outr_flags = htons(0x8000 | 0x0400 | 2);
+ }
goto empty_packet;
}
@@ -519,7 +529,7 @@ int dnsd_main(int argc UNUSED_PARAM, char **argv)
/* Ensure buf is 32bit aligned (we need 16bit, but 32bit can't hurt) */
uint8_t buf[MAX_PACK_LEN + 1] ALIGN4;
- opts = getopt32(argv, "vsi:c:t:p:d", &listen_interface, &fileconf, &sttl, &sport);
+ opts = getopt32(argv, "vsi:c:t:p:dg", &listen_interface, &fileconf, &sttl, &sport);
//if (opts & (1 << 0)) // -v
//if (opts & (1 << 1)) // -s
//if (opts & (1 << 2)) // -i
@@ -533,6 +543,7 @@ int dnsd_main(int argc UNUSED_PARAM, char **argv)
openlog(applet_name, LOG_PID, LOG_DAEMON);
logmode = LOGMODE_SYSLOG;
}
+ // if (opts & (1 << 7)) // -g
conf_data = parse_conf_file(fileconf);
_______________________________________________
busybox mailing list
busybox@busybox.net
https://lists.busybox.net/mailman/listinfo/busybox
