Re: [dns-operations] QTYPEs 65 and 65479

2020-10-01 Thread Jeroen Massar via dns-operations 
--- Begin Message ---

> On 20201001, at 16:59, Stephane Bortzmeyer  wrote:
> 
> On Wed, Sep 16, 2020 at 10:44:00AM +0100,
> Roy Arends  wrote 
> a message of 128 lines which said:
> 
>> More info:
>> 
>> https://mailarchive.ietf.org/arch/msg/add/MbOOWPVHRHM_wvbKhfHuzUTwimI/ 
>> 
> 
> And a good Cloudflare paper
> 

And for those who want to have those records in DNS as you are keen to bypass 
whatever magic RPZ IP filter might exist somewhere:

https://github.com/massar/misc/tree/master/type65_https

That allows one to generate TYPE65 records so that one can include them in bog 
standard zones today, till the time comes that BIND9/nsd/PowerDNS/knot/etc have 
native types. (which will likely be soon, but before distros have it that might 
take a bit)

Greets,
 Jeroen


PS: As per the README, that uses Perl Net::DNS 1.26+ by Willem 
Toorop/NLNetLabs, thus all credits for the work goes to him. Thanks Willem!


--- End Message ---
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] QTYPEs 65 and 65479

2020-10-01 Thread Stephane Bortzmeyer 
On Wed, Sep 16, 2020 at 10:44:00AM +0100,
 Roy Arends  wrote 
 a message of 128 lines which said:

> More info:
> 
> https://mailarchive.ietf.org/arch/msg/add/MbOOWPVHRHM_wvbKhfHuzUTwimI/ 
> 

And a good Cloudflare paper


___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] QTYPEs 65 and 65479

2020-09-16 Thread Roy Arends 
More info:

https://mailarchive.ietf.org/arch/msg/add/MbOOWPVHRHM_wvbKhfHuzUTwimI/ 


Roy

> On 16 Sep 2020, at 09:04, Greg Choules via dns-operations 
>  wrote:
> 
> 
> From: Greg Choules 
> Subject: QTYPEs 65 and 65479
> Date: 16 September 2020 at 09:04:58 GMT+1
> To: dns-operations@lists.dns-oarc.net
> 
> 
> Hello all.
> Recently, whilst looking for something else, tcpdump on one of our recursive 
> servers showed we are receiving queries with (from its point of view) 
> unrecognised types. Wireshark doesn't have a decode for them yet either. 
> There aren't many, yet. But it's more than just noise.
> A quick reverse lookup on the sources shows them all to be iPhone X or later.
> 
> Can anyone shed some light on what these are and whether we should be doing 
> something about them?
> 
> thanks, Greg
> 
> 
> ___
> dns-operations mailing list
> dns-operations@lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] QTYPEs 65 and 65479

2020-09-16 Thread Vladimír Čunát 
65 is the upcoming "HTTPS" RR, so perhaps testing future browser
features or something.
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml

(The other one is in "private use" range and I don't recognize it off
the top of my head.)

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] QTYPEs 65 and 65479

2020-09-16 Thread Roy Arends 
For qtype 65:

https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/00/?include_text=1 


These types are not special. Resolvers should treat them as “unknown RRs” and 
just resolve them.

Roy

> On 16 Sep 2020, at 09:04, Greg Choules via dns-operations 
>  wrote:
> 
> 
> From: Greg Choules 
> Subject: QTYPEs 65 and 65479
> Date: 16 September 2020 at 09:04:58 GMT+1
> To: dns-operations@lists.dns-oarc.net
> 
> 
> Hello all.
> Recently, whilst looking for something else, tcpdump on one of our recursive 
> servers showed we are receiving queries with (from its point of view) 
> unrecognised types. Wireshark doesn't have a decode for them yet either. 
> There aren't many, yet. But it's more than just noise.
> A quick reverse lookup on the sources shows them all to be iPhone X or later.
> 
> Can anyone shed some light on what these are and whether we should be doing 
> something about them?
> 
> thanks, Greg
> 
> 
> ___
> dns-operations mailing list
> dns-operations@lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] QTYPEs 65 and 65479

2020-09-16 Thread Petr Špaček 
On 16. 09. 20 10:04, Greg Choules via dns-operations wrote:> Recently, whilst 
looking for something else, tcpdump on one of our recursive servers showed we 
are receiving queries with (from its point of view) unrecognised types. 
Wireshark doesn't have a decode for them yet either. There aren't many, yet. 
But it's more than just noise.
> A quick reverse lookup on the sources shows them all to be iPhone X or later.
> 
> Can anyone shed some light on what these are and whether we should be doing 
> something about them?

QTYPE 65 is new HTTPS Binding RR type. 
(https://www.iana.org/go/draft-ietf-dnsop-svcb-https-00)

65479 is in Private use range so it is hard to tell. (See 
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml)

-- 
Petr Špaček  @  CZ.NIC
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations