DNS protocol message example

Question

hello there, I am trying to figure out how to send out DNS messages from an application socket adapter to a DNSBL. I spent the last two days understanding the basics, including experimenting with WireShark to catch an example of message exchanged. Now I would like to query the DNS without using dig or host command (I'm using Ubuntu); how can I perform this action at low level, without the help of these tools in wrapping the request in a proper DNS message format? How the message should be post it? Hex or String?

Thanks in advance for any help. Regards

Alessandro Ilardo

Comment added

I am investigating on JDev and Oracle SOA. The platform provides a Socket Adapter which simply apply a transformation (XSLT) and send the message straight to the socket. How the payload parameters (ex. the host I'm looking up) are wrapped within the message is left to the developer. So basically I have an idea on how the all DNS message is structured, but rather than put everything on JDev stright away I'd like to make some tests on my own just to make sure I got a valid message format.

So, I am not using any specific language (I don't even understand why they moved my question from serverfault) and I don't want to use any tools which would hide part of the message, such as the header. I know they work well btw. I guess this stuff has something to do with packet injection. Someone suggested me to use telnet, but I've only used for SMTP or HTTP, I haven't got a clue on how it works for DNS request. Does it make more sense now?

Answer 1

Ewww... instead of constructing the DNS protocol by hand, you really should be using some sort of library provided by your programming environment to do the lookup.

Don't construct protocol by hand without a Really Good Reason. Seriously. Don't Do That.

Answer 2

The protocol is very fully described in lots of RFCs starting with RFC 1035, but really, don't re-invent the wheel. Looking at other people's implementations "over the wire" is a sure way to get it wrong.

If using 'C', check out ldns. For Perl the default solution is Net::DNS, available from CPAN. Similar libraries exist for other languages.

Answer 3

I cannot really understand what you are looking for. As mentioned by Alnitak and MikeyB, the programming language you use (Jdev, which I do not know), probably provides a library to send DNS requests (most programming languages do). If you want to send regular DNS requests, use it. I completely agree with Alnitak and MikeyB here.

However, if you want to craft special DNS packets, and are afraid (and rightly so) to do everything by hand, may be you can use tools like Scapy?

Here is an example of use of Scapy to create a DNS request:

# scapy
>>> p = IP(dst="203.0.113.162")/UDP(sport=RandShort(),dport=53)/\
...      DNS(rd=1,qd=DNSQR(qname="www.slashdot.org", qtype="AAAA"))
>>> sr1(p)
Begin emission:
.Finished to send 1 packets.
Received 2 packets, got 1 answers, remaining 0 packets
<IP  version=4L ihl=5L tos=0x0 len=62 id=0 flags=DF frag=0L ttl=63 proto=udp chksum=0xb1bb src=203.0.113.162 dst=203.0.113.69 options='' |<UDP  sport=domain dport=50474 len=42 chksum=0x1c97 |<DNS  id=0 qr=1L opcode=QUERY aa=0L tc=0L rd=1L ra=1L z=0L rcode=ok qdcount=1 ancount=0 nscount=0 arcount=0 qd=<DNSQR  qname='www.slashdot.org.' qtype=AAAA qclass=IN |> an=None ns=None ar=None |>>>