class Dnsruby::Resolver

Description

Dnsruby::Resolver is a DNS stub resolver. This class performs queries with retries across multiple nameservers. The system configured resolvers are used by default.

The retry policy is a combination of the Net::DNS and dnsjava approach, and has the option of :

complete, but in which the total time per query round is split between the number of nameservers
targetted for the first round. and total time for query round is doubled for each query round

Note that, if a total timeout is specified, then that will apply regardless of the retry policy (i.e. it may cut retries short).

Note also that these timeouts are distinct from the SingleResolver's packet_timeout

Timeouts apply to the initial query and response. If DNSSEC validation is to be performed, then additional queries may be required (these are performed automatically by Dnsruby). Each additional query will be performed with its own timeouts. So, even with a query_timeout of 5 seconds, a response which required extensive validation may take several times that long. (Future versions of Dnsruby may expose finer-grained events for client tracking of responses and validation)

Methods

Synchronous

These methods raise an exception or return a response message with rcode==NOERROR

There are "!" versions of these two methods that return an array [response, error]
instead of raising an error on failure.  They can be called as follows:

response, error = resolver.send_message!(...)
response, error = resolver.query!(...)

If the request succeeds, response will contain the Dnsruby::Message response
and error will be nil.

If the request fails, response will be nil and error will contain the error raised.

Asynchronous

These methods use a response queue to return the response and the error

Event Loop

Dnsruby runs a pure Ruby event loop to handle I/O in a single thread. Support for EventMachine has been deprecated.

Constants

AbsoluteMinDnssecUdpSize
DefaultDnssec
DefaultPacketTimeout
DefaultPipeLiningMaxQueries
DefaultPort
DefaultQueryTimeout
DefaultRetryDelay
DefaultRetryTimes
DefaultUDPSize
MinDnssecUdpSize

Attributes

config[R]

The current Config

dnssec[R]

Use DNSSEC for this Resolver

do_caching[R]

Defines whether we will cache responses, or pass every request to the upstream resolver. This is only really useful when querying authoritative servers (as the upstream recursive resolver is likely to cache)

do_validation[RW]

Defines whether validation is performed by default on this Resolver when the query method is called. Note that send_message and send_async expect a Message object to be passed in, which is already configured to the callers requirements.

ignore_truncation[R]

Should truncation be ignored? i.e. the TC bit is ignored and thus the resolver will not requery over TCP if TC is set

no_tcp[R]

If no_tcp==true, then ONLY UDP will be used as a transport. This should not generally be used, but is provided as a debugging aid.

packet_timeout[R]

The timeout for any individual packet. This is the timeout used by SingleResolver

port[R]

The port to send queries to on the resolver

query_timeout[RW]

Note that this timeout represents the total time a query may run for - multiple packets can be sent to multiple nameservers in this time. This is distinct from the SingleResolver per-packet timeout The query_timeout is not required - it will default to 0, which means “do not use query_timeout”. If this is the case then the timeout will be dictated by the retry_times and retry_delay attributes

recurse[R]

Should the Recursion Desired bit be set?

retry_delay[RW]

The query will be tried across nameservers retry_times times, with a delay of retry_delay seconds between each retry. The first time round, retry_delay will be divided by the number of nameservers being targetted, and a new nameserver will be queried with the resultant delay.

retry_times[RW]

The query will be tried across nameservers retry_times times, with a delay of retry_delay seconds between each retry. The first time round, retry_delay will be divided by the number of nameservers being targetted, and a new nameserver will be queried with the resultant delay.

src_address[R]

The source address to send queries from for IPv4

src_address6[R]

The source address to send queries from for IPv6

tcp_pipelining[R]

If tcp_pipelining==true, then we reuse the TCP connection

tcp_pipelining_max_queries[R]

How many times (number of messages) to reuse the pipelining connection before closing, :infinite for infinite number of requests per connection

tsig[R]
udp_size[R]

The maximum UDP size to be used

use_tcp[R]

Should TCP be used as a transport rather than UDP? If use_tcp==true, then ONLY TCP will be used as a transport.

Public Class Methods

check_port(p, src_port=[]) click to toggle source
# File lib/dnsruby/resolver.rb, line 653
def Resolver.check_port(p, src_port=[])
  unless p.is_a?(Integer)
    tmp_src_ports = Array.new(src_port)
    p.each do |x|
      unless Resolver.check_port(x, tmp_src_ports)
        return false
      end
      tmp_src_ports.push(x)
    end
    return true
  end
  if Resolver.port_in_range(p)
    return ! ((p == 0) && (src_port.length > 0))
  else
    Dnsruby.log.error("Illegal port (#{p})")
    Dnsruby.log_and_raise("Illegal port #{p}", ArgumentError)
  end
end
get_ports_from(p) click to toggle source
# File lib/dnsruby/resolver.rb, line 676
def Resolver.get_ports_from(p)
  a = []
  if p.is_a?(Integer)
    a = [p]
  else
    p.each do |x|
      a.push(x)
    end
  end
  a
end
get_tsig(args) click to toggle source
# File lib/dnsruby/resolver.rb, line 735
def Resolver.get_tsig(args)

  tsig = nil

  if args.length == 1
    if args[0]
      if args[0].instance_of?(RR::TSIG)
        tsig = args[0]
      elsif args[0].instance_of?(Array)
        tsig = RR.new_from_hash(create_tsig_options(*args[0]))
      end
    else
      #           Dnsruby.log.debug{'TSIG signing switched off'}
      return nil
    end
  else
    tsig = RR.new_from_hash(create_tsig_options(args))
  end
  Dnsruby.log.info{"TSIG signing now using #{tsig.name}, key=#{tsig.key}"}
  tsig
end
new(*args) click to toggle source

Create a new Resolver object. If no parameters are passed in, then the default system configuration will be used. Otherwise, a Hash may be passed in with the following optional elements :

  • :port

  • :use_tcp

  • :tsig

  • :ignore_truncation

  • :src_address

  • :src_address6

  • :src_port

  • :recurse

  • :udp_size

  • :config_info - see Config

  • :nameserver - can be either a String or an array of Strings

  • :packet_timeout

  • :query_timeout

  • :retry_times

  • :retry_delay

  • :do_caching

  • :tcp_pipelining

  • :tcp_pipelining_max_queries - can be a number or :infinite symbol

# File lib/dnsruby/resolver.rb, line 436
def initialize(*args)
  #  @TODO@ Should we allow :namesver to be an RRSet of NS records? Would then need to randomly order them?
  @resolver_ruby = nil
  @src_address = nil
  @src_address6 = nil
  @single_res_mutex = Mutex.new
  @configured = false
  @do_caching = true
  @config = Config.new()
  reset_attributes

  #  Process args
  if args.length == 1
    if args[0].class == Hash
      args[0].keys.each do |key|
        begin
          if key == :config_info
            @config.set_config_info(args[0][:config_info])
          elsif key == :nameserver
            set_config_nameserver(args[0][:nameserver])
          elsif key == :nameservers
            set_config_nameserver(args[0][:nameservers])
          else
            send(key.to_s + '=', args[0][key])
          end
        rescue Exception => e
          Dnsruby.log.error{"Argument #{key} not valid : #{e}\n"}
        end
      end
    elsif args[0].class == String
      set_config_nameserver(args[0])
    elsif args[0].class == Config
      #  also accepts a Config object from Dnsruby::Resolv
      @config = args[0]
    end
  else
    #  Anything to do?
  end
  update
end
port_in_range(p) click to toggle source
# File lib/dnsruby/resolver.rb, line 672
def Resolver.port_in_range(p)
  (p == 0) || ((p >= 50000) && (p <= 65535))
end

Protected Class Methods

create_tsig_options(name, key, algorithm = nil) click to toggle source
# File lib/dnsruby/resolver.rb, line 722
def Resolver.create_tsig_options(name, key, algorithm = nil)
    options = {
      type:  Types.TSIG,
      klass: Classes.ANY,
      name:  name,
      key:   key
  }
  options[:algorithm] = algorithm if algorithm
  options
end

Public Instance Methods

add_src_port(p) click to toggle source

Can be a single Integer or a Range or an Array If an invalid port is selected (one reserved by IANA), then an ArgumentError will be raised. “0” means “any valid port” - this is only a viable option if it is the only port in the list. An ArgumentError will be raised if “0” is added to an existing set of source ports.

res.add_src_port(60000)
res.add_src_port([60001,60005,60010])
res.add_src_port(60015..60115)
# File lib/dnsruby/resolver.rb, line 639
def add_src_port(p)
  if Resolver.check_port(p, @src_port)
    a = Resolver.get_ports_from(p)
    a.each do |x|
      if (@src_port.length > 0) && (x == 0)
        Dnsruby.log_and_raise("src_port of 0 only allowed as only src_port value (currently #{@src_port.length} values",
            ArgumentError)
      end
      @src_port.push(x)
    end
  end
  update
end
close() click to toggle source

Close the Resolver. Unfinished queries are terminated with OtherResolvError.

# File lib/dnsruby/resolver.rb, line 409
def close
  @resolver_ruby.close if @resolver_ruby
end
dnssec=(d) click to toggle source
# File lib/dnsruby/resolver.rb, line 798
def dnssec=(d)
  @dnssec = d
  if d
    #  Set the UDP size (RFC 4035 section 4.1)
    if @udp_size < MinDnssecUdpSize
      self.udp_size = MinDnssecUdpSize
    end
  end
  update
end
do_caching=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 788
def do_caching=(on)
  @do_caching=on
  update
end
ignore_truncation=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 758
def ignore_truncation=(on)
  @ignore_truncation = on
  update
end
nameserver=(n) click to toggle source
# File lib/dnsruby/resolver.rb, line 586
def nameserver=(n)
  @configured = true
  @single_res_mutex.synchronize { @single_resolvers=[] }
  set_config_nameserver(n)
  add_config_nameservers
end
nameservers=(ns) click to toggle source
# File lib/dnsruby/resolver.rb, line 582
def nameservers=(ns)
  self.nameserver=(ns)
end
no_tcp=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 703
def no_tcp=(on)
  @no_tcp=on
  update
end
packet_timeout=(t) click to toggle source

– @TODO@ Should really auto-generate these methods. Also, any way to tie them up with SingleResolver RDoc? ++

# File lib/dnsruby/resolver.rb, line 598
def packet_timeout=(t)
  @packet_timeout = t
  update
end
persistent_tcp=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 778
def persistent_tcp=(on)
  @persistent_tcp = on
  update
end
persistent_udp=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 783
def persistent_udp=(on)
  @persistent_udp = on
  update
end
port=(a) click to toggle source
# File lib/dnsruby/resolver.rb, line 773
def port=(a)
  @port = a
  update
end
query(name, type=Types.A, klass=Classes.IN, set_cd=@dnssec) click to toggle source

Query for a name. If a valid Message is received, then it is returned to the caller. Otherwise an exception (a Dnsruby::ResolvError or Dnsruby::ResolvTimeout) is raised.

require 'dnsruby'
res = Dnsruby::Resolver.new
response = res.query('example.com') # defaults to Types.A, Classes.IN
response = res.query('example.com', Types.MX)
response = res.query('208.77.188.166') # IPv4 address so PTR query will be made
response = res.query('208.77.188.166', Types.PTR)
# File lib/dnsruby/resolver.rb, line 191
def query(name, type=Types.A, klass=Classes.IN, set_cd=@dnssec)
  msg = Message.new
  msg.do_caching = @do_caching
  msg.header.rd = 1
  msg.add_question(name, type, klass)
  msg.do_validation = @do_validation
  if @dnssec
    msg.header.cd = set_cd # We do our own validation by default
  end
  send_message(msg)
end
query!(name, type=Types.A, klass=Classes.IN, set_cd=@dnssec) click to toggle source

Like query, but does not raise an error when an error occurs. Instead, it returns it. @return a 2 element array: [response, error]

# File lib/dnsruby/resolver.rb, line 206
def query!(name, type=Types.A, klass=Classes.IN, set_cd=@dnssec)
  response = nil; error = nil
  begin
    response = query(name, type, klass, set_cd)
  rescue => e
    error = e
  end
  [response, error]
end
query_raw(message, error_strategy = :return) click to toggle source

Sends a message with send_plain_message. Effectively a wrapper around send_plain_message, but adds the ability to configure whether an error will be raised or returned if it occurs.

@param message the message to send to the DNS server @param error_strategy :return to return [response, error] (default),

:raise to return response only, or raise an error if one occurs
# File lib/dnsruby/resolver.rb, line 281
def query_raw(message, error_strategy = :return)

  unless [:return, :raise].include?(error_strategy)
    raise ArgumentError.new('error_strategy should be one of [:return, :raise].')
  end

  response, error = send_plain_message(message)

  if error_strategy == :return
    [response, error]
  else
    raise error if error
    response
  end
end
recurse=(a) click to toggle source
# File lib/dnsruby/resolver.rb, line 793
def recurse=(a)
  @recurse = a
  update
end
send_async(msg, client_queue, client_query_id = nil) click to toggle source

Asynchronously send a Message to the server. The send can be done using just Dnsruby. Support for EventMachine has been deprecated.

Dnsruby pure Ruby event loop :

A client_queue is supplied by the client, along with an optional client_query_id to identify the response. The client_query_id is generated, if not supplied, and returned to the client. When the response is known, a tuple of (query_id, response_message, exception) will be added to the client_queue.

The query is sent synchronously in the caller's thread. The select thread is then used to listen for and process the response (up to pushing it to the client_queue). The client thread is then used to retrieve the response and deal with it.

Takes :

  • msg - the message to send

  • client_queue - a Queue to push the response to, when it arrives

  • client_query_id - an optional ID to identify the query to the client

  • use_tcp - whether to use only TCP (defaults to SingleResolver.use_tcp)

Returns :

  • client_query_id - to identify the query response to the client. This ID is

generated if it is not passed in by the client

Example invocations :

id = res.send_async(msg, queue)
NOT SUPPORTED : id = res.send_async(msg, queue, use_tcp)
id = res.send_async(msg, queue, id)
id = res.send_async(msg, queue, id, use_tcp)

Example code :

require 'dnsruby'
res = Dnsruby::Resolver.newsend
query_id = 10 # can be any object you like
query_queue = Queue.new
res.send_async(Message.new('example.com', Types.MX),  query_queue, query_id)
query_id_2 = res.send_async(Message.new('example.com', Types.A), query_queue)
# ...do a load of other stuff here...
2.times do
  response_id, response, exception = query_queue.pop
  # You can check the ID to see which query has been answered
  if exception == nil
      # deal with good response
  else
      # deal with problem
  end
end
# File lib/dnsruby/resolver.rb, line 389
def send_async(msg, client_queue, client_query_id = nil)
  unless @configured
    add_config_nameservers
  end
  #       @single_res_mutex.synchronize {
  unless @resolver_ruby # @TODO@ Synchronize this?
    @resolver_ruby = ResolverRuby.new(self)
  end
  #       }
  client_query_id = @resolver_ruby.send_async(msg, client_queue, client_query_id)
  if @single_resolvers.length == 0
    Thread.start {
      sleep(@query_timeout == 0 ? 1 : @query_timeout)
      client_queue.push([client_query_id, nil, ResolvTimeout.new('Query timed out - no nameservers configured')])
    }
  end
  client_query_id
end
send_message(message) click to toggle source

Send a message, and wait for the response. If a valid Message is received, then it is returned to the caller. Otherwise an exception (a Dnsruby::ResolvError or Dnsruby::ResolvTimeout) is raised.

send_async is called internally.

example :

require 'dnsruby'
include Dnsruby
res = Dnsruby::Resolver.new
begin
response = res.send_message(Message.new('example.com', Types.MX))
rescue ResolvError
  # ...
rescue ResolvTimeout
  # ...
end
# File lib/dnsruby/resolver.rb, line 245
def send_message(message)
  Dnsruby.log.debug{'Resolver : sending message'}
  q = Queue.new
  send_async(message, q)

  _id, result, error = q.pop

  if error
    error.response = result if error.is_a?(ResolvError)
    raise error
  else
    result
  end
end
send_message!(message) click to toggle source

Like send_message, but does not raise an error when an error occurs. Instead, it returns it. @return a 2 element array: [response, error]

# File lib/dnsruby/resolver.rb, line 263
def send_message!(message)
  response = nil; error = nil
  begin
    response = send_message(message)
  rescue => e
    error = e
  end
  [response, error]
end
send_plain_message(message) click to toggle source

This method takes a Message (supplied by the client), and sends it to the configured nameservers. No changes are made to the Message before it is sent (TSIG signatures will be applied if configured on the Resolver). Retries are handled as the Resolver is configured to do. Incoming responses to the query are not cached or validated (although TCP fallback will be performed if the TC bit is set and the (Single)Resolver has ignore_truncation set to false). Note that the Message is left untouched - this means that no OPT records are added, even if the UDP transport for the server is specified at more than 512 bytes. If it is desired to use EDNS for this packet, then you should call the Dnsruby::PacketSender#prepare_for_dnssec(msg), or Dnsruby::PacketSender#add_opt_rr(msg) The return value from this method is the [response, error] tuple. Either of these values may be nil - it is up to the client to check.

example :

require 'dnsruby'
include Dnsruby
res = Dnsruby::Resolver.new
response, error = res.send_plain_message(Message.new('example.com', Types.MX))
if error
  print "Error returned : #{error}\n"
else
  process_response(response)
end
# File lib/dnsruby/resolver.rb, line 323
def send_plain_message(message)
  Dnsruby::TheLog.debug('Resolver : send_plain_message')
  message.do_caching = false
  message.do_validation = false
  message.send_raw = true
  q = Queue.new
  send_async(message, q)
  _id, result, error = q.pop
  error.response = result if !error.nil? && error.is_a?(ResolvError)
  [result, error]
end
set_config_nameserver(n) click to toggle source
# File lib/dnsruby/resolver.rb, line 506
def set_config_nameserver(n)
  #  @TODO@ Should we allow NS RRSet here? If so, then .sort_by {rand}
  @config.get_ready unless @configured
  @configured = true

  @config.nameserver = n.kind_of?(String) ? [n] : n
  add_config_nameservers
end
src_address6=(a) click to toggle source
# File lib/dnsruby/resolver.rb, line 768
def src_address6=(a)
  @src_address6 = a
  update
end
src_address=(a) click to toggle source
# File lib/dnsruby/resolver.rb, line 763
def src_address=(a)
  @src_address = a
  update
end
src_port() click to toggle source

The source port to send queries from Returns either a single Integer or an Array e.g. '0', or '[60001, 60002, 60007]'

Defaults to 0 - random port

# File lib/dnsruby/resolver.rb, line 608
def src_port
  @src_port.length == 1 ? @src_port[0] : @src_port
end
src_port=(p) click to toggle source

Can be a single Integer or a Range or an Array If an invalid port is selected (one reserved by IANA), then an ArgumentError will be raised.

res.src_port=0
res.src_port=[60001,60005,60010]
res.src_port=60015..60115
# File lib/dnsruby/resolver.rb, line 620
def src_port=(p)
  if Resolver.check_port(p)
    @src_port = Resolver.get_ports_from(p)
    update
  end
end
tcp_pipelining=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 688
def tcp_pipelining=(on)
  @tcp_pipelining = on
  update
end
tcp_pipelining_max_queries=(max) click to toggle source
# File lib/dnsruby/resolver.rb, line 693
def tcp_pipelining_max_queries=(max)
  @tcp_pipelining_max_queries = max
  update
end
tsig=(t) click to toggle source

Sets the TSIG to sign outgoing messages with. Pass in either a Dnsruby::RR::TSIG, or a key_name and key (or just a key) Pass in nil to stop tsig signing.

  • res.tsig=(tsig_rr)

  • res.tsig=(key_name, key) # defaults to hmac-md5

  • res.tsig=(key_name, key, alg) # e.g. alg = 'hmac-sha1'

  • res.tsig=nil # Stop the resolver from signing

# File lib/dnsruby/resolver.rb, line 715
def tsig=(t)
  @tsig = t
  update
end
udp_size=(s) click to toggle source
# File lib/dnsruby/resolver.rb, line 809
def udp_size=(s)
  @udp_size = s
  update
end
update_internal_res(res) click to toggle source
# File lib/dnsruby/resolver.rb, line 573
def update_internal_res(res)
  [:port, :use_tcp, :no_tcp, :tcp_pipelining, :tcp_pipelining_max_queries, :tsig, :ignore_truncation, :packet_timeout,
    :src_address, :src_address6, :src_port, :recurse,
    :udp_size, :dnssec].each do |param|

    res.send(param.to_s + '=', instance_variable_get('@' + param.to_s))
  end
end
use_tcp=(on) click to toggle source
# File lib/dnsruby/resolver.rb, line 698
def use_tcp=(on)
  @use_tcp = on
  update
end