A Complete Submission

A Complete Submission

  1. Parse a zone file, given as a command line argument
  2. Listening to a socket (UDP 53, preferably), waiting for queries
  3. For each query:
    1. parse it, decompress it; if it is not valid, discard
    2. if the name server is not authoritative (checking whether a SOA entry is present for the queried domain name, (SOA vscomp.org implies SOA foo.vscomp.org)), discard
    3. reply to NS, A, MX, PTR, TXT queries with the set of entries from the zone file
    4. reply to SOA with the single SOA entry for that domain
    5. if a CNAME entry is present, also reply with that (for any request matching that domain name)
    6. reply to an ANY query with all available entries of that domain
    7. generate reply frame, compress domain names
    8. send the binary out
  4. Specify and verify the important parts (these are examples, you might come up with more/other properties):
    1. parsing is total, e.g., ensure that domain name pointers are not cyclic
    2. reply to a query is correct
      • compression and decompression have an appropriate relation
      • well-formedness (non-conflicting) zone file
      • a single “start of authority” entry for each domain
      • a single time-to-live for each record
      • well-formed domain names: each part is up to 63 bytes, in total domain names may only be 255 bytes
      • each TXT entry up to 255 bytes
      • non-negative numbers fitting into respective presentation (8, 16, 32 bits)
    3. resource usage (or other non-functional properties)

We do not require participants to implement the complete RFC, especially all these weird unused question types and classes (like CHAOS-NET). Also, the timing constraints in the RFC are a bit outdated—a SOA entry does not always a time-to-live of 0. You can also ignore the constraints imposed by the SOA for all entries of that domain, though this will give extra credit.

Note that a legitimate but incomplete solution may solve only a small subset of the above sub-problems.  This is perfectly acceptable.  E.g., one might verify only the check, parse, lookup, and assemble functions specified above.

Extra points can be achieved by implementing and verifying:

  • Timing constraints of entries imposed by the SOA entry, given in the RFC.

  • Using octal \nnn codes to include arbitrary bytes inside of a text record; for example, \072 is a colon.

  • Using * as a prefix-wildcard of the fqdn: +*.foo.bar produces A records for every domain name ending in .foo.bar. * can be used with any entry type.

2 Comments

Comments RSS
  1. Andrei Paskevich

    RFC 1034 4.2.1 states that the NS records for the roots of sub-zones (i.e. nodes for which we have NS but not SOA) are not authoritative. Since the rules demand us only to give authoritative answers, are we supposed to discard the NS queries for sub-zones?

    • Hannes Mehnert

      Yes, you should discard all queries for which you don’t have authoritative answers.

Leave a Comment