[HN Gopher] Implement DNS in a Weekend
___________________________________________________________________
Implement DNS in a Weekend
Author : asicsp
Score : 462 points
Date : 2023-05-12 13:37 UTC (9 hours ago)
HTML web link (implement-dns.wizardzines.com)
TEXT w3m dump (implement-dns.wizardzines.com)
| jonwinstanley wrote:
| Julia's posts are always so informative; DNS being one of those
| topics which I presume so many developers are like myself and
| have "just enough knowledge to be dangerous" :-)
| m3047 wrote:
| Amazingly the DNS operator community doesn't offer a checklist
| for DNS implementations. I asked on dns-operations@.
| ianbutler wrote:
| I love this. DNS is something that, if you're online and visiting
| websites or even sshing into boxes a lot of the time, you're
| using, unless of course you carry around a list of IP addresses
| like the olden times. It is one of the many things that underpin
| the modern web and we take it for granted.
| alexeldeib wrote:
| I missed the "you're using" at first, and was about to ask why
| on earth you keep maintaining host lists :P
|
| Totally agree, and at the same time, it's so painful that
| there's a nice haiku -- It's not DNS
| There's no way it's DNS It was DNS
| BLKNSLVR wrote:
| Man, it hurts how hours of struggle and frustration can be
| summed up in a haiku. Beautiful.
| ShroudedNight wrote:
| > It was DNS
|
| To be fair, sometimes it's BGP.
| stuartd wrote:
| At least the haiku still works, though
| deivid wrote:
| Cool! I'd implemented a very low quality DNS server in rust to
| solve a hackattic challenge
|
| https://github.com/DavidVentura/hackattic/blob/master/src/se...
|
| It'll be interesting to see if the server implementation is
| complete enough to work with this client
| cinntaile wrote:
| I hadn't heard of hackattic [0], but the challenges look great.
| Thanks.
|
| [0] https://hackattic.com/
| Alpi wrote:
| I love all the series about writing your own X in 100 lines of
| code. It gives you the understanding of technology and removes a
| lot of unnecessary details.
|
| The great examples of this are 'A from-scratch tour of Bitcoin in
| Python' https://karpathy.github.io/2021/06/21/blockchain/ and
| 'Let's build GPT: from scratch, in code, spelled out'
| https://youtu.be/kCc8FmEb1nY from Andrej Karpathy
|
| I wonder if anybody tried to collect all such projects together
| and built his own 'Internet in just 100 lines of code'
| bazzert wrote:
| Adding Liz Rice's superb "Containers from scratch" to the list.
| https://www.youtube.com/watch?v=_TsSmSu57Zo
| Paul-Craft wrote:
| I just submitted this as its own post, because I thought it was
| so cool, but here's a complete operating system in 2000 lines
| of code: https://github.com/yhzhang0128/egos-2000
| EliasLittle wrote:
| Egos is really neat, and super approachable. I did some
| documentation work for it last fall, and despite only having
| a weak grasp of operating systems I could easily understand
| the whole thing. I only needed to figure out a few common
| acronyms and magic numbers that weren't explained.
| globular-toast wrote:
| Another one: Write yourself a Git: https://wyag.thb.lt/
|
| I've enjoyed doing stuff like this myself. I wrote an IP stack
| up to being able to ping an IP address. I had learnt all of
| this in university, but doing it myself really cemented the
| knowledge. Using a notebook and doing literate programming is a
| must. I pretend that I'm teaching someone else, even though I
| don't plan on ever sharing it really.
| tyingq wrote:
| Bocker is in this same category...docker clone in bash that's
| helpful in seeing what's really happening underneath with
| nsenter, namespaces, network bridging, cgroups, etc.
|
| https://github.com/p8952/bocker
| ohbarye wrote:
| Maybe not only 100 lines of code though, I think of Code
| Crafters. https://github.com/codecrafters-io/build-your-own-x
| wkdneidbwf wrote:
| i subscribed to codecrafters for a bit. it was ok, but it was
| super annoying to have to use their tooling around git and
| ci. too much hand holding.
| kerkeslager wrote:
| > I love all the series about writing your own X in 100 lines
| of code.
|
| Me too, they're a really good resource.
|
| What are some other ones you've come across?
| peter_retief wrote:
| The series is great, wish I had more time to try out the
| projects!
| quaintdev wrote:
| I have a slightly off topic but related query to new HTTPS RR and
| SVCB record types of DNS. Will these records allow me to host
| sites without a reverse proxy since both records can include port
| info.
| mike_d wrote:
| It is very well intentioned, but unlikely to actually see
| adoption outside of internal network service discovery maybe
| (where mDNS already does a good job).
|
| Everything runs on 443 to avoid firewalls, moving services to
| new ports opens up the whackamole game of trying to find other
| unblocked ports and raises security implications.
|
| Here is a more positive take for background on SVCB:
| https://www.isc.org/docs/2022-webinar-dns-scvb.pdf
| rahimnathwani wrote:
| Tangential, but this made me remember:
|
| - Some time ago on HN I saw a free ad blocking DNS server
| (https://controld.com/free-dns)
|
| - I had wondered what protocol the 'Private DNS' setting on my
| Pixel uses, but never got around to checking.
|
| It turns out that it setting the 'Private DNS provider hostname'
| to x-oisd.freedns.controld.com just works: DNS-over-TLS and ad
| blocking.
| bullen wrote:
| I'll dig up my old comment about how easy DNS is to work with
| using DNS4J: Message query = new Message(data);
| Header header = query.getHeader(); Record question =
| query.getQuestion(); Message response = new
| Message(query.getHeader().getID());
| response.getHeader().setFlag(Flags.QR);
| response.addRecord(question, Section.QUESTION); Name name =
| question.getName(); int type = question.getType();
| int dclass = question.getDClass(); String host =
| name.toString(true).toLowerCase(); ...
| response.addRecord(new ARecord(name, dclass, 300, "someIP"),
| Section.ANSWER); ...
| response.getHeader().setFlag(Flags.AA); return
| response.toWire(512);
| arjvik wrote:
| Can't tell if this is sarcasm or not :)
|
| On one hand, like all Java code, this is really really verbose.
| But on the other, it's not that complicated--every line seems
| like it corresponds to some part of the DNS spec.
| vineyardmike wrote:
| It's verbose but not complicated.
|
| Verboseness doesn't make something uneasy, it means you tell
| your IDE to autocomplete.
| deathanatos wrote:
| Yeah, I'll take a verbose but uncomplicated API any day of
| the week. Straight-forwardly named classes/functions, no
| surprising behavior, one concept == one name, and a good
| reference ... that's how stuff gets done.
|
| ... always better than something that tries to hide things
| from you and does the wrong thing sometimes.
| digitalsanctum wrote:
| I just have to say I love everything Julia produces. Very
| inspiring!
| playingalong wrote:
| To be clear it's a DNS resolver, i.e. the client.
| jvns wrote:
| A DNS resolver is both a client and a server -- for example
| Google's 8.8.8.8 (which this is a toy version of) is a server
| (you can query it with `dig @8.8.8.8 example.com`), but also a
| client of the various authoritative DNS servers that it fetches
| and caches records from.
|
| I implemented this as a command line tool because that's much
| easier to do in a Jupyter notebook environment, but you can
| also pretty easily transform it into a UDP server running on
| localhost and query it with dig in the same way that you would
| with 8.8.8.8. That's one of the bonus exercises at the end
| (Exercise 7).
|
| I might end up bringing "convert it into a server" into the
| main content though because it's pretty easy to do and I think
| it makes the whole thing seem more "real".
| rochak wrote:
| Very important detail
| simonw wrote:
| This is fabulous.
|
| It would be convenient if I didn't have to download the code to
| run it though - if it was in a GitHub repo it could provide links
| to hosted notebook services such as JupyterHub and Colab - then
| lazy people like myself could click those links to try out the
| notebooks in their browsers without downloading, unzipping and
| running Jupyter locally.
| hgsgm wrote:
| Can you copy the code into a hosted Jupyter?
| arthurcolle wrote:
| Not OP but
|
| > then lazy people like myself could click those links to try
| out the notebooks in their browsers without downloading,
| unzipping and running Jupyter locally.
| gregors wrote:
| I really enjoyed this short series on making a dns server in
| python. It's very to the point and watchable. You can get through
| it in an evening or two.
|
| https://www.youtube.com/playlist?list=PLBOh8f9FoHHhvO5e5HF_6...
| spmurrayzzz wrote:
| This is great. Incidentally, writing toy recursive resolvers is
| one of the primary methods I use to help me learn new languages.
| If you take the time to develop an understanding of the domain,
| I've found its an easily repeatable exercise and can be done in a
| couple of hours.
| vrglvrglvrgl wrote:
| [dead]
| mlhpdx wrote:
| Enjoyed. I've been experimenting with parsing network protocols a
| lot lately with an eye to separating the parsing from the "logic"
| (usually combined in one handler). DNS (and DHCP) are the two I
| started with - having the flexibility to easily extend/alter the
| logic is useful from time to time (ala PiHole).
| dang wrote:
| Url changed from https://jvns.ca/blog/2023/05/12/introducing-
| implement-dns-in..., which points to this.
| shidoshi wrote:
| Julia is the best ever.
| javajosh wrote:
| Over time I've learned to stop taking people like Julia Evans for
| granted. Sometimes it feels like the Internet is an endless
| supply of brilliance and generosity and talent. But its not true!
| Not everyone creates, and not everyone who creates shares, and
| not everyone who shares shares freely. I feel overwhelmed by
| gratitude for Julia and (what I estimate to be) the mere ~100
| creators in the world like her.
| Manjuuu wrote:
| Yes. We need more of those little tutorials demystifying things
| we take for granted.
| danabrams wrote:
| Julia Evans's writing is just so much fun.
| paulclinger wrote:
| I've done something along these lines with a very simple DNS and
| DHCP server implementation as an Arduino library:
| https://github.com/pkulchenko/DHCPLite/. It is fairly short and
| while I don't claim it being fully correct, it was tested with
| different clients successfully; it was great learning experience.
| GOATS- wrote:
| I host a pi-hole instance in the cloud. It's only accessible to
| my Tailscale network, which means that I can't reach it on my TV
| - unless I write a DNS proxy. Maybe this'll be enough to get my
| ass in gear and actually write it for once.
| lloydatkinson wrote:
| What about a Pi that connects to Tailscale and have your TV
| work via that? https://tailscale.com/kb/1019/subnets/
| GOATS- wrote:
| That would mean getting a Pi, which I don't have...
| mgraupner wrote:
| Setting the pi-hole as your DNS server in your router would
| not work? TV should then use this DNS server after getting
| an IP-address via DHCP.
| GOATS- wrote:
| The Pi-hole isn't hosted on my local network, but on my
| Tailscale network because it's running on a VPS. My
| router can't run Tailscale, so that's not possible.
| mike_d wrote:
| If you upgrade to ZeroTier you can get it running on
| OpenWRT and MikroTik routers
| https://help.mikrotik.com/docs/display/ROS/ZeroTier
| GOATS- wrote:
| Good luck installing OpenWRT on the silly router provided
| by my ISP.
| trillic wrote:
| What router do you have? You'd be surprised, I have
| tailscale running on a 4-year old Linksys router.
| oh_sigh wrote:
| Isn't the DNS design effectively its own proxy by the way
| resolvers forward requests towards more authoritative
| resolvers? On whatever local-network machine you would run your
| DNS proxy, you just run a DNS resolver in forwarding mode where
| all requests are sent to your pi-hole instance.
| [deleted]
| gtirloni wrote:
| Julia's zines[0] are great. Got mine this week and it's a delight
| to read.
|
| 0 - https://wizardzines.com
| gary_0 wrote:
| The cute hand-drawn aesthetic reminded me of fun times reading
| Forrest Mims' electronics books.
| [deleted]
| bazzert wrote:
| agreed, have several printed ones and love the combination of
| whimsy and concise technical content.
| chaxor wrote:
| The style fits pretty well with GitHub.com/charmbracelet
| darnir wrote:
| That is an excellent website. Thank you for bringing my
| attention to it
| astrod wrote:
| On Firefox mobile, I get some element overflow blocking the
| speech bubble. Maybe a flex wrap gone wrong?
|
| Just a heads up incase Julia is reading :)
| jvns wrote:
| thanks, I'll take a look
| [deleted]
___________________________________________________________________
(page generated 2023-05-12 23:00 UTC)