General question - here about python/samba/netcmd/dns.py
Amitay Isaacs
amitay at gmail.com
Mon Jun 2 01:29:34 MDT 2014
Hi,
On Sat, May 31, 2014 at 3:26 PM, Günter Kukkukk <linux at kukkukk.com> wrote:
> Hi all,
>
> just a general question, how to proceed when we seem to violate
> some MS documentation - probably here a silly case.
> Here it's about MS claims "...MUST ignore it"
>
> When using
> samba-tool dns serverinfo w2008r2
> i noticed that the displayed IPv6 addresses were wrong - see below.
>
>
> python/samba/netcmd/dns.py
> .....
> I already fixed
> - the IPv6 format string ('%x%x:... to '%02x%02x:...')
> - the IPv6 array offsets from MaxSa[4:20] to MaxSa[8:24]
> but then started wondering about the port-number (2 bytes) being placed at
> MaxSa[3] <= would be big-endian
> but the Address Family (0x0002 or 0x0017) is placed at
> MaxSa[0] <= would be small-endian
>
> Note that both "Address Family" and "Port Number" are 16Bit.
>
> Then i looked at the MS specs in [MS-DNSP].pdf (btw - there is
> an updated version from 15th May 2014)
>
> 2.2.3.2.2.1 DNS ADDR
>
> "Port Number (2 bytes): Senders MUST set this to zero, and receivers MUST
> ignore it."
>
Thanks for noticing this. If MS spec says we MUST set this to zero and
ignore it when we receive it, we must follow that.
> ------- current fix - but still uses the port number:
> def dns_addr_array_string(array):
> ret = []
> if not array:
> return ret
> for i in xrange(array.AddrCount):
> if array.AddrArray[i].MaxSa[0] == 0x02:
> addr = '%d.%d.%d.%d (%d)' % \
> tuple(array.AddrArray[i].MaxSa[4:8] +
> [array.AddrArray[i].MaxSa[3]])
> elif array.AddrArray[i].MaxSa[0] == 0x17:
> addr =
> '%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x
> (%d)' % \
> tuple(array.AddrArray[i].MaxSa[8:24] +
> [array.AddrArray[i].MaxSa[3]])
> else:
> addr = 'UNKNOWN'
> ret.append(addr)
> return ret
> ----------------
>
If you have a patch to drop the port from the output, I would be happy to
push it. :-)
>
> samba-tool dns serverinfo w2008r2
>
> w2008r2 with IPv6 format string fixed, but with wrong array indices:
> ------------------
> pszServerName : w2008r2.addlz.kukkukk.com
> pszDsContainer :
> cn=MicrosoftDNS,cn=System,DC=addlz,DC=kukkukk,DC=com
> aipServerAddrs : ['0000:0000:2a02:8109:8f40:11e0:a1a2:fff8
> (53)', '0000:0000:fd4d:bf13:bb76:c903:0000:0000 (53)',
> '0000:0000:fd4d:bf13:bb76:c903:a1a2:fff8 (53)',
> '0000:0000:fe80:0000:0000:0000:a1a2:fff8 (53)', '192.168.200.81 (53)']
> aipListenAddrs : []
> aipForwarders : ['192.168.200.70 (53)',
> '0000:0000:2a02:8109:8f40:107c:020c:29ff (53)']
> dwLogLevel : 0
>
> w2008r2 IPv6 output fixed:
> ----------------
> pszServerName : w2008r2.addlz.kukkukk.com
> pszDsContainer :
> cn=MicrosoftDNS,cn=System,DC=addlz,DC=kukkukk,DC=com
> aipServerAddrs : ['2a02:8109:8f40:11e0:a1a2:fff8:4aa6:3613
> (53)', 'fd4d:bf13:bb76:c903:0000:0000:0000:0051 (53)',
> 'fd4d:bf13:bb76:c903:a1a2:fff8:4aa6:3613 (53)',
> 'fe80:0000:0000:0000:a1a2:fff8:4aa6:3613 (53)', '192.168.200.81 (53)']
> aipListenAddrs : []
> aipForwarders : ['192.168.200.70 (53)',
> '2a02:8109:8f40:107c:020c:29ff:fe3b:8649 (53)']
> dwLogLevel : 0
>
> Samba atm only checks for IPv4 interfaces, which also goes wrong - but
> that has to be another fix:
> --------------
> pszServerName : LI4771-131.addlz.kukkukk.com
> pszDsContainer :
> CN=MicrosoftDNS,DC=DomainDnsZones,DC=addlz,DC=kukkukk,DC=com
> aipServerAddrs : ['255.255.255.255 (53)', '255.255.255.255
> (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
> aipListenAddrs : ['255.255.255.255 (53)', '255.255.255.255
> (53)', '255.255.255.255 (53)', '255.255.255.255 (53)']
> aipForwarders : []
> dwLogLevel : 0
> -----------------------
>
Hmm.. This is odd. I need to check what information is returned from
load_interface_list(). Something is going wrong with extracting IPs.
Currently we don't have anyway to know the actual addresses used by DNS
server in case of DLZ. I think internal DNS binds to all the IPs
configured. Since we didn't have a consistent way, I returned all the IPs
listed in load_interface_list(). If you have any other suggestion, please
let me know.
>
> see also dnsdata.c ---> ip4_array_to_dns_addr_array()
> and dnsutils.c
> -------------------
>
> So finally now my question: :-)
> Should we remove all references to this port specification - here in
> python and
> also in the C-Code, where it is set?
>
> Thanks, Günter
>
> ps - sorry for the long post
>
Yes, that part of the code also needs to be fixed to handle IPv6 addresses
correctly.
Amitay.
More information about the samba-technical
mailing list