dns-packet
An abstract-encoding compliant module for encoding / decoding DNS packets. Lifted out of multicast-dns as a separate module.
npm install dns-packet
UDP Usage
const dnsPacket =const dgram =const socket = dgramconst buf = dnsPacketsocketsocket
Also see the UDP example.
TCP, TLS, HTTPS
While DNS has traditionally been used over a datagram transport, it is increasingly being carried over TCP for larger responses commonly including DNSSEC responses and TLS or HTTPS for enhanced security. See below examples on how to use dns-packet
to wrap DNS packets in these protocols:
API
var buf = packets.encode(packet, [buf], [offset])
Encodes a DNS packet into a buffer containing a UDP payload.
var packet = packets.decode(buf, [offset])
Decode a DNS packet from a buffer containing a UDP payload.
var buf = packets.streamEncode(packet, [buf], [offset])
Encodes a DNS packet into a buffer containing a TCP payload.
var packet = packets.streamDecode(buf, [offset])
Decode a DNS packet from a buffer containing a TCP payload.
var len = packets.encodingLength(packet)
Returns how many bytes are needed to encode the DNS packet
Packets
Packets look like this
type: 'query|response'id: optionalIdNumberflags: optionalBitFlagsquestions: ...answers: ...additionals: ...authorities: ...
The bit flags available are
packetRECURSION_DESIREDpacketRECURSION_AVAILABLEpacketTRUNCATED_RESPONSEpacketAUTHORITATIVE_ANSWERpacketAUTHENTIC_DATApacketCHECKING_DISABLED
To use more than one flag bitwise-or them together
var flags = packetRECURSION_DESIRED | packetRECURSION_AVAILABLE
And to check for a flag use bitwise-and
var isRecursive = messageflags & packetRECURSION_DESIRED
A question looks like this
type: 'A' // or SRV, AAAA, etcclass: 'IN' // one of IN, CS, CH, HS, ANY. Default: INname: 'google.com' // which record are you looking for
And an answer, additional, or authority looks like this
type: 'A' // or SRV, AAAA, etcclass: 'IN' // one of IN, CS, CH, HSname: 'google.com' // which name is this record forttl: optionalTimeToLiveInSecondsrecord specific data see below
Supported record types
A
data: 'IPv4 address' // fx 127.0.0.1
AAAA
data: 'IPv6 address' // fx fe80::1
CAA
flags: 128 // octettag: 'issue|issuewild|iodef'value: 'ca.example.net'issuerCritical: false
CNAME
data: 'cname.to.another.record'
DNAME
data: 'dname.to.another.record'
DNSKEY
flags: 257 // 16 bitsalgorithm: 1 // octetkey: Buffer
DS
keyTag: 12345algorithm: 8digestType: 1digest: Buffer
HINFO
data:cpu: 'cpu info'os: 'os info'
MX
preference: 10exchange: 'mail.example.net'
NS
data: nameServer
NSEC
nextDomain: 'a.domain'rrtypes: 'A' 'TXT' 'RRSIG'
NSEC3
algorithm: 1flags: 0iterations: 2salt: BuffernextDomain: Buffer // Hashed per RFC5155rrtypes: 'A' 'TXT' 'RRSIG'
NULL
data:
OPT
EDNS0 options.
type: 'OPT'name: '.'udpPayloadSize: 4096flags: packetDNSSEC_OKoptions:// pass in any code/data for generic EDNS0 optionscode: 12data: Buffer// Several EDNS0 options have enhanced supportcode: 'PADDING'length: 31code: 'CLIENT_SUBNET'family: 2 // 1 for IPv4, 2 for IPv6sourcePrefixLength: 64 // used to truncate IP addressscopePrefixLength: 0ip: 'fe80::'code: 'TCP_KEEPALIVE'timeout: 150 // increments of 100ms. This means 15s.code: 'KEY_TAG'tags: 1 2 3
The options PADDING
, CLIENT_SUBNET
, TCP_KEEPALIVE
and KEY_TAG
support enhanced de/encoding. See optionscodes.js for all supported option codes. If the data
property is present on a option, it takes precedence. On decoding, data
will always be defined.
PTR
data: 'points.to.another.record'
RP
mbox: 'admin.example.com'txt: 'txt.example.com'
RRSIG
typeCovered: 'A'algorithm: 8labels: 1originalTTL: 3600expiration: timestampinception: timestampkeyTag: 12345signersName: 'a.name'signature: Buffer
SOA
data:mname: domainNamername: mailboxserial: zoneSerialrefresh: refreshIntervalretry: retryIntervalexpire: expireIntervalminimum: minimumTTL
SRV
data:port: servicePorttarget: serviceHostNamepriority: optionalServicePriorityweight: optionalServiceWeight
TXT
data: 'text' || Buffer || Buffer || 'text'
When encoding, scalar values are converted to an array and strings are converted to UTF-8 encoded Buffers. When decoding, the return value will always be an array of Buffer.
If you need another record type, open an issue and we'll try to add it.
License
MIT