DNS server for .bit

https://www.namecoin.org/dot-bit/
virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

DNS server for .bit

Post by virus_net »

I think that many of you know about dnschain project. This is DNS server to resolv .bit names.
It written for NodeJS using CoffeeScript.
But dnschain resolvs not all domains. Let`s test on DNS server served by dnschain:

Code: Select all

# nslookup
> nf.bit
...skiped...
Non-authoritative answer:
Name:   nf.bit
Address: 94.23.252.190
Resolv is OK. Why ? Because chain value is simple: { ip: '94.23.252.190'}
Another name:

Code: Select all

> taz.bit
...skiped...
** server can't find taz.bit: NXDOMAIN
Not resolved. Why ? Because chain value is: { map: { '': '193.104.220.21', www: '193.104.220.21' }
If chain value consists of subdomains they are also not resolved, so it happens to 'www.taz.bit':

Code: Select all

> www.taz.bit
...skiped...
** server can't find www.taz.bit: NXDOMAIN
What to say ? Only "It's a pity"...

dnschain not updated since 2015 and so we deside to start own DNS project. We call it ns4chain.

For now ns4chain is still in development (current developer vesion is 0.6.1) and many things still need to be done, but ns4chain already working and can resolv domains:

Code: Select all

> nf.bit
...skiped...
Non-authoritative answer:
Name:   nf.bit
Address: 94.23.252.190

> taz.bit
...skiped...
Non-authoritative answer:
Name:   www.taz.bit
Address: 193.104.220.21

> www.taz.bit
...skiped...
Non-authoritative answer:
Name:   www.taz.bit
Address: 193.104.220.21
So I deside to share of this info. Maybe can be usefull for somebody if someone will search DNS server for .bit or alternative for dnschain (without coffee).

P.S. DNS servers of bitname.ru run on ns4chain.
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: DNS server for .bit

Post by biolizard89 »

Yep, DNSChain is a dead project. (It wasn't developed by us, and several of us were unhappy with the less-than-accurate marketing by the DNSChain folks.) That said, we do have an actively developed Namecoin to DNS bridge: ncdns. https://github.com/namecoin/ncdns . Would you be interested in helping out with ncdns development?
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

I will look at ncdns, thanks.
I would be glad to help but I don`t know Go programming language that is used in ncdns.
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

virus_net wrote:I will look at ncdns
I took and see that you also have things to do :)
When we start to explore namecoin we registered own domain (as you remember :)) and now using it for the tests. Domain is mega-net.bit.
So we can compare resolv results of ncdns and ns4chain.

ncdns (running on my work comp)
Сontrol test:

Code: Select all

> nf.bit.
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   nf.bit
Address: 94.23.252.190
Working. Now test some subdomains:

Code: Select all

> dnschain.mega-net.bit.
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
*** Can't find dnschain.mega-net.bit.: No answer

Code: Select all

> ru.mega-net.bit
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
*** Can't find ru.mega-net.bit: No answer

Code: Select all

> test.mega-net.bit
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
*** Can't find test.mega-net.bit: No answer
ns4chain:
Сontrol test:

Code: Select all

> nf.bit
Server:         91.217.137.44
Address:        91.217.137.44#53

Non-authoritative answer:
Name:   nf.bit
Address: 94.23.252.190
Working. Now test subdomains:

Code: Select all

> dnschain.mega-net.bit.
Server:         91.217.137.44
Address:        91.217.137.44#53

Non-authoritative answer:
dnschain.mega-net.bit   canonical name = dnschain.subnets.ru.
Name:   dnschain.subnets.ru
Address: 91.217.137.44

Code: Select all

> ru.mega-net.bit
Server:         91.217.137.44
Address:        91.217.137.44#53

Non-authoritative answer:
*.mega-net.bit  canonical name = mega-net.bit.
Name:   mega-net.bit
Address: 127.0.0.1

Code: Select all

> test.mega-net.bit
Server:         91.217.137.44
Address:        91.217.137.44#53

Non-authoritative answer:
Name:   test.mega-net.bit
Address: 91.217.137.33
For now I don`t quite understand why ncdns not resolv this names.
Inside ncdns zone look like this:

Code: Select all

20170911135350 [INFO] ncdns.backend: Value:
  Hostmaster: noc@mega-net.ru
  IPv4 Address: 91.217.137.33
  IPv6 Address: 2001:67c:13e4::1
  Nameserver: 91.217.137.44
  Subdomains:
    www:      Value:
        CNAME: ""
        Subdomains:
          ru:            Value:
              IPv4 Address: 91.217.137.33
              IPv4 Address: 91.217.137.34
              IPv6 Address: 2001:67c:13e4::1
              IPv6 Address: 2001:67c:13e4::2
    dnschain:      Value:
        CNAME: "dnschain.subnets.ru."
    test:      Value:
        IPv4 Address: 91.217.137.33
        Subdomains:
          www:            Value:
              CNAME: ""
          test:            Value:
              CNAME: "www.@"
    *:      Value:
        CNAME: ""
    mx:      Value:
        IPv4 Address: 91.217.137.33
We can see that all subdomains are in place. But why ncdns answer is "No answer" is unclear for me.
It's a pity that I dont know go lang... But I`am trying to understand.

---
UPDATE:
Also strange things with subdomains with aliases.

Code: Select all

20170911161514 [INFO] ncdns.namecoin: {"map":{"":"91.217.137.244","ru":{"ip":"1.1.1.1"},"www":{"alias":"loop"},"loop":{"ip":"2.2.2.2"}}}

Code: Select all

IPv4 Address: 91.217.137.244
  Subdomains:
    loop:      Value:
        IPv4 Address: 2.2.2.2
    ru:      Value:
        IPv4 Address: 1.1.1.1
    www:      Value:
        CNAME: "loop"

Code: Select all

# nslookup -q=A www.mega-net.bit. 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

www.mega-net.bit        canonical name = loop.mega-net.bit.
Thats all... We see CNAME but IP 2.2.2.2 not returned...
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

I read tour.golang.org and something began to clear up for me but it`s still hard to understand after PHP and JS.
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

And who can explain this:

Code: Select all

20170914175758 [INFO] ncdns.backend: [bit.      86400   IN      SOA     this.x--nmc.bit. . 1 600 600 7200 600 bit.      86400   IN      NS      this.x--nmc.bit.]
this.x--nmc.bit - what is this name here for ? Anyone know ?
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: DNS server for .bit

Post by biolizard89 »

I think I see why you're seeing odd results with mega-net.bit. There are at least 3 issues:

Issue 1: mega-net.bit has an NS record, and as per the DNS RFC's, that means that all the other records for mega-net.bit and its children are delegated to whatever the nameserver at 91.217.137.44 supplies. ncdns is an authoritative DNS server, so it doesn't try to get the data from 91.217.137.44, it simply replies with an NS record and assumes that the client will check that 91.217.137.44. (The easiest way to automatically check what 91.217.137.44 returns is to run configure ncdns as a stub zone in DnssecTrigger or Unbound.)

Issue 2: The NS record for mega-net.bit is an IP address, but the DNS RFC's say that NS records are supposed to have a domain name. This is one of 2 reasons why Unbound doesn't like the response that ncdns sends (although ncdns is behaving correctly).

Issue 3: The IP address you entered in the NS record would normally be interpreted as a domain name (which would produce an error), but since you didn't include a trailing dot, the NS record is actually being interpreted as pointing to a subdomain of mega-net.bit. Specifically, it's pointing to 91.217.137.44.mega-net-bit. Unbound gets that reply from ncdns, notices that that subdomain has the same authoritative nameserver (ncdns's IP) as it already consulted, and decides that the domain can't be resolved due to a recursion loop.

Anyway, as far as I can tell this isn't a bug in ncdns.

this.x--nmc.bit is a special domain name that points to the ncdns instance's IP. I'm not incredibly familiar with why it's needed, it's something to do with SOA records. Hugo would be better able to answer that.

Cheers!
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

biolizard89 wrote:There are at least 3 issues:
You telling about the zone data that mega-net.bit have in chain now. I know all you talking about and I did it specially for testing.
biolizard89 wrote:but the DNS RFC's say
You right, but ordinary people do not read RFC`s... So, for my opinion we must foresee this situation and for now ns4chain does it. If NS will be IP and not name it`s OK.
Why ? Because our goal is do resolv and provide result and not reply with NXDOMAIN because RFC tell that and the domain owner don`t read RFC`s.

Thats why I posted map:
virus_net wrote:

Code: Select all

20170911161514 [INFO] ncdns.namecoin: {"map":{"":"91.217.137.244","ru":{"ip":"1.1.1.1"},"www":{"alias":"loop"},"loop":{"ip":"2.2.2.2"}}}
in my previous post. On that map it was tested.
For testing purpose I replacing received chain data with new map. /usr/go/src/github.com/namecoin/ncdns/namecoin/namecoin.go:

Code: Select all

func (nc *Conn) Query(name string) (v string, err error) {
..skiped...
        if nsr, ok := r.Result.(*extratypes.NameShowReply); ok {
                //log.Info("NC OK")
               nsr.Value = "{\"map\":{\"\":\"91.217.137.244\",\"ru\":{\"ip\":\"1.1.1.1\"},\"www\":{\"alias\":\"loop\"},\"loop\":{\"ip\":\"2.2.2.2\"}}}"
               log.Info(nsr.Value)
                return nsr.Value, nil
        }
So you can do tests quicker and dont need to wait name_update approve and pay for the transaction :)
biolizard89 wrote:Hugo would be better able to answer that.
It will be nice. I would like to understand what this name for.
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: DNS server for .bit

Post by biolizard89 »

Well, the reason we try to follow the DNS RFC's is because not following them is likely to cause hard-to-debug errors for people trying to make Namecoin interoperate with DNS. (E.g. ncdns is supposed to interoperate with Unbound, and Unbound follows the RFC's and will possibly be confused if ncdns does something unusual.) Also there are practical reasons why NS records should be domain names rather than IP's (I believe there's a StackExchange thread about why this is the policy in DNS, but I don't have the link handy right now).

You are absolutely right that average people can't be expected to know what the RFC's say. That said, average people don't work with the DNS protocol either; they use UI's provided by registrars which abstract away that kind of thing. Average users shouldn't be expected to work with the raw JSON data stored by Namecoin for the same reason. It's definitely a bug that we don't yet have a nicer UI for setting name data -- but I think that should be fixed by creating a nice UI, rather than changing the semantics of the JSON to not match DNS.

I'll notify Hugo to look at this thread so he can explain the odd name in ncdns.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

virus_net
Posts: 82
Joined: Tue Aug 22, 2017 1:22 pm
os: bsd
Location: Moscow, Russia
Contact:

Re: DNS server for .bit

Post by virus_net »

UI already in my TODO list. It will come on bitname.ru
bitname.ru:
- whois service for .bit: whois.bitname.ru or whois.bitname.bit
- dns servers for .bit: dns1.bitname.ru dns2.bitname.ru or dns1.bitname.bit dns2.bitname.bit
- bit domains statistics
github

Post Reply