转储 Avahi 和 Bonjour 的 DNS-SD 区域文件

huangapple go评论103阅读模式
英文:

Dumping Avahi & Bonjour, DNS-SD Zone Files

问题

我正在寻求改进Go语言的mDNS库:https://github.com/davecheney/mdns/

我已经与作者交谈过,他只是说“我把它做到了能够满足我的需求”,这很好,完全符合开源精神。

他提到了Avahi、Bonjour和dns-sd发现工具之间的一些互操作性问题,这些工具无法找到他导出的服务。

我想了解在进行简单的服务时,Avahi发布了哪些记录,包括端口和简单名称。

我原本期望通过以下适当版本的命令来导出Avahi的区域:

dig @localhost .local -t AXFR

但是对我来说没有起作用(提示“你做错了!”)- 我想了解典型Avahi服务导出的最小记录,并检查从我的笔记本上自动导出的Lee-Hambleys-Macbook.local的相同记录,以便我可以改进Go语言对mDNS的支持。

当其他人使用Avahi/Bonjour/mDNS时,他们使用什么工具来挖掘和检查是否按预期工作?

#avahi的友好人士很好心地给了我以下提示:

 killall -USR1 avahi-daemon

这会导致avahi-daemon将其区域文件转储到syslog中。

但是理想情况下,我想知道如何最好地查询服务器,tcpdump也看起来很有希望,但它仅显示被查找的记录,而不是区域中的所有内容的完整转储:

sudo tcpdump dst port 53
Password:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
09:43:28.883763 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
09:43:29.046201 IP 192.168.178.41.61989 > resolver2.opendns.com.domain: 55378+ PTR? 251.0.0.224.in-addr.arpa. (42)
09:43:29.123784 IP 192.168.178.41.56659 > resolver2.opendns.com.domain: 26471+ A? p05-btmmdns.icloud.com.akadns.net. (51)
09:43:29.819277 IP 192.168.178.41.53504 > resolver2.opendns.com.domain: 32010+ PTR? 220.220.67.208.in-addr.arpa. (45)
09:43:47.379251 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
09:43:55.900406 IP 192.168.178.41.60511 > resolver2.opendns.com.domain: 32846+ AAAA? lc22.prod.livefyre.com. (40)
09:44:04.115159 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
^C
7 packets captured
3187 packets received by filter
0 packets dropped by kernel
英文:

I'm looking to make improvements to the Go library for mDNS: https://github.com/davecheney/mdns/

I've spoken with the author, who simply says "I got it to a point where it worked for me", and that's fine, well within the spirit of open source.

He mentioned some interoperability problems with Avahi, Bonjour and dns-sd discovery tools not finding the services he has exported.

I'm looking to understand what records are published by Avahi when doing a simple service with a port, and a simple name.

I had expected an appropriate version of:

dig @localhost .local -t AXFR

Might have Avahi export it's zone, but it didn't work for me (cue "you are doing it wrong"!) - I'd like to understand the minimum records exported by a typical Avahi service, and examine the same from the automatically exported Lee-Hambleys-Macbook.local from the Apple implementation on my notebook that I might be able to improve the Go lang support for mDNS.

When other people are working with Avahi/Bonjour/mDNS, what tools do they use to dig in and check that things are working as expected?

The kind folks of #avahi were kind enough to give me the following tip:

 killall -USR1 avahi-daemon

That causes avahi-daemon to dump it's zone file to the syslog.

But ideally I'd like to know how best to query the server, tcpdump also looks promising, but it's still only showing records that get lookedup, not a complete dump of everything that's in the zone:

sudo tcpdump dst port 53
Password:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
09:43:28.883763 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
09:43:29.046201 IP 192.168.178.41.61989 > resolver2.opendns.com.domain: 55378+ PTR? 251.0.0.224.in-addr.arpa. (42)
09:43:29.123784 IP 192.168.178.41.56659 > resolver2.opendns.com.domain: 26471+ A? p05-btmmdns.icloud.com.akadns.net. (51)
09:43:29.819277 IP 192.168.178.41.53504 > resolver2.opendns.com.domain: 32010+ PTR? 220.220.67.208.in-addr.arpa. (45)
09:43:47.379251 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
09:43:55.900406 IP 192.168.178.41.60511 > resolver2.opendns.com.domain: 32846+ AAAA? lc22.prod.livefyre.com. (40)
09:44:04.115159 IP 192.168.178.41.50916 > resolver2.opendns.com.domain: 50479+ A? e3191.c.akamaiedge.net. (40)
^C
7 packets captured
3187 packets received by filter
0 packets dropped by kernel

答案1

得分: 1

mDNS由于协议的工作方式,不支持区域传输。据我所知,有两种可能的方法:

**1)**尝试蛮力方法,通过查询目标(服务器/子网)。您可以使用dig来执行此操作,只需将查询发送到多播地址并查询您的目标,例如:

> dig -x 192.168.0.10 -p 5353 @224.0.0.251

还有一些现成的脚本和工具可用于枚举mDNS目标。一些示例包括:

**2)**强制守护程序转储其区域文件(或设置)。您已经发现Avahi服从以下命令:

> killall -USR1 avahi-daemon

Apple的Bonjour包括mDNSResponder,它不实现转储区域信息。但是,您可以添加更多日志以获得类似的好处:

> SIGUSR1信号切换附加日志记录,默认情况下启用警告和通知:
>
> %sudo killall -USR1 mDNSResponder
>
> 启用此日志记录后,用户还可以使用syslog(1)来更改进程的日志过滤器。例如,要启用日志级别Emergency - Debug:
>
> %sudo syslog -c mDNSResponder -d
>
> SIGUSR2信号切换数据包日志记录:
>
> %sudo killall -USR2 mDNSResponder
>
> SIGINFO信号将将内部状态的快照摘要转储到/var/log/system.log:
>
> %sudo killall -INFO mDNSResponder

此外,Wireshark可以用于调试协议错误。这应该足以解决互操作性错误。

英文:

mDNS does simply not support zone transfers due the way the protocol works. As far as I can tell there are two possible approaches:

1) Try brute force approach, by querying the target (server/subnet). You can do this with dig, just send the query to multicast address and query for your target, eg.

> dig -x 192.168.0.10 -p 5353 @224.0.0.251

There are also a few ready scripts and tools that assist in enumerating mDNS targets. Some examples include

2) Force the daemon to dump its zone file (or settings). You already found out that Avahi obeys

>killall -USR1 avahi-daemon

Apple's Bonjour includes mDNSResponder which does not implement dumping zone information. However you can add more logging for similar benefits

> A SIGUSR1 signal toggles additional logging, with Warning and Notice
> enabled by default:
>
> % sudo killall -USR1 mDNSResponder
>
> Once this logging is enabled, users can additionally use syslog(1) to
> change the log filter for the process. For example, to enable log
> levels Emergency - Debug:
>
> % sudo syslog -c mDNSResponder -d
>
> A SIGUSR2 signal toggles packet logging:
>
> % sudo killall -USR2 mDNSResponder
>
> A SIGINFO signal will dump a snapshot summary of the internal state
> to /var/log/system.log:
>
> % sudo killall -INFO mDNSResponder

Also, Wireshark might be used to debug protocol errors. This should be enough for solving interoperability errors.

huangapple
  • 本文由 发表于 2013年7月18日 15:15:31
  • 转载请务必保留本文链接:https://go.coder-hub.com/17716955.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定