This is a review of the DNS Tool in ShofarNexus.
This is a built in tool and normally not available for casual viewing, but on the demo site there is no security and this can be freely viewed and experimented with.
Be aware that the site is frequently wiped clean so data can disappear.
The site is at demo.ShofarNexus.com.
This video shows the September 12, 2018 version and updates may occur.
Since no security is in place the toolbar on the right is visible. From there you can select the Network section.
While there are other things in place, for our purposes we are interested in the DNS protocol.
In this section you will find diagnostic tools and documentation.
Selecting the “Tool” will bring up the diagnostic tool that will allow issuing arbitrary DNS queries and viewing all details about the query.
This is a static script-less page, therefore all functions are form entry and a button, or simply a link.
To prepare a query, a name needs to be entered in the “Query” area.
A server needs to be selected. The ICANN roots, both IPv4 and IPv6, can be directly selected or some other common providers, plus the localhost.
The “Option” area allows for various query options to be selected.
Each time data is entered or an option is selected, the query is submitted.
The page response is delayed a fraction of a second to allow time for most queries to return and display all data. If the response does not come back in time only the query is shown and to see the response does requires clicking on the active query.
For our example we will query for the demo site without recursion.
First enter the domain name and click “Send Query”.
If a name server has already been selected a response will be returned. For out example we will assume none has.
We will also assume the default options of Protocol: UDP, OpCode: Standard, Recursion Desired: False, and Question Type: All
Select a name server. For this example we will use the ICANN A4 server by simply clicking “A4”.
The request and response should be shown.
In the “Net_DNS” area we can see the header of the request and response.
In the “Net_DNS_Record” area can see the list of records in the request and response.
We should see the list of “.com” name servers returned by the root and some IPs for those name servers.
An IP in the A or AAAA record can be clicked to place it as the name server IP and issue another query.
We should then see the list of “ShofarNexus.com” name servers returned and again can click on the IP.
We should now see that the response is authoritative for “Demo.ShofarNexus.com” and have the IP.
We have the basic functionality of the tool, now let’s look at some details.
Queries are tied to a Net_Socket object which has a unique identifier.
In the Widget on the right is a list of recent queries. Selecting a query will make it active and can be seen as part of the URL.
In the Menu on the left under “Tool” are several ways to view the selected query or Net_Socket.
While normally you will see the log of the query in the Flyer on the right, by clicking Log in the menu it will show a wide version so more detail can be seen. You can now select other queries in the Widget to move between them in the Log view.
The “XML” button will show the raw XML file that describes the Net_Socket. This is the container for all data in the query.
There are two more XML options that will show the data as a full page as XML to allow browser tools and highlighting or as text which is useful if the file is to be saved via the browser. You will have to use the browser’s back button to return to the tool.
The “Socket” button will show the dump of the Net_Socket object. These object dumps typically show the object kind and relations at the top, human readable versions of the data in the object, and then the hex, ASCII and UTF8 dump of the object itself.
The “Query” and “Response” buttons show a dump of the applicable “Net_DNS” object.
The neighboring “Stream” button show a dump of the applicable “Net_Stream” object. You will probably have to scroll down if you want to see the hex dump of the actual messages. A “Net_Stream” has a header and body, but for a DNS query only a body is present.
Feel free to play. You can make valid and invalid queries, but you are unlikely to break anything in doing so.
While most of the underlying network functionality has been present for years in ShofarNexus, there is a rewrite in progress of the diagnostic tools which is impacting the lower level design. If you are viewing the September 12th version, you will find that the DNS tool is being used to experiment with and refine the interface. The other tools are in progress and an effort is being made to make them consistent with the DNS tool interface.
Comments, questions, and suggestions can be emailed to “John@ShofarNexus.com”