Skip to content

buglloc/rip

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

75 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

RIP

A simple DNS server that extracts IP address from the requested domain name and sends it back in the response.

Usage

  1. Install Go 1.16+
  2. Perform go get -u github.com/buglloc/rip/v2
  3. Have fun ;)

Encoding rules

Since RIP extracts the response from the request, it's important to understand the encoding rules. RIP has three kinds of entities:

  • rr - something that generate response (e.g. IP, CNAME and so on):
    <IP> - returns IP address (guesses IPv4/IPv6)
    <IPv4>.[4|v4] - strictly returns IPv4 address only
    <IPv6>.[6|v6] - strictly returns IPv6 address only
    <cname>.[c|cname]  - return CNAME record with <cname>
    <target>.[p|proxy] - resolve <target> name and returns it
  • container - something that holds rr's (or another container), picked one on each request and response with it:
    <rr>.<container>.[r|random] - pick random rr/container
    <rr>.<container>.[l|loop] - iterate over rr/container
    <rr1>.<rr0>.[s|sticky] - alias for loop container: <rr1-ttl-30>.<rr0-cnt-1>.l
  • limit modifier - something that limit this kind of responses:
    cnt-<num> - use rr <num> requests. e.g.:
      * 1-1-1-1.v4-cnt-10 - returns 1.1.1.1 10 times 
    ttl-<duration> - use rr <duration> duration:
      * 2-2-2-2.v4-ttl-20s - returns 2.2.2.2 20 seconds from first v4-rr response

Also, RIP allowing to use any prefixes (see examples below).

IP address format

IP address can be presented in two variants - dash-delimited and base16-form. For example, ips 0a000001 and 10-0-0-1 are equal and points to 10.0.0.1 You can also use the built-in converter to encode IP address:

$ rip encode fe80::fa94:c2ff:fee5:3cf6 127.0.0.1
fe80000000000000fa94c2fffee53cf6	7f000001

Examples

Run NS server for zone example.com with default IP 77.88.55.70 and 2a02:6b8: a:: a:

$ rip ns --zone=example.com --ipv4=77.88.55.70 --ipv6=2a02:6b8:a::a

When requesting it, we should get the following responses:

# IPv4
    1-1-1-1.example.com ->  1.1.1.1 
    1-1-1-1.v4.example.com ->  1.1.1.1 
    foo.1-1-1-1.v4.example.com ->  1.1.1.1
    bar.foo.1-1-1-1.v4.example.com ->  1.1.1.1
    1010101.v4.example.com -> 1.1.1.1

# IPv6
    2a01-7e01--f03c-91ff-fe3b-c9ba.example.com    ->  2a01:7e01::f03c:91ff:fe3b:c9ba
    2a01-7e01--f03c-91ff-fe3b-c9ba.v6.example.com    ->  2a01:7e01::f03c:91ff:fe3b:c9ba
    2a017e0100000000f03c91fffe3bc9ba.v6.example.com -> 2a017e0100000000f03c91fffe3bc9ba
    foo.2a01-7e01--f03c-91ff-fe3b-c9ba.v6.example.com    -> 2a01:7e01::f03c:91ff:fe3b:c9ba
    foo.--1.6.example.com   ->  ::1

# Random
    0a000002.0a000001.random.example.com ->  random between 10.0.0.1 and 10.0.0.2
    0a000003.0a000002.0a000001.random.example.com ->  random between 10.0.0.1 and 10.0.0.2

# Loop
    8ba299a7.8ba299a8.loop.example.com ->  loop over 139.162.153.168 and 139.162.153.167
    8ba299a7.v4-ttl-5s.8ba299a8.v4-cnt-5.loop.example.com ->  139.162.153.168 (first 5 requests), then 139.162.153.167 (next 5s), then 139.162.153.168 (next 5 requests), and so on
    8ba299a7.v4-ttl-5s.b32-onxw2zlunbuw4zzomnxw63bnmnxs44tv.c-cnt-5.loop.example.com ->  CNAME "something.cool.co.ru." (first 5 requests), then 139.162.153.167 (next 5s), CNAME "something.cool.co.ru." (first 5 requests), and so on
    8ba299a6.v4.8ba299a7.v4.loop-ttl-5s.8ba299a8.v4-cnt-5.loop.example.com ->  139.162.153.168 (first 5 requests), then 139.162.153.167/139.162.153.166 (next 5s), then 139.162.153.168 (next 5 requests) and so on

# Sticky
    8ba299a7.8ba299a8.s.example.com ->  139.162.153.168 (first A request) then 139.162.153.167 (30s), then 139.162.153.168 (next A request) and so on

# Cname
    ya.ru.c.example.com ->  canonical name ya.ru
    google.com.c.example.com ->  canonical name google.com
    b32-onxw2zlunbuw4zzomnxw63bnmnxs44tv.c.example.com ->  canonical name something.cool.co.ru

# Proxy
    ya.ru.p.example.com ->  87.250.250.242 and 2a02:6b8::2:242
    google.com.p.example.com  ->  64.233.164.102 and 2a00:1450:4010:c07::64