PTR Records for IPv4 & IPv6

• IPv4 reverse lookup, e.g. 1.0.0.127.in-addr.arpa. → 127-0-0-1.sslip.io.
• IPv6 reverse lookup, e.g. 2.a.b.b.4.0.2.9.a.e.e.6.e.c.4.1.0.f.9.6.0.0.1.0.6.4.6.0.1.0.6.2.ip6.arpa. →
  2601-646-100-69f0-14ce-6eea-9204-bba2.sslip.io.
• Compressed TXT metrics.status.sslip.io (more info including PTR and k-v.io metrics, smaller packet)
• Updated SOA to Bastille Day (7/14)

Full Changelog: 2.5.4...2.6.0

Security Release: prohibit TXT records on k-v.io itself

This is a security release which prevents scammers from procuring a *.k-v.io wildcard certificate from commercial certificate authorities who use the DNS-01 challenge.

Much thanks to @Alan-Liang, who noted the following:

... one could easily add (and modify) a TXT record at _acme-challenge.k-v.io, which I believe is used for verifying domain ownership at various cert providers, so anyone could in theory obtain valid SSL certs for k-v.io and *.k-v.io. I think this might be a security issue

Full Changelog: 2.5.3...2.5.4

k-v.io is operational

• k-v.io has an A record
• Dockerfile builds image to run https://k-v.io on GKE
• Rigorous testing of key-value get/put/delete on each of the three servers
• Bug fixes to etcd TLS certificates (wrong SANs),

Full Changelog: 2.5.2...2.5.3

k-v.io: on DELETE, don't return the deleted value

We don't return the deleted value because doing that would have the unintended consequence of postponing the deletion: downstream caching servers would cache the deleted value for up to three more minutes. We'd rather have the key deleted sooner rather than later.

Some APIs, e.g. etcd's, return a list of deleted values on return: those APIs can afford to do so because they don't need to worry about DNS propagation.

We also lengthen the timeout of an etcd API call from 500 msec to 1928 msecs; 500 msec was too close; some calls routinely took 480 msec to complete, and we wanted more headroom.

We also no longer do two etcd operations when we delete a value. Previously we would do a GET followed by a DELETE, but since we're not returning the value deleted, there's no point to the GET. Furthermore, the GET was never necessary, for the etcd DELETE API call returned the values deleted.

• We no longer produce BOSH releases; if you need a BOSH release, use version 2.5.1.
• You can now select the port to bind to, e.g. sslip.io-dns-server -port 5353. This is useful, for example, when you're not running as a privileged user, and you can't bind to a privileged port (e.g. 53).
• Blocklists are downloaded once per hour, not once per hour per IP address bound to.

Include a CIDR-based blocklist to foil phishers

Typical examples: 43.134.66.67/24, 2601:646:100:69f7:cafe:bebe:cafe:bebe/112

We decided we needed to block by CIDRs as well as strings because phishers can use hostnames that don't lend themselves to being blocked with strings, e.g. nf-43-134-66-67.sslip.io.

• Blocklist downloads every hour
• Private IP addresses aren't blocked

[fixes #13]

Include a blocklist to foil phishers

Typical example: https://raiffeisen.94.228.116.140.sslip.io.

Raiffeisen is a bank.

I was hoping Let's Encrypt would share their blocklist, but they wouldn't. See #13 for more information.

🐞 Fix crashes caused by specially-crafted hostnames

Bug fix: certain hostnames with embedded IPv4 addresses would cause the server to crash (this was caused by my regular expression thinking they were valid IPs, but net.ParseIP() disagreeing). Now the server doesn't crash; instead it returns no answers (correct behavior).

Now with metrics! `metrics.status.sslip.io`

• Feature: you can view the metrics of a given server by querying the TXT record of metrics.status.sslip.io, e.g. dig @ns-aws.sslip.io metrics.status.sslip.io txt +short
• Bug fix: the server would panic() when querying the TXT record of a customized domain which didn't have a customized TXT record, e.g. dig @ns-aws.sslip.io ns.sslip.io txt +short. Now it doesn't panic()
• Change: experimental TXT records to find the server version have been moved from version.sslip.io to version.status.sslip.io, e.g. dig @ns-aws.sslip.io version.status.sslip.io txt +short
• Change: TTL dropped from 300 to 180 seconds (5 minutes to 3 minutes). This lays the groundwork for the upcoming key-value store.

`kv.sslip.io`: (key-value) read/write/delete TXTs

We enable special behavior under the kv.sslip.io subdomain: it can be treated as a key-value store, the sub-subdomain being the key, and the TXT record being the value.

For example, to write ("put") the value "12.0.1" to the key "macos-version" on the ns-gce.sslip.io. nameserver, you'd use the following dig command:

dig @ns-gce.sslip.io. txt put.12.0.1.macos-version.kv.sslip.io.

To read ("get") the value back, you'd write the following dig command:

dig @ns-gce.sslip.io. txt get.macos-version.kv.sslip.io.

Since "get" is the default behavior, you don't need to include it in the
domain name:

dig @ns-gce.sslip.io. txt macos-version.kv.sslip.io.

Finally, when you're done with the key-value, you can "delete" it:

dig @ns-gce.sslip.io. txt delete.macos-version.kv.sslip.io.

Notes:

• Keys are case-insensitive (to accommodate DNS convention). In other words, KEY.kv.sslip.io and key.kv.sslip.io return the same TXT record.
• Values are case-sensitive. put.CamelCase.style.kv.sslip.io sets the TXT record to "CamelCase".
• put requests will return the TXT record being put; i.e. put.hello.world.kv.sslip.io returns one TXT record of one string, hello.
• delete requests will return the TXT record being deleted; i.e. delete.world.kv.sslip.io returns one TXT record of one string, hello. If the TXT record does not exist, no TXT records will be returned.
• Values are limited to 63 bytes to mitigate using the sslip.io servers in a DNS amplification attack.
• Values are not persistent: if the server is restarted, all values disappear. Poof.
• Values are not consistent. If a value is set in ns-aws.sslip.io, it does not propagate to ns-gce.sslip.io nor ns-azure.sslip.io.

2.2.4

When querying for NS records, the nono.io records are no longer returned; only the sslip.io records.