0

I'm working on a research that aims to solve a particular problem in DNS. In this research I need to add an update to DNS resolvers and DNS authoritative servers.

I would like to know what the packets sent between DNS resolvers to DNS authoritative servers? Are there any differences between them and between the packets that I saw in Wireshark (which are between my client (the browser) and my DNS resolver). In particular:

  • Do the largest resolvers change something inside the packets before they send the DNS query to the authoritative servers?
  • Do the authoritative servers support the whole dns protocol in their answers? (For example: support the additional section inside DNS or extensions like EDNS).

The goal is to know what changes are small enough for the servers and to ensure that the standard communication between the servers is normal DNS queries and answers.

Thanks!

Improve this question
1
  • Why are you not looking at the RFC's? All the info you should need are in them.
    – Bob Goddard
    Commented Nov 27, 2021 at 14:21

1 Answer 1

Reset to default
0

Let me save you some time. You cannot update DNS resolvers anonymously. If you could the Internet would fall apart. We call this DNS Cache Poisoning / DNS Spoofing.

A while back that did happen and major domains collapsed or were hacked. There are numerous research papers on the Internet to read on the topic of DNS hacking and DNS security.

Example articles:

Improve this answer
2
  • When I wrote "update,", I meant to add code on these servers. Still waiting for an answer on what the communication between the Resolvers and the AS looks like
    – אריאל ליטמנוביץ
    Commented Dec 4, 2021 at 17:16
  • @אריאלליטמנוביץ - That information is published in the RFCs. I am not sure what you mean by add code on these servers.
    – John Hanley
    Commented Dec 4, 2021 at 17:59

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .