blind-oracle / dnstap-bgp Goto Github PK
View Code? Open in Web Editor NEWAnnounce domains captured from DNSTap over BGP
License: Mozilla Public License 2.0
Announce domains captured from DNSTap over BGP
License: Mozilla Public License 2.0
No routes are removed from bgp or cache on domain list update on case of domain removal.
Expected behaviour - route should be removed from bgp and cache (db) on domain list update in case of domain removal.
Steps to reproduce:
Add domain to domain list
Reload domain list with HUP signal
Resolve domain
Check route in bap table - exist
Remove domain from domain list
Reload domain list with HUP signal
Check route in bgp table - still exists (looks like still exists in cache and db)
Restart is required to clear routes and db.
SVCB, HTTPSSVC, and ALTSVC DNS records are introduced by IETF draft - https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/11/
Chrome started to use HTTPS record type, more info can be found here - https://docs.google.com/document/d/1k461sRbddjDGj7Q8f-ZKHZvmB-ENUWSdX_3Fpp2dmXQ/edit?usp=sharing
Please add support for SVCB (type 64) and HTTPS (type 65) records.
ipv4hint and ipv6hint can be added directly from a response but CNAME requires special processing and data structure change.
I’ve got issues with bbc cdn in case when HTTPS record returns CNAME which can be resolved in multiple addresses but A record return only one.
I've got the error when ipv6 is enabled:
INFO[0006] Peer Up Key=192.168.7.2 State=BGP_FSM_OPENCONFIRM Topic=Peer 2022/09/03 20:49:56 conf:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 > state:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 session_state:ESTABLISHED router_id:"192.168.7.2" > transport:<local_address:"192.168.7.16" local_port:59233 remote_port:179 > WARN[0006] received notification Code=3 Data="[]" Key=192.168.7.2 Subcode=10 Topic=Peer INFO[0006] Peer Down Key=192.168.7.2 Reason="notification-received code 3(update) subcode 10(invalid network field)" State=BGP_FSM_ESTABLISHED Topic=Peer 2022/09/03 20:49:56 conf:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 > state:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 session_state:IDLE router_id:"192.168.7.2" > transport:<local_address:"192.168.7.16" local_port:59233 remote_port:179 >
I'm using direct peering with Mikrotik ROS 7.
Hi.
There is probably a bug that causes domains to be partially matched if they begin with the string used in domains file.
For example: if domains.txt has cloud.com
, some cloud*.com
(ex. www.cloudaaa.com
) DNS replies are intercepted and announced via BGP.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.