blind-oracle / dnstap-bgp Goto Github PK

No routes are removed from bgp or cache on domain list update on case of domain removal.
Expected behaviour - route should be removed from bgp and cache (db) on domain list update in case of domain removal.

Steps to reproduce:
Add domain to domain list
Reload domain list with HUP signal
Resolve domain
Check route in bap table - exist

Remove domain from domain list
Reload domain list with HUP signal
Check route in bgp table - still exists (looks like still exists in cache and db)

Restart is required to clear routes and db.

SVCB, HTTPSSVC, and ALTSVC DNS records are introduced by IETF draft - https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/11/

Chrome started to use HTTPS record type, more info can be found here - https://docs.google.com/document/d/1k461sRbddjDGj7Q8f-ZKHZvmB-ENUWSdX_3Fpp2dmXQ/edit?usp=sharing

Please add support for SVCB (type 64) and HTTPS (type 65) records.
ipv4hint and ipv6hint can be added directly from a response but CNAME requires special processing and data structure change.

I’ve got issues with bbc cdn in case when HTTPS record returns CNAME which can be resolved in multiple addresses but A record return only one.

I've got the error when ipv6 is enabled:

INFO[0006] Peer Up Key=192.168.7.2 State=BGP_FSM_OPENCONFIRM Topic=Peer 2022/09/03 20:49:56 conf:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 > state:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 session_state:ESTABLISHED router_id:"192.168.7.2" > transport:<local_address:"192.168.7.16" local_port:59233 remote_port:179 > WARN[0006] received notification Code=3 Data="[]" Key=192.168.7.2 Subcode=10 Topic=Peer INFO[0006] Peer Down Key=192.168.7.2 Reason="notification-received code 3(update) subcode 10(invalid network field)" State=BGP_FSM_ESTABLISHED Topic=Peer 2022/09/03 20:49:56 conf:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 > state:<local_as:64731 neighbor_address:"192.168.7.2" peer_as:64731 session_state:IDLE router_id:"192.168.7.2" > transport:<local_address:"192.168.7.16" local_port:59233 remote_port:179 >

I'm using direct peering with Mikrotik ROS 7.

Hi.

There is probably a bug that causes domains to be partially matched if they begin with the string used in domains file.
For example: if domains.txt has cloud.com, some cloud*.com (ex. www.cloudaaa.com) DNS replies are intercepted and announced via BGP.