1dns(n) Domain Name Service dns(n)
2______________________________________________________________________________
6
8 dns - Tcl Domain Name Service Client
9
11 package require Tcl 8.2
12 package require dns ?1.4.0?
14 ::dns::resolve query ?options?
16 ::dns::configure ?options?
18 ::dns::name token
20 ::dns::address token
22 ::dns::cname token
24 ::dns::result token
26 ::dns::status token
28 ::dns::error token
30 ::dns::reset token
32 ::dns::wait token
34 ::dns::cleanup token
36 ::dns::nameservers
38______________________________________________________________________________
40
42 The dns package provides a Tcl only Domain Name Service client. You
43 should refer to (1) and (2) for information about the DNS protocol or
44 read resolver(3) to find out how the C library resolves domain names.
45 The intention of this package is to insulate Tcl scripts from problems
46 with using the system library resolver for slow name servers. It may
47 or may not be of practical use. Internet name resolution is a complex
48 business and DNS is only one part of the resolver. You may find you are
49 supposed to be using hosts files, NIS or WINS to name a few other sys‐
50 tems. This package is not a substitute for the C library resolver - it
51 does however implement name resolution over DNS. The package also
52 extends the package uri to support DNS URIs (4) of the form
53 dns:what.host.com or dns://my.nameserver/what.host.com. The
54 dns::resolve command can handle DNS URIs or simple domain names as a
55 query.
56 Note: The package defaults to using DNS over TCP connections. If you
58 wish to use UDP you will need to have the tcludp package installed and
59 have a version that correctly handles binary data (> 1.0.4). This is
60 available at http://tcludp.sourceforge.net/. If the udp package is
61 present then UDP will be used by default.
62 Note: The package supports DNS over TLS (RFC 7858) for enhanced privacy
64 of DNS queries. Using this feature requires the TLS package.
65
67 ::dns::resolve query ?options?
68 Resolve a domain name using the DNS protocol. query is the
69 domain name to be lookup up. This should be either a fully qual‐
70 ified domain name or a DNS URI.
71 -nameserver hostname or -server hostname
73 Specify an alternative name server for this request.
74 -protocol tcp|udp
76 Specify the network protocol to use for this request. Can
77 be one of tcp or udp.
78 -port portnum
80 Specify an alternative port.
81 -search domainlist
83 -timeout milliseconds
85 Override the default timeout.
86 -type TYPE
88 Specify the type of DNS record you are interested in.
89 Valid values are A, NS, MD, MF, CNAME, SOA, MB, MG, MR,
90 NULL, WKS, PTR, HINFO, MINFO, MX, TXT, SPF, SRV, AAAA,
91 AXFR, MAILB, MAILA and *. See RFC1035 for details about
92 the return values. See http://spf.pobox.com/ about SPF.
93 See (3) about AAAA records and RFC2782 for details of SRV
94 records.
95 -class CLASS
97 Specify the class of domain name. This is usually IN but
98 may be one of IN for internet domain names, CS, CH, HS or
99 * for any class.
100 -recurse boolean
102 Set to false if you do not want the name server to recur‐
103 sively act upon your request. Normally set to true.
104 -command procname
106 Set a procedure to be called upon request completion. The
107 procedure will be passed the token as its only argument.
108 -usetls boolean
110 Set the true to use DNS over TLS. This will force the use
111 of TCP and change the default port to 853. Certificate
112 validation is required so a source of trusted certificate
113 authority certificates must be provided using -cafile or
114 -cadir.
115 -cafile filepath
117 Specify a file containing a collection of trusted cer‐
118 tificate authority certficates. See the update-ca-cer‐
119 tificates command manual page for details or the -CAfile
120 option help from openssl.
121 -cadir dirpath
123 Specify a directory containing trusted certificate
124 authority certificates. This must be provided if -cafile
125 is not specified for certificate validation to work when
126 -usetls is enabled. See the openssl documentation for the
127 required structure of this directory.
128 ::dns::configure ?options?
131 The ::dns::configure command is used to setup the dns package.
132 The server to query, the protocol and domain search path are all
133 set via this command. If no arguments are provided then a list
134 of all the current settings is returned. If only one argument
135 then it must the the name of an option and the value for that
136 option is returned.
137 -nameserver hostname
139 Set the default name server to be used by all queries.
140 The default is localhost.
141 -protocol tcp|udp
143 Set the default network protocol to be used. Default is
144 tcp.
145 -port portnum
147 Set the default port to use on the name server. The
148 default is 53.
149 -search domainlist
151 Set the domain search list. This is currently not used.
152 -timeout milliseconds
154 Set the default timeout value for DNS lookups. Default is
155 30 seconds.
156 -loglevel level
158 Set the log level used for emitting diagnostic messages
159 from this package. The default is warn. See the log pack‐
160 age for details of the available levels.
161 -cafile filepath
163 Set the default file path to be used for the -cafile
164 option to dns::resolve.
165 -cadir dirpath
167 Set the default directory path to be used for the -cadir
168 option to dns::resolve.
169 ::dns::name token
172 Returns a list of all domain names returned as an answer to your
173 query.
174 ::dns::address token
177 Returns a list of the address records that match your query.
178 ::dns::cname token
181 Returns a list of canonical names (usually just one) matching
182 your query.
183 ::dns::result token
186 Returns a list of all the decoded answer records provided for
187 your query. This permits you to extract the result for more
188 unusual query types.
189 ::dns::status token
192 Returns the status flag. For a successfully completed query this
193 will be ok. May be error or timeout or eof. See also
194 ::dns::error
195 ::dns::error token
198 Returns the error message provided for requests whose status is
199 error. If there is no error message then an empty string is
200 returned.
201 ::dns::reset token
204 Reset or cancel a DNS query.
205 ::dns::wait token
208 Wait for a DNS query to complete and return the status upon com‐
209 pletion.
210 ::dns::cleanup token
213 Remove all state variables associated with the request.
214 ::dns::nameservers
217 Attempts to return a list of the nameservers currently config‐
218 ured for the users system. On a unix machine this parses the
219 /etc/resolv.conf file for nameservers (if it exists) and on Win‐
220 dows systems we examine certain parts of the registry. If no
221 nameserver can be found then the loopback address (127.0.0.1) is
222 used as a default.
223
225 % set tok [dns::resolve www.tcl.tk]
226 ::dns::1
227 % dns::status $tok
228 ok
229 % dns::address $tok
230 199.175.6.239
231 % dns::name $tok
232 www.tcl.tk
233 % dns::cleanup $tok
234 Using DNS URIs as queries:
237 % set tok [dns::resolve "dns:tcl.tk;type=MX"]
240 % set tok [dns::resolve "dns://l.root-servers.net/www.tcl.tk"]
241 Reverse address lookup:
244 % set tok [dns::resolve 127.0.0.1]
247 ::dns::1
248 % dns::name $tok
249 localhost
250 % dns::cleanup $tok
251 Using DNS over TLS (RFC 7858):
254 % set tok [dns::resolve www.tcl.tk -nameserver dns-tls.bitwiseshift.net -usetls 1 -cafile /etc/ssl/certs/ca-certificates.crt]
257 ::dns::12
258 % dns::wait $tok
259 ok
260 % dns::address $tok
261 104.25.119.118 104.25.120.118
262
265 [1] Mockapetris, P., "Domain Names - Concepts and Facilities", RFC
266 1034, November 1987. (http://www.ietf.org/rfc/rfc1034.txt)
267 [2] Mockapetris, P., "Domain Names - Implementation and Specifica‐
269 tion", RFC 1035, November 1087.
270 (http://www.ietf.org/rfc/rfc1035.txt)
271 [3] Thompson, S. and Huitema, C., "DNS Extensions to support IP ver‐
273 sion 6", RFC 1886, December 1995.
274 (http://www.ietf.org/rfc/rfc1886.txt)
275 [4] Josefsson, S., "Domain Name System Uniform Resource Identi‐
277 fiers", Internet-Draft, October 2003,
278 (http://www.ietf.org/internet-drafts/draft-josefsson-dns-
279 url-09.txt)
280 [5] Gulbrandsen, A., Vixie, P. and Esibov, L., "A DNS RR for speci‐
282 fying the location of services (DNS SRV)", RFC 2782, February
283 2000, (http://www.ietf.org/rfc/rfc2782.txt)
284 [6] Ohta, M. "Incremental Zone Transfer in DNS", RFC 1995, August
286 1996, (http://www.ietf.org/rfc/rfc1995.txt)
287 [7] Hu, Z., etc al. "Specification for DNS over Transport Layer
289 Security (TLS)", RFC 7858, May 2016,
290 (http://www.ietf.org/rfc/rfc7858.txt)
291
293 Pat Thoyts
294
296 This document, and the package it describes, will undoubtedly contain
297 bugs and other problems. Please report such in the category dns of the
298 Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please also
299 report any ideas for enhancements you may have for either package
300 and/or documentation.
301 When proposing code changes, please provide unified diffs, i.e the out‐
303 put of diff -u.
304 Note further that attachments are strongly preferred over inlined
306 patches. Attachments can be made by going to the Edit form of the
307 ticket immediately after its creation, and then using the left-most
308 button in the secondary navigation bar.
309
311 resolver(5)
312
314 DNS, domain name service, resolver, rfc 1034, rfc 1035, rfc 1886, rfc
315 7858
316
318 Networking
319
321 Copyright (c) 2002, Pat Thoyts
322tcllib 1.4.0 dns(n)