1dns(n) Domain Name Service dns(n)
2______________________________________________________________________________
6
8 dns - Tcl Domain Name Service Client
9
11 package require Tcl 8.2
12 package require dns ?1.5.0?
14 ::dns::resolve query ?options?
16 ::dns::configure ?options?
18 ::dns::name token
20 ::dns::address token
22 ::dns::cname token
24 ::dns::result token
26 ::dns::status token
28 ::dns::error token
30 ::dns::reset token
32 ::dns::wait token
34 ::dns::cleanup token
36 ::dns::nameservers
38______________________________________________________________________________
40
42 The dns package provides a Tcl only Domain Name Service client. You
43 should refer to (1) and (2) for information about the DNS protocol or
44 read resolver(3) to find out how the C library resolves domain names.
45 The intention of this package is to insulate Tcl scripts from problems
46 with using the system library resolver for slow name servers. It may
47 or may not be of practical use. Internet name resolution is a complex
48 business and DNS is only one part of the resolver. You may find you are
49 supposed to be using hosts files, NIS or WINS to name a few other sys‐
50 tems. This package is not a substitute for the C library resolver - it
51 does however implement name resolution over DNS. The package also ex‐
52 tends the package uri to support DNS URIs (4) of the form
53 dns:what.host.com or dns://my.nameserver/what.host.com. The dns::re‐
54 solve command can handle DNS URIs or simple domain names as a query.
55 Note: The package defaults to using DNS over TCP connections. If you
57 wish to use UDP you will need to have the tcludp package installed and
58 have a version that correctly handles binary data (> 1.0.4). This is
59 available at http://tcludp.sourceforge.net/. If the udp package is
60 present then UDP will be used by default.
61 Note: The package supports DNS over TLS (RFC 7858) for enhanced privacy
63 of DNS queries. Using this feature requires the TLS package.
64
66 ::dns::resolve query ?options?
67 Resolve a domain name using the DNS protocol. query is the do‐
68 main name to be lookup up. This should be either a fully quali‐
69 fied domain name or a DNS URI.
70 -nameserver hostname or -server hostname
72 Specify an alternative name server for this request.
73 -protocol tcp|udp
75 Specify the network protocol to use for this request. Can
76 be one of tcp or udp.
77 -port portnum
79 Specify an alternative port.
80 -search domainlist
82 -timeout milliseconds
84 Override the default timeout.
85 -type TYPE
87 Specify the type of DNS record you are interested in.
88 Valid values are A, NS, MD, MF, CNAME, SOA, MB, MG, MR,
89 NULL, WKS, PTR, HINFO, MINFO, MX, TXT, SPF, SRV, AAAA,
90 AXFR, MAILB, MAILA and *. See RFC1035 for details about
91 the return values. See http://spf.pobox.com/ about SPF.
92 See (3) about AAAA records and RFC2782 for details of SRV
93 records.
94 -class CLASS
96 Specify the class of domain name. This is usually IN but
97 may be one of IN for internet domain names, CS, CH, HS or
98 * for any class.
99 -recurse boolean
101 Set to false if you do not want the name server to recur‐
102 sively act upon your request. Normally set to true.
103 -command procname
105 Set a procedure to be called upon request completion. The
106 procedure will be passed the token as its only argument.
107 -usetls boolean
109 Set the true to use DNS over TLS. This will force the use
110 of TCP and change the default port to 853. Certificate
111 validation is required so a source of trusted certificate
112 authority certificates must be provided using -cafile or
113 -cadir.
114 -cafile filepath
116 Specify a file containing a collection of trusted cer‐
117 tificate authority certficates. See the update-ca-cer‐
118 tificates command manual page for details or the -CAfile
119 option help from openssl.
120 -cadir dirpath
122 Specify a directory containing trusted certificate au‐
123 thority certificates. This must be provided if -cafile is
124 not specified for certificate validation to work when
125 -usetls is enabled. See the openssl documentation for the
126 required structure of this directory.
127 ::dns::configure ?options?
130 The ::dns::configure command is used to setup the dns package.
131 The server to query, the protocol and domain search path are all
132 set via this command. If no arguments are provided then a list
133 of all the current settings is returned. If only one argument
134 then it must the the name of an option and the value for that
135 option is returned.
136 -nameserver hostname
138 Set the default name server to be used by all queries.
139 The default is localhost.
140 -protocol tcp|udp
142 Set the default network protocol to be used. Default is
143 tcp.
144 -port portnum
146 Set the default port to use on the name server. The de‐
147 fault is 53.
148 -search domainlist
150 Set the domain search list. This is currently not used.
151 -timeout milliseconds
153 Set the default timeout value for DNS lookups. Default is
154 30 seconds.
155 -loglevel level
157 Set the log level used for emitting diagnostic messages
158 from this package. The default is warn. See the log pack‐
159 age for details of the available levels.
160 -cafile filepath
162 Set the default file path to be used for the -cafile op‐
163 tion to dns::resolve.
164 -cadir dirpath
166 Set the default directory path to be used for the -cadir
167 option to dns::resolve.
168 ::dns::name token
171 Returns a list of all domain names returned as an answer to your
172 query.
173 ::dns::address token
176 Returns a list of the address records that match your query.
177 ::dns::cname token
180 Returns a list of canonical names (usually just one) matching
181 your query.
182 ::dns::result token
185 Returns a list of all the decoded answer records provided for
186 your query. This permits you to extract the result for more un‐
187 usual query types.
188 ::dns::status token
191 Returns the status flag. For a successfully completed query this
192 will be ok. May be error or timeout or eof. See also ::dns::er‐
193 ror
194 ::dns::error token
197 Returns the error message provided for requests whose status is
198 error. If there is no error message then an empty string is re‐
199 turned.
200 ::dns::reset token
203 Reset or cancel a DNS query.
204 ::dns::wait token
207 Wait for a DNS query to complete and return the status upon com‐
208 pletion.
209 ::dns::cleanup token
212 Remove all state variables associated with the request.
213 ::dns::nameservers
216 Attempts to return a list of the nameservers currently config‐
217 ured for the users system. On a unix machine this parses the
218 /etc/resolv.conf file for nameservers (if it exists) and on Win‐
219 dows systems we examine certain parts of the registry. If no
220 nameserver can be found then the loopback address (127.0.0.1) is
221 used as a default.
222
224 % set tok [dns::resolve www.tcl.tk]
225 ::dns::1
226 % dns::status $tok
227 ok
228 % dns::address $tok
229 199.175.6.239
230 % dns::name $tok
231 www.tcl.tk
232 % dns::cleanup $tok
233 Using DNS URIs as queries:
236 % set tok [dns::resolve "dns:tcl.tk;type=MX"]
239 % set tok [dns::resolve "dns://l.root-servers.net/www.tcl.tk"]
240 Reverse address lookup:
243 % set tok [dns::resolve 127.0.0.1]
246 ::dns::1
247 % dns::name $tok
248 localhost
249 % dns::cleanup $tok
250 Using DNS over TLS (RFC 7858):
253 % set tok [dns::resolve www.tcl.tk -nameserver dns-tls.bitwiseshift.net -usetls 1 -cafile /etc/ssl/certs/ca-certificates.crt]
256 ::dns::12
257 % dns::wait $tok
258 ok
259 % dns::address $tok
260 104.25.119.118 104.25.120.118
261
264 [1] Mockapetris, P., "Domain Names - Concepts and Facilities", RFC
265 1034, November 1987. (http://www.ietf.org/rfc/rfc1034.txt)
266 [2] Mockapetris, P., "Domain Names - Implementation and Specifica‐
268 tion", RFC 1035, November 1087.
269 (http://www.ietf.org/rfc/rfc1035.txt)
270 [3] Thompson, S. and Huitema, C., "DNS Extensions to support IP ver‐
272 sion 6", RFC 1886, December 1995.
273 (http://www.ietf.org/rfc/rfc1886.txt)
274 [4] Josefsson, S., "Domain Name System Uniform Resource Identi‐
276 fiers", Internet-Draft, October 2003, (http://www.ietf.org/in‐
277 ternet-drafts/draft-josefsson-dns-url-09.txt)
278 [5] Gulbrandsen, A., Vixie, P. and Esibov, L., "A DNS RR for speci‐
280 fying the location of services (DNS SRV)", RFC 2782, February
281 2000, (http://www.ietf.org/rfc/rfc2782.txt)
282 [6] Ohta, M. "Incremental Zone Transfer in DNS", RFC 1995, August
284 1996, (http://www.ietf.org/rfc/rfc1995.txt)
285 [7] Hu, Z., etc al. "Specification for DNS over Transport Layer Se‐
287 curity (TLS)", RFC 7858, May 2016,
288 (http://www.ietf.org/rfc/rfc7858.txt)
289
291 Pat Thoyts
292
294 This document, and the package it describes, will undoubtedly contain
295 bugs and other problems. Please report such in the category dns of the
296 Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please also
297 report any ideas for enhancements you may have for either package
298 and/or documentation.
299 When proposing code changes, please provide unified diffs, i.e the out‐
301 put of diff -u.
302 Note further that attachments are strongly preferred over inlined
304 patches. Attachments can be made by going to the Edit form of the
305 ticket immediately after its creation, and then using the left-most
306 button in the secondary navigation bar.
307
309 resolver(5)
310
312 DNS, domain name service, resolver, rfc 1034, rfc 1035, rfc 1886, rfc
313 7858
314
316 Networking
317
319 Copyright (c) 2002, Pat Thoyts
320tcllib 1.5.0 dns(n)