DNS System and the CHAOS class

Posted by: SilentRage

DNS System and the CHAOS class - 04/12/03 07:50 PM

Usually when somebody requests a record of a dns server, the records are located within the INTERNET class. There are, however, other classes that may be used. The only other one in active use is the CHAOS class.

Now while the Chaos class is intended for use on Chaos network, late versions of BIND server implement their own proprietary domain called 'BIND'. Many other vendors have also included support for these non-standard 'BIND' requests. I have discovered information on 2 of these requests. They may be all that are currently being used. They are described below:

QueryName: version.bind
QueryType: TXT
QueryClass: CHAOS

Example Response: BIND 8.2.2-P5

By far the most useful of the 2 BIND requests, for it returns the version of the dns software. This information could identify a server running an insecure version. However, the administrator may choose to modify the response.

QueryName: hostname.bind
QueryType: TXT
QueryClass: CHAOS

Example Server: ns1.example.com
Example Response: ns1.example.com

By default, this should return the hostname for the dns server implementing BIND. This isn't terribly useful cause by default, it is the equivelent of doing a reverse lookup on the server's IP. However, its intended use is for a configured ID for the responding server to be supplied.

There is also an RFC recommending that a new top-level domain under the CHAOS class be used for the identifying of servers instead of BIND. It is most probably not implemented cause it's so new (Drafted Nov 2002), but this is just for your own information.

QueryName: id.server
QueryType: TXT
QueryClass: CHAOS

Example Server: ns1.example.com
Example Response: ns1

Since under the RFC it is discouraged that a hostname be returned, an administratively defined ID would be configured instead. Otherwise, id.server is essentially the draft standard equivilent to hostname.bind.