Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Can someone ELI5 for the idiot in the thread. I know it's for fun but I don't get it. Also how's it's working? I'm aware it's my ignorance.


You're essentially resolving non-existent domains through their custom DNS server. For example:

    dig 100USD-INR.fx @dns.toys
Translates into "resolve 100USD-INR.fx using dns.toys as a DNS server". They then return TXT records containing the actual answer. Since .fx is a non-existent domain, they're not impersonating anyone, and if you switch "@dns.toys" with say "@8.8.8.8", it wouldn't resolve to anything.


Imagine a site like news.ycombinator.com. The browser uses that name to lookup the IP from a specialized server. So for the domain it might have this saved:

A IP = ...1

AAAA IP = ...2

Where 'a' is the type of record. But there are other types of records:

TXT gender = 'male'

So there's a few assumptions here about DNS that are normally true:

1. People are using DNS as a switch board to other services.

2. The values in the switchboard are normally static.

With this setup they're doing something completely different because they're serving back changing values based on the domain. To do this you would need to write a custom DNS server (though the DNS protocol is quite simple.) The reasons this is a clever hack though are as follows:

1. DNS is one of the most widely used and supported protocols. All mainstream programming libraries support it. This includes numerous command-line tools already in operating system. By providing this as a service over DNS it provides an elegant way for command-line tools and libraries to access services with minimal dependencies.

2. It challenges the way the DNS system should be used by tipping the normal assumptions behind its use on its head (direct usage for information, dynamic content for values.) This makes it possible to use DNS directly as an application service rather than as a switch board operator for regular internet services.

3. DNS is so integral that a complex integration wouldn't be needed to add it to existing software. A DNS request is arguably more straight-forwards than a typical web API. Chances are this also has benefits for censorship resistance, too.

All in all a clever hack.


Sure, imagine a DNS server as a specialized type of web server, but it uses a different protocol over a different port. Just like you make requests to a web server using HTTP, you can interact with a DNS server using DNS protocols. Think of it like comparing how you might use telnet to simulate an HTTP or SMTP request; it's about communicating with a specific type of server over a specific set of rules. This server tends to do some computation before yielding its results, unlike most DNS records that you'd expect to be static.


The DNS protocol is just text over udp. When making a DNS request, your system will open a socket, write "google.com" in it and read for a response. The server, if it is properly configured as a DNS server, will reply with the appropriate DNS record, again as text. Google.com is a cname to some subdomain used for load balancing, so the server will simply reply "CNAME blabla.google.com" and may optionally also resolve blabla.google.com to save you the trouble of making another request.

The DNS protocol, defined in some RFC, says that I have to make a request a certain way, and that the server has to respond a certain way. One of these ways is that for top level domains that don't exist (for ex. .time is not a currently existing tld), the server is supposed to reply nxdomain, but in reality there is no technical measure stopping it from replying with anything it wants, such as the current time.

In fact, generally speaking, the expectation that the server operators will not fuck you over is the only thing preventing public (and indeed private) DNS operators from returning you bogus data. This is mitigated somewhat by HTTPS, but DNS records themselves are infinitely fakeable with no recourse.


DNS is not a text protocol, it's a binary protocol.


Your reply is riddled with errors and you don't seem to actually know how the DNS protocol works at all, on the wire or otherwise. It is, firstly, impossible for "google.com" to contain a CNAME record. This would violate standards, and it's simply not done. Query or yourself; there is no CNAME at that label.

Your description of how queries work is not how queries work at all. Your entire comment is a net negative and detracts from the overall knowledge at Hacker News.


> "It is, firstly, impossible for "google.com" to contain a CNAME record. This would violate standards, and it's simply not done."

It is possible for an apex domain to contain/be a CNAME, and it simply is done, by many companies: https://serverfault.com/questions/55528/set-root-domain-reco...


This is a disingenuous claim, because many of the comments at the linked thread indicate that it not only is a breach of the RFC requirements, but is also liable to malfunction, so any provider/software that permits it, is going to have trouble supporting it.

I stand by what I said: it's impossible, and is simply not done [by anyone who cares about adhering to standards or interoperability.]




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: