Thursday, October 25, 2007

MaraDNS snapshot update

Jean-Jacques Sarton and myself have added IPV6 support to Deadwood. This is an optional compile-time flag, since a number of systems don't have IPV6 support yet (Cygwin and Mingw32, *cough* *cough*). In order to enable IPV6 support, add '-DIPV6' to the flags when compiling Deadwood, as in:

export FLAGS='-Os -DIPV6'

The IPV6 support adds, in DeLi Linux 0.7.2, 356 bytes to the code when disabled, and 708 bytes to the code when enabled. The binary is now 14,448 bytes in size when compiled in DeLi 0.7.2 with the '-Os' flag, IPv6 disabled, and the binary stripped. With IPv6 enabled, the binary is 14,800 bytes in size. Of course, keep in mind that uClibc is also bigger when it has IPv6 support.

In addition, it would seem that, somewhere in the 1.2 development cycle, I broke the echoing of the RD ("Recursion Desired") bit in the DNS header. This has been restored. Also, looking at that code, I realized it wasn't thread-safe, so I made the code thread safe. Also, it would seme that not only do some brain-dead embedded DNS programs check the RD bit in the DNS header, they also check the RA ("Recursion Available") bit (neither bit should be looked at whem getting a DNS reply, but oh well). So, I've hacked things so MaraDNS replies with a packet with the RA bit off if sending an authoritative reply, and the RA on if sending a recrusive reply. Not 100% ananally RFC-compliant, but should fix the problems seen with braindead DNS programs.

And yes, the RD and RA fixes have been backported to the 1.2 branch, and should be a part of the next 1.2 release (mid-December, barring a critical security problem).

The MaraDNS snapshot can be downloaded here