0

Basically I issue a query (Type: PTR) from my client for the following

_some-service._tcp.gv.com

In response to that query, I get back

Reply code: No such name (3)

According to this question and rfc

3     Name Error - Meaningful only for
                   responses from an authoritative name
                   server, this code signifies that the
                   domain name referenced in the query does
                   not exist.

However when I am on my client the domain name does resolve to the correct ip address and I can ping without issue

[root@client/]# ping gv.com
PING gv.com (192.168.10.10) 56(84) bytes of data.
64 bytes from gv.com (192.168.10.10): icmp_seq=1 ttl=64 time=0.308 ms
64 bytes from gv.com (192.168.10.10): icmp_seq=2 ttl=64 time=0.329 ms
64 bytes from gv.com (192.168.10.10): icmp_seq=3 ttl=64 time=0.330 ms
64 bytes from gv.com (192.168.10.10): icmp_seq=4 ttl=64 time=0.306 ms
^C
--- gv.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms

Why does the DNS response give me the reply code 3 when the domain name resolves for my client?

Could it be that the error occurs because the service I am looking for does not exist in the DNS server?

Community
  • 1
RAZ_Muh_Taz
  • 115
  • 2
  • 8
  • 1
    Your question does not make sense to me. What has a ptr on a subdomain got to do with a query to resolve a different subdomain? – davidgo Feb 20 '20 at 18:11
  • @davidgo I am just explaining the type of query I am issuing to the DNS and the type of query, with respect to my wireshark, is PTR (12) – RAZ_Muh_Taz Feb 20 '20 at 18:18
  • A PTR for a SRV record (which is what _some-service._tcp.gv.com appears to be) isn't a common thing (I would say "never", but there might be some use case for such a thing). Normally PTR records would refer to A records. Regardless, you would query an IP address to get the name associated with it. Example: `dig -x 192.168.10.10` or if you're a masochist `dig 10.10.168.192.in-arpa. PTR` (I may not have that format exactly correct) – Brandon Xavier Feb 20 '20 at 19:08
  • I'm integrating software into a system, this software works on my company's network. What is happening now is I am setting up a private network with my own DNS, DHCP servers to exercise the software on a closed network. I can't change the behavior of the system, it's not my code. The software issues PTR qry `_some-service._tcp.gv.com` then when it gets a response back it issues the SRV qry for `_service-1._some-service._tcp.gvc.com` to get the ip address for the service it's looking for. @BrandonXavier @Virsacer – RAZ_Muh_Taz Feb 20 '20 at 19:35
  • I have a feeling there is an issue with my DNS server configuration for the forwarding of the domain name... – RAZ_Muh_Taz Feb 20 '20 at 19:43
  • That's a very, shall we say, *unique* way of utilizing PTR records (NAPTR, I could possibly understand). You may have better luck asking the developers of this software. – Brandon Xavier Feb 20 '20 at 20:13
  • Trust me, I have been fighting this software for almost a year, on and off, it's not a well written, well developed piece of software. I am just trying to figure out why it works on a normal network and not on the private one I have set up but thank you for your time @BrandonXavier – RAZ_Muh_Taz Feb 20 '20 at 21:25

2 Answers2

3

I am afraid without detail it cannot be answered in the way you would be happy :-(.

In your question I would see some (let say) not common approach. In case it would be just theoretical question (you have mentioned capturing the packets) I would think about misunderstanding of the DNS service...

You have mentioned

_some-service._tcp.gv.com PTR

And later in the question:

ping gw.com

Where is absolutely no relation between it...

Let assume only IPv4 (to reduce set of relevant records only) and domain example.com:

There can be following relevant records (for simplicity "ignoring" zones separation):

example.com. IN A 192.0.2.10
www.example.com. IN A 192.0.2.20
web.example.com. IN CNAME www.example.com.
_http._tcp.example.com. IN SRV 10 10 80 www.example.com.

10.2.0.192.in-addr.arpa. IN PTR example.com.
20.2.0.192.in-addr.arpa. IN PTR www.example.com.

Http service (e.g. web browser) usually not using SRV but in theory it could be valid example.

A ... "translate" FQDN to IPv4 address
SRV ... SeRVice  record - can have wight and priority. 
    Pointing the location of the service with posibility of "alternative" endpoints.
CNAME ... Cannonical name - targeting other DNS record. With the answer
    the recursion (following query) is utilized.
PTR ... PoinTeR to cannonical name - usually used for reverse records but 
    by the definition it can be used in the similar way like CNAME just 
    without recursion.

Anyway in case of ping you are requesting simple A record so neither SRV nor PTR is utilized...

In case of MX (Mail eXchange - record used for e-mail delivery) in case of non existence there is defined fall back to A record to where to try to deliver the message...

It is possible that there is PTR record but once it is without success there could be utilized some "standard" A or SRV query. This would be visible in communication visible in Wireshark ;-). Definitely it is about implementation / behaviour of the specific application. This question would be addressed to the authors - why they have utilized the PTR records this way...

Kamil J
  • 1,632
  • 1
  • 5
  • 10
  • technically yes, in case of private / reserved IPs it make sense but in case of "public" IP it can work for you but the rest of the world will ignore it as there is not NS delegation pointing to your server. – Kamil J Feb 20 '20 at 21:34
  • Anyway PTR in the structure of SRV record (as you have mentioned in the question) it would be normally in the zone. As I have wrote technically it can be used similar way like CNAME but this usage is not widely utilize - I have never see it to be honest. – Kamil J Feb 20 '20 at 21:35
  • you need to query what you expect to get as answer... so e.g. ``dig ptr _http._tcp.example.com.`` or ``dig ptr 10.2.0.192.in-addr.arpa``. In case you want to see some real output try e.g. google dns - ``dig ptr 8.8.8.8.in-addr.arpa.`` ;-). – Kamil J Feb 20 '20 at 22:08
  • You didn't put ``.`` (dot) at the end of the value so it is handled not "absolute" FQDN but "relative" to queried domain. – Kamil J Feb 20 '20 at 22:35
  • So far I know yes - manually with exception :-) (e.g. Active Directory utilizing DNS and especially SRV records to localize the servers with "internal" services - ldap, kerberos,... - this "internal" records are generated / updated automatically). On the other side the SRV record is defined but actually it is still rarely used on client sides... Nowadays there are still primarily used reserved ports (<1024 - e.g. 80 http, 443 https, 53 dns,...) and regular A / AAAA record (or MX in case of e-mails) to reach the destination system. – Kamil J Feb 20 '20 at 23:24
  • Interesting... The project I am working on is using DNS-SD so clients can automatically discover certain services on the network, once the service is found via DNS-SD it connects to the host who provides the service. I never manually configured the DNS server manually for our company to be able to resolve `_some-feature._tcp`. I wonder how the company DNS ever got the SRV and TXT for those particular services I am now looking for on my own DNS... Thank you for your help – RAZ_Muh_Taz Feb 20 '20 at 23:54
  • DNS-SD not necessary depends on multicast DNS or Bonjour - clients / server can announce their services without authorized update to DNS server. It is used by some printers for example... This service usually utilize .local domain. It should be able to coexistence with DNS but I have not good experience with it especially in case somebody historically utilize .local on the DNS server... – Kamil J Feb 21 '20 at 00:01
  • I personally prefer "controlled" content on the network using "standard" DNS and DHCP providing information related to DNS servers... DNS-SD has been originally introduced like zeco configuration service - plug and play ;-). – Kamil J Feb 21 '20 at 00:04
  • It's the plug and play that the customers are after and unfortunately the switches on the network my hardware is on does not allow mDNS through and so I am forced to use unicast DNS-SD in combination with DHCP. Can DHCP provide services to a DNS? – RAZ_Muh_Taz Feb 21 '20 at 00:09
  • DHCP can register the leased IP. I am afraid this is not the direction for you :(. Anyway i you have a list of services you can do dynamic update to DNS zone so it can be automatically update based on some event (e.g. exported list could be propagate using dynamic update and then it is known to dns server). – Kamil J Feb 21 '20 at 00:32
  • Thank you for all the help, I am definitely starting to understand this stuff. I guess what I would like to figure out is how a Computer A, can publish a SRV to the DNS. Computer B then can query for a known service it needs, and the DNS will provide the SRV to allow Computer B to interact with Computer A. Is there a document or resource you know of that has that info? – RAZ_Muh_Taz Feb 21 '20 at 15:44
  • I am sorry but I am not sure I fully got the question :-(. In case you are trying to reach some resources (information) related to SRV record, try to start with RFC (Request For Comments) - https://tools.ietf.org/rfc/rfc2782.txt . – Kamil J Feb 21 '20 at 16:07
  • So it turns out, like you suggested earlier, that all the SRV, TXT records have to be manually added to the DNS server. I talked with a co-worker and he said what you said about how I have to manually add them to the DNS. I was taking the zero-configuration to the extreme when in the real world they are manually entered into the DNS. Thank so much for your help with this, I am really starting to understand DNS now. – RAZ_Muh_Taz Feb 21 '20 at 16:22
0

A PTR is an IP-Address pointing to a domain.

So if you ask the DNS for a domain using a domain instead of an IP you will get NXDOMAIN.

And your client asks the IP for a domain (A-record), so it gets a valid answer and can ping.

So ask for A, AAAA, TXT or whatever record your "service" is and you will get a result

dig _some-service._tcp.gv.com TXT

Virsacer
  • 648
  • 4
  • 14