2

I'm trying to discover all domains with the TLD .ffhh. This is the TLD of the Freifunk Meshnetwork in Hamburg. I tried the following command in Mac Terminal:

dns-sd -B _http._tcp ffhh.

I get this output, but nothing happens after that:

Browsing for _http._tcp.ffhh. DATE: ---Thu 23 Jul 2015--- 10:40:20.934 ...STARTING...

I guess I'm using dns-sd wrong!? What would be the right command to discover all domains with this TLD?

Kurt Pfeifle
  • 86,724
  • 23
  • 248
  • 345
jan reimers
  • 356
  • 3
  • 10

1 Answers1

4

I do not think you can use dns-sd to browse top level domains. (And if you really can -- I'm not sure about this! -- then your command would be correct. It just does not find any result for that TLD. See my further answer...)

Also, browsing for _http._tcp in a certain domain will only display results, if there actually is a HTTP service that is announced via DNS-SD in that domain.

1. dns-sd is for local. domain in the first place

To test it, you can run dns-sd -R in one terminal to announce a fake HTTP service:

 dns-sd  \
   -R "A Fake Announcement to Register a Dummy HTTP Server" \
   _http._tcp,_universal \
   .   \
   8081

and then check if the announcement appears in the local browse list:

 dns-sd -B _http._tcp

2. dns-sd works also for remote domains ... under certain conditions

To check for announced services in a remote domain, try:

 dns-sd -B _ftp._tcp dns-sd.org.

You should see something like

Browsing for _ftp._tcp.dns-sd.org.
DATE: ---Thu 19 May 2016---
17:40:02.111  ...STARTING...
Timestamp     A/R  Flags  if Domain        Service Type  Instance Name
17:40:02.112  Add      3   0 dns-sd.org.   _ftp._tcp.    Apple QuickTime Files
17:40:02.112  Add      3   0 dns-sd.org.   _ftp._tcp.    Microsoft Developer Files
17:40:02.112  Add      2   0 dns-sd.org.   _ftp._tcp.    Restricted, Registered Users Only
^C

Then you can resolve a specific instance by running another command:

dns-sd -L "Microsoft Developer Files" _ftp._tcp dns-sd.org.

  Lookup Microsoft Developer Files._ftp._tcp.dns-sd.org.
  DATE: ---Thu 19 May 2016---
  17:40:43.972  ...STARTING...
  17:40:44.365  Microsoft\032Developer\032Files._ftp._tcp.dns-sd.org. can be reached at ftp.microsoft.com.:21 (interface 0)
   txtvers=1
   path=/developer
^C

3. So why did browsing the remote dns-sd.org. domain work at all?

This is because Stuart Cheshire, the guy who "invented" DNS-SD and who runs the dns-sd.org domain, did register the FTP services in his own domain within his standard DNS server setup in with the appropriate means.

4. So why does dns-sd.org return records about a Microsoft-controlled FTP service?

This is because Stuart Chesire registered that FTP service as a "proxy advertisement"....

5. Why did your query for the fffh. top level domain not work?

Mainly, because that domain most likely didn't register within a standard DNS server all the HTTP services which are hosted within its realm.

Maybe it doesn't even run a DNS server at all within its domain.

You would only discover those HTTP servers via dns-sd -B _http._tcp local., if each webmaster of such a server would...

  • ...run the appropriate dns-sd -R ... command in the background (if he has a Mac), or
  • ...run the analog avahi-publish -s ... command (if he has Linux)

6. Additional Info

BTW, you could browse and discover remote services without specifying the remote domain name, if you added the remote domain in your general DNS configuration as a "browse domain". See this screenshot where I added dns-sd.org on a MacBook:

DNS *Search Domain* "dns-sd.org" added in Mac OS X network configuration

In this case you can simply run

dns-sd -B _http._tcp

to also get the remote HTTP services listed (as well as the local ones) instead of running

dns-sd -B _http._tcp dns-sd.org.

Kurt Pfeifle
  • 86,724
  • 23
  • 248
  • 345