• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: DNS from a Kernel Extension
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS from a Kernel Extension


  • Subject: Re: DNS from a Kernel Extension
  • From: Josh Graessley <email@hidden>
  • Date: Fri, 10 Nov 2006 18:45:18 -0800


Actually, there are some arguments for doing DNS resolution in the kernel. One problem we have right now is a number of people write lame networking code. They perform some sort of dns resolution and try to connect to the first address they get back. Most applications want to connect to some name, they don't care what the address is or even whether it's IPv4 or IPv6. An application should get back a list of all addresses the name resolves to and attempt to connect to each of those addresses until it finds one that works. Most applications just try the first one, or they wait for the first one to fail before attempting the second one.


The kernel, if it was given a name or a list of addresses could do some intelligent stuff. In user space, you would need to open a new socket for each connection attempt. In the kernel, if there was a connect to name or connect to list, the kernel could start by sending the first syn to the the first address, wait for some time, then send the next syn and so on. The kernel could accept the first syn-ack to come back from any of those initial syns it sent. Once it got a syn- ack back, it would reject packets from any other addresses and finish up the three way handshake. The kernel could apply some smarts to try the best addresses first. An application wouldn't have to worry about the nitty gritty stuff and we wouldn't have to waste time creating lots of sockets or writing complicated code to have multiple sockets attempting simultaneous asynchronous connects.

Doing DNS in the kernel would present a number of challenges. DNS is sort of one level above arp and we do arp in the kernel, so DNS is too much of a stretch. The problem is that people pollute their name resolution with all kinds of other crap from the /etc/hosts file to a variety of directory services plug-ins. Getting access to that stuff in the kernel is not feasible.

-josh

On Nov 10, 2006, at 6:23 PM, William Kucharski wrote:


On Friday, November 10, 2006, at 06:42PM, Curtis Jones <email@hidden> wrote:


I have a need for performing DNS resolution (name to address) for the
use by a kernel extension, and it would be incredibly convenient if it
could be performed within the kernel. I've looked around endless
header files but haven't found anything helpful.

WHY? This is just wrong on so many levels...

If you ever need to do this type of thing, you need to take a step back
and figure out why you're trying to this from the KERNEL. I can't even
really think of one.


The right way to do this is to have a user space process do the DNS
resolution and pass the information to your kernel extension; better yet would
be for a user space daemon to do both the DNS resolution AND all network
communication.


   William Kucharski
   email@hidden


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40apple.com


This email sent to email@hidden

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: DNS from a Kernel Extension
      • From: Michael Tuexen <email@hidden>
    • Re: DNS from a Kernel Extension
      • From: William Kucharski <email@hidden>
References: 
 >DNS from a Kernel Extension (From: "Curtis Jones" <email@hidden>)
 >Re: DNS from a Kernel Extension (From: William Kucharski <email@hidden>)

  • Prev by Date: Re: DNS from a Kernel Extension
  • Next by Date: Re: DNS from a Kernel Extension
  • Previous by thread: Re: DNS from a Kernel Extension
  • Next by thread: Re: DNS from a Kernel Extension
  • Index(es):
    • Date
    • Thread