Independent Submission                                        B. Manning
Request for Comments: 6804                                 November 2012
Category: Historic
ISSN: 2070-1721
Independent Submission                                        B. Manning
Request for Comments: 6804                                 November 2012
Category: Historic
ISSN: 2070-1721

DISCOVER: Supporting Multicast DNS Queries




This document describes the DISCOVER opcode, an experimental extension to the Domain Name System (DNS) to use multicast queries for resource discovery. This opcode was tested in experiments run during 1995 and 1996 for the Topology Based Domain Search (TBDS) project. This project is no longer active and there are no current plans to restart it. TBDS was the first known use of multicast transport for DNS. A client multicasts a DNS query using the DISCOVER opcode and processes the multiple responses that may result.


Status of This Memo


This document is not an Internet Standards Track specification; it is published for the historical record.


This document defines a Historic Document for the Internet community. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.

本文档定义了互联网社区的历史文档。这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at


Copyright Notice


Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2012 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。

1. Introduction
1. 介绍

The TBDS project developed extensions to existing network services to enable software for clients and servers of an application to become more resilient to changes in topology by dynamically sensing changes and switching between client/server and peer-peer methods for both end-system-to-server and server-to-server communications.


The first existing network service to be investigated was the Domain Name Systems (DNS), which is used to map symbolic Internet names to numeric Internet addresses. Based upon a hierarchical tree structure, the DNS relies upon uninterrupted connectivity of nodes to a special set of static, manually configured root servers. To improve the robustness and availability of the DNS service, TBDS developed and defined enhancements that enable nodes to map names to numbers without the need for uninterrupted connectivity to the Internet root servers. These techniques were automated, allowing transition between connected and unconnected operations to be done without direct human intervention.


These enhancements to the DNS server code are based on the open source BIND to support reception and processing of multicast packets.


Proof-of-concept modifications to BIND 8.1.2 were made to show that multicast awareness could be added to BIND. An analysis was made of the existing DNS code deployment and the schedule of new feature deployment so that we could synchronize TBDS with a more appropriate code base. Testing identified a race condition due to overloading the semantics of the DNS opcode that was used to communicate to servers.

对BIND 8.1.2进行了概念验证修改,以表明可以将多播感知添加到BIND中。对现有DNS代码部署和新功能部署计划进行了分析,以便我们能够将TBD与更合适的代码库同步。测试发现了由于用于与服务器通信的DNS操作码的语义过载而导致的竞争条件。

This race condition was explored within the IETF regarding use of existing DNS opcodes. Discussion within the team and with others in the IETF led to the idea that we needed a new opcode that would not overload the semantics of existing opcodes. The original DNS design specification presumes that few clients exist that would share common DNS data. To correct this problem, a new opcode was designed to disambiguate TBDS requests from normal nameserver requests.


In the standard Domain Name System (DNS) [1] [2], queries are always unicast using the QUERY opcode. The TBDS research project [5], funded under DARPA grant F30602-99-1-0523, explored the use of multicast DNS [1] [2] queries for resource discovery by autonomous, mobile nodes in disconnected networks. The operations model is covered in the TBDS documentation. Multicast queries may return multiple replies, while the standard DNS QUERY operation (see Sections 3.7, 4.3, and 5 of RFC 1034 [1]; and Section 4.1.1 of RFC 1035 [2]) expects a single reply. Instead of extending the QUERY

在标准域名系统(DNS)[1][2]中,查询始终使用查询操作码单播。由DARPA拨款F30602-99-1-0523资助的TBDS研究项目[5]探索了使用多播DNS[1][2]查询在断开连接的网络中由自主移动节点进行资源发现。TBDS文档中介绍了操作模型。多播查询可能返回多个回复,而标准DNS查询操作(参见RFC 1034[1]第3.7、4.3和5节;以及RFC 1035[2]第4.1.1节)需要一个回复。而不是扩展查询

opcode, the project developed and tested a new query operation, DISCOVER, that was designed to accommodate multiple responses from a multicast query. The ability to accept multiple replies provides a basis for discrimination of man-in-the-middle attacks, which succeed by being the first to respond. Use of DISCOVER requires the use of caching in the receiver, so the ephemeral nature of stub resolvers is precluded.


This memo documents the processing rules for DISCOVER, for possible incorporation in a future revision of the DNS specification.


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [3].

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照BCP 14、RFC 2119[3]中的说明进行解释。

2. DISCOVER Processing Rules
2. 发现处理规则

A requester will send a DISCOVER query message to a multicast destination address, with some particular multicast scope. The requester must be prepared to receive multiple replies from multiple responders, although we expect that there will be a single reply per responder.


DISCOVER responses (i.e., response messages from DISCOVER queries) have standard Answer, Authority, and Additional sections. For example, the DISCOVER response is the same as the response to a QUERY operation. Zero-content answers should not be sent, to avoid badly formed or unfulfilled requests. Responses should be sent to the unicast address of the requester, and the source address should reflect the unicast address of the responder. DISCOVER responses may echo the request's Question section or leave it blank, just as for QUERY.


DISCOVER works like QUERY, with the following exceptions:


1. The Question section of a DISCOVER operation contains <QNAME=zonename,QTYPE=SOA> tuples, if the section is present.

1. 发现操作的问题部分包含元组(如果该部分存在)。

Within TBDS, this structure was augmented with: <QNAME=service,QTYPE=SRV>. While this worked, it would be cleaner to ask the SRV question in a separate pass; any future work should take this into consideration.


2. If QDCOUNT equals 0, then only servers willing to do recursion should answer; other servers must silently discard a DISCOVER request with QDCOUNT equals 0.

2. 如果QDCOUNT等于0,那么只有愿意执行递归的服务器才应该响应;其他服务器必须以静默方式放弃QDCOUNT等于0的发现请求。

3. If QDCOUNT is not equal to 0, then only servers that are authoritative for the zones named by some QNAME should answer.

3. 如果QDCOUNT不等于0,则只有对某些QNAME命名的区域具有权威性的服务器才应回答。

Hence, replies to DISCOVER queries will always be authoritative or else have RA (Recursion Available) set.


3. Using DISCOVER Queries
3. 使用发现查询
3.1. Performing Host Lookups
3.1. 执行主机查找

To perform a hostname lookup using DISCOVER, a node could:


o Compute the zone name of the enclosing,, or domain.

o 计算封闭、ip6.int或ip6.arpa域的区域名称。

o DISCOVER whether any in-scope server(s) are authoritative for this zone.

o 发现是否有任何作用域内服务器对此区域具有权威性。

If so, query these authoritative servers for local in-addr/ip6 names.

如果是,请在这些权威服务器上查询本地in addr/ip6名称。

o If not, DISCOVER whether there are recursive servers available.

o 如果没有,请发现是否有可用的递归服务器。

If so, query these recursive servers for local in-addr/ip6 names.

如果是这样,请在这些递归服务器上查询本地in addr/ip6名称。

The requester can determine from the replies whether there are any DNS servers that are authoritative (or support recursion) for the zone.


o Once the host's Fully Qualified Domain Name (FQDN) is known, repeat the process to discover the closest enclosing authoritative server for this local name.

o 已知主机的完全限定域名(FQDN)后,重复此过程以查找此本地名称最近的封闭权威服务器。

o Cache all NS and A data learned in this process, respecting Times To Live (TTLs).

o 根据生存时间(TTL),缓存在此过程中学习到的所有NS和数据。

3.2. Performing Service Lookups
3.2. 执行服务查找

To lookup a service name using DISCOVER, the following steps may be used:


o Use DISCOVER as outlined in Section 3.1 to perform gethostbyaddr() and then gethostbyname() on one's own link-local address. This gives a list of local authoritative servers.

o 如第3.1节所述,使用DISCOVER对自己的链接本地地址执行gethostbyaddr()和gethostbyname()。这将提供本地权威服务器的列表。

o Assume that the closest enclosing zone for which an authoritative server responds to an in-scope DISCOVER message is this host's "parent domain", and compute the SRV name as

o 假设权威服务器响应范围内发现消息的最近封闭区域是该主机的“父域”,并将SRV名称计算为



This is a change to the definition provided in RFC 1034 [1]. A wildcard label ("*") in the QNAME used in a DNS message with the opcode DISCOVER should be evaluated with special rules: the wildcard should match any label for which the DNS server data is authoritative. For example 'x.*' would match '' and '', provided that the server was authoritative for ''

这是对RFC 1034[1]中提供的定义的更改。在带有操作码发现的DNS消息中使用的QNAME中的通配符标签(“*”)应使用特殊规则进行评估:通配符应与DNS服务器数据具有权威性的任何标签匹配。例如,“x.*”将与“”和“”匹配,前提是服务器是“”的权威服务器

o Finally, send an SRV query for this SRV name to the discovered local authoritative servers to complete the getservbyname() call.

o 最后,将此SRV名称的SRV查询发送到发现的本地权威服务器,以完成getservbyname()调用。

This call returns a structure that can be populated by response values, as follows:


s_name The name of the service, "_service" without the preceding underscore.


s_aliases The names returned in the SRV Resource Records (RRs) in replies to the query.


s_port The port number in the SRV RRs replies to the query. If these port numbers do not match, one of the port numbers is chosen, and only those names that correspond are returned.

s_port SRV RRs中的端口号用于答复查询。如果这些端口号不匹配,则选择其中一个端口号,并仅返回相应的名称。

s_proto The transport protocol passed from the DNS process using the "_transport" label, without the preceding underscore.


3.3. Using DISCOVER for Disconnected Names
3.3. 对断开连接的名称使用DISCOVER

DISCOVER allows discovery of a host (for example, a printer offering LPD services) whose DNS server answers authoritatively for a domain name that hasn't been delegated to it, but is defined within some local scope. Since DISCOVER is explicitly defined to discover undelegated zones for tightly scoped queries, this behavior isn't a violation of DNS's coherency principles. Note that a responder to DISCOVER might not be traditional DNS software, it could be special-purpose software.


DISCOVER usage for disconnected networks with no authoritative servers can be achieved using the following conditions:


o Hosts run a "stub authoritative server" that acts as though its FQDN were a zone name.

o 主机运行一个“存根权威服务器”,该服务器的FQDN是一个区域名称。

o The computed SOA gives the host's FQDN as the MNAME, "." as the ANAME, seconds-since-1Jan2000 as the SERIAL, and low constants for EXPIRE and the other SOA timers.

o 计算出的SOA将主机的FQDN作为MNAME,“.”作为ANAME,seconds-since-1Jan2000作为串行,EXPIRE和其他SOA计时器的常量为low。

o NS is used as the host's FQDN.

o NS用作主机的FQDN。

o The glue is computed as the host's link-local address, or hosts may run a "DNS stub server" that acts as though its FQDN were a zone name.

o 胶水被计算为主机的链接本地地址,或者主机可以运行一个“DNS存根服务器”,该服务器的作用就像其FQDN是一个区域名称一样。

The rules governing the behavior of this server consist of a single change to the method of use, and no change whatsoever to the current format of DNS packets. Specifically, this extension allows UDP DNS queries, as documented in RFC 1035, Sections 4.1.1, 4.1.2, and 4.2.1, to be addressed to port 53 of statically assigned relative offset -4 within the range of multicast addresses defined as "administratively scoped" by Section 9 of RFC 2365 [6]. Within the full /8 of administratively scoped addresses, this corresponds to the destination address Until the Multicast-Scope Zone Announcement Protocol (MZAP) or a similar protocol is implemented to allow hosts to discover the extent of the local multicast scopes that enclose them, it is anticipated that implementations will simply utilize the destination address Queries sent via multicast MUST NOT request recursion.

管理此服务器行为的规则包括对使用方法的单个更改,以及对DNS数据包的当前格式的任何更改。具体而言,此扩展允许UDP DNS查询(如RFC 1035第4.1.1、4.1.2和4.2.1节所述)在RFC 2365[6]第9节定义为“管理范围”的多播地址范围内寻址到静态分配的相对偏移量-4的端口53。在全部/8个管理作用域地址中,这对应于目标地址239.255.255.251。在实现多播作用域区域公告协议(MZAP)或类似协议以允许主机发现包含它们的本地多播作用域的范围之前,预计实现将仅利用目标地址239.255.255.251。通过多播发送的查询不能请求递归。

In order to receive multicasted queries, DNS server implementations MUST listen on the -4 offset to their local scope (as above, in the absence of a method of determining the scope, this will be assumed to be relative to the full /8 allocated for administratively scoped multicast use, or and respond via ordinary unicast UDP to ONLY those queries for which they have a positive answer that originated within a locally-configured zone file. That is, a server MUST NOT answer a multicasted query with cached information that it received from another server, nor may it request further resolution from other servers on behalf of a multicasted query. A multicast-capable server may, however, utilize multicast queries to perform further resolution on behalf of queries received via ordinary unicast. This is referred to as "proxy" operation. Multicast-enabled DNS servers MUST answer multicasted queries non-authoritatively. That is, when responding to a query that was


received via multicast, they MUST NOT include an NS record that contains data that resolves back to their own IP address and MUST NOT set the AA bit.


Resolvers MUST anticipate receiving no replies to some multicasted queries, in the event that no multicast-enabled DNS server implementations are active within the local scope, or in the event that no positive responses exist to the transmitted query. That is, a query for the MX record for would go unanswered if no local server was able to resolve that request, if no MX record exists for, or if no local servers were capable of receiving multicast queries. The resolver that initiated the query MUST treat such non-response as a non-cacheable negative response. Since this multicast transmission does not provide reliable delivery, resolvers MAY repeat the transmission of a query in order to assure themselves that is has been received by any hosts capable of answering; however, any resolvers that repeat a query MUST increase the interval by a factor of two between each repetition. It is more likely, however, that any repeated queries will be performed under the explicit direction of the application driving the query, rather than autonomously by the resolver implementation.


It will often be the case that multicast queries will result in responses from multiple servers. In the event that the multicast query was generated via a current API such as gethostbyname, or as the result of a proxy operation, the first response received must be passed to the requesting application or host, and all subsequently received responses must be discarded. Future multicast-aware APIs that use DISCOVER should anticipate receiving multiple independent RR sets in response to queries and using external heuristics for selecting the most appropriate RR set.


Such servers should answer DISCOVER packets for its zone, and will be found by the iterative "discover closest enclosing authority server" by DISCOVER clients, in either the gethostbyname() or SRV cases described above. Note that stub servers answer only with zone names that exactly match QNAME's, not with zone names that are owned by QNAME's.

这样的服务器应该为其区域应答DISCOVER数据包,并将由DISCOVER客户机在上述gethostbyname()或SRV情况下通过迭代的“DISCOVER closest enclosuring authority server”找到。请注意,存根服务器只回答与QNAME完全匹配的区域名称,而不是QNAME拥有的区域名称。

4. IANA Considerations
4. IANA考虑

At such time as this idea might be considered for a future addition to the DNS protocol, IANA would need to assign a value for the opcode.


5. Security Considerations
5. 安全考虑

The following paragraph on security considerations was written very early in the use and exploration of IP multicast and, as such, represents a fairly naive view on the type and scope of exploits that are enabled through the use of IP multicast. A more up-to-date understanding of multicast security considerations may be found in RFC 5294 [4].

以下关于安全考虑的段落是在使用和探索IP多播的早期编写的,因此,对于通过使用IP多播启用的漏洞利用的类型和范围,代表了一种相当幼稚的观点。RFC 5294[4]中提供了对多播安全注意事项的最新理解。

No new security considerations are known to be introduced with a new DNS query operation. However, using multicast for service discovery has the potential for denial of service from flooding attacks. How to scope multicast is not part of the DISCOVER processing rules. It may also be possible to enable deliberate misconfiguration of clients simply by running a malicious DNS server that falsely claims to be authoritative for delegations. One possible way to mitigate this threat is to use credentials, such as CERT resource records within an RR set. The TBDS project took this approach. TBDS did not directly utilize DNS Security (DNSSEC), so possible interactions with DNSSEC-aware/-capable servers are unknown.


6. Acknowledgments
6. 致谢

This material was generated in discussions on the mdns mailing list hosted by Zocalo in March 2000 and updated by discussions in September/October 2003 on a closed mailing list. David Lawrence, Scott Rose, Stuart Cheshire, Bill Woodcock, and Erik Guttman were active contributors. Suzanne Woolf was part of the original implementation team and an invaluable sanity checker. Funding for the RFC Editor function is currently provided by the Internet Society.

这一材料是在2000年3月由Zocalo主持的关于mdns邮件列表的讨论中产生的,并在2003年9月/10月关于封闭邮件列表的讨论中更新。大卫·劳伦斯、斯科特·罗斯、斯图尔特·切希尔、比尔·伍德科克和埃里克·古特曼都是积极的贡献者。苏珊娜·伍尔夫(Suzanne Woolf)是最初实施团队的一员,也是一位无价之宝。RFC编辑功能的资金目前由互联网协会提供。

7. References
7. 工具书类
7.1. Normative References
7.1. 规范性引用文件

[1] Mockapetris, P., "DOMAIN NAMES - CONCEPTS AND FACILITIES", STD 13, RFC 1034, November 1987.

[1] Mockapetris,P.,“域名-概念和设施”,STD 13,RFC 1034,1987年11月。

[2] Mockapetris, P., "DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION", STD 13, RFC 1035, November 1987.

[2] Mockapetris,P.,“域名-实现和规范”,STD 13,RFC 10351987年11月。

[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[3] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[4] Savola, P. and J. Lingard, "Host Threats to Protocol Independent Multicast (PIM)", RFC 5294, August 2008.

[4] Savola,P.和J.Lingard,“协议独立多播(PIM)的主机威胁”,RFC 52942008年8月。

7.2. Informative References
7.2. 资料性引用

[5] Manning, B., "Topology Based Domain Search (TBDS)", Final Report, June 2002, <>.

[5] Manning,B.,“基于拓扑的域搜索(TBDS)”,最终报告,2002年6月<>.

[6] Meyer, D., "Administratively Scoped IP Multicast", BCP 23, RFC 2365, July 1998.

[6] Meyer,D.,“管理范围的IP多播”,BCP 23,RFC 2365,1998年7月。

Authors' Addresses


Bill Manning PO 12317 Marina del Rey, CA. 90295 United States