1 The IP-over-DNS protocol is as follows:
4 We don't want to go outside alphanumerics and hyphens,
5 ie hostname-legal. So we do base32 encoding:
6 8 hostname characters encoding 5 bits each, which encodes
10 - client splits packet into appropriate fragments
16 We use CNAME queries. The request/response Q and R are bit-encoded
17 into the labels of the query domain and answer section domains,
20 So requests by the client are
21 QCLASS=IN QTYPE=CNAME !RD QNAME=<query-bit-pattern>.<my-domain>
24 <qname> 1 IN CNAME <response-bit-pattern>
26 The server maintains a local cache of questions we have been asked and
27 answers we gave. Neither side ever retries packets; so any responses
28 from our server's cache are due to resolvers between the client and
36 remaining Unfragmented response message data nybbles
55 remaining Unfragmented response message data bytes
58 4* bits Logarithmic server queue length
59 # ciel(log_2( Number of bytes of queued message data + 1 ))
60 # clamped to maximum value
63 [ If there is actually any data to send:
65 [ If not only fragment:
66 1 bit Final fragment ?
67 12 bits Fragment offset
68 [ In packets from server:
69 8* bits netlink-packet-sequence-number
70 # In payloads from client, the client-message-nonce
71 # is used for reassembly.
77 associd := 32* bits Assigned by server
79 client-init-nonce := 64 bits Random number
81 client-message-nonce := 8* bits Sequence number, starts at random value
82 # Ie if we start having more than 255 queries outstanding, we're
83 # going to start losing things. With our default TTL of 1s and
84 # a compliant DNS server, that might limit us to 255 packets/sec.
85 # With noncompliant DNS servers it might reduce available bandwidth.
87 Lengths marked with * are configurable.
91 Need to test transparency of: