tessl/pypi-dnslib
Simple library to encode/decode DNS wire-format packets
dns-records.mddocs/
DNS Resource Records
Comprehensive support for DNS resource record types including address records, mail exchange, name servers, text records, and DNSSEC extensions. All record types are implemented as resource data (RD) classes that can be used with the RR container.
Base Resource Data Class
class RD:
"""
Base class for all DNS resource data types.
Args:
data (bytes, optional): Raw resource data
"""
def __init__(self, data=b""): ...
def pack(self, buffer):
"""
Pack resource data to wire format.
Args:
buffer (Buffer): Output buffer
"""
@classmethod
def parse(cls, buffer, length):
"""
Parse resource data from wire format buffer.
Args:
buffer (Buffer): Input buffer
length (int): Data length
Returns:
RD: Parsed resource data object
"""
@classmethod
def fromZone(cls, rd, origin=None):
"""
Parse resource data from zone file format.
Args:
rd (str): Zone file format string
origin (DNSLabel, optional): Origin domain
Returns:
RD: Parsed resource data object
"""
def toZone(self):
"""
Convert resource data to zone file format.
Returns:
str: Zone file format string
"""Capabilities
Address Records
IPv4 and IPv6 address resource records for domain name to IP address mapping.
class A:
"""
IPv4 address resource record.
Args:
data (str): IPv4 address (e.g., "192.0.2.1")
"""
def __init__(self, data): ...
def pack(self, buffer):
"""Pack A record to wire format."""
@classmethod
def parse(cls, buffer, length):
"""Parse A record from wire format buffer."""
@classmethod
def fromZone(cls, rd, origin=None):
"""Parse A record from zone file format."""
def toZone(self):
"""Convert A record to zone file format."""
class AAAA:
"""
IPv6 address resource record.
Args:
data (str): IPv6 address (e.g., "2001:db8::1")
"""
def __init__(self, data): ...
def pack(self, buffer):
"""Pack AAAA record to wire format."""
@classmethod
def parse(cls, buffer, length):
"""Parse AAAA record from wire format buffer."""
@classmethod
def fromZone(cls, rd, origin=None):
"""Parse AAAA record from zone file format."""
def toZone(self):
"""Convert AAAA record to zone file format."""Name Records
Records for aliasing and delegation including canonical names and pointer records.
class CNAME:
"""
Canonical name resource record for domain aliasing.
Args:
label (str or DNSLabel): Canonical domain name
"""
def __init__(self, label): ...
class PTR:
"""
Pointer resource record for reverse DNS lookups.
Inherits from CNAME.
Args:
label (str or DNSLabel): Target domain name
"""
def __init__(self, label): ...
class NS:
"""
Name server resource record.
Inherits from CNAME.
Args:
label (str or DNSLabel): Name server domain name
"""
def __init__(self, label): ...
class DNAME:
"""
Delegation name resource record.
Inherits from CNAME.
Args:
label (str or DNSLabel): Delegation target domain name
"""
def __init__(self, label): ...Mail Exchange Records
Records for email routing and mail server specification.
class MX:
"""
Mail exchange resource record.
Args:
preference (int): Priority value (lower values have higher priority)
mx (str or DNSLabel): Mail server domain name
"""
def __init__(self, preference, mx): ...Text Records
Records for storing arbitrary text data including SPF, DKIM, and other metadata.
class TXT:
"""
Text resource record for arbitrary text data.
Args:
data (str or list[str]): Text data (list for multiple strings)
"""
def __init__(self, data): ...Start of Authority Records
SOA records defining authoritative information about DNS zones.
class SOA:
"""
Start of authority resource record.
Args:
mname (str or DNSLabel): Primary name server
rname (str or DNSLabel): Responsible person email (@ replaced with .)
times (tuple or list): (serial, refresh, retry, expire, minimum) values
"""
def __init__(self, mname, rname, times): ...Service Records
Records for service location and priority specification.
class SRV:
"""
Service resource record for service location.
Args:
priority (int): Priority value (lower values have higher priority)
weight (int): Weight for load balancing among same priority
port (int): Service port number
target (str or DNSLabel): Target server domain name
"""
def __init__(self, priority, weight, port, target): ...
class NAPTR:
"""
Naming authority pointer resource record.
Args:
order (int): Processing order
preference (int): Preference value
flags (str): Application flags
service (str): Service parameters
regexp (str): Regular expression for rewriting
replacement (str or DNSLabel): Replacement domain name
"""
def __init__(self, order, preference, flags, service, regexp, replacement): ...DNSSEC Records
Records for DNS Security Extensions providing authentication and integrity.
class DS:
"""
Delegation signer resource record for DNSSEC.
Args:
key_tag (int): Key tag value
algorithm (int): Algorithm identifier
digest_type (int): Digest algorithm identifier
digest (str or bytes): Cryptographic digest
"""
def __init__(self, key_tag, algorithm, digest_type, digest): ...
class DNSKEY:
"""
DNS key resource record for DNSSEC.
Args:
flags (int): Key flags (256=ZSK, 257=KSK)
protocol (int): Protocol field (always 3)
algorithm (int): Algorithm identifier
key (str or bytes): Public key data
"""
def __init__(self, flags, protocol, algorithm, key): ...
class RRSIG:
"""
Resource record signature for DNSSEC.
Args:
covered (int): Type of RR covered by signature
algorithm (int): Algorithm identifier
labels (int): Number of labels in original owner name
orig_ttl (int): Original TTL value
sig_exp (int): Signature expiration time
sig_inc (int): Signature inception time
key_tag (int): Key tag value
name (str or DNSLabel): Signer name
sig (str or bytes): Signature data
"""
def __init__(self, covered, algorithm, labels, orig_ttl, sig_exp, sig_inc, key_tag, name, sig): ...
class NSEC:
"""
Next secure resource record for DNSSEC authenticated denial.
Args:
label (str or DNSLabel): Next owner name
type_bitmap (bytes or list[int]): Type bitmap of existing records
"""
def __init__(self, label, type_bitmap): ...Certificate and Security Records
Records for certificate authority authorization and security information.
class CAA:
"""
Certificate authority authorization resource record.
Args:
flags (int): Flags field (0=non-critical, 128=critical)
tag (str): Property tag ("issue", "issuewild", "iodef")
value (str): Property value
"""
def __init__(self, flags, tag, value): ...
class SSHFP:
"""
SSH key fingerprint resource record.
Args:
algorithm (int): Algorithm identifier (1=RSA, 2=DSS, 3=ECDSA, 4=Ed25519)
fp_type (int): Fingerprint type (1=SHA-1, 2=SHA-256)
fingerprint (str or bytes): Key fingerprint
"""
def __init__(self, algorithm, fp_type, fingerprint): ...
class TLSA:
"""
Transport layer security authentication resource record.
Args:
usage (int): Certificate usage (0-3)
selector (int): Selector field (0=full cert, 1=public key)
mtype (int): Matching type (0=exact, 1=SHA-256, 2=SHA-512)
cert (str or bytes): Certificate association data
"""
def __init__(self, usage, selector, mtype, cert): ...Service Binding Records
Records for modern service binding and HTTPS service parameters.
class HTTPS:
"""
HTTPS service binding resource record.
Args:
priority (int): Priority value (0=alias mode, >0=service mode)
target (str or DNSLabel): Target domain name
params (dict, optional): Service parameters
"""
def __init__(self, priority, target, params=None): ...Location and Contact Records
Records for geographical location and responsible person information.
class LOC:
"""
Location resource record for geographical information.
Args:
lat (float): Latitude in degrees
lon (float): Longitude in degrees
alt (float): Altitude in meters
size (float): Size of location in meters
hp (float): Horizontal precision in meters
vp (float): Vertical precision in meters
"""
def __init__(self, lat, lon, alt, size=1, hp=10000, vp=10): ...
class RP:
"""
Responsible person resource record.
Args:
mbox (str or DNSLabel): Mailbox domain name (@ replaced with .)
txt (str or DNSLabel): TXT record with additional information
"""
def __init__(self, mbox, txt): ...Type Constants and Mappings
# DNS record type mappings
QTYPE = Bimap(
A=1, NS=2, MD=3, MF=4, CNAME=5, SOA=6, MB=7, MG=8, MR=9, NULL=10,
WKS=11, PTR=12, HINFO=13, MINFO=14, MX=15, TXT=16, RP=17, AFSDB=18,
X25=19, ISDN=20, RT=21, NSAP=22, NSAP_PTR=23, SIG=24, KEY=25,
PX=26, GPOS=27, AAAA=28, LOC=29, NXT=30, EID=31, NIMLOC=32,
SRV=33, ATMA=34, NAPTR=35, KX=36, CERT=37, A6=38, DNAME=39,
SINK=40, OPT=41, APL=42, DS=43, SSHFP=44, IPSECKEY=45, RRSIG=46,
NSEC=47, DNSKEY=48, DHCID=49, NSEC3=50, NSEC3PARAM=51, TLSA=52,
SMIMEA=53, HIP=55, NINFO=56, RKEY=57, TALINK=58, CDS=59, CDNSKEY=60,
OPENPGPKEY=61, CSYNC=62, ZONEMD=63, SVCB=64, HTTPS=65, SPF=99,
UINFO=100, UID=101, GID=102, UNSPEC=103, NID=104, L32=105, L64=106,
LP=107, EUI48=108, EUI64=109, TKEY=249, TSIG=250, IXFR=251, AXFR=252,
MAILB=253, MAILA=254, ANY=255, URI=256, CAA=257, AVC=258, DOA=259,
AMTRELAY=260, TA=32768, DLV=32769
)
# Resource record class to type mapping
RDMAP = {
'A': A, 'AAAA': AAAA, 'CNAME': CNAME, 'PTR': PTR, 'NS': NS, 'DNAME': DNAME,
'MX': MX, 'TXT': TXT, 'SOA': SOA, 'SRV': SRV, 'NAPTR': NAPTR,
'DS': DS, 'DNSKEY': DNSKEY, 'RRSIG': RRSIG, 'NSEC': NSEC,
'CAA': CAA, 'SSHFP': SSHFP, 'TLSA': TLSA, 'HTTPS': HTTPS,
'LOC': LOC, 'RP': RP
}Usage Examples
Creating Address Records
from dnslib import *
# IPv4 address record
a_record = RR("example.com", QTYPE.A, rdata=A("192.0.2.1"), ttl=300)
print(a_record)
# IPv6 address record
aaaa_record = RR("example.com", QTYPE.AAAA, rdata=AAAA("2001:db8::1"), ttl=300)
print(aaaa_record)
# From zone file format
records = RR.fromZone("""
example.com. 300 IN A 192.0.2.1
example.com. 300 IN AAAA 2001:db8::1
""")
for rr in records:
print(rr)Creating Mail Exchange Records
from dnslib import *
# MX record with priority
mx_record = RR("example.com", QTYPE.MX, rdata=MX(10, "mail.example.com"), ttl=300)
print(mx_record)
# Multiple MX records with different priorities
mx_records = RR.fromZone("""
example.com. 300 IN MX 10 mail1.example.com.
example.com. 300 IN MX 20 mail2.example.com.
example.com. 300 IN MX 30 mail3.example.com.
""")
for rr in mx_records:
print(rr)Creating Text Records
from dnslib import *
# Simple TXT record
txt_record = RR("example.com", QTYPE.TXT, rdata=TXT("v=spf1 include:_spf.example.com ~all"), ttl=300)
print(txt_record)
# TXT record with multiple strings
txt_multi = RR("example.com", QTYPE.TXT, rdata=TXT(["First string", "Second string"]), ttl=300)
print(txt_multi)
# From zone file format
txt_records = RR.fromZone("""
example.com. 300 IN TXT "v=spf1 include:_spf.example.com ~all"
_dmarc.example.com. 300 IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"
""")
for rr in txt_records:
print(rr)Creating Service Records
from dnslib import *
# SRV record for service location
srv_record = RR("_http._tcp.example.com", QTYPE.SRV,
rdata=SRV(10, 60, 80, "www.example.com"), ttl=300)
print(srv_record)
# Multiple SRV records for load balancing
srv_records = RR.fromZone("""
_http._tcp.example.com. 300 IN SRV 10 60 80 www1.example.com.
_http._tcp.example.com. 300 IN SRV 10 40 80 www2.example.com.
_http._tcp.example.com. 300 IN SRV 20 0 80 backup.example.com.
""")
for rr in srv_records:
print(rr)Creating DNSSEC Records
from dnslib import *
# DS record for delegation signer
ds_record = RR("example.com", QTYPE.DS,
rdata=DS(12345, 7, 1, "1234567890ABCDEF1234567890ABCDEF12345678"), ttl=300)
print(ds_record)
# DNSKEY record
dnskey_record = RR("example.com", QTYPE.DNSKEY,
rdata=DNSKEY(257, 3, 7, "AwEAAcHQ..."), ttl=300)
print(dnskey_record)
# NSEC record
nsec_record = RR("example.com", QTYPE.NSEC,
rdata=NSEC("mail.example.com", [QTYPE.A, QTYPE.MX, QTYPE.RRSIG, QTYPE.NSEC]), ttl=300)
print(nsec_record)Creating Security Records
from dnslib import *
# CAA record for certificate authority authorization
caa_record = RR("example.com", QTYPE.CAA,
rdata=CAA(0, "issue", "letsencrypt.org"), ttl=300)
print(caa_record)
# SSHFP record for SSH key fingerprint
sshfp_record = RR("server.example.com", QTYPE.SSHFP,
rdata=SSHFP(1, 2, "123456789ABCDEF123456789ABCDEF123456789ABCDEF123456789ABCDEF12"), ttl=300)
print(sshfp_record)
# TLSA record for TLS association
tlsa_record = RR("_443._tcp.example.com", QTYPE.TLSA,
rdata=TLSA(3, 1, 1, "1234567890ABCDEF..."), ttl=300)
print(tlsa_record)Working with Complex Records
from dnslib import *
# SOA record with all parameters
soa_record = RR("example.com", QTYPE.SOA,
rdata=SOA("ns1.example.com", "admin.example.com",
(2023010101, 7200, 3600, 604800, 86400)), ttl=300)
print(soa_record)
# LOC record for geographical location
loc_record = RR("example.com", QTYPE.LOC,
rdata=LOC(37.7749, -122.4194, 10, 1, 10000, 10), ttl=300)
print(loc_record)
# HTTPS service binding record
https_record = RR("example.com", QTYPE.HTTPS,
rdata=HTTPS(1, ".", {"alpn": "h2,h3"}), ttl=300)
print(https_record)Install with Tessl CLI
npx tessl i tessl/pypi-dnslib