Aller au contenu Aller au menu principal Aller au menu secondaire Aller au pied de page

Afnic launches IBDNS, the “intentionally broken” DNS server

Home > Observatory and resources > News > Afnic launches IBDNS, the “intentionally broken” DNS server

Afnic, the association in charge of the .fr top-level domain and several other French overseas and generic TLDs, announced today the release as free software of its tool named IBDNS, standing for Intentionally Broken DNS.

On the Internet, applications using the DNS (Domain Name System) generally follow the protocol’s technical specifications. But when developing a testing tool or a resolver, it can be useful to verify its behaviour compared when faced with DNS servers that do not comply with these specifications. After all, a good DNS client must be able to handle poorly formed messages or incorrect behaviour of name servers without malfunctioning.

This is where IBDNS comes into play. IBDNS fills a gap in the universe of DNS test tools by offering the possibility of deviating intentionally and on demand from the DNS specifications, and thus simulating incorrect behaviour of authoritative name servers.

Afnic had initially developed IBDNS to cater to the needs of Zonemaster, its DNS zone health assessment tool designed in collaboration with their Swedish counterpart Internetstiftelsen. This begs the question: how to ensure that Zonemaster gives the right diagnosis in all circumstances. The test suite accompanying Zonemaster to this end relied on zones that were intentionally misconfigured, but hosted on standard servers. The method worked well for 90% of the anomalies detected, but the remaining 10% needed a more specific tool. By allowing the anomalies observed on the Internet to be faithfully replicated, which a standard DNS server cannot do, IBDNS further improves the reliability and accuracy of Zonemaster’s diagnostics.

In its initial use case as a testing tool for testing tools, IBDNS aims to comfort Zonemaster in its position as the benchmark DNS testing tool. Its release as free software reflects the determination to shift gears and have Zonemaster’s unit tests reach a coverage as close as possible to 100%.

Afnic invites anyone who’s interested – be they developers of DNS resolvers, DNS testing tools and more generally tools that interact with authoritative name servers, security auditors for this same category of software applications, researchers interested in the DNS and its implementation, or just people curious about the workings of the DNS – to discover the IBDNS source code on Afnic Labs’ Gitlab server.

Discover the IBDNS source code on Afnic Labs’ Gitlab server

About Afnic

Afnic is the acronym for Association Française pour le Nommage Internet en Coopération, the French Network Information Centre. The registry has been appointed by the French government to manage domain names under the .fr Top Level Domain. Afnic also manages the .re (Reunion Island), .pm (Saint-Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna) and .yt (Mayotte) French Overseas TLDs.

In addition to managing French TLDs, Afnic’s role is part of a wider public interest mission, which is to contribute on a daily basis, thanks to the efforts of its teams and its members, to a secure and stable internet, open to innovation and in which the French internet community plays a leading role. As part of that mission, Afnic, a non-profit organization, has committed to devoting 11% of its Revenues from managing .fr Top Level Domain to actions of general interest, in particular by transferring €1.3 million each year to the Afnic Foundation for Digital Solidarity.
Afnic is also the back-end registry for the companies as well as local and regional authorities that have chosen to have their own TLD, such as .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf.

Established in 1997 and based in Saint-Quentin-en-Yvelines, Afnic currently has nearly 90 employees.