DNSSEC information

Mar 2, 2015 at 7:30 PM
Hi everyone,

I found this great library and tried to incorporate it into my project. The idea is to capture the DNS packets and in case they are DNSSEC, display some additional information. What I managed to do is to capture the packets, get some of the flags (is authoritative, is query, resource records, etc.). What I would like to do, and I see the library supports it, is to get the DNSSEC specific data like RRset signature, who is signer, when it was signed, expiration, etc. The data can be seen using dig or powershell.

Example: Image

I'd be very grateful if anyone has any idea on how to achieve this. Thanks.
Mar 13, 2015 at 9:05 AM
Hi McMallar,

You should go over the resource records and see their type using the DnsType property.
If they match the type you want to diagnose, for example DnsType.ResourceRecordSignature for RRSIG, you can down cast the resource record's data to the relevant DnsResourceData type. For example, DnsResourceDataSignature.

I hope this helps,

Mar 13, 2015 at 2:07 PM
Hi Brickner,

I managed to get the needed information. Thank you very much for the support.