Generate dns-rr line that can be used in dnsmasq for SVCB and possibly HTTPS records for DNS over HTTPS (DoH), DNS over QUIC (DoQ) and possibly DNS over TLS (DoT)

rr_line_generator.py

#!/usr/bin/python3

import json
import binascii

# pip3 install dnspython
import dns.name
import dns.rdataclass
import dns.rdatatype
import dns.rdata

def encode_rr_line(owner: str, rdata_text: str, rdatatype: dns.rdatatype):
    rdata = dns.rdata.from_text(dns.rdataclass.IN, rdatatype, rdata_text)
    rdata_wire = rdata.to_wire(origin=None, compress=False)

    rdata_type_number = int(rdatatype)
    hex_encoded = binascii.hexlify(rdata_wire).decode().upper()

    # dnsmasq output
    dns_rr_line = f'dns-rr={owner},{rdata_type_number},{hex_encoded}'

    return {
        "rdata_text": rdata_text,
        'dns_rr_line': dns_rr_line,
        'rdatatype': rdatatype.name
    }

owner = '_dns.resolver.arpa.'
host = 'unbound.local.'

svcb_doh_rdata = f'1 {host} alpn="h2" port=443 ipv4hint=192.168.2.254 ipv6hint=fd2c:7841:b288:: key7="/dns-query{{?dns}}"'
svcb_doh = encode_rr_line(owner, svcb_doh_rdata, dns.rdatatype.SVCB)
print(json.dumps(svcb_doh, indent=4))


svcb_dot_rdata = f'2 {host} alpn="dot" port=853 ipv4hint=192.168.2.254 ipv6hint=fd2c:7841:b288::'
svcb_dot = encode_rr_line(owner, svcb_dot_rdata, dns.rdatatype.SVCB)
print(json.dumps(svcb_dot, indent=4))

# Warning: Didn't work parsing error on response
# https_doh_rdata = f'1 {host} alpn="h2" port=443 ipv4hint=192.168.2.254 ipv6hint=fd2c:7841:b288:: dohpath="/dns-query"'
# https_doh = encode_rr_line(owner, https_doh_rdata, dns.rdatatype.HTTPS)
# print(json.dumps(https_doh, indent=4))

dnsmasq return zero TTL when using dns-rr entries, which can be changed by declaring local-ttl=60