I've used xinetd to set up a test nameserver on port 1024. Here's the Net::DNS Perl I'm using to say (falsely) that news.yahoo.com resolves to 10.1.2.3 with a TTL of 1 day:

$res = Net::DNS::Packet->new(); 
$rr = Net::DNS::RR->new("news.yahoo.com. 86400 A 10.1.2.3"); 
$res->push(answer => $rr); 
print $res->data;
[download]

According to Net::DNS, here's the prettyprint version of the packet I create:

;; HEADER SECTION
;; id = 26432
;; qr = 0    opcode = QUERY    aa = 0    tc = 0    rd = 1
;; ra = 0    ad = 0    cd = 0    rcode  = NOERROR
;; qdcount = 1  ancount = 1  nscount = 0  arcount = 0

;; QUESTION SECTION (1 record)
;; .    IN      A

;; ANSWER SECTION (1 record)
news.yahoo.com. 86400   IN      A       10.1.2.3

;; AUTHORITY SECTION (0 records)

;; ADDITIONAL SECTION (0 records)
[download]

It's ugly and minimal, but is it a valid DNS answer? Does the question section actually have to contain the question asked or is that optional?

When I try using dig to test, I get this error:

> dig -p 1024 @localhost news.yahoo.com

; <<>> DiG 9.3.1 <<>> -p 1024 @localhost news.yahoo.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
[download]

My debug logs show that my test nameserver is called thrice (dig tries 3 times by default?) with this packet (prettyprinted below):

;; HEADER SECTION
;; id = 41909
;; qr = 0    opcode = QUERY    aa = 0    tc = 0    rd = 1
;; ra = 0    ad = 0    cd = 0    rcode  = NOERROR
;; qdcount = 1  ancount = 0  nscount = 0  arcount = 0

;; QUESTION SECTION (1 record)
;; news.yahoo.com.      IN      A

;; ANSWER SECTION (0 records)

;; AUTHORITY SECTION (0 records)

;; ADDITIONAL SECTION (0 records)
[download]

I did notice the packet dig sends has id=41909 and my response has id=26432-- is that a problem?

I'm pretty sure the problem isn't with xinetd and that dig is getting my response packet-- it just doesn't seem to like it for some reason.

20061220 Janitored by Corion: Added formatting, code tags, as per Writeup Formatting Tips