DelphinusDNS Blog
(the latest about delphinusdnsd)||
|
Previous Page
July 9th, 2020
Even though the 1.4.2 tarball doesn't update the internal version string
to 1.4.2 (I forgot this rolling it this morning), it does feature a slight
DNS header query flags fix to REFUSED answers. This bug was found 6 days
ago, so I finally was able to backport it. So, only 1 source file is
different from 1.4.1 featuring a 3 line diff.
0 comments
July 3rd, 2020
I have just check in my work, it will be in tomorrows snapshot or you can
github it in 3 minutes. The work is far from finished but I got a working
forwarding with a TSIG secure channel, utilizing 2 delphinusdnsd's and one
unbound (bound to localhost). One delphinusdnsd takes on queries for
forwarding and send them to the second delphinusdnsd upstream at my server.
It's forwarding config looks something like this:
forward "to these hosts" {
incoming-tsig no;
destination 5.9.87.75 port 8053 key newsecret;
; destination 2a01:4f8:162:1167::2 port 8053 key newsecret;
destination 85.10.199.4 port 8053 key newsecret;
; destination 2a01:4f8:a0:5135::2 port 8053 key newsecret;
}
So on port 8053 at the upstream server(s) is another delphinusdnsd that has
a similar config only incoming-tsig is set to yes, and it will forward to
localhost (some port). Thus far it works and it is quick too. I'm sure I'll
iron out the bugs next week though. I'm very proud I got this working so far,
I dedicated the entire month of july for this, so there is plenty of time to
test this.
0 comments
July 2nd, 2020
I have made a fix for reply_refused() it was giving bogus answers.
here is a diff for the fix. As you can see
it was a misplaced memset() and then it didn't answer authoritatively which
I added.
0 comments
July 1st, 2020
I have added a "Donate" link to the main delphinusdns.org page. If you use
delphinusdnsd and can donate a little bit I'd be grateful. I chose what I
do with this money (it mostly goes to my living), and I chose what to with
the development of delphinusdnsd, in other words, the donation would be a
gift, with no strings attached. If you donate over 100 EUR I'm going to
allow you to link to a hyperlink with your name or your corporation. The
link has to be in taste with this site. You can go to the donate page
directly through here.
Thanks!
0 comments
June 30th, 2020
I'm hoping to be putting in a forwarding feature to delphinusdnsd. This is
the next closest thing to having a recursive server but not really. My
goal is to have TSIG protection and different ports as the forwarding
destination. So a sample entry may look like:
forward "to these hosts" {
incoming-key pass;
destination 1.1.1.1 port 53 key NOKEY;
destination fcfc:fcfc:8::1 port 5353 key routerpass;
}
So this forces incoming questions to only reply when the incoming key pass
matches (a TSIG key), and the destinations either have NOKEY or a set key.
I hope I can get this finished in July, then there is a priority to do something
else in August and I'll be back for September, October, November and December
to get started on the Dynamic DNS Updates. The DNS Updates won't be finished
for 1.5.0 but will be aimed for 1.6.0 release. I'm hoping to make use of
the cooler months to get ahead. Perhaps to get non-DNSSEC Updates for 1.5.0
and work on the DNSSEC part in 2021.
2 comments
June 20th, 2020
As you may know delphinusdnsd is spread over several processes and the plumbing
for the IPC is hard to do. So I'm introducing the CORTEX process. Here is a
rough chart on how it looks like:
Each connection between the cortex is called a neuron. It is sorta like the
brain of the human :-). I haven't lost my mind. This is just a way of making
sense for me, so I don't fall asleep to it. I hope to have the cortex work
finished and tried in around three weeks to a month.
5 comments
June 15th, 2020
Just a test. Ignore please.
0 comments
May 25th, 2020
Really interested to what people are observing out there. Here is what I
saw on a delphinusdnsd that was up 11 days:
_ddd 77316 0.0 0.1 18368 21128 ?? Sp 14May20 \
0:03.99 /usr/local/sbin/delphinusdnsd -l
When restarting it and ps auxwww again, this is what I see:
_ddd 69292 0.0 0.1 16852 18192 ?? Sp 5:32PM \
0:00.04 /usr/local/sbin/delphinusdnsd -l
The OS currently is OpenBSD 6.6 with all patches. I don't know if I have the
energy in the next month to seriously look into this, right now I don't want
to do the work. But it looks like there is a slight memory leak since this is
the parent process and there can be no CoW (copy on write) paging. Hmm anyhow.
That particular delphinusdnsd runs 10 zones. So rather small.
1 comment
May 17th, 2020
I've been thinking of making an iodine-like feature in delphinusdnsd. Only
I don't know when and if DNS Updates takes precedence. I was thinking of this
for version 1.6 perhaps, or higher. So next year. So what's iodine? Iodine
is a substance they give out to radiation victims in the vicinity of a nuclear
disaster :-|. It has the atomic number 53 in the periodic table of the
elements as far as I can remember. So it has something in common with DNS
which uses the ports 53 (tcp and udp) for communication. The program iodine
is a way to tunnel IP over DNS.
This in effect, if implanted into delphinusdnsd
, would be going against the reason why delphinusdnsd was first created. Let
me explain. When I first programmed wildcarddnsd (I was living in frankfurt
at the time) it was to make a secure portal, and fake websites answers. But
it didn't work because of DNS caching in solaris and windows. So you could
say that delphinusdnsd is in a transformation from good to evil. The
way I was envisioning doing the iodine-functionality would be with a tunnel
connecting more than one nameservers to the master so that only the master
answers the end-point. It won't be an IP tunnel but rather a tty tunnel and
it would use /usr/bin/login for an operator of this tunnel to log in and get
a pseudo terminal. This is just thoughts, I hope I can implement this some
day.
1 comment
May 7th, 2020
I just did some commits that, if they have a mistake, could be detrimental
to the operation of delphinusdnsd. If you read this on the 7th of may and
you want an up to date copy you can download a snapshot in the next 8 hours.
and it will not have this change. If however you have nothing to lose,
you can continue getting the newest. It takes me some time, as noticed
on april 27th after two weeks roughly, to noticed bugs. I tested this change
on centroid.eu so if anything breaks it will break big time for me. We'll
see I guess.
1 comment
Next Page
|
Search
RSS Feed
 Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
May, 2023
April, 2023
March, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
Powered by BCHS
|