DelphinusDNS Blog
(the latest about delphinusdnsd)
|
Previous Page
November 19th, 2019
I have synced delphinusdnsd snapshots along all operating systems that this
daemon supports. It works on Linux, OpenBSD, NetBSD and FreeBSD. If you
want to test, you can test. But please, be careful as things have changed.
The snapshots were updated at 8:30 CET this morning which is outside the
usual window of midnight. I did this to expedite this a bit.
0 comments
A resolver not working well with delphinusdns.org
November 18th, 2019
In order to test delphinusdnsd on other platforms I had to install a
Microsoft Hyper-V FreeBSD instance. I couldn't download from delphinusdns.org
though because of this:
It seems to affect only the Hyper-V resolver behind a BIND. The BIND serves
the root-servers.net's as AUTHORITY data, and this resolver sticks it together
as an answer. Bad things result. Please Microsoft, fix Hyper-V's DNS!
In the meanwhile i've taken the freebsd instance out of the extern LAN
area (which is 192.168.127.0/24, I suspect) and everything works now. PS
sorry for the blurry photo, I couldn't make a screenshot because I couldn't
figure it out with a Macintosh keyboard (how to print, I was told F13 but it
doesn't work.. PEBCAK in that case).
0 comments
Delphinusdnsd Replicant in test setups
November 14th, 2019
I have roughly one month and a half to test delphinusdnsd replicant and the
overall stability of the soon to be 1.4 release. You can help by sending
some queries to the following nameservers:
- An IPv6-only setup exists at wedge.ip6.centroid.eu port 53.
- A more general setup exists at trapezoid.centroid.eu port 9053
You can test the following zones on wedge: ip6.centroid.eu, otherzone.centroid.eu. And the following zones should work on trapezoid port 9053: centroid.eu,
dtschland.eu, solarscale.de, goldflipper.de, schweinfurtdating.de, delphinusdns.org, virgostar.net, mainrechner.de, freifunk-schweinfurt.de. The trapezoid
server is currently still running NSD on port 53, but I plan to change that in
time, when I feel secure that I can run delphinusdnsd in its place.
Thanks for any help and one or two queries to port 9053 on trapezoid. Do
report back any errors too please.
0 comments
Snapshot error, should be fixed now
November 14th, 2019
The CVS stuff gets rsync'ed to the webserver. It just so happens that the
time when the snapshot is created conflicted with the time when this was done.
I have manually fixed this now as it made a corrupted tarball for downloading
snapshots. Sorry for inconvenience. In future the snapshot script will sleep
a bit before executing a cvs checkout.
0 comments
TODO is pretty well done for 1.4
November 6th, 2019
I have marked off Replicant/Slave mode off my TODO file as DONE. Now all
that remains is testing, refactoring and minor changes.
For 1.4.0 release
- a github mirrored copy
- fix the DNSSEC code so that a KSK key rollover is allowed [DONE]
- TSIG support would still be nice [DONE]
- CAA RR support
- More ciphers for signing (GOST, ECDSA, Elliptic Curves) [ECDSA DONE]
- Slave AXFR mode (with TSIG) [DONE]
- Redo TCP support [DONE]
You may remember that I applied for a grant last year and this disturbed the
release cycle with the 1.3 release being done in summer. So I didn't get the
grant, but I did get more time to write on delphinusdnsd (1.5 release cycles)
in order to get back to ta winter release cycle. These are the major goals
set and (mostly) completed. If you want to see where things were and where
we're going then look up the TODO file in the CVS repo.
Also I may put this
out now, the 1.5 release will be mostly bug fixes but little new features
as I'm catching a breather. It may also be a time for others to contribute
patches and possibly join development. The 1.6 release will be much stronger
as I plan to add the feature of DNS Updates and possibly fix replicant mode
so that delphinusdnsd doesn't have to restart upon a successful AXFR. It also
depends how much time I got I guess. That's what's on the menu though. I
plan to be writing on delphinusdnsd until I'm 59, so there is still time to
perhaps get it done some day this adds another 15 years to development life.
1 comment
The ugly word slave and why I want to avoid it
November 6th, 2019
Slavery is a scandalous human condition, it hasn't brought us further. In
DNS there is a primary master server usually that controls when zone changes
are made. Any other server that does an AXFR from this master is historically
called a slave. I asked the DNS community in #dns freenode channel what some
similar names are that would be relevant to get rid of the word slave. We
settled on "replicant". A replicant by means of definition
is a replicative
which when dug further is "Of, pertaining to, or causing
replication". This is a good word. However please forgive me if I still use
the word "slave" because the s word is so popular in the community and I want
to let people know what I'm talking about. Officially though in delphinusdnsd
we're using replicant to indicate a replicant daemon.
0 comments
Delphinusdnsd replicant successfully AXFR'ed from NSD
November 4th, 2019
In my test lab delphinusdnsd in replicant mode (in debug mode) successfully
got a notify from nsd and subsequently pulled the zonefile from nsd.
adding SOA values to zone petphi.internal.centroid.eu
petphi.internal.centroid.eu -> 2019110304, 3600, 1800, 1209600
on descriptor 3 interface "192.168.177.2" dns NOTIFY packet from 192.168.177.1,\
replying NOTIFY
request on descriptor 3 interface "192.168.177.2" from 192.168.177.1 (ttl=64, \
region=255) for "petphi.internal.centroid.eu." type=SOA(6) class=1, answering \
"NOTIFY" (149/45)
zone petphi.internal.centroid.eu is being notified now
new higher serial detected (2019110305 vs. 2019110304)
setsockopt: Numerical argument out of domain
scheduling restart at Mon Nov 4 11:59:39 2019
This is another milestone, showing that a delphinusdns replicant (also called
a slave) can interoperate with other nameservers.
0 comments
Delphinusdnsd did an AXFR from another Delphinusdnsd
November 2nd, 2019
I'm writing you this because it's a historic moment. About one hour ago
Delphinusdnsd on an internal IP (192.168.177.40) did a zone transfer from
another internal host (192.168.177.2) also running Delphinusdnsd. It did
check with a TCP query checking for an SOA, determined it needed to AXFR
and got the remote zone. It then scheduled a reboot to reread this zone
file into its database. I'm happy to report everything went well. I have
committed the code where I am now so it's out there, but perhaps not working
for any OS other than OpenBSD. My next steps are fixing the plumbing
associated with DNS Notifies, making sure TSIG works across the set of
procedures and pondering what I should do in case of an SOA expiry event.
I never would have dreamed I was so close to the bacon. I'm gonna try to
put this in production tomorrow on the ip6.centroid.eu sub-zone. Cheers!
I think I'm on track for the new years release, given testing.
3 comments
A side-track
October 29th, 2019
I have spun up two vm's on my servers to take a test sub-zone and noticed that
the code for delegation/referrals was broken in delphinusdnsd. I have done
most of the grunt work today, but there is still a condition with RFC 5155
Referrals that I must get right. I left it for tomorrow afternoon. Hopefully
that will be done for Hallowe'en. Many thanks to Habbie and hawk on #dns for
helping me find the bugs and having explanations at hand. Since this is only
a small side-track I think we're on track for having a replicant/slave mode
for the new years release.
2 comments
A change in behaviour
October 26th, 2019
I fixed two things since yesterday. The biggy that will be noticed is
the REFUSED answers. They were broken all along because they didn't tag
on the question in the REFUSED answer. I noticed OpenBSD doing many repeated
questions on this, so there is no savings anymore. REFUSED is refused now.
Another change I did was in the notify code on axfr.c. This is the most
recent change. It fixes IPv6 notifies which were probably never tested.
I tested it this morning.
0 comments
Next Page
|
Search
RSS Feed
Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
May, 2023
April, 2023
March, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
Powered by BCHS
|