subject:"RE\: bind\-users Digest, Vol 2230, Issue 1"

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-22 Thread Woodworth, John R

>
> From: Harshith Mulky [mailto:harshith.mu...@outlook.com]
>
> Hello John,
>
> > 1.) Are these devices some type of VoIP device?  I've seen many novel DNS
> > based  scenarios used for VoIP before.
> [Harshith] yes, they are VOIP devices which use "lwresd" to talk to
> external DNS Servers
>

Harshith, apologies but I have not personally used lwresd.  I believe others
here may have so I can ask around but in any case I believe it is related to
bind9, at least tangentially, so the _unmodified_ version should behave as
you would expect from bind (i.e. no blacklist/ whitelist logic).

This will most likely require support from your vendor.

If by some chance you have shell access with root on the device itself there
may be other options but I recommend contacting your vendor first.


>  2.) I assume the path has been sniffed, are other records used as well, say 
> SRV?
> [Harshith] Yes we sniffed, SRV not used
>
> Is there any concept of DNS PROBE?

Not really, if the server can answer it will answer regardless of record type.


Thanks,
John

>
> I guess this wasn't a DNS question specifically and more on lwresd daemon.
>
> Sorry to have posted a wrong question
>
> Thanks
> Harshith
>
This communication is the property of CenturyLink and may contain confidential 
or privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful. If you have received this communication in 
error, please immediately notify the sender by reply e-mail and destroy all 
copies of the communication and any attachments.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-21 Thread Woodworth, John R

>
> From: bind-users-boun...@lists.isc.org 
> [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Harshith Mulky
> Sent: Tuesday, October 20, 2015 10:50 AM
> To: bind-users@lists.isc.org
> Subject: RE: bind-users Digest, Vol 2230, Issue 1
>
> No Mark, This is not a question I am asked to answer for some course
>
> We have an implementation where, once the DNS Servers are down, The Client
> (Our device) Blacklists the IP address of DNS Servers for some period of Time
> It can only whitelist the server when it receives periodic Responses to a 
> NAPTR Request.
>
> What I did find was even though Our Client was able to send periodic NAPTR
> requests, we are unable to check what kind of NAPTR requests are sent out


Harshith, While I am new to the group I am not sure this is the right audience
for your question as it does not really pertain to bind or the DNS protocol.

Having said that I love a good puzzle and am curious so below are a couple 
follow-up
questions.

  1.) Are these devices some type of VoIP device?  I've seen many novel DNS 
based
  scenarios used for VoIP before.
  2.) I assume the path has been sniffed, are other records used as well, say 
SRV?
  3.) Not sure why a particular record would be used to determine availability 
as
  really any RR could serve for this (including made up ones).
  [OK, not phrased in the form of a question]
  4.) What problem is being solved here?  Generally, with end devices DNS 
resolution
  starts at the top of its DNS resolver list and tries until it gets an 
answer
  or critical error (still an answer) within a timeout period.  The next 
query
  takes the same route and so on.  There are exceptions in implementation 
where
  statistics are maintained and its DNS resolver list is reordered 
accordingly
  but to blacklist and probe seems like a lot of wasted calories.
  For example:
* What is the percentage of nameservers it would blacklist before
  it determines it is almost out of options?
* Would it completely deny itself DNS service because of a few dropped
  packets or localized/ temporary network problems?
* How many packet drops before it blacklists a nameserver?
* How often does it probe for availability (whitelist)?
  Without knowing more this seemingly makes for a much more unreliable DNS
  experience.

Just curious,
John

>
> Hence my question,
> What Kind of messages are required by the client to be sent towards server to
> determine if the DNS IP is reachable or not?


I believe this may have already been answered but any query will work for
this purpose (including the "ANY" query).


>
> Thanks
> Harshith
>

This communication is the property of CenturyLink and may contain confidential 
or privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful. If you have received this communication in 
error, please immediately notify the sender by reply e-mail and destroy all 
copies of the communication and any attachments.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-21 Thread Harshith Mulky

Hello John,

1.) Are these devices some type of VoIP device?  I've seen many novel DNS based
  scenarios used for VoIP before.[Harshith] yes, they are VOIP devices 
which use "lwresd" to talk to external DNS Servers
 2.) I assume the path has been sniffed, are other records used as well, say 
SRV?
[Harshith] Yes we sniffed, SRV not used

Is there any concept of DNS PROBE?

I guess this wasn't a DNS question specifically and more on lwresd daemon.

Sorry to have posted a wrong question

Thanks
Harshith






From: john.woodwo...@centurylink.com
To: harshith.mu...@outlook.com; bind-users@lists.isc.org
CC: john.woodwo...@centurylink.com
Subject: RE: bind-users Digest, Vol 2230, Issue 1
Date: Wed, 21 Oct 2015 07:48:16 +











>

> From: bind-users-boun...@lists.isc.org 
> [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Harshith Mulky
> Sent: Tuesday, October 20, 2015 10:50 AM
> To: bind-users@lists.isc.org
> Subject: RE: bind-users Digest, Vol 2230, Issue 1
>

> No Mark, This is not a question I am asked to answer for some course
>

> We have an implementation where, once the DNS Servers are down, The Client
> (Our device) Blacklists the IP address of DNS Servers for some period of Time
> It can only whitelist the server when it receives periodic Responses to a 
> NAPTR Request.
>

> What I did find was even though Our Client was able to send periodic NAPTR
> requests, we are unable to check what kind of NAPTR requests are sent out
 
 
Harshith, While I am new to the group I am not sure this is the right audience
for your question as it does not really pertain to bind or the DNS protocol.
 
Having said that I love a good puzzle and am curious so below are a couple 
follow-up
questions.
 
  1.) Are these devices some type of VoIP device?  I've seen many novel DNS 
based
  scenarios used for VoIP before.
  2.) I assume the path has been sniffed, are other records used as well, say 
SRV?
  3.) Not sure why a particular record would be used to determine availability 
as
  really any RR could serve for this (including made up ones).
  [OK, not phrased in the form of a question]
  4.) What problem is being solved here?  Generally, with end devices DNS 
resolution
  starts at the top of its DNS resolver list and tries until it gets an 
answer
  or critical error (still an answer) within a timeout period.  The next 
query
  takes the same route and so on.  There are exceptions in implementation 
where
  statistics are maintained and its DNS resolver list is reordered 
accordingly
  but to blacklist and probe seems like a lot of wasted calories.
  For example:
* What is the percentage of nameservers it would blacklist before
  it determines it is almost out of options?
* Would it completely deny itself DNS service because of a few dropped
  packets or localized/ temporary network problems?
* How many packet drops before it blacklists a nameserver?
* How often does it probe for availability (whitelist)?
  Without knowing more this seemingly makes for a much more unreliable DNS
  experience.
 
Just curious,
John
 
>

> Hence my question,
> What Kind of messages are required by the client to be sent towards server to
> determine if the DNS IP is reachable or not?
 
 
I believe this may have already been answered but any query will work for
this purpose (including the "ANY" query).
 
 
>

> Thanks
> Harshith

>

 



This communication is the property of CenturyLink and may contain confidential 
or privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful. If you have received this communication in 
error, please immediately
 notify the sender by reply e-mail and destroy all copies of the communication 
and any attachments.   ___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-20 Thread Harshith Mulky

No Mark, This is not a question I am asked to answer for some course

We have an implementation where, once the DNS Servers are down, The Client (Our 
device) Blacklists the IP address of DNS Servers for some period of Time
It can only whitelist the server when it receives periodic Responses to a NAPTR 
Request.

What I did find was even though Our Client was able to send periodic NAPTR 
requests, we are unable to check what kind of NAPTR requests are sent out

Hence my question,
What Kind of messages are required by the client to be sent towards server to 
determine if the DNS IP is reachable or not?

Thanks
Harshith 

> From: bind-users-requ...@lists.isc.org
> Subject: bind-users Digest, Vol 2230, Issue 1
> To: bind-users@lists.isc.org
> Date: Tue, 20 Oct 2015 12:00:01 +
> 
> Send bind-users mailing list submissions to
>   bind-users@lists.isc.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>   https://lists.isc.org/mailman/listinfo/bind-users
> or, via email, send a message with subject or body 'help' to
>   bind-users-requ...@lists.isc.org
> 
> You can reach the person managing the list at
>   bind-users-ow...@lists.isc.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of bind-users digest..."
> 
> 
> Today's Topics:
> 
>1. How does a Client Verify if the DNS server is Alive or down
>   (Harshith Mulky)
>2. Re: How does a Client Verify if the DNS server is Alive or
>   down (Matus UHLAR - fantomas)
>3. Re: How does a Client Verify if the DNS server is Alive or
>   down (Wah Peng)
>4. Re: How does a Client Verify if the DNS server is Alive or
>   down (Mark Andrews)
>5. Re: How does a Client Verify if the DNS server is Alive or
>   down (Phil Mayers)
>6. Re: How does a Client Verify if the DNS server is Alive or
>   down (Steven Carr)
>7. Re: How does a Client Verify if the DNS server is Alive or
>   down (Reindl Harald)
> 
> 
> --
> 
> Message: 1
> Date: Tue, 20 Oct 2015 11:56:54 +0530
> From: Harshith Mulky 
> To: "bind-users@lists.isc.org" 
> Subject: How does a Client Verify if the DNS server is Alive or down
> Message-ID: 
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Hi All,
> 
> How can a Client verify if the DNS Server is Running(named service is 
> Running) or Down?
> Does it periodically send any messages to the server. What Kind of messages 
> are required by the client to be sent towards server to determine if the DNS 
> IP is reachable or not?
> 
> Thanks
> Harshith
> 
> -- next part --
> An HTML attachment was scrubbed...
> URL: 
> 
> 
> --
> 
> Message: 2
> Date: Tue, 20 Oct 2015 08:42:04 +0200
> From: Matus UHLAR - fantomas 
> To: bind-users@lists.isc.org
> Subject: Re: How does a Client Verify if the DNS server is Alive or
>   down
> Message-ID: <20151020064204.ga13...@fantomas.sk>
> Content-Type: text/plain; charset=us-ascii; format=flowed
> 
> On 20.10.15 11:56, Harshith Mulky wrote:
> >How can a Client verify if the DNS Server is Running(named service is 
> >Running) or Down?
> 
> Why should client know such info?
> The clients needs to have the answer - it sends message and if the server
> replies properly, it's up and running.
> 
> >Does it periodically send any messages to the server. What Kind of messages
> > are required by the client to be sent towards server to determine if the
> > DNS IP is reachable or not?
> 
> what is your problem?
> 
> -- 
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Remember half the people you know are below average. 
> 
> 
> --
> 
> Message: 3
> Date: Tue, 20 Oct 2015 14:50:00 +0800
> From: Wah Peng 
> To: bind-users@lists.isc.org
> Subject: Re: How does a Client Verify if the DNS server is Alive or
>   down
> Message-ID: <5625e418.9050...@yahoo.com.sg>
> Content-Type: text/plain; charset=UTF-8; format=flowed
> 
> Hello,
> 
> Network issue should be detected by other ways.
> But DNS health check can be done by sending a normal DNS query to the 
> server and try get a valid response.
> 
> This is the script what I use to check the health of my DNS server. :D
> 
> #!/usr/bin/perl
> use strict;
> use Net::DNS;
> use POSIX 'strftime';
> use MIME::Lite;
> use MIME::Words qw(encode_mimewords);
> 
> my $debug = 0;
> my $test_rr = 'alive.example.net';
> my $test_val = '8.8.8.8';
> my @nameservers = qw(1.1.1.1 2.2.2.2);
> 
>

Re: bind-users Digest, Vol 2230, Issue 1

2015-10-20 Thread Mark Andrews


In message , Harshith Mulky writes:
>
> No Mark, This is not a question I am asked to answer for some course
>
> We have an implementation where, once the DNS Servers are down, The
> Client (Our device) Blacklists the IP address of DNS Servers for some
> period of Time
> It can only whitelist the server when it receives periodic Responses to a
> NAPTR Request.
>
> What I did find was even though Our Client was able to send periodic
> NAPTR requests, we are unable to check what kind of NAPTR requests are
> sent out
>
> Hence my question,
> What Kind of messages are required by the client to be sent towards
> server to determine if the DNS IP is reachable or not?

Ask your application vendor.  They dreamt up this scheme.  No one
here can help you beyond they will be DNS messages.

> Thanks
> Harshith
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: bind-users Digest, Vol 2230, Issue 1

2015-10-20 Thread Grant Taylor

On 10/20/2015 08:49 AM, Harshith Mulky wrote:
> We have an implementation where, once the DNS Servers are down, The 
> Client (Our device) Blacklists the IP address of DNS Servers for some 
> period of Time

How long is "some period of time"?  Is it something reasonable (read:
minutes) or something obscene (read: WAY TOO LONG)?

Does your client (device) support falling back to secondary name servers
in a sane manner?

> It can only whitelist the server when it receives periodic Responses to 
> a NAPTR Request.

It sounds like you have part of your answer to "what kind of messages
(queries)..."

> What I did find was even though Our Client was able to send periodic 
> NAPTR requests, we are unable to check what kind of NAPTR requests are 
> sent out

I would suggest enabling query logging, especially if you can properly
target your client (device). At least for diagnostic purposes.

I would also seriously consider a packet capture.  (I think pcapcs are
easy and faster than query logging, especially for ad-hoc things like this.)

> Hence my question,
> What Kind of messages are required by the client to be sent towards 
> server to determine if the DNS IP is reachable or not?

That is an application question, not a DNS server question.  As others
have stated, your application support is going to be best qualified to
answer that question.  Short of that level of help you can try to
reverse engineer it yourself via query logs and / or packet captures.

-- 
Grant. . . .
unix || die
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: bind-users Digest, Vol 2230, Issue 1

RE: bind-users Digest, Vol 2230, Issue 1

RE: bind-users Digest, Vol 2230, Issue 1

RE: bind-users Digest, Vol 2230, Issue 1

Re: bind-users Digest, Vol 2230, Issue 1

Re: bind-users Digest, Vol 2230, Issue 1

6 matches

Site Navigation

Mail list logo

Footer information