Re: Please test geodns.portsnap.freebsd.org
2012-05-12 05:54, Colin Percival skrev: Hi all, Please test: # portsnap fetch -s geodns.portsnap.freebsd.org If you experience any problems, please let me know where you are, which mirror was selected, and what address `host -t a $mirror` returns for it. (As the name suggests, different people should will get different mirrors.) I get portsnap fetch -s geodns.portsnap.freebsd.org Looking up geodns.portsnap.freebsd.org mirrors... none found. Fetching snapshot tag from geodns.portsnap.freebsd.org... failed. No mirrors remaining, giving up. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On 05/12/12 00:02, Leslie Jensen wrote: portsnap fetch -s geodns.portsnap.freebsd.org Looking up geodns.portsnap.freebsd.org mirrors... none found. Fetching snapshot tag from geodns.portsnap.freebsd.org... failed. No mirrors remaining, giving up. Hmm, that's not good. What do # host -t srv _http._tcp.geodns.portsnap.freebsd.org and # portsnap fetch -s portsnap.freebsd.org give you? -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
2012-05-12 09:04, Colin Percival skrev: On 05/12/12 00:02, Leslie Jensen wrote: portsnap fetch -s geodns.portsnap.freebsd.org Looking up geodns.portsnap.freebsd.org mirrors... none found. Fetching snapshot tag from geodns.portsnap.freebsd.org... failed. No mirrors remaining, giving up. Hmm, that's not good. What do # host -t srv _http._tcp.geodns.portsnap.freebsd.org and # portsnap fetch -s portsnap.freebsd.org give you? host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. portsnap fetch -s portsnap.freebsd.org Looking up portsnap.freebsd.org mirrors... 4 mirrors found. Fetching snapshot tag from portsnap5.freebsd.org... done. Latest snapshot on server matches what we already have. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
2012-05-12 12:34, Colin Percival skrev: On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. What exactly does that mean? The IP-address is my home router that acts as a caching DNS for my network. The router in turn uses my ISP's DNS. So if there is a configuration issue I'll be willing to drop a letter to my ISP in order to get it fixed. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On 05/12/12 05:16, Leslie Jensen wrote: 2012-05-12 12:34, Colin Percival skrev: On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. What exactly does that mean? The IP-address is my home router that acts as a caching DNS for my network. The router in turn uses my ISP's DNS. So if there is a configuration issue I'll be willing to drop a letter to my ISP in order to get it fixed. It's your router. DNS is designed that you can fall back from UDP to TCP if the response is too big tosend in a UDP packet, but your router seems to not provide the fallback TCP service. This is sadly a common mis-design, but usually doesn't cause a huge problem since most DNS responses fit into a UDP packet. The A fallback will point you at the closest portsnap mirror, but you won't get the fail-over behaviour where portsnap will switch mirrors if the first one isn't responding. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On Sat, 12 May 2012 14:16:58 +0200 Leslie Jensen wrote: 2012-05-12 12:34, Colin Percival skrev: On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. What exactly does that mean? The IP-address is my home router that acts as a caching DNS for my network. The router in turn uses my ISP's DNS. So if there is a configuration issue I'll be willing to drop a letter to my ISP in order to get it fixed. Probably your router doesn't support SRV records, try putting external servers in resolv.conf. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
2012-05-12 16:19, RW skrev: On Sat, 12 May 2012 14:16:58 +0200 Leslie Jensen wrote: 2012-05-12 12:34, Colin Percival skrev: On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. What exactly does that mean? The IP-address is my home router that acts as a caching DNS for my network. The router in turn uses my ISP's DNS. So if there is a configuration issue I'll be willing to drop a letter to my ISP in order to get it fixed. Probably your router doesn't support SRV records, try putting external servers in resolv.conf. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org Well I had to read up on configuring dhclient.conf After adding prepend domain-name-servers y.y.y.y, x.x.x.x; To my /etc/dhclient.conf I now get the following and it looks to me as it works :-) host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ap-southeast-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 1 10 80 geodns-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 2 10 80 geodns-2.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 3 10 80 geodns-3.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 isc.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 your-org.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ec2-eu-west-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ec2-sa-east-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ap-northeast-1.portsnap.freebsd.org. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On Sat, May 12, 2012 at 8:58 AM, Leslie Jensen les...@eskk.nu wrote: 2012-05-12 16:19, RW skrev: On Sat, 12 May 2012 14:16:58 +0200 Leslie Jensen wrote: 2012-05-12 12:34, Colin Percival skrev: On 05/12/12 00:22, Leslie Jensen wrote: host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. ;; Connection to 172.17.0.1#53(172.17.0.1) for _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. Ok, you have a broken recursive DNS server configuration. I'll have A records as a fallback for situations like this where SRV can't be used. What exactly does that mean? The IP-address is my home router that acts as a caching DNS for my network. The router in turn uses my ISP's DNS. So if there is a configuration issue I'll be willing to drop a letter to my ISP in order to get it fixed. Probably your router doesn't support SRV records, try putting external servers in resolv.conf. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org Well I had to read up on configuring dhclient.conf After adding prepend domain-name-servers y.y.y.y, x.x.x.x; To my /etc/dhclient.conf I now get the following and it looks to me as it works :-) host -t srv _http._tcp.geodns.portsnap.freebsd.org ;; Truncated, retrying in TCP mode. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ap-southeast-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 1 10 80 geodns-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 2 10 80 geodns-2.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 3 10 80 geodns-3.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 isc.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 your-org.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ec2-eu-west-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ec2-sa-east-1.portsnap.freebsd.org. _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 ap-northeast-1.portsnap.freebsd.org. Warning! You will have more problems down the road. The real issue is that a firewall (or router ACL) is blocking port 53/tcp. This is distressingly common and will result in DNS issues more and more often. By default, DNS attempts to use UDP (53/udp) for DNS lookups. If the response is too big to fit into a UDP packet, the operation will fall back to using TCP, but many sites follow bad advice of blocking 53/tcp, so the lookup fails. This has been a growing problem as DNS responses are getting longer due to things like this, IPv6, and DNSSEC. Please contact whoever is responsible for your router/firewall and ask that 53/tcp be allowed. Otherwise, more and more things will break. -- R. Kevin Oberman, Network Engineer E-mail: kob6...@gmail.com ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Please test geodns.portsnap.freebsd.org
Hi all, Please test: # portsnap fetch -s geodns.portsnap.freebsd.org If you experience any problems, please let me know where you are, which mirror was selected, and what address `host -t a $mirror` returns for it. (As the name suggests, different people should will get different mirrors.) -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. or here: dig +short @72.52.71.1 geodns.portsnap.freebsd.org A dig +short @38.103.2.1 geodns.portsnap.freebsd.org A dig +short @63.243.194.1 geodns.portsnap.freebsd.org A Maybe this hasnt propogated yet ? or is it @ 127.0.0.1 ;) On Fri, May 11, 2012 at 08:54:17PM -0700, Colin Percival wrote: Hi all, Please test: # portsnap fetch -s geodns.portsnap.freebsd.org If you experience any problems, please let me know where you are, which mirror was selected, and what address `host -t a $mirror` returns for it. (As the name suggests, different people should will get different mirrors.) -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) pgpWOASpXYM1J.pgp Description: PGP signature
Re: Please test geodns.portsnap.freebsd.org
On 05/11/12 21:54, Jason Hellenthal wrote: There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. There's not supposed to be an A record. Portsnap should work anyway... it uses SRV. :-) -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
On Fri, May 11, 2012 at 09:55:13PM -0700, Colin Percival wrote: On 05/11/12 21:54, Jason Hellenthal wrote: There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. There's not supposed to be an A record. Portsnap should work anyway... it uses SRV. :-) Aaah! you got me there. Confused with the request of host -t a $mirror As that will always return: Console host -t a geodns.portsnap.freebsd.org Host geodns.portsnap.freebsd.org not found: 3(NXDOMAIN) Anyway... coming from: portsnap fetch -s geodns.portsnap.freebsd.org [...] Fetching snapshot tag from geodns-1.portsnap.freebsd.org... done. [...] traceroute -a geodns-1.portsnap.freebsd.org [...Hop 1 2 Removed...] 3 [AS65534] 10.179.128.1 (10.179.128.1) 29.264 ms 17.160 ms 19.436 ms 4 [AS20115] dtr01hlldmi-gbe-1-15.hlld.mi.charter.com (96.34.36.6) 19.179 ms 26.340 ms 20.013 ms 5 * [AS20115] crr02aldlmi-tge-0-2-0-2.aldl.mi.charter.com (96.34.32.76) 20.143 ms 16.769 ms 6 [AS20115] bbr01aldlmi-tge-0-1-0-3.aldl.mi.charter.com (96.34.2.216) 19.888 ms 17.378 ms 29.909 ms 7 [AS20115] bbr01chcgil-tge-0-2-0-6.chcg.il.charter.com (96.34.0.99) 29.639 ms 17.517 ms 30.024 ms 8 [AS20115] prr01chcgil-tge-0-1-0-1.chcg.il.charter.com (96.34.3.200) 19.815 ms 27.360 ms 19.918 ms 9 [AS6939] v201.core1.chi1.he.net (216.66.73.241) 29.967 ms 37.066 ms 29.795 ms 10 [AS6939] 64.71.148.238 (64.71.148.238) 19.928 ms 27.328 ms 29.942 ms 11 [AS26943] update5.freebsd.org (204.9.55.80) 19.831 ms 27.494 ms 19.926 ms Hope this helps. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid -- - (2^(N-1)) pgp2Rfr5FtBbF.pgp Description: PGP signature
Re: Please test geodns.portsnap.freebsd.org
On 5/12/2012 1:13 AM, Jason Hellenthal wrote: On Fri, May 11, 2012 at 09:55:13PM -0700, Colin Percival wrote: On 05/11/12 21:54, Jason Hellenthal wrote: There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. There's not supposed to be an A record. Portsnap should work anyway... it uses SRV. :-) Aaah! you got me there. Confused with the request of host -t a $mirror You're not the only one! Happened to me too. Bryan ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
