Re: [9fans] dns vs. textrr

it turns out that the problem with ndb is actually a bio problem Brdline() freaks out and returns nil if the line in question is longer than b-bsize and doesn't increment the file pointer, so you've got an infinite loop. i had thought that this was clearly in violation of what the man page says,

Re: [9fans] dns vs. textrr

On 2012-01-19, at 2:12 PM, erik quanstrom wrote: that seems a bit ... goofy. it would seem better for bio to do this internally? surely there isn't code that relies on this behavior? Or maybe realloc() a larger buffer and try to carry on? There's no guarantee of buffer pointer consistency

Re: [9fans] dns vs. textrr

On Thu Jan 19 18:33:42 EST 2012, lyn...@orthanc.ca wrote: On 2012-01-19, at 2:12 PM, erik quanstrom wrote: that seems a bit ... goofy. it would seem better for bio to do this internally? surely there isn't code that relies on this behavior? Or maybe realloc() a larger buffer and try

Re: [9fans] dns vs. textrr

On 2012-01-19, at 3:56 PM, erik quanstrom wrote: it's probablly the best option, if the goal is to rehabilitate Brdline(). i'm wondering if it shouldn't just be considered depricated. If you don't think of Brdline() as a 'C char *' construct, it's a useful vessel to escape from one of the

Re: [9fans] dns vs. textrr

On Thu Jan 19 19:13:14 EST 2012, lyn...@orthanc.ca wrote: On 2012-01-19, at 3:56 PM, erik quanstrom wrote: it's probablly the best option, if the goal is to rehabilitate Brdline(). i'm wondering if it shouldn't just be considered depricated. If you don't think of Brdline() as a 'C

Re: [9fans] dns vs. textrr

On 2012-01-19, at 4:14 PM, erik quanstrom wrote: depricated, as in use Brdstr(2) instead which does its own dynamic allocation. This is where 'grep -r' is useful. How much pain might it be to nuke-and-replace the dead interface?

Re: [9fans] dns vs. textrr

On Jan 19, 2012, at 11:17 AM, erik quanstrom wrote: On Thu Jan 19 12:08:37 EST 2012, j...@corpus-callosum.com wrote: Haven't seen it. But it does seem that a lot of us are having fun with dns this week (and every week). Mine's more the problem of ndb/dns -sx /net.alt -f

Re: [9fans] dns SRV records

I understand it correctly? The problem is 5 months and a speedy solution can not hope for? Sad .. 2011/5/4 erik quanstrom quans...@quanstro.net On Wed May 4 07:46:40 EDT 2011, pavel.klinkov...@gmail.com wrote: On 3 kvě, 10:33, roo...@gmail.com (Sergey Kornilovich) wrote: So far,

Re: [9fans] dns SRV records

On Thu May 5 05:44:12 EDT 2011, roo...@gmail.com wrote: I understand it correctly? The problem is 5 months and a speedy solution can not hope for? Sad .. why don't you take a look at the problem? - erik

Re: [9fans] dns SRV records

Unfortunately I do not know C. .. My max - rc scripts. I can help testing, and bug reports. Perhaps somewhere there is a bugzilla? (or redmine) But, as I understand it, here the development is built on the principle: Do you find it, you fix it, send a patch. :) 2011/5/5 erik quanstrom

Re: [9fans] dns SRV records

Unfortunately I do not know C. .. My max - rc scripts. I can help testing, and bug reports. Perhaps somewhere there is a bugzilla? (or redmine) But, as I understand it, here the development is built on the principle: Do you find it, you fix it, send a patch. :) almost, i think it's perfectly

Re: [9fans] dns SRV records

On 3 kvě, 10:33, roo...@gmail.com (Sergey Kornilovich) wrote: So far, everything looks like a bug in the dns ... Does anyone have ideas how to fix the situation? The behavior is very similar to my problematic situation:

Re: [9fans] dns SRV records

On Wed May 4 07:46:40 EDT 2011, pavel.klinkov...@gmail.com wrote: On 3 kvě, 10:33, roo...@gmail.com (Sergey Kornilovich) wrote: So far, everything looks like a bug in the dns ... Does anyone have ideas how to fix the situation? The behavior is very similar to my problematic situation:

Re: [9fans] dns SRV records

So far, everything looks like a bug in the dns ... Take a simple local file: cat /lib/ndb/local database= file=/lib/ndb/local file=/lib/ndb/common dom=test.local soa= refresh=3600 ttl=3600 ns=server.test.local dom=_ldap._tcp.test.local soa= refresh=3600 ttl=3600 srv=server.test.local pri=0

Re: [9fans] dns SRV records

Greate example ! :) Thanks :) 2011/4/29 Benjamin Huntsman bhunts...@mail2.cu-portland.edu: Investigating the possibility of replacing the MS DNS on Plan9 DNS,not found in the man ndb mention of records of type SRV. It is necessary to support Microsoft Active Directory. Maybe I missed something?

Re: [9fans] dns SRV records

I took your example without any changes. But unfortunately it still does not return the correct value of srv hostname ... For example: C:\Documents and Settings\Administratornslookup Default Server: rit.com Address: 192.168.0.190 server 192.168.0.193 set q=srv _ldap._tcp.testad.test.local

[9fans] dns SRV records

Investigating the possibility of replacing the MS DNS on Plan9 DNS,not found in the man ndb mention of records of type SRV. It is necessary to support Microsoft Active Directory. Maybe I missed something? http://en.wikipedia.org/wiki/SRV_record

Re: [9fans] dns SRV records

Hello ! As far as I know, ndb have support for SRV, PTR, TXT resords. There is no sample, of cause :) I think tha it may look like this: ip=10.0.0.1 sys=_service dom=_tcp.local srv= 2011/4/28 Sergey Kornilovich roo...@gmail.com: Investigating the possibility of replacing the MS DNS on

Re: [9fans] dns SRV records

There is a package called zonefresh in my contrib, this doea and axfr transfer from the given host/domain and writes an ndb file with the results. This understands srv records though I have never tried re-exporting the info from ndb and checking the results agains msdns. you should be able to do

Re: [9fans] dns SRV records

See ndb(6).

Re: [9fans] dns SRV records

Investigating the possibility of replacing the MS DNS on Plan9 DNS,not found in the man ndb mention of records of type SRV. It is necessary to support Microsoft Active Directory. Maybe I missed something? http://en.wikipedia.org/wiki/SRV_record I got AD to work with Plan 9 DNS just last year.

[9fans] DNS problem

Hi all, I am using Plan9 server as my home server (ip=192.168.15.20) controlling DNS names in my LAN and relaying other requests to the public DNS server (ip=88.146.135.10). Up to now everything worked fine. I discovered a problem with SRV request type from my Linux workstation

Re: [9fans] DNS problem

Hi ! Seems like that is an old google dns issue, look at http://9fans.net/archive/2008/10/37 On Tue, Nov 23, 2010 at 12:48 PM, Pavel Klinkovsky pavel.klinkov...@gmail.com wrote: Hi all, I am using Plan9 server as my home server (ip=192.168.15.20) controlling DNS names in my LAN and relaying

Re: [9fans] DNS problem

I am using Plan9 server as my home server (ip=192.168.15.20) controlling DNS names in my LAN and relaying other requests to the public DNS server (ip=88.146.135.10). Up to now everything worked fine. i can't replicate this now. not saying you don't have a problem, just that i can't replicate

Re: [9fans] DNS problem

On 23 lis, 10:48, Pavel Klinkovsky pavel.klinkov...@gmail.com wrote:         dns.ar(ip name=xmpp-server2.l.google.com ttl00)         dns.ar(ip name=xmpp-server3.l.google.com ttl00) after several seconds 'snoopy' inexplicably ends! Interesting, I checked the 'status' after the

Re: [9fans] DNS problem

On Tue Nov 23 12:33:37 EST 2010, pavel.klinkov...@gmail.com wrote: i can't replicate this now.  not saying you don't have a problem, just that i can't replicate this right now. Interesting. Some mistake in my NDB configuration? i think it's a real data-dependent bug in dns, not a

[9fans] dns funny

lookups of m.bestofmedia.com and media.bestofmicro.com seem to be tripping on themselves. dnsdebug comes up with the correct answer relatively quickly unless a type of a is explicitly requested, then things go pear shaped. here's an example: Q:

Re: [9fans] DNS... don't ask

Also, what do you make of this? svr hostname= dc1\.testdom\.test\.local._kpasswd._udp.testdom.test.local *** Error: record size incorrect (39 != 37) *** ns2.test.local can't find _kpasswd._udp.testdom.test.local: server failed The query should return an svr hostname of

Re: [9fans] DNS... don't ask

I have not tried serving srv records fromplan9 but i do host my domain (quintile.net) from plan9, and I do use plan9 in a domain served by AD at work. I (with some help from geoff) wrote zonefresh which sucks up a domain (using axfr) and spits it out as an ndb file. This could be useful to check

Re: [9fans] DNS dynamic update

FWIW there is another weirdness of windows, the windows DHCP server doesn't communicate with the DNS server on windows, it expects the client to send an Inform packet to the DHCP server telling it of the clients chosen name. i guess that's the great thing about standards — there are so many to

[9fans] DNS dynamic update

Hi! I'm trying to set up an application(don't ask :) ) on my LAN that more-or-less requires the ability to perform dynamic updates of DNS. I'm currently using a Plan 9 system to serve DNS, but DHCP is being served by a FreeBSD machine (because it supplies the correct info for non-Plan 9

Re: [9fans] DNS dynamic update

(because it supplies the correct info for non-Plan 9 hosts). What info did your hosts need that Plan 9's dhcpd didn't supply?

Re: [9fans] DNS dynamic update

(because it supplies the correct info for non-Plan 9 hosts). What info did your hosts need that Plan 9's dhcpd didn't supply? Specifically, Plan 9's dhcpd does not supply a context-specific DNS suffix (ie, default domain name), which Windows systems need in order to resolve hosts by short

Re: [9fans] DNS dynamic update

It looks from my reading from of dhcpd.c that you could just tweek windows (the registry I assume) and make windows ask for the domain, in which case dhcpd should supply it. If you hate this idea then I think the change to add windows specific dhcp options would be easy - there is already a

[9fans] DNS lookup problem

Hey guys, Recently I started serving dns from my cpu server, and I've just run into a problem connecting to gtalk which turns out to be caused by that. bitlbee queries _xmpp-client._tcp.gmail.com for srv records, and from linux I get: : nightingale ~; dig _xmpp-client._tcp.gmail.com srv

[9fans] dns failure in smtp

Sorry for noise. Someone in this list send me a mail but I cannot reply to the mail because of dns failure in smtp. This is a private message to him. ar% pwd /sys/log ar% tail smtp.fail ar Aug 24 08:30:13 dns: dns failure (net!sounine.nanosouffle.net) ar Aug 24 09:40:13 dns: dns failure

Re: [9fans] dns failure in smtp

assuming that my mxdial.c is up-to-date (sources is failing in a wierd way), that's not the full story. mxdial calls callmx. callmx has this code static int callmx(DS *ds, char *dest, char *domain) { int fd, i, nmx; char addr[Maxstring]; /* get a list of mx entries */

Re: [9fans] dns failure in smtp

I think mx record is required in official dns server, although I feel the condition is too strict. Keep in mind that a DNS *failure* is not the same thing as a particular DNS record not existing. If you ask whether there is an MX record for foo, and get a timeout, you can't assume there is

Re: [9fans] dns exploits (self-promotion remix)

erik quanstrom wrote: what is this web 2.0 of which you speak? Web 2.0, n. A space created by artists who got all excited when they heard the word sandbox, not realizing it meant the opposite of what they thought. wk

[9fans] dns exploits (self-promotion remix)

i'm not a dns user (just the client side) on Plan9, is the server part vulnerable to the recent poisonning attacks? i think the recent dns cache-poisoning vulnerability is more self promotion than substance. my friends at [dns operator] agree. however, ndb/dns does use randomized query ids.

Re: [9fans] dns exploits (self-promotion remix)

i'm not a dns user (just the client side) on Plan9, is the server part vulnerable to the recent poisonning attacks? i think the recent dns cache-poisoning vulnerability is more self promotion than substance. i agreed until i saw the supposed exploit details that were published last week.

Re: [9fans] dns exploits (self-promotion remix)

those things combined mean that you get 15 bits of randomness from query id and 15 from source port, giving 30 bits, so ndb/dns is okay (for now). why only 15 in the query id? that's an artifact of rand() which returns 0 ≤ n ≤ 0x7fff. why not return numbers between 0 and 0x? - erik

Re: [9fans] dns exploits (self-promotion remix)

those things combined mean that you get 15 bits of randomness from query id and 15 from source port, giving 30 bits, so ndb/dns is okay (for now). why only 15 in the query id? that's an artifact of rand() which returns 0 ≤ n ≤ 0x7fff. why not return numbers between 0 and 0x? one

Re: [9fans] dns exploits (self-promotion remix)

The exploit doesn't simply rely on the 16bit dns XID. Rather, it's reliant on the fact that bind servers (and some others) send requests from a static port. Obviously, if you control a DNS server or you can sniff the target DNS server's path, you can figure this out. The second part to the trick

Re: [9fans] dns exploits (self-promotion remix)

if you're running ndb/dns -r, you need to build and boot a new kernel to get the full 30 bits. Bing!

Re: [9fans] dns exploits (self-promotion remix)

The exploit doesn't simply rely on the 16bit dns XID. Rather, it's reliant on the fact that bind servers (and some others) send requests from a static port. Obviously, if you control a DNS server or you can sniff the target DNS server's path, you can figure this out. The second part to

Re: [9fans] dns exploits (self-promotion remix)

// 1. plan 9 never used a static source port for queries, Using dynamic ports is better than static, but if they're sequential (or otherwise predictable), it doesn't buy you all that much. // 2. who does recursive queries on external interfaces? I've been traveling in companies and countries

Re: [9fans] dns exploits (self-promotion remix)

i don't understand this 1. plan 9 never used a static source port for queries, and more importantly Erm, sequential source ports are close enough. 2. who does recursive queries on external interfaces? i would have considerd this a configuration error and security problem ten years ago.

Re: [9fans] dns exploits (self-promotion remix)

2. who does recursive queries on external interfaces? i would have considerd this a configuration error and security problem ten years ago. Tell that to the rest of the internet. without reasonable configuration, most any machine can be made trivially vulnerable. vectors that are

Re: [9fans] DNS server domain

Ah great! add one to lunix quirks, shouldn't it be the system that resolves names? This is pretty weird :-) Cheers! Johnny On Sat, 29 Mar 2008 09:21:41 +0100 Matthias Teege [EMAIL PROTECTED] wrote: When I used my plan9 server as dns server, it was also my dhcp server, which is quite handy.

Re: [9fans] DNS server domain

every system that uses bind 9 has the same behavior. however bind's Old Standard, nslookup, does not ignore resolv.conf. - erik Ah great! add one to lunix quirks, shouldn't it be the system that resolves names? This is pretty weird :-) Cheers! Johnny [...] ; dig cab +short ;

Re: [9fans] DNS server domain

Moin, how do I set the defaultdomain an a Plan 9 DNS server? ndb(6) didn't clear everything up for me. then again, i haven't had any coffee yet. the dnsdomain attribute is well-documented. what i didn't see is the convention for where to hang it in the database. generally, i do this

Re: [9fans] DNS server domain

the dnsdomain attribute is well-documented. what i didn't see is the convention for where to hang it in the database. generally, i do this by setting ipnet in /lib/ndb/local. e.g. I put it in my ndb/local and it works for the Plan 9 server % ndb/dnsquery cab cab.mteege.de ip

Re: [9fans] DNS server domain

the dnsdomain attribute is well-documented. what i didn't see is the convention for where to hang it in the database. generally, i do this by setting ipnet in /lib/ndb/local. e.g. I put it in my ndb/local and it works for the Plan 9 server % ndb/dnsquery cab cab.mteege.de ip

Re: [9fans] DNS server domain

by other clients do you mean plan 9 systems or non-plan9 systems? the default domain is not communicated via dns mechanisms. I mean non-plan9 systems. Matthias

Re: [9fans] DNS server domain

When I used my plan9 server as dns server, it was also my dhcp server, which is quite handy. it communicates some info to the dhcp clents, for example the default search domain, which, in my understanding does just what you want. It firsq querys the dns server for the domain, then tries to

Re: [9fans] dns woes

* erik quanstrom [EMAIL PROTECTED] [080314 17:01]: This is not as reproducible as I thought. I just opened another window and ran ndb/dnsquery and it works now. Could this be due to temporary dns failure problems? do you have any other broken dns, other than the one you started? not

<    1   2