Re: SRV Record Server Availability
Well mDNS is not DNS. It is a multicast request to all devices on the local network to respond. To get the functionality being requested in the DNS it requires something to be polling the availability of the server listed in the SRV records and to add/remove/adjust them depending upon their load/availability. In reality this should not be needed if people would just write client software to properly handle multi-homed servers. There is nothing that say you must wait for a connection to timeout before you attempt to connect to a second address. Happy Eyeballs RFC 8305 (previously RFC 6555) us about starting multiple connections across address families and only proceeding with the first that connects but there is NOTHING that says you can’t do the similar for all addresses independent of address family. It isn’t hard to write a TCP client that attempts to connect to multiple servers simultaneously. I will admit that it is slightly harder for UDP clients but in most cases it is not impossible. For both protocols you do not wait seconds to get the initial response before trying the alternate addresses. Most of the world is less that 300ms way (round trip). Mark > On 7 Jan 2021, at 03:42, Andrew P. wrote: > > Isn't this sort of dynamic functionality (real-time presence or absence of > SRV records) what mDNS and the avahi daemon are for? > > > From: bind-users on behalf of Matus UHLAR > - fantomas > Sent: Wednesday, January 6, 2021 8:51 AM > To: bind-users@lists.isc.org > Subject: Re: SRV Record Server Availability > > On 06.01.21 21:41, Wilfred Sarmiento via bind-users wrote: >> Your understanding is correct, i just thought that SRV can detect whose >> server is alive so it can choose and provide an answer with the available >> Server. > > DNS is not designed to provide this functionality. While technically you can > change contents of DNS depending on which servers are alive and which are > not, it's almost never a good idea. > > That means, BIND has nothing like this built in. > >>> On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via bind-users >>> wrote: Is DNS Bind SRV record can detect the Server's availability? If yes, how? > >> On Tue, 5 Jan 2021, 23:53 tale wrote: >>> Could you provide more information about your goal? I don't fully >>> understand the question. >>> >>> For my reading, the answer is basically no, in that an SRV record just >>> provides data about where.a particular service can be found. It's up >>> to other systems to fetch that data and interpret it, including >>> whether that service is actually available at the given endpoint. In >>> its typical operation, BIND will just take whatever name and port the >>> zone administrator said to provide for that SRV record, and not do any >>> sort of availability checks on it. >>> >>> However, if you go deep into a far more complicated, custom use of >>> BIND, you could set up a process that monitors the availability and >>> changes the SRV record accordingly. > > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Microsoft dick is soft to do no harm > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: unsubscribe
Send the unsubscribe request to “bind-users-requ...@isc.org” or “bind-users-requ...@lists.isc.org”. Those are the administrative addresses. > On 7 Jan 2021, at 01:07, Michalewicz, Brian R (THIP) > wrote: > > > ** > This communication, including attachments, is for the exclusive use of > addressee and may contain proprietary, confidential and/or privileged > information. If you are not the intended recipient, any use, copying, > disclosure, dissemination or distribution is strictly prohibited. If you are > not the intended recipient, please notify the sender immediately by return > e-mail, delete this communication and destroy all copies. > > ** > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SRV Record Server Availability
Isn't this sort of dynamic functionality (real-time presence or absence of SRV records) what mDNS and the avahi daemon are for? From: bind-users on behalf of Matus UHLAR - fantomas Sent: Wednesday, January 6, 2021 8:51 AM To: bind-users@lists.isc.org Subject: Re: SRV Record Server Availability On 06.01.21 21:41, Wilfred Sarmiento via bind-users wrote: >Your understanding is correct, i just thought that SRV can detect whose >server is alive so it can choose and provide an answer with the available >Server. DNS is not designed to provide this functionality. While technically you can change contents of DNS depending on which servers are alive and which are not, it's almost never a good idea. That means, BIND has nothing like this built in. >> On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via bind-users >> wrote: >> > Is DNS Bind SRV record can detect the Server's availability? If yes, how? >On Tue, 5 Jan 2021, 23:53 tale wrote: >> Could you provide more information about your goal? I don't fully >> understand the question. >> >> For my reading, the answer is basically no, in that an SRV record just >> provides data about where.a particular service can be found. It's up >> to other systems to fetch that data and interpret it, including >> whether that service is actually available at the given endpoint. In >> its typical operation, BIND will just take whatever name and port the >> zone administrator said to provide for that SRV record, and not do any >> sort of availability checks on it. >> >> However, if you go deep into a far more complicated, custom use of >> BIND, you could set up a process that monitors the availability and >> changes the SRV record accordingly. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
unsubscribe
** This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ** ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: re:Re: "not subdomain of zone {XXXX} -- invalid response" errors found in named.run log
Actually, the background is a little bit complicated. In short, the topo is as belows. dns1 were swapped by a new one (say dns1*), then the issue happened. After that, we dropped all the request from dns1*, then the issue was gone. There is no config change during the whole process, no idea why the caching server has such log. - |dns1 | | dns2 | - | | -- | - |caching server| (where the log was observed) -- -- Original -- From: "同屋";<39223...@qq.com>; Send time: Wednesday, Jan 6, 2021 8:43 PM To: "同屋"<39223...@qq.com>; "marka"https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SRV Record Server Availability
On 06.01.21 21:41, Wilfred Sarmiento via bind-users wrote: Your understanding is correct, i just thought that SRV can detect whose server is alive so it can choose and provide an answer with the available Server. DNS is not designed to provide this functionality. While technically you can change contents of DNS depending on which servers are alive and which are not, it's almost never a good idea. That means, BIND has nothing like this built in. On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via bind-users wrote: > Is DNS Bind SRV record can detect the Server's availability? If yes, how? On Tue, 5 Jan 2021, 23:53 tale wrote: Could you provide more information about your goal? I don't fully understand the question. For my reading, the answer is basically no, in that an SRV record just provides data about where.a particular service can be found. It's up to other systems to fetch that data and interpret it, including whether that service is actually available at the given endpoint. In its typical operation, BIND will just take whatever name and port the zone administrator said to provide for that SRV record, and not do any sort of availability checks on it. However, if you go deep into a far more complicated, custom use of BIND, you could set up a process that monitors the availability and changes the SRV record accordingly. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SRV Record Server Availability
Hi Tale, Happy new year! Your understanding is correct, i just thought that SRV can detect whose server is alive so it can choose and provide an answer with the available Server. Thank you! On Tue, 5 Jan 2021, 23:53 tale wrote: > On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via bind-users > wrote: > > Is DNS Bind SRV record can detect the Server's availability? If yes, how? > > Could you provide more information about your goal? I don't fully > understand the question. > > For my reading, the answer is basically no, in that an SRV record just > provides data about where.a particular service can be found. It's up > to other systems to fetch that data and interpret it, including > whether that service is actually available at the given endpoint. In > its typical operation, BIND will just take whatever name and port the > zone administrator said to provide for that SRV record, and not do any > sort of availability checks on it. > > However, if you go deep into a far more complicated, custom use of > BIND, you could set up a process that monitors the availability and > changes the SRV record accordingly. > -- > tale > -- This e-mail message (including attachments, if any) is intended for the use of the individual or the entity to whom it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and delete this E-mail message immediately. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
re:Re: "not subdomain of zone {XXXX} -- invalid response" errors found in named.run log
Thanks mark, but why this issue is related to load balancer?
-- Original Message --
From: "Mark Andrews";
Date: 2021-01-06 19:09
To: "同屋"<39223...@qq.com>;
To:
"bind-users";
Subject: Re: "not subdomain of zone {} -- invalid response" errors found in
named.run log
Complain to the administrators of the zone. They have not properly delegated
it. We see this often with load balancers.
The zone a.b.example has been delegated but the answer is as if it is from
b.example.
-- Mark Andrews
On 6 Jan 2021, at 21:02, 同屋 <39223...@qq.com> wrote:
The version of bind is BIND 9.10.5-P3 id:7d5676f
One day, I found that the size of named.run is increasing very quickly. And a
lot of "invalid response" entries were spotted in the log. Details is as
follows (I replace the sensitive info with {},{AAA} etc.)
DNS format error from {IP}#53 resolving
{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org/ for client
169.254.4.50#51099: Name epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org (SOA) not
subdomain of zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org -- invalid response
The response related to the above log is as follows:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50664 ;; flags: qr
aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT
PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION:
;{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. IN
;; AUTHORITY SECTION: ;epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 86400 IN SOA
.mnc{AAA}.mcc{BBB}.gprs. dns-admin. ( ;
2020122704 ; serial ; 10800 ;
refresh (3 hours) ;3600 ;
retry (1 hour) ; 604800 ; expire
(1 week) ; 86400 ; minimum (1
day) ; )
Normally, the FQDN should be cached as a NXRRSET record as follows:
{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 8412 - ;-$NXRRSET
But when the issue happens, it cannot be cached, I guess it's related to the
"invalid response" log.
From the error log, it mentions "zone
node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org", but I'm wondering where the zone
"node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org" comes from? I cannot found the
related SOA record in the dump file.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: "not subdomain of zone {XXXX} -- invalid response" errors found in named.run log
Complain to the administrators of the zone. They have not properly delegated
it. We see this often with load balancers.
The zone a.b.example has been delegated but the answer is as if it is from
b.example.
--
Mark Andrews
> On 6 Jan 2021, at 21:02, 同屋 <39223...@qq.com> wrote:
>
>
> The version of bind is BIND 9.10.5-P3 id:7d5676f
>
> One day, I found that the size of named.run is increasing very quickly. And a
> lot of "invalid response" entries were spotted in the log. Details is as
> follows (I replace the sensitive info with {},{AAA} etc.)
>
> DNS format error from {IP}#53 resolving
> {}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org/ for client
> 169.254.4.50#51099: Name epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org (SOA) not
> subdomain of zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org -- invalid
> response
>
> The response related to the above log is as follows:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50664 ;; flags: qr aa rd
> ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION:
> ;{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. IN
>
> ;; AUTHORITY SECTION: ;epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 86400 IN SOA
> .mnc{AAA}.mcc{BBB}.gprs. dns-admin. ( ; 2020122704 ; serial ; 10800 ; refresh
> (3 hours) ; 3600 ; retry (1 hour) ; 604800 ; expire (1 week) ; 86400 ;
> minimum (1 day) ; )
>
>
>
> Normally, the FQDN should be cached as a NXRRSET record as follows:
>
> {}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 8412 - ;-$NXRRSET
>
> But when the issue happens, it cannot be cached, I guess it's related to the
> "invalid response" log.
>
> From the error log, it mentions "zone
> node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org", but I'm wondering where the zone
> "node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org" comes from? I cannot found the
> related SOA record in the dump file.
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
"not subdomain of zone {XXXX} -- invalid response" errors found in named.run log
The version of bind is BIND 9.10.5-P3 id:7d5676f
One day, I found that the size of named.run is increasing very quickly. And a
lot of "invalid response" entries were spotted in the log. Details is as
follows (I replace the sensitive info with {},{AAA} etc.)
DNS format error from {IP}#53 resolving
{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org/ for client
169.254.4.50#51099: Name epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org (SOA) not
subdomain of zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org -- invalid response
The response related to the above log is as follows:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50664 ;; flags: qr
aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT
PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION:
;{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. IN
;; AUTHORITY SECTION: ;epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 86400 IN SOA
.mnc{AAA}.mcc{BBB}.gprs. dns-admin. ( ;
2020122704 ; serial ; 10800 ;
refresh (3 hours) ;3600 ;
retry (1 hour) ; 604800 ; expire
(1 week) ; 86400 ; minimum (1
day) ; )
Normally, the FQDN should be cached as a NXRRSET record as follows:
{}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 8412 - ;-$NXRRSET
But when the issue happens, it cannot be cached, I guess it's related to the
"invalid response" log.
From the error log, it mentions "zone
node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org", but I'm wondering where the zone
"node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org" comes from? I cannot found the
related SOA record in the dump file.___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
