Re: openbsd.org DNS problems
>you claim the SOA serial being a timestamp would have helped in diagnosis. Actually, I did not. tux2bsd: >> The SOA record could do with some attention too. ... >> That is true but it doesn't help when trouble shooting. Those comments were simply an observation passed along after I raised the issue, the trouble shooting was already done. You assumed I was only talking about a single event in the past. Nope, the comment was generalised: "when trouble shooting" - today I can troubleshoot example.com tux2bsd: >> a mistake or a software problem? Otto: > The people running the OpenBSD project and its > infra decide what to share, not you. I don't see where I decided what OpenBSD would share, I only asked a simple question. So, was it a mistake or a software problem? It would actually interesting. tux2bsd p.s. Isn't it fun LARPing as cantankerous chaps.
Re: openbsd.org DNS problems
On Fri, Nov 17, 2023 at 07:14:58AM +, tux2bsd wrote: > I understand you're choosing to be ornery about > the SOA record. Seems to matter more to you lot > than to me, given the defense being run around it. You claim the SOA serial being a timestamp would have helped in diagnosis. It would not have helped. > > > The issue was spotted > > You're welcome. > > Only 1 of your 10 name servers was returning an > A record, when I raised the issue. > > > and fixed. > > What would be interesting is finding out what > happened, what it a mistake or a software problem? > > tux2bsd The people running the OpenBSD project and its infra decide what to share, not you. -Otto
Re: openbsd.org DNS problems
I understand you're choosing to be ornery about the SOA record. Seems to matter more to you lot than to me, given the defense being run around it. > The issue was spotted You're welcome. Only 1 of your 10 name servers was returning an A record, when I raised the issue. > and fixed. What would be interesting is finding out what happened, what it a mistake or a software problem? tux2bsd
Re: openbsd.org DNS problems
On Fri, Nov 17, 2023 at 06:29:02AM +, tux2bsd wrote: > > > Stuart Henderson wrote: > > well, if you're nitpicking things which don't matter > > I would have rather not have needed to look at all. > > Useful: when was a change made, who to contact. > (strangely enough, easy to provide via SOA) > > OpenBSD list: fuck that, deflection is more fun > > >> Host openbsd.org not found: 2(SERVFAIL) > > Someone should prevent that from happening again. > > tux2bsd > "Someone should prevent that from happening again" thanks for you insight. We never would have thouhgt that up. In this case using a time based SOA serial would have only told you when the last working zone was created as the primary DNS was ServFailing and the secondaries kept on serving what they had for the SOA expiry period. As for the contact address: it's mostly a spam attractor, I can understand very well it's not a working address. Anyway, why continue whining? The issue was spotted and fixed. -Otto
Re: openbsd.org DNS problems
> > Stuart Henderson wrote: > well, if you're nitpicking things which don't matter I would have rather not have needed to look at all. Useful: when was a change made, who to contact. (strangely enough, easy to provide via SOA) OpenBSD list: fuck that, deflection is more fun >> Host openbsd.org not found: 2(SERVFAIL) Someone should prevent that from happening again. tux2bsd
Re: openbsd.org DNS problems
On 2023-11-16, tux2bsd wrote: > Stuart Henderson wrote: >> > Convention is either date of last update MMDDNN or, date +%s >> > 1218140044 is neither. >> >> >> Serial can be absolutely anything the admin wants to use as long as they >> follow the rules for rollover > > That is true but it doesn't help when trouble shooting. > >> (btw there's another small problem with the zone which you didn't spot ;) > > You're implying I was checking each little thing, I wasn't. Feel free to > spill the beans. well, if you're nitpicking things which don't matter, I thought you might have found that too ;)
Re: openbsd.org DNS problems
Hi, On 16 Nov 2023, at 9:32, tux2bsd wrote: > RNAME: > > r...@openbsd.org is not a valid email address. I attempted emailing that > yesterday, bounced. Some bounce info at the end. > the RNAME can be just a dot "." to indicate that this zone does not have an email address that can be used. As the RNAME "feature" of DNS is broken, that is a good option. > SERIAL: > > Convention is either date of last update MMDDNN or, date +%s > > 1218140044 is neither. It's a convention, and every admin can decide which numbering scheme works for her/him. Greetings Carsten
Re: openbsd.org DNS problems
Stuart Henderson wrote: > > Convention is either date of last update MMDDNN or, date +%s > > 1218140044 is neither. > > > Serial can be absolutely anything the admin wants to use as long as they > follow the rules for rollover That is true but it doesn't help when trouble shooting. > (btw there's another small problem with the zone which you didn't spot ;) You're implying I was checking each little thing, I wasn't. Feel free to spill the beans. tux2bsd
Re: openbsd.org DNS problems
On 2023-11-16, tux2bsd wrote: It'd be good to sort this, a bit of a meta remote hole... > > Maybe I could have said "remote black hole". > > Otto: >>> The persons capable of fixing this are traveling right now >> (and openbsd.org does have an A record). >> things are fixed now > > You're welcome. > > The SOA record could do with some attention too. > > openbsd.org has SOA record dns1.openbsd.org. root.openbsd.org. 1218140044 > 14400 900 1814400 600 > > RNAME: > r...@openbsd.org is not a valid email address. I attempted emailing that > yesterday, bounced. Some bounce info at the end. > > SERIAL: > Convention is either date of last update MMDDNN or, date +%s > 1218140044 is neither. Serial can be absolutely anything the admin wants to use as long as they follow the rules for rollover iff secondary nameservers use the standard zone transfer method. (btw there's another small problem with the zone which you didn't spot ;)
Re: openbsd.org DNS problems
>>> It'd be good to sort this, a bit of a meta remote hole... Maybe I could have said "remote black hole". Otto: >> The persons capable of fixing this are traveling right now > (and openbsd.org does have an A record). > things are fixed now You're welcome. The SOA record could do with some attention too. openbsd.org has SOA record dns1.openbsd.org. root.openbsd.org. 1218140044 14400 900 1814400 600 RNAME: r...@openbsd.org is not a valid email address. I attempted emailing that yesterday, bounced. Some bounce info at the end. SERIAL: Convention is either date of last update MMDDNN or, date +%s 1218140044 is neither. https://en.wikipedia.org/wiki/SOA_record bounce info - for an appropriate person: mail-03.mail-europe.com X-Postfix-Queue-ID: 4SVdgL6kC9z7t8y Arrival-Date: Wed, 15 Nov 2023 09:49:50 + (UTC) Diagnostic-Code: smtp; 524 5.2.4 Mailing list expansion problem: tux2bsd
Re: openbsd.org DNS problems
On Wed, Nov 15, 2023 at 11:49:05AM +, Craig Skinner wrote: > Hello, > > OpenBSD's root A record was deliberately removed about 5-10 years ago. > > The website is http://www.openbsd.org, not http://openbsd.org > > I can't find the thread of complaints from the time it changed. > > Cheers, > Craig. > The report was showing ServFail answers, which is not a good thing, whetehr a record i supposed to exist or not. But thimgs are fixed now (and openbsd.org *does* have an A record). -Otto
Re: openbsd.org DNS problems
Hello, OpenBSD's root A record was deliberately removed about 5-10 years ago. The website is http://www.openbsd.org, not http://openbsd.org I can't find the thread of complaints from the time it changed. Cheers, Craig.
Re: openbsd.org DNS problems
On Wed, Nov 15, 2023 at 08:43:06AM +, tux2bsd wrote: > > It'd be good to sort this, a bit of a meta remote hole... > > This = bad. Only people with necessary access can fix. > > $ host -t a openbsd.org 199.185.230.19 > Using domain server: > Name: 199.185.230.19 > Address: 199.185.230.19#53 > Aliases: > > Host openbsd.org not found: 2(SERVFAIL) > $ host -t a openbsd.org 199.185.230.18 > Using domain server: > Name: 199.185.230.18 > Address: 199.185.230.18#53 > Aliases: > > Host openbsd.org not found: 2(SERVFAIL) > > > Web page tool: > > https://dnschecker.org/all-dns-records-of-domain.php?query=openbsd.org=A=dnsauth > Noted. The persons capable of fixing this are travelling right now, may take some time. -Otto
openbsd.org DNS problems
It'd be good to sort this, a bit of a meta remote hole... This = bad. Only people with necessary access can fix. $ host -t a openbsd.org 199.185.230.19 Using domain server: Name: 199.185.230.19 Address: 199.185.230.19#53 Aliases: Host openbsd.org not found: 2(SERVFAIL) $ host -t a openbsd.org 199.185.230.18 Using domain server: Name: 199.185.230.18 Address: 199.185.230.18#53 Aliases: Host openbsd.org not found: 2(SERVFAIL) Web page tool: https://dnschecker.org/all-dns-records-of-domain.php?query=openbsd.org=A=dnsauth
