Remotelog was added in June 28, 2011 and thus is over 8 years old. It's time to remove it as since then syslog on openbsd has been improved a lot. The OpenBSD syslogd got TCP support in december 2014 and improved since then. So our remotelog was much older and is superfluous now. On top of that it used SHA1 HMAC which is outdated. I'll do the changes this week.0 comments
PiRATA is someone from Portugal I think who I helped getting delphinusdnsd going on IRC. It was a pleasure, learning what the issues were. One thing that stood out is, that 1.3 is quickly becoming old. Although the 1.4 release is still five weeks away, I'd recommend anyone going to try out this daemon, to use a snapshot. What you're seeing in the snapshots right now is basically 1.4 without testing and minor bug fixes. I'd say PiRATA was an advanced user hence going through the configfile issues was easy. I'm still trying to make it easier for a newbie, any feedback is welcomed.0 comments
As a test I have put delphinusdnsd in replicant mode on trapezoid.centroid.eu. This is a bold move and I hope nothing breaks. I'm looking forward to running this indefinitely until the 1.4 release at which point I'll update it. As a backup I have an NSD on rhombus.centroid.eu but it lacks an IPv6 address.0 comments
I have synced delphinusdnsd snapshots along all operating systems that this daemon supports. It works on Linux, OpenBSD, NetBSD and FreeBSD. If you want to test, you can test. But please, be careful as things have changed. The snapshots were updated at 8:30 CET this morning which is outside the usual window of midnight. I did this to expedite this a bit.0 comments
In order to test delphinusdnsd on other platforms I had to install a Microsoft Hyper-V FreeBSD instance. I couldn't download from delphinusdns.org though because of this:
It seems to affect only the Hyper-V resolver behind a BIND. The BIND serves the root-servers.net's as AUTHORITY data, and this resolver sticks it together as an answer. Bad things result. Please Microsoft, fix Hyper-V's DNS!
In the meanwhile i've taken the freebsd instance out of the extern LAN area (which is 192.168.127.0/24, I suspect) and everything works now. PS sorry for the blurry photo, I couldn't make a screenshot because I couldn't figure it out with a Macintosh keyboard (how to print, I was told F13 but it doesn't work.. PEBCAK in that case).0 comments
I have roughly one month and a half to test delphinusdnsd replicant and the overall stability of the soon to be 1.4 release. You can help by sending some queries to the following nameservers:
You can test the following zones on wedge: ip6.centroid.eu, otherzone.centroid.eu. And the following zones should work on trapezoid port 9053: centroid.eu, dtschland.eu, solarscale.de, goldflipper.de, schweinfurtdating.de, delphinusdns.org, virgostar.net, mainrechner.de, freifunk-schweinfurt.de. The trapezoid server is currently still running NSD on port 53, but I plan to change that in time, when I feel secure that I can run delphinusdnsd in its place.
Thanks for any help and one or two queries to port 9053 on trapezoid. Do report back any errors too please.0 comments
The CVS stuff gets rsync'ed to the webserver. It just so happens that the time when the snapshot is created conflicted with the time when this was done. I have manually fixed this now as it made a corrupted tarball for downloading snapshots. Sorry for inconvenience. In future the snapshot script will sleep a bit before executing a cvs checkout.0 comments
I have marked off Replicant/Slave mode off my TODO file as DONE. Now all that remains is testing, refactoring and minor changes.
For 1.4.0 release - a github mirrored copy - fix the DNSSEC code so that a KSK key rollover is allowed [DONE] - TSIG support would still be nice [DONE] - CAA RR support - More ciphers for signing (GOST, ECDSA, Elliptic Curves) [ECDSA DONE] - Slave AXFR mode (with TSIG) [DONE] - Redo TCP support [DONE]You may remember that I applied for a grant last year and this disturbed the release cycle with the 1.3 release being done in summer. So I didn't get the grant, but I did get more time to write on delphinusdnsd (1.5 release cycles) in order to get back to ta winter release cycle. These are the major goals set and (mostly) completed. If you want to see where things were and where we're going then look up the TODO file in the CVS repo.
Also I may put this out now, the 1.5 release will be mostly bug fixes but little new features as I'm catching a breather. It may also be a time for others to contribute patches and possibly join development. The 1.6 release will be much stronger as I plan to add the feature of DNS Updates and possibly fix replicant mode so that delphinusdnsd doesn't have to restart upon a successful AXFR. It also depends how much time I got I guess. That's what's on the menu though. I plan to be writing on delphinusdnsd until I'm 59, so there is still time to perhaps get it done some day this adds another 15 years to development life.1 comment
Slavery is a scandalous human condition, it hasn't brought us further. In DNS there is a primary master server usually that controls when zone changes are made. Any other server that does an AXFR from this master is historically called a slave. I asked the DNS community in #dns freenode channel what some similar names are that would be relevant to get rid of the word slave. We settled on "replicant". A replicant by means of definition is a replicative which when dug further is "Of, pertaining to, or causing replication". This is a good word. However please forgive me if I still use the word "slave" because the s word is so popular in the community and I want to let people know what I'm talking about. Officially though in delphinusdnsd we're using replicant to indicate a replicant daemon.0 comments
In my test lab delphinusdnsd in replicant mode (in debug mode) successfully got a notify from nsd and subsequently pulled the zonefile from nsd.
adding SOA values to zone petphi.internal.centroid.eu petphi.internal.centroid.eu -> 2019110304, 3600, 1800, 1209600 on descriptor 3 interface "192.168.177.2" dns NOTIFY packet from 192.168.177.1,\ replying NOTIFY request on descriptor 3 interface "192.168.177.2" from 192.168.177.1 (ttl=64, \ region=255) for "petphi.internal.centroid.eu." type=SOA(6) class=1, answering \ "NOTIFY" (149/45) zone petphi.internal.centroid.eu is being notified now new higher serial detected (2019110305 vs. 2019110304) setsockopt: Numerical argument out of domain scheduling restart at Mon Nov 4 11:59:39 2019This is another milestone, showing that a delphinusdns replicant (also called a slave) can interoperate with other nameservers. 0 comments
On this day in
By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries