Everything is a Freaking DNS problem - dns

Linux Troubleshooting 101 , 2016 Edition

Kris Buytaert — Wed, 01 Jun 2016 07:00:55 +0000

Back in 2006 I wrote a blog post about linux troubleshoooting. Bert Van Vreckem pointed out that it might be time for an update ..

There's not that much that has changed .. however :)

Everything is a DNS Problem

Everything is a Fscking DNS Problem
No really, Everything is a Fscking DNS Problem
If it's not a fucking DNS Problem ..
It's a Full Filesystem Problem
If your filesystem isn't full
It is a SELinux problem
If you have SELinux disabled
It might be an ntp problem
If it's not an ntp problem
It's an arp problem
If it's not an arp problem...
It is a Java Garbage Collection problem
If you ain't running Java
It's a natting problem
If you are already on IPv6
It's a Spanning Tree problem
If it's not a spanning Tree problem...
It's a USB problem
If it's not a USB Problem
It's a sharing IRQ Problem
If it's not a sharing IRQ Problem
But most often .. its a Freaking Dns Problem !

Starting a Collection

Kris Buytaert — Fri, 02 Apr 2010 17:38:27 +0000

Apparently I started a collection ..
Of DNS books signed by their author ...

As already mentioned on twitter, Jan-Piet Mens kindly gave me a signed copy of his alternative DNS Servers book, last week at the UKUUG 2010 Spring Conference

When I got that book I didn't even know yet that this morning I was going to be at a seminar on DNS sec by Cricket Liu
and because of having registered so late for the event I certainly wasn't expecting to get one of the books that were going to be handed out to the first 50 people that signed up ... but I was lucky ..

So which book should I try to get next ? :)

NoSQL vs MySQL

Kris Buytaert — Mon, 23 Nov 2009 20:17:52 +0000

No I did NOT post the following comment

This is ridiculous. You didn't test MySQL, you tested a failing DNS lookup on authentication.

resulting in the follow up post :

My previous post Redis, Memcache, Tokyp Tyrant, MySQL comparison had a flaw as pointed out by this comment. The MySQL was taking a huge time for doing a reverse DNS lookup.

But as always ... Everything is just a Freaking dns problem :)

What DNS is Not

Kris Buytaert — Mon, 09 Nov 2009 21:40:50 +0000

This article by Paul Vixie is a must read if you want to know what DNS is not about .. and how people abuse it for the sake of extorting money from morons.

Ah well.. nothing we didn't already know.. just more proof that
Everything is a Freaking DNS problem.

Not sure on which layer the problem is.. must be on a layer even above the religious one.. the "Greed" one.

DNS Tools

Kris Buytaert — Wed, 28 Oct 2009 20:52:08 +0000

In my latest DNS Problem related post I mentionned that don't know all the answers, I however know about some good tools to help you setup a clean DNS server.

Ages ago via Planet Fedora I ran into an article from Steven Moix about a tool he and his fellow students build for a summer project.

The tool is DNSKnife and it's really interresting.

DNS Knife is a good tool to check if your DNS setup is ok, it checks the parent servers, it checks for if your nameservers are listed on the parent server, checks if all your nameservers are reachable and are authorative .
And so on and so on ...

It warns for Open Relays, if you care for that ..in fact an Open DNS relay also means that you can use it from everywhere eg for tcp over dns.

It warns for misconfigured SOA , such as too short Expire values etc
You know.. the time a secondary dns server will keep it's copy of the zone valid when It can't contact the primary , not the other misinterpretations you folks usually have ..

Off course it isn't always correct. it considers not finding MX records a failur
e , however some domains just don't want a MX record.

DNSKnife actually provides you with an automated alternative to manually verify ing RFC 1912 , well at least partly :)

Diaper Needs Service Problem

Kris Buytaert — Mon, 29 Jun 2009 18:53:45 +0000

Last Saturday late, Sandy gave birth to our 2nd daughter
Amber, pics etc are on her own site

So we'll be changing diapers of 2 little Buytaert kids for a while )

PS. Craig from O'ReillyGMT gets the credit for inventing the new DNS acronym,

The Story Repeats

Kris Buytaert — Tue, 10 Feb 2009 21:55:21 +0000

I covered this one before .. but as it struck twiced today .. I think it's worth repeating. Both my collegue Karl and Trent ran into the same problem , within hours hours of eachother, a missing or failing reverse dns mapping that caused performance issues .. and a lot of log entries..

Karl denies having a second life in Perth but I`m not really sure about that ...

But I guess they both have to agree... Everything is a fscking DNS problem.
(I noticed other people using that spelling this weekend, on stage in the Janson)

This week in DNS problems

Kris Buytaert — Wed, 21 Jan 2009 18:29:31 +0000

SANS notes a weird DOS atack on different namesevers. People quering for "." a lot.

Ward wondering what's going on with the .org nameservers

And Dries migrating his site.

Crazy stuff over DNS

Kris Buytaert — Wed, 07 Jan 2009 16:44:58 +0000

Pascal tweeted me te following link.

From the site :

I had written some code to take wikipedia articles and summarise them. I wanted to offer this for use in various places, now the obvious way to offer it is just a web service (via REST, SOAP, etc), but that's boring and I had a cunning plan. Why not offer it over DNS - it is basically a huge associative array and DNS is designed for this stuff.

Some people send way to much stuff over a TXT record .. and then one wonders why DNS is a problem.. it's being abused for all the things wasn't designed in the first place. And people also trust it too much while it never was desgined for that either.

Oh well.. at least IP over DNS is usefull :)

Phrase from nearest book meme

Kris Buytaert — Wed, 12 Nov 2008 19:53:45 +0000

Meme from codeblog

* Grab the nearest book.
* Open it to page 56.
* Find the fifth sentence.
* Post the text of the sentence in your journal along with these instructions.
* Don’t dig for your favorite book, the cool book, or the intellectual one: pick the CLOSEST.

My result:

"We'll cover more on where to place your name servers in Chapter 8, Growing Your Domains." - DNS and BIND , 2nd Edition , Paul Albitz & Cricket Liu

No really it really was the closest one .. someone just brought it back to my desk