DNS & network news

Monthly Archive: April 2017

Unlocator DNS issues

I apologize if this isn’t the correct place to ask.

I use Unlocator to watch US content in Argentina. It was working fine until recent weeks when it started having some issues. They provided a new DNS number and everything works fine on my iPhone and Apple TV 4 except for Netflix. Now, granted they never supported Netflix, but the app still reverted to Argentina’s catalogue and worked fine. Now it won’t play anything.

submitted by /u/Mykle82
[link] [comments]

Powered by WPeMatico

Question about powerdns.

So I’ve been playing around with pdns lately and try to understand what’s going on.

I have 3 box. 1 client(192.168.77.73), 1x recursor(192.168.77.72) and 1x authoritive(192.168.77.73) server.

authoritative server /etc/pdns/pdns.conf

allow-recursion=192.168.77.0/24 api=yes api-key=changeme api-logfile=/var/log/pdns.log daemon=no guardian=no launch=gpgsql gpgsql-host=127.0.0.1 gpgsql-dbname=pdns gpgsql-user=pdns gpgsql-password=password webserver=yes local-address=192.168.77.71 loglevel=4 recursor=8.8.8.8 setgid=pdns setuid=pdns webserver-address=192.168.77.71 

recursor /etc/pdns-recursor/pdns-recursor.conf

setuid=pdns-recursor setgid=pdns-recursor allow-from = 127.0.0.0/8, 192.168.77.0/24 

My forward and reverse zone information is in the authoritative server. The recursor do not have the database it’s basically blank. I want to test the concept of recursing to find the record from the Auth server.

My .73 client uses .72 the recursor as nameserver. It can’t resolve anything. Why is that? I thought the recursor should query the auth server if it can’t find anything.

submitted by /u/juniorsysadmin1
[link] [comments]

Powered by WPeMatico

MailChimp VS Google Domain. Help!

I’m trying to authenticate my new gmail account domain with MailChimp. I’m doing this through access.enom.com (not by choice; redirected via Google Admin), and I’m having trouble. I have attached many screenshots to try to make my inquiry as clear as possible.

Here is the pop-up MailChimp gives me while trying to authenticate my gmail account:

http://i.imgur.com/6lINmui.png

So, I go to Econ and enter in the provided information:

http://i.imgur.com/Wc3aDWp.png

I have also tried different variations of the addresses (i.e. “v=spf1 include:servers.mcsv.net ?all” instead of just “servers.mcsv.net”)

Upon attempting to authentically through MailChimp, I receive the following error:

http://i.imgur.com/g7srRPp.png

I tried going through eNom.com’s dashboard instead of access.enom.com, and I received the following notification while trying to sign in:

http://i.imgur.com/EA8hPeW.png

I also tried going through ICANN WHOIS to find more information regarding my domain, and here are the results: https://whois.icann.org/en/lookup?name=youtubemusicnews.com

Any help at your earliest convenience would be greatly appreciated!

submitted by /u/echamplin
[link] [comments]

Powered by WPeMatico

Duiadns – IPv6 for LAN & Apple Airport DDNS

Hi Reddit, Our Dynamic DNS solution known especially for this free and unique IPv6 feature we called ‘IPv6 for LAN’ (you can update all your v6 LAN’s hosts directly from your home router) is also one of the fewest DDNS choices for apple airport routers. We have spent a lot of effort in making the code for these two very usefull features (IPv6 for LAN & Apple Airport DDNS) and we want to share our experience about running a Free DDNS service, about IPv6 and dynamic DNS or mDNS apple router’s updates with everybody is interested. Website https://www.duiadns.net

submitted by /u/techv6
[link] [comments]

Powered by WPeMatico

DNSSEC Additional Section Issue

Hey everyone, for my college project I’m adding DNSSEC to a currently existing DNS leaf server written in java. The problem that I’ve run into involves parsing the Opt pseudo RR from the additional section. If I understand correctly the OPT pseudo RR is just like any other Resource Record when it comes to wire format. The wire format for a Resource Record as stated in RFC 1035 is as follows:

 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | / / / NAME / | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TYPE | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | CLASS | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TTL | | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | RDLENGTH | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--| / RDATA / / / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ 

If I understand correctly, name should take up two bytes (16 bits) and then type should follow. However when doing a dig +dnssec message and looking at the byte array I get the following result:

0 0 41 16 0 0 0 -128 0 0 0

What I expect would have been the following:

0 0 0 41 16 0 0 0 -128 0 0 0

Or something a long those lines. This is because I thought the name would take up at least 2 bytes. It seems that in this byte array it is only 1 byte. I’m wondering why this is. What is going on here that I’m not understanding? Could someone link the RFC that states this exception? (If it is an exception). I’m assuming that dig is sending the right information.

Thanks!

submitted by /u/andrewbeeee
[link] [comments]

Powered by WPeMatico

Looking for help setting DNS for my first VPS

I’m trying to accomplish a couple things:

  • Bare domain points to website on VPS with www forwarding to bare domain
  • Mail handled by 3rd party, e.g., gmail, including SPF and DKIM

Currently I have records:

Zone Type Address
*.domain.com. A 111.111.111.111
domain.com. NS ns2.registrar.com.
gmail._domainkey TXT v=DKIM1; k=rsa; p=itsasecret
domain.com. TXT v=spf1 include:_spf.gmail.com mx ~all
domain.com. MX mail.gmail.com.
mail.domain.com. A 111.111.111.111
domain.com. NS ns1.registrar.com.
domain.com. A 111.111.111.111
domain.com. TXT gmail-verification=itsasecret
_dmarc.domain.com. TXT v=DMARC1; p=quarantine; rua=mailto:me@gmail.com
smtp.domain.com. A 111.111.111.111

The mail and smtp subdomain records were default from registrar. This was all working fine until I added the A records to point to VPS (*.domain.com and domain.com) – now DKIM is failing and I’m not sure why.

Update: I’ve removed the *.domain.com A record and added quotes to my TXT records that have spaces in them. I also removed the mail.domain.com and smpt.domain.com records since I’m not hosting the email myself. Email provider now shows the DKIM issue as being resolved. I’ll try using a CNAME instead for www.

submitted by /u/s3rvant
[link] [comments]

Powered by WPeMatico

Error during bind9 startup

I just installed Bind9 on a VPS to handle my own DNS lookups (intending for use in production later on), and I can successfully dig a domain which is registered with it.

However, upon digging, gives this error:

../../../../lib/isc/unix/socket.c:2868: setsockopt(20, IPV6_RECVTCLASS) failed: Protocol not available

I tried to disable IPV6 in the bind9 startup config, but that didn’t work.

Is anyone familiar with this error and knows what I can do to fix it?

Thank you!

submitted by /u/TheSerenin
[link] [comments]

Powered by WPeMatico