Date: Sat, 12 May 2012 09:14:45 -0700 From: Kevin Oberman <kob6558@gmail.com> To: Leslie Jensen <leslie@eskk.nu> Cc: ports@freebsd.org, RW <rwmaillists@googlemail.com> Subject: Re: Please test geodns.portsnap.freebsd.org Message-ID: <CAN6yY1u3ejw=Vz8nnvvZ1NKKVZYKO7SdDi1jCTrggYxgp5PKhg@mail.gmail.com> In-Reply-To: <4FAE8897.4060305@eskk.nu> References: <4FADDEE9.1060707@freebsd.org> <4FAE0AEF.9060704@eskk.nu> <4FAE0B8C.7010509@freebsd.org> <4FAE0FC1.1000106@eskk.nu> <4FAE3CA7.5080206@freebsd.org> <4FAE54BA.4060308@eskk.nu> <20120512151936.1fd3b626@gumby.homeunix.com> <4FAE8897.4060305@eskk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 12, 2012 at 8:58 AM, Leslie Jensen <leslie@eskk.nu> wrote: > > > 2012-05-12 16:19, RW skrev: > >> On Sat, 12 May 2012 14:16:58 +0200 >> Leslie Jensen wrote: >> >>> >>> >>> 2012-05-12 12:34, Colin Percival skrev: >>>> >>>> On 05/12/12 00:22, Leslie Jensen wrote: >>>>> >>>>> host -t srv _http._tcp.geodns.portsnap.freebsd.org >>>>> ;; Truncated, retrying in TCP mode. >>>>> ;; Connection to 172.17.0.1#53(172.17.0.1) for >>>>> _http._tcp.geodns.portsnap.freebsd.org failed: connection refused. >>>> >>>> >>>> Ok, you have a broken recursive DNS server configuration. >>>> >>>> I'll have A records as a fallback for situations like this where >>>> SRV can't be used. >>>> >>> >>> What exactly does that mean? The IP-address is my home router that >>> acts as a caching DNS for my network. The router in turn uses my >>> ISP's DNS. >>> >>> So if there is a configuration issue I'll be willing to drop a letter >>> to my ISP in order to get it fixed. >> >> >> Probably your router doesn't support SRV records, try putting external >> servers in resolv.conf. >> _______________________________________________ >> freebsd-ports@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-ports >> To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > > > > Well I had to read up on configuring dhclient.conf > > After adding > > prepend domain-name-servers y.y.y.y, x.x.x.x; > > To my /etc/dhclient.conf > > I now get the following and it looks to me as it works :-) > > > > host -t srv _http._tcp.geodns.portsnap.freebsd.org > ;; Truncated, retrying in TCP mode. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > ap-southeast-1.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 1 10 80 > geodns-1.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 2 10 80 > geodns-2.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 3 10 80 > geodns-3.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > isc.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > your-org.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > ec2-eu-west-1.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > ec2-sa-east-1.portsnap.freebsd.org. > _http._tcp.geodns.portsnap.freebsd.org has SRV record 4 10 80 > ap-northeast-1.portsnap.freebsd.org. Warning! You will have more problems down the road. The real issue is that a firewall (or router ACL) is blocking port 53/tcp. This is distressingly common and will result in DNS issues more and more often. By default, DNS attempts to use UDP (53/udp) for DNS lookups. If the response is too big to fit into a UDP packet, the operation will fall back to using TCP, but many sites follow bad advice of blocking 53/tcp, so the lookup fails. This has been a growing problem as DNS responses are getting longer due to things like this, IPv6, and DNSSEC. Please contact whoever is responsible for your router/firewall and ask that 53/tcp be allowed. Otherwise, more and more things will break. -- R. Kevin Oberman, Network Engineer E-mail: kob6558@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1u3ejw=Vz8nnvvZ1NKKVZYKO7SdDi1jCTrggYxgp5PKhg>