The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,977 other subscribers

Archive for the ‘Internet’ Category

« Previous Entries

Working around Archive.is/.today/.ph/.li/.vn/.fo/.md eternal spinner “Loading” when trying to archive a page

Posted by jpluimers on 2023/01/13

I have had the below Archive.is spinner “Loading” without any progress indication on a couple of URLs the last few months and I think they are tied to having special characters in the URL-to-be-archived.

My usual workaround was to first archive in the Wayback Machine, then archive the resulting URL in Archive.is as it would automatically follow the path up to the original URL,

That of course failed when  https://web.archive.org/web/*/vx-underground.org did not want to save in Archive.is: either these would give an eternal spinner on the “Loading” page no matter the browser you were using either the escaped %2A or *:

Read the rest of this entry »

Posted in archive.is / archive.today, Conference Topics, Conferences, Event, Internet, InternetArchive, LifeHacker, Power User, WayBack machine | Leave a Comment »

Some notes on changing and checking bind DNS entries

Posted by jpluimers on 2023/01/09

DNS isn’t based on propagation, but on (cache) expiry. Which means it is all about TTL (Time to Live), and since humans are bad at coping with caching (remember the post There are 2 hard problems in computer science: cache invalidation, naming things, and off-by-1 errors?), I needed some DNS refresh.

The time values in seconds of SOA (Start of Authority) and TTL record entries are always a pain, so hopefully this helps some:

Some TTL recommendations of the DNS SOA record via [Wayback/Archive] dns soa ttl best practice – Google Search and [Wayback/Archive] dns recommended ttl values – Google Search:

I’d rather have a good route for unplanned DNS changes (as in the past, quite a few were about those), so I settled for 3600 seconds (1 hour), but might go down to 600 seconds (10 minutes).

Checking DNS entries

Changing DNS entries

Some information on the DNS “master” files (which contain the RR or “resource records”) from [Wayback/Archive.is] RFC1035: domain names – implementation and specification and [Wayback/Archive] RFC2308: Negative Caching of DNS Queries (DNS NCACHE), as keep forgetting them.

Both RFCs together specify that these line entries are defined (i.e. can be valid):

    <blank>[<comment>]
    $ORIGIN <domain-name> [<comment>]
    $INCLUDE <file-name> [<domain-name>] [<comment>]
    <domain-name><rr> [<comment>]
    <blank><rr> [<comment>]

and that these are the valid <rr> or resource record formats:

    [<TTL>] [<class>] <type> <RDATA>
    [<class>] [<TTL>] <type> <RDATA>

If you do a DNS zone transfer – Wikipedia (often abbreviated to the DNS query type AXFR), then these entries always are single line with fields expanded, with each always having an absolute <domain name> entry ending in a dot (.), and read like this:

<domain name> TTL <class> <type> <RDATA>

From the specific RFCs:

  • RFC 1035 section 3.2.4: CLASS values
  • RFC 1035 section 5.1: master files – format
    • White space to separate items on a line can be spaces or tabs
    • Comments start with semi-colon (;), which means that hashes (#) or double-slashes (//) won’t work and are syntax errors (the above mentioned tool named-checkzone can help you figure out those syntax errors).
    • There are line entries for blank, $ORIGIN, $INCLUDE, and resource record.
    • A line entry starting with $ORIGIN defines the current origin to be used from then on. Without such entry, he default origin can be defined through a parameter when loading the master file (see the Zone file: localhost example file)
    • Resource record line entries can start with:
      • @ to use the current origin as domain name.
      • a specified <domain-name> to denote the domain name to be used
      • no <domain-name> indicating the previous domain name to be used
    • A <domain-name> can be absolute ending in a dot (.)), or relative (in which case the origin is appended).
    • No <TTL> or  no <class> value means to use the previous TTL or class values to be used.
    • One resource record entry per line, unless you put parenthesis, then you can wrap it over multiple lines, which can be convenient for SOA record like this:
      @               IN      SOA     ns1.4delphi.com.        hostmaster.4delphi.com. (
                        2021112201 ; serial
                        3600 ; refresh every 1 hour
                        120 ; retry every 2 minutes
                        1209600 ; expire in 2 weeks
                        10800 ; now is 3 hours (see RFC2308) used to be 2 days: 172800 ; default_ttl
                        )
  • RFC2308 section 4: SOA Minimum Field
    • The $TTL line entry defining the default TTL to be used from then on (similar to $ORIGIN )

There is more (like encoding of domain names, more resource record types, and domain name length limitations), but those go beyond this blog post.

Examples on Wikipedia

Zone file: Example file is great:

$ORIGIN example.com.     ; designates the start of this zone file in the namespace
$TTL 3600                ; default expiration time (in seconds) of all RRs without their own TTL value
example.com.  IN  SOA   ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 )
example.com.  IN  NS    ns                    ; ns.example.com is a nameserver for example.com
example.com.  IN  NS    ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com
example.com.  IN  MX    10 mail.example.com.  ; mail.example.com is the mailserver for example.com
@             IN  MX    20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
@             IN  MX    50 mail3              ; equivalent to above line, but using a relative host name
example.com.  IN  A     192.0.2.1             ; IPv4 address for example.com
              IN  AAAA  2001:db8:10::1        ; IPv6 address for example.com
ns            IN  A     192.0.2.2             ; IPv4 address for ns.example.com
              IN  AAAA  2001:db8:10::2        ; IPv6 address for ns.example.com
www           IN  CNAME example.com.          ; www.example.com is an alias for example.com
wwwtest       IN  CNAME www                   ; wwwtest.example.com is another alias for www.example.com
mail          IN  A     192.0.2.3             ; IPv4 address for mail.example.com
mail2         IN  A     192.0.2.4             ; IPv4 address for mail2.example.com
mail3         IN  A     192.0.2.5             ; IPv4 address for mail3.example.com

as well as the examples at Zone file: Localhost:

An example for manual configuration of the forward zone for localhost is the following:

$ORIGIN localhost.
@  86400  IN  SOA   @  root (
                  1999010100 ; serial
                       10800 ; refresh (3 hours)
                         900 ; retry (15 minutes)
                      604800 ; expire (1 week)
                       86400 ; minimum (1 day)
                    )
@  86400  IN  NS    @
@  86400  IN  A     127.0.0.1
@  86400  IN  AAAA  ::1

The corresponding reverse zone definition is:

;; reverse zone file for 127.0.0.1 and ::1
$TTL 1814400 ; 3 weeks
@  1814400  IN  SOA     localhost. root.localhost.  (
                      1999010100 ; serial
                           10800 ; refresh (3 hours)
                             900 ; retry (15 minutes)
                          604800 ; expire (1 week)
                           86400 ; minimum (1 day)
                        )
@  1814400  IN  NS      localhost.
1  1814400  IN  PTR     localhost.

This file does not specify the origin so that it may be used for both IPv4 and IPv6 with this configuration:

zone "0.0.127.in-addr.arpa"  IN {
                                type master;
                                file "r.local";
                                };
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"  IN {
                                type master;
                                file "r.local";
                                };

Similar zone master files may be created for the reverse resolution of the broadcast address and the null address. Such zone files prevent a DNS server from referring to other, possibly external DNS servers.

Related

OpenSuSE: the relation between /etc/var/named.d and /var/lib/named

jeroen

Posted in DNS, Internet, Power User | Leave a Comment »

Getting your public IP address from the command-line when http and https are blocked: use DNS

Posted by jpluimers on 2022/12/28

Years ago, I wrote Getting your public IP address from the command-line. All methods were http based, so were very easy to execute using cURL.

But then in autumn 2021, Chris Bensen wrote this cool little blog-post [Wayback/Archive] Chris Bensen: How do I find my router’s public IP Address from the command line?:

dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com

At first sight, I thought it was uncool, as the command was quite long and there was no explanation of the dig command trick.

But then, knowing that dig is a DNS client, it occurred to me: this perfectly works when http and https are disabled by your firewall, but the DNS protocol works and gives the correct result:

# dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com
"80.100.143.119"

This added the below commands and aliases to my tool chest for *nix based environments like Linux and MacOS (not sure yet about Windows yet :), but that still doesn’t explain why it worked. So I did some digging…

IPv4

  • command:
    dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com
  • command removing outer double quotes:
    dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | xargs
  • alias:
    alias "whatismyipv4_dns=dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | xargs"

IPv6

  • command:
    dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com
  • command removing outer double quotes:
    dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com | xargs
  • alias:
    alias "whatismyipv6_dns=dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com | xargs"

How it works

Let’s stick to dig and IPv4 as that not having IPv6 (regrettably still) is the most common situation today:

# dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com
"80.100.143.119"

What it does is request the DNS TXT record of o-o.myaddr.l.google.com from the Google DNS server ns1.google.com and returns the WAN IPv4 address used in the DNS request, which is for instance explained in [Wayback/Archive] What is the mechanics behind “dig TXT o-o.myaddr.l.google.com @ns1.google.com” : linuxadmin.

Since these are TXT records, dig will automatically double quote them, which xargs can remove (see below how and why):

# dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | xargs
80.100.143.119

The DNS query will fail when requesting the Google Public DNS servers 8.8.8.8 or 8.8.4.4:

# dig -4 TXT +short o-o.myaddr.l.google.com @8.8.8.8
"2a00:1450:4013:c1a::103"
"edns0-client-subnet 80.101.239.0/24"

Or, with quotes removed (the -L 1 ensures that xargs performs the quote-pair removal action on each line):

# dig -4 TXT +short o-o.myaddr.l.google.com @8.8.8.8 | xargs -L 1
2a00:1450:4013:c1a::103
edns0-client-subnet 80.101.239.0/24

This request is both slower than requesting the ns1.google.com server and wrong.

The reason is that only ns1.google.com understands the special o-o.myaddr.l.google.com hostname which instructs it to return the IP address of the requesting dig DNS client.

That 8.8.8.8 returns a different IP address and an additional edns0-client-subnet with less accurate information is explained in an answer to [Wayback/Archive] linux – Getting the WAN IP: difference between HTTP and DNS – Stack Overflow by [Wayback/Archive] argaz referring to this cool post: [Wayback/Archive] Which CDNs support edns-client-subnet? – CDN Planet.

Not just ns1.google.com: any DNS server serving the google.com domain

Since o-o.myaddr.l.google.com is part of the google.com domain, the above works for any DNS server serving the google.com domain (more on that domain: [Wayback/Archive] General DNS overview  |  Google Cloud).

Getting the list of DNS servers is similar to getting the list of MX servers which I explained in Getting the IP addresses of gmail MX servers, replacing MX record type (main exchange) with the NS record type (name server) and the gmail.com domain with the google.com domain:

# dig @8.8.8.8 +short NS google.com
ns3.google.com.
ns1.google.com.
ns2.google.com.
ns4.google.com.

The ns1.google.com DNS server is a special one of the NS servers: it is the start of authority server, which you can query using the SOA record type that also gives slightly more details for this server:

# dig @8.8.8.8 +short SOA google.com
ns1.google.com. dns-admin.google.com. 410477869 900 900 1800 60

The difference between using NS and SOA records with dig are explained in the [Wayback] dns – How do I find the authoritative name-server for a domain name? – Stack Overflow answer by [Wayback/Archive] bortzmeyer who also explains how to help figuring out SOA and NS discrepancies (note to self: check out the check_soa tool originally by Michael Fuhr (I could not find recent content of him, so he might have passed away) of which source code is now at [Wayback/Archive] Net-DNS/check_soa at master · NLnetLabs/Net-DNS).

So this works splendid as well using ns4.google.com on my test system:

# dig -4 TXT +short o-o.myaddr.l.google.com @ns4.google.com | xargs
80.100.143.119

The xargs removes outer quotes removal trick

[Wayback/Archive] string – Shell script – remove first and last quote (“) from a variable – Stack Overflow (thanks quite anonymous [Wayback/Archive] user1587520):

> echo '"quoted"' | xargs
quoted

xargs uses echo as the default command if no command is provided and strips quotes from the input.

More on https versus DNS requests

Some notes are in [Wayback/Archive] How to get public IP address from Linux shell, but note the telnet trick now fails as myip.gelma.net is gone (latest live version was archived in the Wayback Machine in august 2019).

Via

–jeroen

Posted in *nix, *nix-tools, Apple, bash, bash, Batch-Files, Communications Development, Development, DNS, Internet protocol suite, Linux, Mac, Mac OS X / OS X / MacOS, Power User, Scripting, Software Development, TCP | Leave a Comment »

Hopefully the Archive Today domain archive.is still exists

Posted by jpluimers on 2022/11/11

Last year there was some tension with the .is registry: [Wayback] Archive.is blog — Why has ‘is’ been redirecting to ‘vn’ and ‘md’…

This was because of a dispute from ISNIC: [Archive.is] archive.today on Twitter: “@ISNIC is threatening again with “putting archive.is in Bad Reg Process” (whatever that means). Formal reason: complaints about snapshots of old bitcoin-scam pages.”.

Back then, archive.vn and archive.md were the redirects. If archive.is really disappears, I have a lot of dead links to fix and need to first figure out which of these domains will last most:

archive.today – Wikipedia URL list:

URL

–jeroen

Read the rest of this entry »

Posted in archive.is / archive.today, Internet, Power User | Leave a Comment »

archive.today on Twitter: “@ISNIC is threatening again with “putting https://t.co/Y3m3Rp5i5c in Bad Reg Process” (whatever that means). Formal reason: complaints about snapshots of old bitcoin-scam pages.”

Posted by jpluimers on 2022/10/24

Hopefully the archive.today dispute with the .is registrar ISNIC got resolved and archive.is domain still exists as last year: [Archive.md] archive.today on Twitter: “@ISNIC is threatening again with “putting in Bad Reg Process” (whatever that means). Formal reason: complaints about snapshots of old bitcoin-scam pages.”

–jeroen

Posted in archive.is / archive.today, Internet, Power User | Leave a Comment »

« Previous Entries
 
%d bloggers like this: