Dean Anderson | 1 Jul 04:40 2007

Re: open-rsc.org

I couldn't get a zone transfer, but the website isn't down from my home
DSL.

But, I'm a bit dubious about this site. The website is hosted by
UltraDNS. You probably already know UltraDNS is one of the Rodney Joffe
& Paul Vixie "BIND companies". Joffe is also the guy who runs the spam
operation called Whitehat.com. There is some background to this: You've
all probably heard of Sanford Wallace (the proto-spammer).  Not so
well-known is that Sanford Wallace also sold anti-spam software. Wallace
created the nuisance and also sold the cure. Most anti-spammer sites
just talk about the nuisance side of Wallace, and leave out the
anti-spam software he sold. In 1996 or so, Vixie and Joffe just stole
Wallace's business plan, founding a blacklist (MAPS) and founding a Spam
company (Whitehat), and keeping a very low profile on the connection
between them.  Joffe is a founder (or board member)  of UltraDNS.
Vixie, John Levine (now chair of ASRG anti-spam-research-group), and Ray
Everett-Church were on the board of Whitehat.  Joffe connects Vixie to
UltraDNS, but I think there are other connections, too. 

In January 1998, in an attempted squeeze-out of network solutions for
"spamming" NetSol domain contacts with NetSol added services (not
something we'd call unsolicited today), Postel, with Vixie and 8 other
server operators, tried to take control of the roots.  They tried to
force out NetSol on the Machiavellian principle of "if you can destroy
something, you control it". By taking over the roots, they could
destabilize the internet, and forcibly remove NetSol.  The government
stepped in, and they lost. There is a good book on this episode,
entitled "Who Controls the Internet" subtitled "Illusions of a
borderless world"  by Goldsmith and Wu.  

(Continue reading)

Peter Dambier | 2 Jul 00:38 2007

Re: open-rsc.org

Hi Dean,

thankyou very much for your exhaustive information.
I would very much like to forward it to the
Cesidian Root and the Pirates Party.

I have made similar observations with several
alternative roots or Racines Libres and I guess
the "Though shall not have another root beside me"
is not much better :)

I have seen many rootservers "happen" to live in
the same /24 with spammers and phishers.

Of course that is only accidental and probably
related with the fact we have a blue moon today :)

Gary,

at the moment I can see

Status ORSC SOA

soa(".","2005030203","199.166.26.51","199.166.26.51").
soa(".","2005030203","199.166.26.100","199.166.26.100").

soa(".","2006080100","199.166.29.2","199.166.29.2").

Three servers only. Two of them in the same cellar.
Their information differs by one and a half years.
(Continue reading)

John Mok | 12 Jul 18:44 2007
Picon

DNS Balancing by geographic locations

Hi,

I am new to tinydns. I wonder if there is any patch for tinydns that can 
enable tinydns to return different results to DNS queries by geographic 
locations, such that the returned IP address is the closest one to the 
client.

Thanks a lot.

John Mok

mj | 13 Jul 15:05 2007
Picon

Re: DNS Balancing by geographic locations

John Mok <jmok <at> attglobal.net> kirjoitti: 
> Hi,
> 
> I am new to tinydns. I wonder if there is any patch for tinydns that can 
> enable tinydns to return different results to DNS queries by geographic 
> locations, such that the returned IP address is the closest one to the 
> client.
> 
> Thanks a lot.
> 
> John Mok

See http://pub.mud.ro/~cia/computing/tinydns-with-geoip-patch.html

--
mike

Roger Mutangadura | 26 Jul 15:23 2007
Picon

Secondary DNS server fails

I am having a bit of a problem. I am currently running two DNS servers,
blade.wcic.co.za as my primary and sabertooth.wcic.co.za as my secondary
DNS server.

My secondary DNS server has been giving me problems and goes down quite
frequently so here is my problem:

When sabertooth goes down the secondary DNS server goes down, half the
DNS requests actually fail and i get a good number of clients failing to
resolve as well as a good number of websites fail to resolve.

Now this becomes a major problem, because i was under the impression
that my one server can still serve DNS requests in the absence of the
secondary DNS server.

Is there something that i need to tweak in order for things to work when
either the secondary or primary is down.

Charles Cazabon | 26 Jul 16:06 2007
Picon

Re: Secondary DNS server fails

Roger Mutangadura <roger <at> mirasol.co.za> wrote:
> I am having a bit of a problem. I am currently running two DNS servers,
> blade.wcic.co.za as my primary and sabertooth.wcic.co.za as my secondary
> DNS server.

The DNS protocol has no concept of "primary" vs. "secondary" authoritative
content servers.  Usually when people use those terms, they're describing how
they replicate data between authoritative servers.

If you're talking about the "wcic.co.za" domain:

  $ dnsqr ns wcic.co.za
  [...]
  answer: wcic.co.za 86400 NS ns1.wcic.co.za
  answer: wcic.co.za 86400 NS ns2.wcic.co.za
  $ dnsqr a ns1.wcic.co.za
  [...]
  answer: ns1.wcic.co.za 86384 A 196.30.14.42
  $ dnsqr a ns2.wcic.co.za
  [...]
  answer: ns2.wcic.co.za 86382 A 196.41.3.18

So resolvers looking for DNS info for the wcic.co.za domain are told they can
ask either 196.30.14.42 or 196.41.3.18.

> My secondary DNS server has been giving me problems and goes down quite
> frequently so here is my problem:
> 
> When sabertooth goes down the secondary DNS server goes down, half the
> DNS requests actually fail and i get a good number of clients failing to
(Continue reading)


Gmane