* [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
@ 2014-05-23 22:17 Peter Todd
2014-05-25 19:12 ` Andreas Schildbach
0 siblings, 1 reply; 18+ messages in thread
From: Peter Todd @ 2014-05-23 22:17 UTC (permalink / raw)
To: Bitcoin Dev
[-- Attachment #1: Type: text/plain, Size: 565 bytes --]
FWIW
That said, keep in mind the github discussion(1) that was had: if all
the DNS seeds being down breaks your application, your application is
broken and insecure. The only exception is initial startup, and even
then you should have fallbacks such as hardcoded node lists and manual
peer entry. If for some reason you really do need instant startup, run
your own centralized high-availability/low-latency nodes; either way
you're depending on a centralized resource.
1) https://github.com/bitcoin/bitcoin/pull/4203
--
'peter'[:-1]@petertodd.org
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-23 22:17 [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again Peter Todd
@ 2014-05-25 19:12 ` Andreas Schildbach
2014-05-25 20:02 ` Tim
2014-05-26 16:37 ` Peter Todd
0 siblings, 2 replies; 18+ messages in thread
From: Andreas Schildbach @ 2014-05-25 19:12 UTC (permalink / raw)
To: bitcoin-development
Thanks for looking at the issue.
Unfortunately, it still fails for me:
$ nslookup testnet-seed.bitcoin.petertodd.org
Server: 127.0.1.1
Address: 127.0.1.1#53
** server can't find testnet-seed.bitcoin.petertodd.org: SERVFAIL
Like I said, can you look at the logfiles how the requests arrive?
What particular thing did you fix? It would be good to know for future
outages.
On 05/24/2014 12:17 AM, Peter Todd wrote:
> FWIW
>
> That said, keep in mind the github discussion(1) that was had: if all
> the DNS seeds being down breaks your application, your application is
> broken and insecure. The only exception is initial startup, and even
> then you should have fallbacks such as hardcoded node lists and manual
> peer entry. If for some reason you really do need instant startup, run
> your own centralized high-availability/low-latency nodes; either way
> you're depending on a centralized resource.
>
> 1) https://github.com/bitcoin/bitcoin/pull/4203
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-25 19:12 ` Andreas Schildbach
@ 2014-05-25 20:02 ` Tim
2014-05-26 16:37 ` Peter Todd
1 sibling, 0 replies; 18+ messages in thread
From: Tim @ 2014-05-25 20:02 UTC (permalink / raw)
To: Andreas Schildbach; +Cc: bitcoin-development
[-- Attachment #1: Type: text/plain, Size: 3624 bytes --]
Works fine for me
; <<>> DiG 9.8.1-P1 <<>> ANY testnet-seed.bitcoin.petertodd.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40809
;; flags: qr rd ra; QUERY: 1, ANSWER: 22, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;testnet-seed.bitcoin.petertodd.org. IN ANY
;; ANSWER SECTION:
testnet-seed.bitcoin.petertodd.org. 40000 IN NS
testnet-seed-ns1.bitcoin.petertodd.org.
testnet-seed.bitcoin.petertodd.org. 40000 IN SOA
testnet-seed-ns1.bitcoin.petertodd.org. root. 1401048038 604800 86400
2592000 604800
testnet-seed.bitcoin.petertodd.org. 60 IN A 54.208.21.132
testnet-seed.bitcoin.petertodd.org. 60 IN A 5.9.119.49
testnet-seed.bitcoin.petertodd.org. 60 IN A 54.221.156.77
testnet-seed.bitcoin.petertodd.org. 60 IN A 37.34.60.19
testnet-seed.bitcoin.petertodd.org. 60 IN A 46.105.173.28
testnet-seed.bitcoin.petertodd.org. 60 IN A 95.78.127.77
testnet-seed.bitcoin.petertodd.org. 60 IN A 208.111.49.42
testnet-seed.bitcoin.petertodd.org. 60 IN A 94.102.53.181
testnet-seed.bitcoin.petertodd.org. 60 IN A 85.153.13.35
testnet-seed.bitcoin.petertodd.org. 60 IN A 85.25.198.97
testnet-seed.bitcoin.petertodd.org. 60 IN A 217.46.198.163
testnet-seed.bitcoin.petertodd.org. 60 IN A 192.187.125.226
testnet-seed.bitcoin.petertodd.org. 60 IN A 37.187.40.137
testnet-seed.bitcoin.petertodd.org. 60 IN A 37.187.179.66
testnet-seed.bitcoin.petertodd.org. 60 IN A 93.93.135.12
testnet-seed.bitcoin.petertodd.org. 60 IN A 144.76.175.228
testnet-seed.bitcoin.petertodd.org. 60 IN A 74.207.241.92
testnet-seed.bitcoin.petertodd.org. 60 IN A 85.17.26.225
testnet-seed.bitcoin.petertodd.org. 60 IN A 148.251.11.118
testnet-seed.bitcoin.petertodd.org. 60 IN A 137.117.202.26
;; Query time: 569 msec
;; SERVER: 109.74.194.20#53(109.74.194.20)
;; WHEN: Sun May 25 21:00:35 2014
;; MSG SIZE rcvd: 443
On 25 May 2014 20:12, Andreas Schildbach <andreas@schildbach•de> wrote:
> Thanks for looking at the issue.
>
> Unfortunately, it still fails for me:
>
> $ nslookup testnet-seed.bitcoin.petertodd.org
> Server: 127.0.1.1
> Address: 127.0.1.1#53
>
> ** server can't find testnet-seed.bitcoin.petertodd.org: SERVFAIL
>
> Like I said, can you look at the logfiles how the requests arrive?
>
> What particular thing did you fix? It would be good to know for future
> outages.
>
>
> On 05/24/2014 12:17 AM, Peter Todd wrote:
> > FWIW
> >
> > That said, keep in mind the github discussion(1) that was had: if all
> > the DNS seeds being down breaks your application, your application is
> > broken and insecure. The only exception is initial startup, and even
> > then you should have fallbacks such as hardcoded node lists and manual
> > peer entry. If for some reason you really do need instant startup, run
> > your own centralized high-availability/low-latency nodes; either way
> > you're depending on a centralized resource.
> >
> > 1) https://github.com/bitcoin/bitcoin/pull/4203
>
>
>
>
> ------------------------------------------------------------------------------
> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
> Instantly run your Selenium tests across 300+ browser/OS combos.
> Get unparalleled scalability from the best Selenium testing platform
> available
> Simple to use. Nothing to install. Get started now for free."
> http://p.sf.net/sfu/SauceLabs
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
[-- Attachment #2: Type: text/html, Size: 6587 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-25 19:12 ` Andreas Schildbach
2014-05-25 20:02 ` Tim
@ 2014-05-26 16:37 ` Peter Todd
2014-05-26 22:12 ` Andreas Schildbach
1 sibling, 1 reply; 18+ messages in thread
From: Peter Todd @ 2014-05-26 16:37 UTC (permalink / raw)
To: Andreas Schildbach; +Cc: bitcoin-development
[-- Attachment #1: Type: text/plain, Size: 1303 bytes --]
On Sun, May 25, 2014 at 09:12:10PM +0200, Andreas Schildbach wrote:
> Thanks for looking at the issue.
>
> Unfortunately, it still fails for me:
>
> $ nslookup testnet-seed.bitcoin.petertodd.org
> Server: 127.0.1.1
> Address: 127.0.1.1#53
>
> ** server can't find testnet-seed.bitcoin.petertodd.org: SERVFAIL
>
> Like I said, can you look at the logfiles how the requests arrive?
There are no logfiles for DNS requests.
I just checked on EC2 and my cellphone internet connection here in Tel
Aviv; both work fine. My best guess is that your DNS resolver locally or
at your ISP is unable to deal with the fact that the second DNS seed
serving the domain testnet-seed.bitcoin.petertodd.org happens to be down
right now. Note that some ISP's appear to both run buggy DNS servers,
and redirect traffic meant to go to Google's 8.8.8 and 8.8.4.4 DNS
servers to their own servers.
I'd suggest that someone setup an alternate HTTP(S) based DNS seed for
protocol redundency.
> What particular thing did you fix? It would be good to know for future
> outages.
Dunno exactly. It appeared to be running fine when I logged into the
machine, but for whatever reason DNS requests just weren't getting
resolved. Restarted and it was ok again.
--
'peter'[:-1]@petertodd.org
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-26 16:37 ` Peter Todd
@ 2014-05-26 22:12 ` Andreas Schildbach
2014-05-26 22:39 ` Peter Todd
0 siblings, 1 reply; 18+ messages in thread
From: Andreas Schildbach @ 2014-05-26 22:12 UTC (permalink / raw)
To: bitcoin-development
You're very quick to point at others. Especially since they run software
that had the time to mature for about 30 years, and the protocol didn't
really change since then...
The last time it didn't work, the bug -- non RFC-conformance -- was on
the bitcoin seeders side. ISPs do weird things with DNS, but usually
they stay within the RFC.
Anyway, without logs we don't have a chance to debug this issue. Any
chance you could add simple logging to the seeder?
DNS via HTTP? Never heard of that, at least it sounds weird as well.
On 05/26/2014 06:37 PM, Peter Todd wrote:
> On Sun, May 25, 2014 at 09:12:10PM +0200, Andreas Schildbach wrote:
>> Thanks for looking at the issue.
>>
>> Unfortunately, it still fails for me:
>>
>> $ nslookup testnet-seed.bitcoin.petertodd.org
>> Server: 127.0.1.1
>> Address: 127.0.1.1#53
>>
>> ** server can't find testnet-seed.bitcoin.petertodd.org: SERVFAIL
>>
>> Like I said, can you look at the logfiles how the requests arrive?
>
> There are no logfiles for DNS requests.
>
> I just checked on EC2 and my cellphone internet connection here in Tel
> Aviv; both work fine. My best guess is that your DNS resolver locally or
> at your ISP is unable to deal with the fact that the second DNS seed
> serving the domain testnet-seed.bitcoin.petertodd.org happens to be down
> right now. Note that some ISP's appear to both run buggy DNS servers,
> and redirect traffic meant to go to Google's 8.8.8 and 8.8.4.4 DNS
> servers to their own servers.
>
> I'd suggest that someone setup an alternate HTTP(S) based DNS seed for
> protocol redundency.
>
>> What particular thing did you fix? It would be good to know for future
>> outages.
>
> Dunno exactly. It appeared to be running fine when I logged into the
> machine, but for whatever reason DNS requests just weren't getting
> resolved. Restarted and it was ok again.
>
>
>
> ------------------------------------------------------------------------------
> The best possible search technologies are now affordable for all companies.
> Download your FREE open source Enterprise Search Engine today!
> Our experts will assist you in its installation for $59/mo, no commitment.
> Test it for FREE on our Cloud platform anytime!
> http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-26 22:12 ` Andreas Schildbach
@ 2014-05-26 22:39 ` Peter Todd
2014-05-26 23:19 ` Andreas Schildbach
0 siblings, 1 reply; 18+ messages in thread
From: Peter Todd @ 2014-05-26 22:39 UTC (permalink / raw)
To: Andreas Schildbach, bitcoin-development
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 27 May 2014 01:12:05 GMT+03:00, Andreas Schildbach <andreas@schildbach•de> wrote:
>You're very quick to point at others. Especially since they run
>software
>that had the time to mature for about 30 years, and the protocol didn't
>really change since then...
>
>The last time it didn't work, the bug -- non RFC-conformance -- was on
>the bitcoin seeders side. ISPs do weird things with DNS, but usually
>they stay within the RFC.
>
>Anyway, without logs we don't have a chance to debug this issue. Any
>chance you could add simple logging to the seeder?
>
>DNS via HTTP? Never heard of that, at least it sounds weird as well.
Hey, really sorry I don't have the time to fix this issue, been travelling for a few weeks for my consulting job. If you want to step up and volunteer please feel free.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1
iQFQBAEBCAA6BQJTg8K6MxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhUWgCADCNe4CjWondwDCovkv
+Cq7Yl3gLixvsTt5L9nllYc63/wt3GYliSIkR9baJ1QdPhckEjsvJV51XtdXPmJ5
EwTEbkJe6gflVwprvXB+w7eJtwMgZy5UoaWIYIZAIGsGKtJA8sngU1t638ywm68a
UEAcq/xACU47l2wPK/WU3uPY8ctGutCtXW2XDlDlCZOugqSc/8yaA76S5ogBicXw
xXvf95uMPVPCqit6B8FHCG/DH7akKGcnv6lIBTfx25KjgpyMwaroPt6EkPuz96MK
YbkQin0T0iW+X5WvXblO1mgq4fDrLE6J5x8sULFx/QKC9lgGB+cOQNKdyhxKOzF9
jtX7
=SUP4
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-26 22:39 ` Peter Todd
@ 2014-05-26 23:19 ` Andreas Schildbach
2014-05-30 9:43 ` Peter Todd
0 siblings, 1 reply; 18+ messages in thread
From: Andreas Schildbach @ 2014-05-26 23:19 UTC (permalink / raw)
To: bitcoin-development
On 05/27/2014 12:39 AM, Peter Todd wrote:
> On 27 May 2014 01:12:05 GMT+03:00, Andreas Schildbach
> <andreas@schildbach•de> wrote:
>> You're very quick to point at others. Especially since they run
>> software that had the time to mature for about 30 years, and the
>> protocol didn't really change since then...
>
>> The last time it didn't work, the bug -- non RFC-conformance --
>> was on the bitcoin seeders side. ISPs do weird things with DNS,
>> but usually they stay within the RFC.
>
>> Anyway, without logs we don't have a chance to debug this issue.
>> Any chance you could add simple logging to the seeder?
>
>> DNS via HTTP? Never heard of that, at least it sounds weird as
>> well.
>
> Hey, really sorry I don't have the time to fix this issue, been
> travelling for a few weeks for my consulting job. If you want to
> step up and volunteer please feel free.
I'm already volunteering. At least I don't get paid for my efforts in
debugging the seed infrastructure.
Can you verify if your copy of the seeder contains the commit
8dcc006e6256cb746c2b025daf3df41baa26353e ?
It fixed a bug that has exactly the symptoms we currently see.
I wonder if the restart of your server actually changed/fixed
anything. If you got a SERVFAIL this may be because you were traveling
through parts of the world that can't reach your server. Did you
actually try at home, before the restart?
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-26 23:19 ` Andreas Schildbach
@ 2014-05-30 9:43 ` Peter Todd
2014-05-30 13:19 ` Alex Kotenko
0 siblings, 1 reply; 18+ messages in thread
From: Peter Todd @ 2014-05-30 9:43 UTC (permalink / raw)
To: Andreas Schildbach, bitcoin-development, gavinandresen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 27 May 2014 02:19:39 GMT+03:00, Andreas Schildbach <andreas@schildbach•de> wrote:
>> Hey, really sorry I don't have the time to fix this issue, been
>> travelling for a few weeks for my consulting job. If you want to
>> step up and volunteer please feel free.
>
>I'm already volunteering. At least I don't get paid for my efforts in
>debugging the seed infrastructure.
I meant running a seed yourself. Note that I've only received funds to cover expenses and a trivial amount on top to cover some time - about one and a half hours at my usual rates.
Gavin: Speaking of, given it looks like my work will be frequently keeping me out of country and unable to provide any more than a "best effort" attempt at running a seed, I'd like to give back the grant funds for doing so. Email me privately with an address to send them too. I have no plans to take it down, however the expectations users have for it aren't something I can provide.
>Can you verify if your copy of the seeder contains the commit
>8dcc006e6256cb746c2b025daf3df41baa26353e ?
>
>It fixed a bug that has exactly the symptoms we currently see.
>
>I wonder if the restart of your server actually changed/fixed
>anything. If you got a SERVFAIL this may be because you were traveling
>through parts of the world that can't reach your server. Did you
>actually try at home, before the restart?
I checked via the same proxy both times; I believe the endpoint is located in Europe.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1
iQFQBAEBCAA6BQJTiFKwMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhQFCB/4jypD+xzKVp6fqRUxu
v22Rc6PeCbeaPYKmdNu0LbY1G5spB8C8ooaZX6z0Ib/CYobzDPJ+rJNB+c1Fna4N
1IdH7ZsrX0GFaEn7Grnp7D2rtOXGZV+1XGFAateIA/caQ9+rJfqkHLuvOI0Fh+Ua
/m857rxUNtA1kObLFS7gfhi2gwXGO6KQ3muS3462hXVVc9j7DhOWQQwJba5PL+Je
Eob4WtnF2gVFlCEWevxvflF7j4lW9I/S81yZQDnNW9ATF2mfZVqo26sB0yL6Tm4l
KgdKx7+w3khv6QfW9Ilx0Ov3Ml2ZMRhBimpbnENbW4jfklsuRQcM0yx6vXS/lIMz
LO5s
=Up3N
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 9:43 ` Peter Todd
@ 2014-05-30 13:19 ` Alex Kotenko
2014-05-30 13:41 ` Robert McKay
0 siblings, 1 reply; 18+ messages in thread
From: Alex Kotenko @ 2014-05-30 13:19 UTC (permalink / raw)
To: Peter Todd; +Cc: Bitcoin Dev, Andreas Schildbach
[-- Attachment #1: Type: text/plain, Size: 3372 bytes --]
Hi Peter
I've setup DNS seeds myself a week ago, at testnet-seed.alexykot.me and
bitcoin-seed.alexykot.me, but there is a problem with DNS settings that we
with Andreas couldn't sort out quickly.
The problem itself is that I can reach my nameserver and get dnsseed
response if I query it directly with
dig @node.alexykot.me testnet-seed.alexykot.me
dig @node.alexykot.me bitcoin-seed.alexykot.me
But when I try nslookup testnet-seed.alexykot.me - it fails.
I guess the problem is in my DNS settings but I can't figure out what is it.
S
o could you share
how you configured
DNS
for your seed
to help me debug
mine
?
Best regards,
Alex Kotenko
2014-05-30 10:43 GMT+01:00 Peter Todd <pete@petertodd•org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>
>
> On 27 May 2014 02:19:39 GMT+03:00, Andreas Schildbach <
> andreas@schildbach•de> wrote:
> >> Hey, really sorry I don't have the time to fix this issue, been
> >> travelling for a few weeks for my consulting job. If you want to
> >> step up and volunteer please feel free.
> >
> >I'm already volunteering. At least I don't get paid for my efforts in
> >debugging the seed infrastructure.
>
> I meant running a seed yourself. Note that I've only received funds to
> cover expenses and a trivial amount on top to cover some time - about one
> and a half hours at my usual rates.
>
> Gavin: Speaking of, given it looks like my work will be frequently keeping
> me out of country and unable to provide any more than a "best effort"
> attempt at running a seed, I'd like to give back the grant funds for doing
> so. Email me privately with an address to send them too. I have no plans to
> take it down, however the expectations users have for it aren't something I
> can provide.
>
> >Can you verify if your copy of the seeder contains the commit
> >8dcc006e6256cb746c2b025daf3df41baa26353e ?
> >
> >It fixed a bug that has exactly the symptoms we currently see.
> >
> >I wonder if the restart of your server actually changed/fixed
> >anything. If you got a SERVFAIL this may be because you were traveling
> >through parts of the world that can't reach your server. Did you
> >actually try at home, before the restart?
>
> I checked via the same proxy both times; I believe the endpoint is located
> in Europe.
> -----BEGIN PGP SIGNATURE-----
> Version: APG v1.1.1
>
> iQFQBAEBCAA6BQJTiFKwMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
> cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhQFCB/4jypD+xzKVp6fqRUxu
> v22Rc6PeCbeaPYKmdNu0LbY1G5spB8C8ooaZX6z0Ib/CYobzDPJ+rJNB+c1Fna4N
> 1IdH7ZsrX0GFaEn7Grnp7D2rtOXGZV+1XGFAateIA/caQ9+rJfqkHLuvOI0Fh+Ua
> /m857rxUNtA1kObLFS7gfhi2gwXGO6KQ3muS3462hXVVc9j7DhOWQQwJba5PL+Je
> Eob4WtnF2gVFlCEWevxvflF7j4lW9I/S81yZQDnNW9ATF2mfZVqo26sB0yL6Tm4l
> KgdKx7+w3khv6QfW9Ilx0Ov3Ml2ZMRhBimpbnENbW4jfklsuRQcM0yx6vXS/lIMz
> LO5s
> =Up3N
> -----END PGP SIGNATURE-----
>
>
>
> ------------------------------------------------------------------------------
> Time is money. Stop wasting it! Get your web API in 5 minutes.
> www.restlet.com/download
> http://p.sf.net/sfu/restlet
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
[-- Attachment #2: Type: text/html, Size: 7103 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 13:19 ` Alex Kotenko
@ 2014-05-30 13:41 ` Robert McKay
2014-05-30 14:13 ` Alex Kotenko
0 siblings, 1 reply; 18+ messages in thread
From: Robert McKay @ 2014-05-30 13:41 UTC (permalink / raw)
To: Alex Kotenko; +Cc: Bitcoin Dev, Andreas Schildbach
Hi Alex,
I think the problem is with my suggestion to use bind forwarding..
basically bind is stripping off the authorative answer bit in the
reply.. this causes the recursor to go into a loop chasing the authority
server which again returns a non-authoritve answer with itself as the
authority again. I'm not sure if this can be fixed without hacking the
bind src, so maybe it wasn't such a great suggestion in the first place.
Basically I think if bind was returning authorative answers it would
work, but I can't see any way to make that happen in the bind
configuration.
Rob
On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
> Hi Peter
>
> Ive setup DNS seeds myself a week ago, at testnet-seed.alexykot.me
> [6]
> and bitcoin-seed.alexykot.me [7], but there is a problem with DNS
> settings that we with Andreas couldnt sort out quickly.
> The problem itself is that I can reach my nameserver and get dnsseed
> response if I query it directly with
> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>
> dig @node.alexykot.me [10] bitcoin-seed.alexykot.me [11]
>
> But when I try nslookup testnet-seed.alexykot.me [12] - it
> fails.
> I guess the problem is in my DNS settings but I cant figure out what
> is it.
>
> S o could you share
> how you configured DNS
> for your seed
> to help me debug
> mine
> ?
>
> Best regards,
>
> Alex Kotenko
>
> 2014-05-30 10:43 GMT+01:00 Peter Todd :
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> On 27 May 2014 02:19:39 GMT+03:00, Andreas Schildbach wrote:
>> >> Hey, really sorry I dont have the time to fix this issue, been
>> >> travelling for a few weeks for my consulting job. If you want to
>> >> step up and volunteer please feel free.
>> >
>> >Im already volunteering. At least I dont get paid for my efforts
>> in
>> >debugging the seed infrastructure.
>>
>> I meant running a seed yourself. Note that Ive only received funds
>> to cover expenses and a trivial amount on top to cover some time -
>> about one and a half hours at my usual rates.
>>
>> Gavin: Speaking of, given it looks like my work will be frequently
>> keeping me out of country and unable to provide any more than a
>> "best effort" attempt at running a seed, Id like to give back the
>> grant funds for doing so. Email me privately with an address to send
>> them too. I have no plans to take it down, however the expectations
>> users have for it arent something I can provide.
>>
>> >Can you verify if your copy of the seeder contains the commit
>> >8dcc006e6256cb746c2b025daf3df41baa26353e ?
>> >
>> >It fixed a bug that has exactly the symptoms we currently see.
>> >
>> >I wonder if the restart of your server actually changed/fixed
>> >anything. If you got a SERVFAIL this may be because you were
>> traveling
>> >through parts of the world that cant reach your server. Did you
>> >actually try at home, before the restart?
>>
>> I checked via the same proxy both times; I believe the endpoint is
>> located in Europe.
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: APG v1.1.1
>>
>> iQFQBAEBCAA6BQJTiFKwMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
>> cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhQFCB/4jypD+xzKVp6fqRUxu
>> v22Rc6PeCbeaPYKmdNu0LbY1G5spB8C8ooaZX6z0Ib/CYobzDPJ+rJNB+c1Fna4N
>> 1IdH7ZsrX0GFaEn7Grnp7D2rtOXGZV+1XGFAateIA/caQ9+rJfqkHLuvOI0Fh+Ua
>> /m857rxUNtA1kObLFS7gfhi2gwXGO6KQ3muS3462hXVVc9j7DhOWQQwJba5PL+Je
>> Eob4WtnF2gVFlCEWevxvflF7j4lW9I/S81yZQDnNW9ATF2mfZVqo26sB0yL6Tm4l
>> KgdKx7+w3khv6QfW9Ilx0Ov3Ml2ZMRhBimpbnENbW4jfklsuRQcM0yx6vXS/lIMz
>> LO5s
>> =Up3N
>> -----END PGP SIGNATURE-----
>>
>>
>
> ------------------------------------------------------------------------------
>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>> www.restlet.com/download [2]
>> http://p.sf.net/sfu/restlet [3]
>>
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists•sourceforge.net [4]
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>> [5]
>
>
>
> Links:
> ------
> [1] mailto:andreas@schildbach•de
> [2] http://www.restlet.com/download
> [3] http://p.sf.net/sfu/restlet
> [4] mailto:Bitcoin-development@lists•sourceforge.net
> [5] https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> [6] http://testnet-seed.alexykot.me
> [7] http://bitcoin-seed.alexykot.me
> [8] http://node.alexykot.me
> [9] http://testnet-seed.alexykot.me
> [10] http://alexykot.me
> [11] http://bitcoin-seed.alexykot.me
> [12] http://testnet-seed.alexykot.me
> [13] mailto:pete@petertodd•org
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 13:41 ` Robert McKay
@ 2014-05-30 14:13 ` Alex Kotenko
2014-05-30 14:51 ` Robert McKay
0 siblings, 1 reply; 18+ messages in thread
From: Alex Kotenko @ 2014-05-30 14:13 UTC (permalink / raw)
To: Robert McKay; +Cc: Bitcoin Dev, Andreas Schildbach
[-- Attachment #1: Type: text/plain, Size: 1996 bytes --]
Hmm, you might be right, as queries
dig @node.alexykot.me testnet-seed.alexykot.me
and
dig @node.alexykot.me -p 18353 testnet-seed.alexykot.me
are giving different authority sections.
Hmm, but if I setup custom SOA record for it - it should work, right?
What SOA name should it be actually, assuming that NS record for
testnet-seed.alexykot.me is pointing at alexykot.me?
Best regards,
Alex Kotenko
2014-05-30 14:41 GMT+01:00 Robert McKay <robert@mckay•com>:
> Hi Alex,
>
> I think the problem is with my suggestion to use bind forwarding..
> basically bind is stripping off the authorative answer bit in the reply..
> this causes the recursor to go into a loop chasing the authority server
> which again returns a non-authoritve answer with itself as the authority
> again. I'm not sure if this can be fixed without hacking the bind src, so
> maybe it wasn't such a great suggestion in the first place. Basically I
> think if bind was returning authorative answers it would work, but I can't
> see any way to make that happen in the bind configuration.
>
> Rob
>
>
> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>
>> Hi Peter
>>
>> Ive setup DNS seeds myself a week ago, at testnet-seed.alexykot.me [6]
>> and bitcoin-seed.alexykot.me [7], but there is a problem with DNS
>> settings that we with Andreas couldnt sort out quickly.
>>
>> The problem itself is that I can reach my nameserver and get dnsseed
>> response if I query it directly with
>> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>>
>> dig @node.alexykot.me [10] bitcoin-seed.alexykot.me [11]
>>
>> But when I try nslookup testnet-seed.alexykot.me [12] - it
>> fails.
>> I guess the problem is in my DNS settings but I cant figure out what
>> is it.
>>
>> S o could you share
>> how you configured DNS
>> for your seed
>> to help me debug
>> mine
>> ?
>>
>> Best regards,
>>
>> Alex Kotenko
>>
>>
>
[-- Attachment #2: Type: text/html, Size: 5048 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 14:13 ` Alex Kotenko
@ 2014-05-30 14:51 ` Robert McKay
2014-05-30 15:24 ` Pieter Wuille
2014-06-01 9:56 ` Alex Kotenko
0 siblings, 2 replies; 18+ messages in thread
From: Robert McKay @ 2014-05-30 14:51 UTC (permalink / raw)
To: Alex Kotenko; +Cc: Bitcoin Dev, Andreas Schildbach
No, I don't think so. The problem is the 'aa' flag is missing (see the
'flags' section in dig). Perhaps if you could suppress the authority
records the recursor would give up and just accept the non-authorative
answer, but that isn't a good solution even if it might work for some
resolvers.
Rob
On Fri, 30 May 2014 15:13:36 +0100, Alex Kotenko wrote:
> Hmm, you might be right, as queries
> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>
> and
> dig @node.alexykot.me [10] -p 18353 testnet-seed.alexykot.me
> [11]
>
> are giving different authority sections.
>
> Hmm, but if I setup custom SOA record for it - it should work,
> right?
> What SOA name should it be actually, assuming that NS record for
> testnet-seed.alexykot.me [12] is pointing at alexykot.me [13]?
>
> Best regards,
>
> Alex Kotenko
>
> 2014-05-30 14:41 GMT+01:00 Robert McKay :
>
>> Hi Alex,
>>
>> I think the problem is with my suggestion to use bind forwarding..
>> basically bind is stripping off the authorative answer bit in the
>> reply.. this causes the recursor to go into a loop chasing the
>> authority server which again returns a non-authoritve answer with
>> itself as the authority again. Im not sure if this can be fixed
>> without hacking the bind src, so maybe it wasnt such a great
>> suggestion in the first place. Basically I think if bind was
>> returning authorative answers it would work, but I cant see any way
>> to make that happen in the bind configuration.
>>
>> Rob
>>
>> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>>
>>> Hi Peter
>>>
>>> Ive setup DNS seeds myself a week ago, at
>>> testnet-seed.alexykot.me [1] [6]
>>> and bitcoin-seed.alexykot.me [2] [7], but there is a problem with
>>> DNS
>>> settings that we with Andreas couldnt sort out quickly.
>>>
>>> The problem itself is that I can reach my nameserver and get
>>> dnsseed
>>> response if I query it directly with
>>> dig @node.alexykot.me [3] [8] testnet-seed.alexykot.me [4] [9]
>>>
>>> dig @node.alexykot.me [5] [10] bitcoin-seed.alexykot.me [6]
>>> [11]
>>>
>>> But when I try nslookup testnet-seed.alexykot.me [7] [12] -
>>> it
>>> fails.
>>> I guess the problem is in my DNS settings but I cant figure out
>>> what
>>> is it.
>>>
>>> S o could you share
>>> how you configured DNS
>>> for your seed
>>> to help me debug
>>> mine
>>> ?
>>>
>>> Best regards,
>>>
>>> Alex Kotenko
>>>
>>>
>
>
> Links:
> ------
> [1] http://testnet-seed.alexykot.me
> [2] http://bitcoin-seed.alexykot.me
> [3] http://node.alexykot.me
> [4] http://testnet-seed.alexykot.me
> [5] http://node.alexykot.me
> [6] http://bitcoin-seed.alexykot.me
> [7] http://testnet-seed.alexykot.me
> [8] http://node.alexykot.me/
> [9] http://testnet-seed.alexykot.me/
> [10] http://node.alexykot.me/
> [11] http://testnet-seed.alexykot.me/
> [12] http://testnet-seed.alexykot.me
> [13] http://alexykot.me
> [14] mailto:robert@mckay•com
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 14:51 ` Robert McKay
@ 2014-05-30 15:24 ` Pieter Wuille
2014-05-30 15:40 ` Andreas Schildbach
2014-06-01 9:56 ` Alex Kotenko
1 sibling, 1 reply; 18+ messages in thread
From: Pieter Wuille @ 2014-05-30 15:24 UTC (permalink / raw)
To: Robert McKay; +Cc: Bitcoin Dev, Andreas Schildbach
I don't think it would be too hard to add support for a option to the
seeder "for non-matching requests, forward to other DNS server at
IP:PORT", so you could cascade them.
On Fri, May 30, 2014 at 4:51 PM, Robert McKay <robert@mckay•com> wrote:
> No, I don't think so. The problem is the 'aa' flag is missing (see the
> 'flags' section in dig). Perhaps if you could suppress the authority
> records the recursor would give up and just accept the non-authorative
> answer, but that isn't a good solution even if it might work for some
> resolvers.
>
> Rob
>
> On Fri, 30 May 2014 15:13:36 +0100, Alex Kotenko wrote:
>> Hmm, you might be right, as queries
>> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>>
>> and
>> dig @node.alexykot.me [10] -p 18353 testnet-seed.alexykot.me
>> [11]
>>
>> are giving different authority sections.
>>
>> Hmm, but if I setup custom SOA record for it - it should work,
>> right?
>> What SOA name should it be actually, assuming that NS record for
>> testnet-seed.alexykot.me [12] is pointing at alexykot.me [13]?
>>
>> Best regards,
>>
>> Alex Kotenko
>>
>> 2014-05-30 14:41 GMT+01:00 Robert McKay :
>>
>>> Hi Alex,
>>>
>>> I think the problem is with my suggestion to use bind forwarding..
>>> basically bind is stripping off the authorative answer bit in the
>>> reply.. this causes the recursor to go into a loop chasing the
>>> authority server which again returns a non-authoritve answer with
>>> itself as the authority again. Im not sure if this can be fixed
>>> without hacking the bind src, so maybe it wasnt such a great
>>> suggestion in the first place. Basically I think if bind was
>>> returning authorative answers it would work, but I cant see any way
>>> to make that happen in the bind configuration.
>>>
>>> Rob
>>>
>>> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>>>
>>>> Hi Peter
>>>>
>>>> Ive setup DNS seeds myself a week ago, at
>>>> testnet-seed.alexykot.me [1] [6]
>>>> and bitcoin-seed.alexykot.me [2] [7], but there is a problem with
>>>> DNS
>>>> settings that we with Andreas couldnt sort out quickly.
>>>>
>>>> The problem itself is that I can reach my nameserver and get
>>>> dnsseed
>>>> response if I query it directly with
>>>> dig @node.alexykot.me [3] [8] testnet-seed.alexykot.me [4] [9]
>>>>
>>>> dig @node.alexykot.me [5] [10] bitcoin-seed.alexykot.me [6]
>>>> [11]
>>>>
>>>> But when I try nslookup testnet-seed.alexykot.me [7] [12] -
>>>> it
>>>> fails.
>>>> I guess the problem is in my DNS settings but I cant figure out
>>>> what
>>>> is it.
>>>>
>>>> S o could you share
>>>> how you configured DNS
>>>> for your seed
>>>> to help me debug
>>>> mine
>>>> ?
>>>>
>>>> Best regards,
>>>>
>>>> Alex Kotenko
>>>>
>>>>
>>
>>
>> Links:
>> ------
>> [1] http://testnet-seed.alexykot.me
>> [2] http://bitcoin-seed.alexykot.me
>> [3] http://node.alexykot.me
>> [4] http://testnet-seed.alexykot.me
>> [5] http://node.alexykot.me
>> [6] http://bitcoin-seed.alexykot.me
>> [7] http://testnet-seed.alexykot.me
>> [8] http://node.alexykot.me/
>> [9] http://testnet-seed.alexykot.me/
>> [10] http://node.alexykot.me/
>> [11] http://testnet-seed.alexykot.me/
>> [12] http://testnet-seed.alexykot.me
>> [13] http://alexykot.me
>> [14] mailto:robert@mckay•com
>
>
> ------------------------------------------------------------------------------
> Time is money. Stop wasting it! Get your web API in 5 minutes.
> www.restlet.com/download
> http://p.sf.net/sfu/restlet
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 15:24 ` Pieter Wuille
@ 2014-05-30 15:40 ` Andreas Schildbach
2014-05-30 15:54 ` Robert McKay
` (2 more replies)
0 siblings, 3 replies; 18+ messages in thread
From: Andreas Schildbach @ 2014-05-30 15:40 UTC (permalink / raw)
To: bitcoin-development
I maybe have made this suggestion in the past, but why don't we teach
the seeder (or maybe even plain bitcoind) how to write a zone file and
then use matured DNS servers to serve this zone?
I admit I never ran my own DNS so I'm not sure if that can work -- but
to me it sounds like the easiest approach plus everyone can just use
stock server software.
On 05/30/2014 05:24 PM, Pieter Wuille wrote:
> I don't think it would be too hard to add support for a option to the
> seeder "for non-matching requests, forward to other DNS server at
> IP:PORT", so you could cascade them.
>
> On Fri, May 30, 2014 at 4:51 PM, Robert McKay <robert@mckay•com> wrote:
>> No, I don't think so. The problem is the 'aa' flag is missing (see the
>> 'flags' section in dig). Perhaps if you could suppress the authority
>> records the recursor would give up and just accept the non-authorative
>> answer, but that isn't a good solution even if it might work for some
>> resolvers.
>>
>> Rob
>>
>> On Fri, 30 May 2014 15:13:36 +0100, Alex Kotenko wrote:
>>> Hmm, you might be right, as queries
>>> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>>>
>>> and
>>> dig @node.alexykot.me [10] -p 18353 testnet-seed.alexykot.me
>>> [11]
>>>
>>> are giving different authority sections.
>>>
>>> Hmm, but if I setup custom SOA record for it - it should work,
>>> right?
>>> What SOA name should it be actually, assuming that NS record for
>>> testnet-seed.alexykot.me [12] is pointing at alexykot.me [13]?
>>>
>>> Best regards,
>>>
>>> Alex Kotenko
>>>
>>> 2014-05-30 14:41 GMT+01:00 Robert McKay :
>>>
>>>> Hi Alex,
>>>>
>>>> I think the problem is with my suggestion to use bind forwarding..
>>>> basically bind is stripping off the authorative answer bit in the
>>>> reply.. this causes the recursor to go into a loop chasing the
>>>> authority server which again returns a non-authoritve answer with
>>>> itself as the authority again. Im not sure if this can be fixed
>>>> without hacking the bind src, so maybe it wasnt such a great
>>>> suggestion in the first place. Basically I think if bind was
>>>> returning authorative answers it would work, but I cant see any way
>>>> to make that happen in the bind configuration.
>>>>
>>>> Rob
>>>>
>>>> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>>>>
>>>>> Hi Peter
>>>>>
>>>>> Ive setup DNS seeds myself a week ago, at
>>>>> testnet-seed.alexykot.me [1] [6]
>>>>> and bitcoin-seed.alexykot.me [2] [7], but there is a problem with
>>>>> DNS
>>>>> settings that we with Andreas couldnt sort out quickly.
>>>>>
>>>>> The problem itself is that I can reach my nameserver and get
>>>>> dnsseed
>>>>> response if I query it directly with
>>>>> dig @node.alexykot.me [3] [8] testnet-seed.alexykot.me [4] [9]
>>>>>
>>>>> dig @node.alexykot.me [5] [10] bitcoin-seed.alexykot.me [6]
>>>>> [11]
>>>>>
>>>>> But when I try nslookup testnet-seed.alexykot.me [7] [12] -
>>>>> it
>>>>> fails.
>>>>> I guess the problem is in my DNS settings but I cant figure out
>>>>> what
>>>>> is it.
>>>>>
>>>>> S o could you share
>>>>> how you configured DNS
>>>>> for your seed
>>>>> to help me debug
>>>>> mine
>>>>> ?
>>>>>
>>>>> Best regards,
>>>>>
>>>>> Alex Kotenko
>>>>>
>>>>>
>>>
>>>
>>> Links:
>>> ------
>>> [1] http://testnet-seed.alexykot.me
>>> [2] http://bitcoin-seed.alexykot.me
>>> [3] http://node.alexykot.me
>>> [4] http://testnet-seed.alexykot.me
>>> [5] http://node.alexykot.me
>>> [6] http://bitcoin-seed.alexykot.me
>>> [7] http://testnet-seed.alexykot.me
>>> [8] http://node.alexykot.me/
>>> [9] http://testnet-seed.alexykot.me/
>>> [10] http://node.alexykot.me/
>>> [11] http://testnet-seed.alexykot.me/
>>> [12] http://testnet-seed.alexykot.me
>>> [13] http://alexykot.me
>>> [14] mailto:robert@mckay•com
>>
>>
>> ------------------------------------------------------------------------------
>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>> www.restlet.com/download
>> http://p.sf.net/sfu/restlet
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists•sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
> ------------------------------------------------------------------------------
> Time is money. Stop wasting it! Get your web API in 5 minutes.
> www.restlet.com/download
> http://p.sf.net/sfu/restlet
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 15:40 ` Andreas Schildbach
@ 2014-05-30 15:54 ` Robert McKay
2014-05-30 15:59 ` Pieter Wuille
2014-05-30 16:03 ` Gregory Maxwell
2 siblings, 0 replies; 18+ messages in thread
From: Robert McKay @ 2014-05-30 15:54 UTC (permalink / raw)
To: Andreas Schildbach; +Cc: bitcoin-development
A simple hack would be to crontab up a couple of dig scripts that every
minute 'dig' (dig's output is in bind zonefile format) the bitcoin-seed
and write the results to two zonefiles that bind can then serve.
Basically
dig @127.0.0.1 -p 5353 > zonefile1.zone
dig @127.0.0.1 -p 5354 > zonefile2.zone
pkill -HUP named
Ugly, but should work.
Rob
On Fri, 30 May 2014 17:40:06 +0200, Andreas Schildbach wrote:
> I maybe have made this suggestion in the past, but why don't we teach
> the seeder (or maybe even plain bitcoind) how to write a zone file
> and
> then use matured DNS servers to serve this zone?
>
> I admit I never ran my own DNS so I'm not sure if that can work --
> but
> to me it sounds like the easiest approach plus everyone can just use
> stock server software.
>
>
> On 05/30/2014 05:24 PM, Pieter Wuille wrote:
>> I don't think it would be too hard to add support for a option to
>> the
>> seeder "for non-matching requests, forward to other DNS server at
>> IP:PORT", so you could cascade them.
>>
>> On Fri, May 30, 2014 at 4:51 PM, Robert McKay <robert@mckay•com>
>> wrote:
>>> No, I don't think so. The problem is the 'aa' flag is missing (see
>>> the
>>> 'flags' section in dig). Perhaps if you could suppress the
>>> authority
>>> records the recursor would give up and just accept the
>>> non-authorative
>>> answer, but that isn't a good solution even if it might work for
>>> some
>>> resolvers.
>>>
>>> Rob
>>>
>>> On Fri, 30 May 2014 15:13:36 +0100, Alex Kotenko wrote:
>>>> Hmm, you might be right, as queries
>>>> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>>>>
>>>> and
>>>> dig @node.alexykot.me [10] -p 18353 testnet-seed.alexykot.me
>>>> [11]
>>>>
>>>> are giving different authority sections.
>>>>
>>>> Hmm, but if I setup custom SOA record for it - it should work,
>>>> right?
>>>> What SOA name should it be actually, assuming that NS record for
>>>> testnet-seed.alexykot.me [12] is pointing at alexykot.me [13]?
>>>>
>>>> Best regards,
>>>>
>>>> Alex Kotenko
>>>>
>>>> 2014-05-30 14:41 GMT+01:00 Robert McKay :
>>>>
>>>>> Hi Alex,
>>>>>
>>>>> I think the problem is with my suggestion to use bind
>>>>> forwarding..
>>>>> basically bind is stripping off the authorative answer bit in the
>>>>> reply.. this causes the recursor to go into a loop chasing the
>>>>> authority server which again returns a non-authoritve answer with
>>>>> itself as the authority again. Im not sure if this can be fixed
>>>>> without hacking the bind src, so maybe it wasnt such a great
>>>>> suggestion in the first place. Basically I think if bind was
>>>>> returning authorative answers it would work, but I cant see any
>>>>> way
>>>>> to make that happen in the bind configuration.
>>>>>
>>>>> Rob
>>>>>
>>>>> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>>>>>
>>>>>> Hi Peter
>>>>>>
>>>>>> Ive setup DNS seeds myself a week ago, at
>>>>>> testnet-seed.alexykot.me [1] [6]
>>>>>> and bitcoin-seed.alexykot.me [2] [7], but there is a problem
>>>>>> with
>>>>>> DNS
>>>>>> settings that we with Andreas couldnt sort out quickly.
>>>>>>
>>>>>> The problem itself is that I can reach my nameserver and get
>>>>>> dnsseed
>>>>>> response if I query it directly with
>>>>>> dig @node.alexykot.me [3] [8] testnet-seed.alexykot.me [4] [9]
>>>>>>
>>>>>> dig @node.alexykot.me [5] [10] bitcoin-seed.alexykot.me [6]
>>>>>> [11]
>>>>>>
>>>>>> But when I try nslookup testnet-seed.alexykot.me [7] [12] -
>>>>>> it
>>>>>> fails.
>>>>>> I guess the problem is in my DNS settings but I cant figure out
>>>>>> what
>>>>>> is it.
>>>>>>
>>>>>> S o could you share
>>>>>> how you configured DNS
>>>>>> for your seed
>>>>>> to help me debug
>>>>>> mine
>>>>>> ?
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>> Alex Kotenko
>>>>>>
>>>>>>
>>>>
>>>>
>>>> Links:
>>>> ------
>>>> [1] http://testnet-seed.alexykot.me
>>>> [2] http://bitcoin-seed.alexykot.me
>>>> [3] http://node.alexykot.me
>>>> [4] http://testnet-seed.alexykot.me
>>>> [5] http://node.alexykot.me
>>>> [6] http://bitcoin-seed.alexykot.me
>>>> [7] http://testnet-seed.alexykot.me
>>>> [8] http://node.alexykot.me/
>>>> [9] http://testnet-seed.alexykot.me/
>>>> [10] http://node.alexykot.me/
>>>> [11] http://testnet-seed.alexykot.me/
>>>> [12] http://testnet-seed.alexykot.me
>>>> [13] http://alexykot.me
>>>> [14] mailto:robert@mckay•com
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>>> www.restlet.com/download
>>> http://p.sf.net/sfu/restlet
>>> _______________________________________________
>>> Bitcoin-development mailing list
>>> Bitcoin-development@lists•sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>> ------------------------------------------------------------------------------
>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>> www.restlet.com/download
>> http://p.sf.net/sfu/restlet
>>
>
>
>
>
> ------------------------------------------------------------------------------
> Time is money. Stop wasting it! Get your web API in 5 minutes.
> www.restlet.com/download
> http://p.sf.net/sfu/restlet
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 15:40 ` Andreas Schildbach
2014-05-30 15:54 ` Robert McKay
@ 2014-05-30 15:59 ` Pieter Wuille
2014-05-30 16:03 ` Gregory Maxwell
2 siblings, 0 replies; 18+ messages in thread
From: Pieter Wuille @ 2014-05-30 15:59 UTC (permalink / raw)
To: Andreas Schildbach; +Cc: Bitcoin Dev
On Fri, May 30, 2014 at 5:40 PM, Andreas Schildbach
<andreas@schildbach•de> wrote:
> I maybe have made this suggestion in the past, but why don't we teach
> the seeder (or maybe even plain bitcoind) how to write a zone file and
> then use matured DNS servers to serve this zone?
>
> I admit I never ran my own DNS so I'm not sure if that can work -- but
> to me it sounds like the easiest approach plus everyone can just use
> stock server software.
That's what Matt's implementation is doing. You don't have to run mine :)
I chose not to do so, as I wanted to be able to serve a different
response to every query, but more diversity is a good thing.
--
Pieter
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 15:40 ` Andreas Schildbach
2014-05-30 15:54 ` Robert McKay
2014-05-30 15:59 ` Pieter Wuille
@ 2014-05-30 16:03 ` Gregory Maxwell
2 siblings, 0 replies; 18+ messages in thread
From: Gregory Maxwell @ 2014-05-30 16:03 UTC (permalink / raw)
To: Andreas Schildbach; +Cc: Bitcoin Development
On Fri, May 30, 2014 at 8:40 AM, Andreas Schildbach
<andreas@schildbach•de> wrote:
> I maybe have made this suggestion in the past, but why don't we teach
> the seeder (or maybe even plain bitcoind) how to write a zone file and
> then use matured DNS servers to serve this zone?
>
> I admit I never ran my own DNS so I'm not sure if that can work -- but
> to me it sounds like the easiest approach plus everyone can just use
> stock server software.
We'd used an approach like that previously and I believe it produced
fairly bad load imbalances, especially since some resolvers only pass
on a single result. And that was before there was a wide deployment of
broken client software that trusted the dnsseeds exclusively.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again
2014-05-30 14:51 ` Robert McKay
2014-05-30 15:24 ` Pieter Wuille
@ 2014-06-01 9:56 ` Alex Kotenko
1 sibling, 0 replies; 18+ messages in thread
From: Alex Kotenko @ 2014-06-01 9:56 UTC (permalink / raw)
To: Robert McKay; +Cc: Bitcoin Dev, Andreas Schildbach
[-- Attachment #1: Type: text/plain, Size: 3558 bytes --]
So generally it seems impossible to have both DNS seeds running on same IP
address. Too bad.
Ok, I'll switch to serving only testnet DNS on this server for now, as this
seems to be a much bigger problem than mainnet. Later I might buy second IP
to setup mainnet DNS also.
Best regards,
Alex Kotenko
2014-05-30 15:51 GMT+01:00 Robert McKay <robert@mckay•com>:
> No, I don't think so. The problem is the 'aa' flag is missing (see the
> 'flags' section in dig). Perhaps if you could suppress the authority
> records the recursor would give up and just accept the non-authorative
> answer, but that isn't a good solution even if it might work for some
> resolvers.
>
> Rob
>
>
> On Fri, 30 May 2014 15:13:36 +0100, Alex Kotenko wrote:
>
>> Hmm, you might be right, as queries
>> dig @node.alexykot.me [8] testnet-seed.alexykot.me [9]
>>
>> and
>> dig @node.alexykot.me [10] -p 18353 testnet-seed.alexykot.me
>> [11]
>>
>> are giving different authority sections.
>>
>> Hmm, but if I setup custom SOA record for it - it should work,
>> right?
>> What SOA name should it be actually, assuming that NS record for
>> testnet-seed.alexykot.me [12] is pointing at alexykot.me [13]?
>>
>> Best regards,
>>
>> Alex Kotenko
>>
>> 2014-05-30 14:41 GMT+01:00 Robert McKay :
>>
>> Hi Alex,
>>>
>>> I think the problem is with my suggestion to use bind forwarding..
>>> basically bind is stripping off the authorative answer bit in the
>>> reply.. this causes the recursor to go into a loop chasing the
>>> authority server which again returns a non-authoritve answer with
>>> itself as the authority again. Im not sure if this can be fixed
>>> without hacking the bind src, so maybe it wasnt such a great
>>>
>>> suggestion in the first place. Basically I think if bind was
>>> returning authorative answers it would work, but I cant see any way
>>>
>>> to make that happen in the bind configuration.
>>>
>>> Rob
>>>
>>> On Fri, 30 May 2014 14:19:05 +0100, Alex Kotenko wrote:
>>>
>>> Hi Peter
>>>>
>>>> Ive setup DNS seeds myself a week ago, at
>>>> testnet-seed.alexykot.me [1] [6]
>>>> and bitcoin-seed.alexykot.me [2] [7], but there is a problem with
>>>>
>>>> DNS
>>>> settings that we with Andreas couldnt sort out quickly.
>>>>
>>>> The problem itself is that I can reach my nameserver and get
>>>> dnsseed
>>>> response if I query it directly with
>>>> dig @node.alexykot.me [3] [8] testnet-seed.alexykot.me [4] [9]
>>>>
>>>> dig @node.alexykot.me [5] [10] bitcoin-seed.alexykot.me [6]
>>>> [11]
>>>>
>>>> But when I try nslookup testnet-seed.alexykot.me [7] [12] -
>>>>
>>>> it
>>>> fails.
>>>> I guess the problem is in my DNS settings but I cant figure out
>>>> what
>>>> is it.
>>>>
>>>> S o could you share
>>>> how you configured DNS
>>>> for your seed
>>>> to help me debug
>>>> mine
>>>> ?
>>>>
>>>> Best regards,
>>>>
>>>> Alex Kotenko
>>>>
>>>>
>>>>
>>>
>>
>> Links:
>> ------
>> [1] http://testnet-seed.alexykot.me
>> [2] http://bitcoin-seed.alexykot.me
>> [3] http://node.alexykot.me
>> [4] http://testnet-seed.alexykot.me
>> [5] http://node.alexykot.me
>> [6] http://bitcoin-seed.alexykot.me
>> [7] http://testnet-seed.alexykot.me
>> [8] http://node.alexykot.me/
>> [9] http://testnet-seed.alexykot.me/
>> [10] http://node.alexykot.me/
>> [11] http://testnet-seed.alexykot.me/
>> [12] http://testnet-seed.alexykot.me
>> [13] http://alexykot.me
>> [14] mailto:robert@mckay•com
>>
>
>
[-- Attachment #2: Type: text/html, Size: 6608 bytes --]
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2014-06-01 9:57 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-05-23 22:17 [Bitcoin-development] testnet-seed.bitcoin.petertodd.org is up again Peter Todd
2014-05-25 19:12 ` Andreas Schildbach
2014-05-25 20:02 ` Tim
2014-05-26 16:37 ` Peter Todd
2014-05-26 22:12 ` Andreas Schildbach
2014-05-26 22:39 ` Peter Todd
2014-05-26 23:19 ` Andreas Schildbach
2014-05-30 9:43 ` Peter Todd
2014-05-30 13:19 ` Alex Kotenko
2014-05-30 13:41 ` Robert McKay
2014-05-30 14:13 ` Alex Kotenko
2014-05-30 14:51 ` Robert McKay
2014-05-30 15:24 ` Pieter Wuille
2014-05-30 15:40 ` Andreas Schildbach
2014-05-30 15:54 ` Robert McKay
2014-05-30 15:59 ` Pieter Wuille
2014-05-30 16:03 ` Gregory Maxwell
2014-06-01 9:56 ` Alex Kotenko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox