Re: pkg DNS issue

In reply to: Paul Vixie : "Re: pkg DNS issue"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Maku Bex <zagazaw2004_at_gmail.com>
Date: Wed, 16 Jul 2025 03:14:00 UTC
Now that you saw the SRV, what's the issue and the solution?

Paul Vixie wrote:
> On Sunday, July 13, 2025 2:43:00 AM UTC Maku Bex wrote:
>> Paul Procacci wrote:
>>> On Sat, Jul 12, 2025 at 8:30 PM Maku Bex <zagazaw2004@gmail.com> wrote:
>>>> Elaborate.
>>>>
>>>> Paul Vixie wrote:
>>>>> I see no srv records here.
>>>
>>> Like Maku, I'm a bit perplexed.My question is, you see no records where?
>>> ...
> 
> here:
> 
>> drill pkg.freebsd.org
>>
>> ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 20313
>> ;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>> ;; QUESTION SECTION:
>> ;; pkg.freebsd.org. IN  A
>>
>> ;; ANSWER SECTION:
>> pkg.freebsd.org.    300 IN  CNAME   pkgmir.geo.freebsd.org.
>> pkgmir.geo.freebsd.org. 150 IN  A   173.228.147.98
>>
>> ;; AUTHORITY SECTION:
>>
>> ;; ADDITIONAL SECTION:
>>
>> ;; Query time: 294 msec
>> ;; SERVER: 149.112.112.112
>> ;; WHEN: Fri Jul 11 23:49:16 2025
>> ;; MSG SIZE  rcvd: 74
> 
> that's not the domain name where SRV RR's would appear, as shown later in the
> thread (see below), and show a CNAME and an A but no SRV.
> 
>> # host -t SRV _http._tcp.pkg.FreeBSD.org
>> _http._tcp.pkg.FreeBSD.org has SRV record 50 10 80 pkg0.pao.freebsd.org.
>> _http._tcp.pkg.FreeBSD.org has SRV record 10 10 80 pkgmir.geo.freebsd.org.
>> _http._tcp.pkg.FreeBSD.org has SRV record 50 10 80 pkg0.tuk.freebsd.org.
>> _http._tcp.pkg.FreeBSD.org has SRV record 50 10 80 pkg0.nyi.freebsd.org.
>> _http._tcp.pkg.FreeBSD.org has SRV record 50 10 80 pkg0.sjb.freebsd.org.
> 
> the "drill" example is doubly misleading, since in RFC 2782 we said:
> 
>     Target
>          The domain name of the target host.  There MUST be one or more
>          address records for this name, the name MUST NOT be an alias (in
>          the sense of RFC 1034 or RFC 2181).  Implementors are urged, but
>          not required, to return the address record(s) in the Additional
>          Data section.  Unless and until permitted by future standards
>          action, name compression is not to be used for this field.
> 
> note that aliases aren't allowed; the target of an SRV must be a name holding
> an A (or more recently AAAA). it was the CNAME which caught my eye. note also
> from RFC 2782:
> 
>     Name
>          The domain this RR refers to.  The SRV RR is unique in that the
>          name one searches for is not this name; the example near the end
>          shows this clearly.
> 
> so when you did a "drill" against the name your client would be using, i knew
> you would never find an SRV there.
> 
> thus my reply. sorry to be so terse, i was on a mobile device in a hotel room.
>