this post was submitted on 29 Jul 2023
9 points (80.0% liked)

Selfhosted

39980 readers
792 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] tal@kbin.social 2 points 1 year ago

Yeah, I don't think I really agree with the author as to the difficulty with dig. Maybe it could be better, but as protocols and tools go, I'd say that dig and DNS is an example where a tool does a pretty good job of coverage. Maybe not DNSSEC, dunno about how dig does there, and knowing to use +norecurse is maybe not immediately obvious, but I can list a lot of network protocols for which I wish that there were the equivalent to dig.

However, a lot of what of what the author seems to be complaining about is not really stuff at the network level, but the stuff happening on the host level. And it is true that there are a lot of parts in there if one considers name resolution as a whole, not just DNS, and no one tool that can look at the whole process.

If I'm doing a resolution with Firefox, I've got a browser cache for name resolutions independently of the OS. I may be doing DNS over HTTP, and that may always happen or be a fallback. I may have a caching nameserver at my OS level. There's the /etc/hosts file. There's configuration in /etc/resolv.conf. There's NIS/yp. Windows has its own name resolution stuff hooked into the Windows domains stuff and several mechanisms to do name resolution, whether via broadcasts without a domain controller or with a DC whether that's present; Apple has Bonjour and more-generally there's zeroconf. It's not immediately clear to someone the order of this or a tool that can monitor the whole process end to end -- these are indeed independent systems that kind of grew organically.

Maybe it'd be nice to have an API to let external software initiate name resolutions via the browser and get information about what's going on, and then have a single "name resolution diagnostic" tool that could span multiple of these name resolution systems, describe what's happening and help highlight problems. I can say that gethostbyname() could also use a diagnostic call to extract more information about what a resolution attempt attempted to do and why it failed; libc doesn't expose a lot of useful diagnostic information to the application, though libc does know what it is doing in a resolution attempt.