From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1]) by tb-mx0.topicbox.com (Postfix) with ESMTP id 77AAE2E6E43 for <9fans@9fans.net>; Tue, 27 Oct 2020 03:06:24 -0400 (EDT) (envelope-from lucio.dere@gmail.com) Received: from tb-mx0.topicbox.com (localhost [127.0.0.1]) by tb-mx0.topicbox.com (Authentication Milter) with ESMTP id D9DF3F5DA60; Tue, 27 Oct 2020 03:06:24 -0400 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1603782384; b=L2uQWR/P1OpIMxZCUkVHL8xFxZ0otxRE2/ccXt0TI2xGv0Q5v8 H6hNGW8M/u9A/hI07ttuFPC7kd+mmgtTeRrfIGvDiJEdkz0KRdpOaj4a2+UUTvLA vJJEuK0f6tESODw4rCvbk0YSOau4dWJAz7c+Ij3izCr/if+Cklz385gTomDq3jFO IQz4tXJe/2TeLA/D3IpcjFSTdKjLIjUM+E0rLRehIvwKIuJyrkX4LMaQUSkrVt3X YUsZpxyB+ULYd50fXggn3MaWu59vzneRYxY7hlU2b9z25cM3oUUvLpak5tKHigWh yX+yy+O3MU4My4yiVpVNFXEKu38S7R7Hrdaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; s=arcseal; t=1603782384; bh=ByrUBKcrDVrrtVJey12aZ6Hz3ZcWt8PVo5OQBqZybjg=; b=qjP0f4O2Pl9X nlZULY5X0lm+12/oDsBkzNv+DaQmn1zEhbwdpYmj2UHI/lzXjsJJi8B0zGYlkzpR HEZU71W8N6k+lTroYcdiMqsX5xi9vyM8JvZEVes2b20T/Mj8tNqdeMy9XF5u3ZKZ RAwfpV+gpf+feVMDNYdpttYmnr4rYeIXcfTx3ePoQ+eYG+fjqx/YUK3DX1andxCF 7OayPthMARcYCgzg8bcp5EFxS+Buq8+AfUaymbNQeU0GprDzGF5JTx6W8wBrNa/S xFQC/Q1jNWtTxdiXQjnToRQj1hpQtMgeWOEbckBMHfeyuI40aHuRXq1W7rCc5iii NRLkmoU2ug== ARC-Authentication-Results: i=1; tb-mx0.topicbox.com; arc=none (no signatures found); bimi=none (Domain is not BIMI enabled); dkim=pass (2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com header.b=QqbpXFbM header.a=rsa-sha256 header.s=20161025 x-bits=2048; dmarc=pass policy.published-domain-policy=none policy.published-subdomain-policy=quarantine policy.applied-disposition=none policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p header.from=gmail.com; iprev=pass smtp.remote-ip=209.85.208.169 (mail-lj1-f169.google.com); spf=pass smtp.mailfrom=lucio.dere@gmail.com smtp.helo=mail-lj1-f169.google.com; x-aligned-from=pass (Address match); x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net header.i=@1e100.net header.b=mfC9hAEf; x-ptr=pass smtp.helo=mail-lj1-f169.google.com policy.ptr=mail-lj1-f169.google.com; x-return-mx=pass header.domain=gmail.com policy.is_org=yes (MX Records found: gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com); x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes (MX Records found: gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 Authentication-Results: tb-mx0.topicbox.com; arc=none (no signatures found); bimi=none (Domain is not BIMI enabled); dkim=pass (2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com header.b=QqbpXFbM header.a=rsa-sha256 header.s=20161025 x-bits=2048; dmarc=pass policy.published-domain-policy=none policy.published-subdomain-policy=quarantine policy.applied-disposition=none policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p header.from=gmail.com; iprev=pass smtp.remote-ip=209.85.208.169 (mail-lj1-f169.google.com); spf=pass smtp.mailfrom=lucio.dere@gmail.com smtp.helo=mail-lj1-f169.google.com; x-aligned-from=pass (Address match); x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net header.i=@1e100.net header.b=mfC9hAEf; x-ptr=pass smtp.helo=mail-lj1-f169.google.com policy.ptr=mail-lj1-f169.google.com; x-return-mx=pass header.domain=gmail.com policy.is_org=yes (MX Records found: gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com); x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes (MX Records found: gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedujedrkeekgddutdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpegjfhfhff fkuffvtgesthdtredttddtjeenucfhrhhomhepnfhutghiohcuffgvucftvgcuoehluhgt ihhordguvghrvgesghhmrghilhdrtghomheqnecuggftrfgrthhtvghrnhepgfffiedugf fgfeekjeegteejgffhhedvieefheelleetleejgeetffeihfefudeinecuffhomhgrihhn pehoshhmihhordgthhdpthhophhitggsohigrdgtohhmpdgruhhthhgvnhhtihgtihhthi ifohhrkhhsrdhvihguvghonecukfhppedvtdelrdekhedrvddtkedrudeileenucevlhhu shhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpedvtdelrdekhedrvddtkedrud eiledphhgvlhhopehmrghilhdqlhhjuddqfhduieelrdhgohhoghhlvgdrtghomhdpmhgr ihhlfhhrohhmpeeolhhutghiohdruggvrhgvsehgmhgrihhlrdgtohhmqecuuffkkgfgpe elvdefvd X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (gmail.com ... _spf.google.com: Sender is authorized to use 'lucio.dere@gmail.com' in 'mfrom' identity (mechanism 'include:_netblocks.google.com' matched)) receiver=tb-mx0.topicbox.com; identity=mailfrom; envelope-from="lucio.dere@gmail.com"; helo=mail-lj1-f169.google.com; client-ip=209.85.208.169 Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com [209.85.208.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx0.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Tue, 27 Oct 2020 03:06:23 -0400 (EDT) (envelope-from lucio.dere@gmail.com) Received: by mail-lj1-f169.google.com with SMTP id y16so569104ljk.1 for <9fans@9fans.net>; Tue, 27 Oct 2020 00:06:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=ByrUBKcrDVrrtVJey12aZ6Hz3ZcWt8PVo5OQBqZybjg=; b=QqbpXFbMR6NtupPL3JbfO52IMB56XWzndPwKZ6DTQOTroBp+EJo83NVZxH5AL7IvUG puCHqQMknIxZtpQnSb4cg7C36YBd4vlTmPfo2XGYOEtiob6UONEDL6oAwtTSCIwmrhEX aD3SibR2E2cbzxwDdkJqmhbCGBLaN+XRysQrd7PGZRmtWdiEjO4ol4gqSqaFocKE3Oa5 po6wZklpREoSlTWPtPFBP1XefsbiJs6dox0Tj6mVANX2lRfIWNe6+4p4xNU7JDWeSjU6 BwqmgiKQO8WpzBaQQi/Iyi7fd142iQwJ+EAbTXRDkG8NvlCaiIUGR+EJ/AslaT/DXNHi rduQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=ByrUBKcrDVrrtVJey12aZ6Hz3ZcWt8PVo5OQBqZybjg=; b=mfC9hAEfpM7YXibWBtXz91OcM1REEQY0ZrYByyDKjac1HG7q2Q7RbOCS9W8WdmP461 Fyk4KS6oufuGrBXQq20OimbnzyWrKusLG7jS8eEiYnB8M7Ruu21ueCe4Szo0W+u/iZ6e SJ311K7Xpn1sjc69oDQyk7ivEugKEzW08sFzyYjh+tJPqWc2Vj2oYvAcAtkkbA6SHiJk t40c+1Z/93AmL3a2RuHi+VU7R1AjnBX4tSSDBZQju4i7WV8XHSSz6augdLkWkTdyoQ+s mXfhGpRF79LnxAq/u3a2SwG9Zarec+bbI3AmGLPk2FqLvHLTWZkfvvJalObpWUFAyyiJ jt7A== X-Gm-Message-State: AOAM532itvk2+Wp5ZhqlyExvynYerR2XJT4k52LDkDTPFoE/BzPhkpnQ EdNQ3Nm9hCuK9RN7n6CNHpVp0AGl+ATHKMCwVI0ZUO0DfABTMA== X-Google-Smtp-Source: ABdhPJySLRzUcK12EuD6q3636oX/RcQNSZ4jfS0L0Y+XKiHAVtNEc0oylyxch8Uqq5dxiyAHdr+uKNxCZmI6neRQMTE= X-Received: by 2002:a2e:8ecc:: with SMTP id e12mr473255ljl.98.1603782381730; Tue, 27 Oct 2020 00:06:21 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:9650:0:0:0:0:0 with HTTP; Tue, 27 Oct 2020 00:06:20 -0700 (PDT) In-Reply-To: References: <864kmj2rvg.fsf@cmarib.ramside> From: Lucio De Re Date: Tue, 27 Oct 2020 09:06:20 +0200 Message-ID: Subject: Re: [9fans] Re: Flakey DNS server To: 9fans <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Topicbox-Policy-Reasoning: allow: sender is a member Topicbox-Message-UUID: ef314054-1822-11eb-9b24-891691863a2b Just to bring the subject back: it seems the DNS server fails when the connectivity it relies on is restored. At least, that is how I interpret what happened this morning. K some point, my attempts to browse the web failed and looked a lot like a hostname lookup failure, so I applied my now regular sledge-hammer to kill and restart the server (1). That failed in its objective so I actually figured the Internet link had failed. Coincidentally, the mobile data link had run out of credits, so that failed too - nothing seems simple around here. A few steps down the line, I managed to use the second Internet link to provision data for the mobile backup link (2), by which time the Internet link (would you believe that both Internet services run on a long distance wi-fi connection?) had been restored. And that is when I noticed that the Plan 9 DNS server had reached 100, then 200 opened file handles as reported by the kernel console. It seems - I'm hoping someone here knows the DNS server code better than my distant exploration of it - that a fresh instance of the server is more robust against a network failure than one that has run for some time. Presumably some kind of cache problem, as that would be the significant difference. Myself, cache allocation and general messing about is the type of code I try desperately to avoid having to write, let alone debug. (1) Miller informed me that the DNS server responds to a "restart" command, but I discovered that if the "-s" option is used, the restart isn't a complete one. (2) Recently, I rearranged my small network. Out of necessity as I had managed to mis-configure the core gateway and could not restore it in a short time. It used to be that one Internet link did all the work, with a few exceptions to get around ISP-dictated restrictions and misconfigurations. Routing to the second link was used as the anti-censorship measure. When the primary link failed, removing the lower-cost default route sufficed to bring the more expensive secondary into full operation. I wasn't really concerned with failures of the secondary link, they didn't really have much impact. To be honest, even failure of the primary link didn't have much impact. Short failures, though, that would otherwise go unnoticed, I now believe tickled the DNS server into bad behaviour. Not too short, I don't think, but hardly worth switching to the secondary. Since I switched to what used to be the secondary link for all my desktop work and reserved the primary for Netflix and my partner's obsession with Trump's misdemeanours, the DNS server has shown a different pattern of failures, all seemingly related to flakey connectivity. Lucio. PS: those who raised the Osmio flag did so, in my opinion, disingenuously. Wes has long been known to punt a socially-related issue. Probably something that needs no further attention in this thread. On 10/27/20, Thaddeus Woskowiak wrote: > On Sat, Oct 24, 2020 at 10:11 PM Wes Kussmaul wrote: >> >> Lucio's concern was about commercial enterprises bending Internet norms >> to serve their bottom line at the expense of interoperation. >> >> Imagine if the physical city where you live allowed building codes to be >> proprietary, and instead of public professional licensing of architects, >> contractors, structural engineers and building inspectors you had >> certification programs of those commercial enterprises. >> >> Instead, habitability of physical buildings is determined by building >> codes and professional licensing that are the product of participatory >> and duly constituted public authority. >> >> That's the role that Osmio sets out to play in non-physical digital >> indoor spaces. >> >> >> On 10/24/20 6:48 PM, Charles Forsyth wrote: >> > It's a virtual city in Switzerland, which is famously neutral (hence >> > Geneva as location for various international organisations, and indeed >> > as a setting for several TV series) >> > >> > On Sat, Oct 24, 2020 at 11:23 PM > > > wrote: >> > >> > Wes Kussmaul writes: >> > >> > > On 10/7/20 12:08 AM, Lucio De Re wrote: >> > >> my situation is getting >> > >> more difficult as norms on the Internet are being bent by >> > service >> > >> provider that care for their profitability much more than for >> > >> interoperation >> > > >> > > I suggest taking a look at https://www.osmio.ch/ >> > >> > I don't get it. That Web site appears to be the municipal >> > homepage for >> > a city in Switzerland that uses digital certificates as official >> > government-recognized ID. What does that have to do with anything? >> > >> > *9fans * / 9fans / see discussions >> > + participants >> > + delivery options >> > Permalink >> > >> -- >> >> *Wes Kussmaul* >> >> *Reliable Identities, Inc.* >> an Authenticity Enterprise >> 738 Main Street >> Waltham, MA 02451 USA >> t: +1 781 790 1674 >> m: +1 781 330 1881 >> e: wes@ReliableID.com >> >> Learn About Authenticity >> >> This message is confidential. It may also be privileged or otherwise >> protected by work product immunity or other legal rules. If you have >> received it by mistake, please let us know by e-mail reply and delete it >> from your system; you may not copy this message or disclose its contents >> to anyone. The integrity and security of this message cannot be assured >> unless it is digitally signed by the PEN of an identity certificate with >> an IDQA score that is sufficient for your purposes. >> > > I believe the issue here is that some people have interpreted your > osmio.ch suggestion as a solution to Lucio's DNS issues. > > ------------------------------------------ > 9fans: 9fans > Permalink: > https://9fans.topicbox.com/groups/9fans/T4e8db4c94a81d90f-Mf0aaea951a7c79996e890424 > Delivery options: https://9fans.topicbox.com/groups/9fans/subscription > -- Lucio De Re 2 Piet Retief St Kestell (Eastern Free State) 9860 South Africa Ph.: +27 71 471 3694 Cell: +27 83 251 5824