discuss: Thread: who is responsible for the tldp.org domain name

Quoting Jean-Daniel Dodin ####@####.####

> at least, from our front page (tldp.org) we have br, it and es subdomains.

Well, OK, but the point is that the DNS for them does not appear to be
delegated.  I mean, I could create a subdomain of "cosanostra" under
linuxmafia.com, too, and populate it with hostnames like:

vito.cosanostra.linuxmafia.com
fredo.cosanostra.linuxmafia.com
sonny.cosanostra.linuxmafia.com

However, unless and until I delegated that subdomain, it remains defined
solely in the main linuxmafia.com nameserver(s), not ones specific to
the subdomain.

The way you detect delegation is the way I described before.

If you want to see a real-world example of delegation, do these two
commands, and compare the results:

$ dig  -t ns  research.att.net  +trace 
$ dig  -t ns  att.net  +trace 

The first of those traces down through from the DNS root nameservers to
those for subdomain "research.att.net".  The second does the same for
the unqualified "att.net".  Notice that the sets of nameservers in the
final step are different.  That's delegation at work.

> I "know" this, that is I read the doc and understand it at the moment
> I read, but I'm far from mastering this.whois

I hope the above helps.  The odd thing is, now that I compare the "ns" 
results for br.tldp.org versus tldp.org, I notice something very
strange:  There are now _three_ nameservers for tldp.org:

$ dig -t ns tldp.org +short
ns.unc.edu.
ns2.unc.edu.
ncnoc.ncren.net.

However, by comparison, only the first two are nameservers for
br.tldp.org.  Something strange going on, there.


> so this have to be managed by ibiblio admins? 

Whoever runs ns.unc.edu.

> we have three servers
> 
> * gabber (gabber.metalab.unc.edu) and reggae (reggae.metalab.unc.edu)
> are vservers running on the hardware new one, gabber is for mailing
> lists and reggae for the wiki (all this setup by Sergius)

OK.  However, the mere fact that one runs a nameserver on a host doesn't
make the public consult it for particular domains' nameservice.  For
that to happen, the nameserver must be on the domain's list of
authoritative servers.  Which does not appear to be the case with
gabber or reggae.

I mean, I could make my own ns1.linuxmafia.com nameserver declare itself
the source of information for domain number10.gov.uk, but I doubt the
world would pay much attention.  ;->

Now, if you _want_ to run tldp.org's nameservice on reggae and gabber,
that's quite easy:  One configures a nameserver package on the two
hosts, populates it would tldp.org's zonefile, and (last) uses Guylhem's 
access to the tldp.org domain record at Gandi.net to alter the list of
authoritative nameservers, to match whatever roster of nameservers the 
volunteers wish to use.  (UNC/metalab's gift of nameservice on its three
nameservers should not, IMO, be turned down, however.)

There are particular details.  For example, one must arrange for zone
replication among the roster of nameservers.  Most conventionally, this
is done by designating one as master and making all the others pull down
zone revisions from it.  There are also other ways to do it.

And one wishes to have at least three nameservers and no more than seven
(per the RFCs).  Those really should be physically distinct machines:
E.g., a  host plus two vservers on that host do not equal three DNS
nameservers for purposes of service redundancy.

At least two of the authoritative nameservers should be in different
locations so that the same router failure or AC power outage or fire or
earthquake or hurricane cannot take out all of your nameservice at once.
And so on.

Rick Moen a écrit :

> Now, if you _want_ to run tldp.org's nameservice on reggae and gabber,

:-)

I don't "want" anything like, I just want to be able to change the
target for br.tldp.org (eventually)

for my own domain name, I do this with the Gandi zone service. Giving
for br.tldp.org the DNS are those of unc/ibiblio, I beg it's them that
did this.

who did setup these sub-domain at first? (I mean who decided to do so
and send demand to the good admin)? probably Guylhem?

jdd


-- 
jdd for the Linux Documentation Project
http://wiki.tldp.org
http://www.dodin.net

Quoting Jean-Daniel Dodin ####@####.####

> I don't "want" anything like, I just want to be able to change the
> target for br.tldp.org (eventually)

I was obliged to speculate, because it was entirely unclear from your
post what exactly you're aiming to accomplish.

Anyway, it appears that you need whoever runs ns.unc.edu to edit the
tldp.org zonefile, to make the desired change.

> for my own domain name, I do this with the Gandi zone service. 

Presumably, your phrase "do this with the Gandi zone service" means you
aren't doing your own DNS[1], but rather are paying Gandi.net to provide
nameservers for your domain, and they provide you some Web-mediated
editing mechanism to remotely edit the domain's zonefile. 

Let's check, under the assumption that you're talking about dodin.org:

:r! dig  -t ns  dodin.org +short
a.dns.gandi.net.
c.dns.gandi.net.
b.dns.gandi.net.

:r! dig  -t soa  dodin.org  +short
a.dns.gandi.net. hostmaster.gandi.net. 1215848044 10800 3600 604800 10800

Yep.  You've outsourced your DNS to three Gandi.net nameservers, of
which a.dns.gandi.net is the master nameserver.


I very much doubt that UNC's NOC staff (or whoever it is who operates
ns.unc.edu) offers the public Web-mediated access to edit zonefiles
located on ns.unc.edu:  More likely, it's done the old-fashioned way, by
some sysadmin absent-mindedly editing the zonefile in vi, saving, doing
"rndc reload" to refresh the zone, cursing fluently about having
forgotten to increment the S/N, re-editing the zonefile in vi, saving,
doing "rndc reload" again, and going off to have a stiff drink.


> who did setup these sub-domain at first? (I mean who decided to do so
> and send demand to the good admin)? probably Guylhem?

Are you asking who put sundry (thus far unspecified in this
conversation) fully-qualified hostnames of the form *.br.tldp.org into
the tldp.org zonefile at ns.unc.edu?  I would have no way of knowing,
but rather suspect it was done by UNC/Metalab NOC staff at the request
of the domain owner (Guylhem).

You still haven't shown that any such subdomain actually exists in any
meaningful way, by the way.  All you've done is talk about some claim on
a Web page.  So, you might be talking about DNS records that don't
actually exist.

If you want to be clearer on what your'e talking about, you might want
to e-mail the UNC NOC (network operations centre) staff and ask them to
e-mail you a copy of the zonefile.

I suggested what appeared to be the correct e-mail address for this
purpose in one of my recent, prior e-mails.  Which please see.

[1] I always find it very strange to find competent Linux users who own
domains but aren't doing their own DNS.  All it takes is one static IP 
address (which of course I'm aware that not everyone has, but many do). 
Once you setup your own nameserver on such an IP, and it's not
difficult, you quickly find that there are many people who are glad to
do your secondary DNS if you'll do theirs.  So, you aren't obliged to
outsource to ISP nameservers, which inevitably suck in a variety of ways
including security.

Rick Moen a écrit :

> Anyway, it appears that you need whoever runs ns.unc.edu to edit the
> tldp.org zonefile, to make the desired change.

yes

> 
>> for my own domain name, I do this with the Gandi zone service. 
> 
> Presumably, your phrase "do this with the Gandi zone service" means you
> aren't doing your own DNS[1], but rather are paying Gandi.net to provide
> nameservers for your domain, and they provide you some Web-mediated
> editing mechanism to remotely edit the domain's zonefile. 

yes. Gandi is the registrar of the tldp, and also mine, he let the
owner manage the dns zone (if the owner uses also the gandi dns, of
course) - it's free. I initially thought tldp was assigned some sort
of fixed IP by UNC, but it seems now clear that it's not the case.
tldp.org is managed by the UNC dns and redirected to our servers from
there (pretty usual method)

> located on ns.unc.edu:  More likely, it's done the old-fashioned way

probably

> conversation) fully-qualified hostnames of the form *.br.tldp.org into
> the tldp.org zonefile at ns.unc.edu?

no.

> You still haven't shown that any such subdomain actually exists in any
> meaningful way, by the way.

br, it and es are not hosted by the tldp but by they respective ISP
(enough to clic the front page  link and do a little search to see this)

http://linux.alojate.net/ for es
http://www.pluto.it/ for it
Brasil Telecom S. A for br (this one is said to change)

In fact the LDP have no apache server running (the wiki is direct
access). We could host sub-domain, but we should then create other
vservers (http://linux-vserver.org/Welcome_to_Linux-VServer.org)

> [1] I always find it very strange to find competent Linux users who own
> domains but aren't doing their own DNS.  All it takes is one static IP 
> address (which of course I'm aware that not everyone has, but many do). 
> Once you setup your own nameserver on such an IP, and it's not
> difficult, you quickly find that there are many people who are glad to
> do your secondary DNS if you'll do theirs.  So, you aren't obliged to
> outsource to ISP nameservers, which inevitably suck in a variety of ways
> including security.

I use a hosted server, not in my house, but my registrar services
(gandi) are easier to manage than my Hosting service one

with only one computer on the net, I don't see any interest of having
my own dns.

but may be we could host the tldp ones (I'll see this later with
Sergius, there is no hurry)

thanks helping
jdd


-- 
jdd for the Linux Documentation Project
http://wiki.tldp.org
http://www.dodin.net

hi, we use unc.edu infrastructure for complete 1st class
dns service. there is no need to change it, we can
delegate national domains or host dns for them as wel.

we do not see any problem with dns, so maybe
there is no need to discuss it?

s.
-- 
"Science is a wonderful thing if one does not have
to earn one's living at it" - Albert Einstein

Sergiusz Pawlowicz a écrit :
> hi, we use unc.edu infrastructure for complete 1st class
> dns service. there is no need to change it, we can
> delegate national domains or host dns for them as wel.
> 
> we do not see any problem with dns, so maybe
> there is no need to discuss it?

it's not a "problem", only the Brazilian asked for a change. If
confirmed, we will have to act, so I tried to have infos...

jdd
-- 
jdd for the Linux Documentation Project
http://wiki.tldp.org
http://www.dodin.net

Quoting Jean-Daniel Dodin ####@####.####

> > You still haven't shown that any such subdomain actually exists in any
> > meaningful way, by the way.
> 
> br, it and es are not hosted by the tldp but by they respective ISP
> (enough to clic the front page  link and do a little search to see this)

I suspect you're confusing DNS with hosting.

> http://linux.alojate.net/ for es
> http://www.pluto.it/ for it
> Brasil Telecom S. A for br (this one is said to change)
> 
> In fact the LDP have no apache server running (the wiki is direct
> access). We could host sub-domain, but we should then create other
> vservers (http://linux-vserver.org/Welcome_to_Linux-VServer.org)

But none of this has anything to do with (alleged) delegation of what
you're calling a "subdomain".  In fact, I would speculate that you're
not actually talking about subdomains at all, but rather just host
entries in the tldp.org zonefile, e.g., fully qualified hostname
"br.tldp.org".  

You've been consistently speaking of "br.tldp.org" as a subdomain.  Do
you have any reason to think it is a subdomain?  I have so far seen
none cited.  

I think you may be unclear on what problem you're trying to solve.

> I use a hosted server, not in my house, but my registrar services
> (gandi) are easier to manage than my Hosting service one

Well, that wasn't the comparison I was making.  I was marvelling that so
few Linux users (who have static IPs) bother to run their own
nameservers -- not talking about _which_ third-party nameserver they
choose to pay for, instead.

> with only one computer on the net, I don't see any interest of having
> my own dns.

Then, I would suggest you haven't considered the matter.  Running your
authoritative service on one's own machine gives you better security and 
control over your nameservice, plus you're not having to pay someone
else to do it for you.  Running your own recursive DNS service locally
to your LAN gives you much better security _and_ much better network
performance.

> but may be we could host the tldp ones

If you mean, cease to use UNC's, why on _earth_ would you do that?

On the other hand, adding a couple of more secondaries to the roster
would be a good idea, technically.

Rick Moen a écrit :

> You've been consistently speaking of "br.tldp.org" as a subdomain.  Do
> you have any reason to think it is a subdomain?  I have so far seen
> none cited.  

well... my definition is the same as
http://en.wikipedia.org/wiki/Subdomain

> Then, I would suggest you haven't considered the matter.  Running your
> authoritative service on one's own machine gives you better security and 
> control over your nameservice,

only if I have the knowledge, and as you can see I'm not very good in
this matter :-(

 plus you're not having to pay someone
> else to do it for you.

it's free!

> to your LAN gives you much better security _and_ much better network
> performance.

I have no network there

> 
>> but may be we could host the tldp ones
> 
> If you mean, cease to use UNC's, why on _earth_ would you do that?

simply to be able to cope with the present situation without
disturbing ibiblio admins :-)

and you say just before it's best???

and all this should be seen with the real tldp admin (sergius)

jdd


-- 
jdd for the Linux Documentation Project
http://wiki.tldp.org
http://www.dodin.net

Hello

On Fri, Nov 7, 2008 at 3:51 PM, jdd for http://tldp.org ####@####.#### wrote:
>> If you mean, cease to use UNC's, why on _earth_ would you do that?
>
> simply to be able to cope with the present situation without
> disturbing ibiblio admins :-)

Bad idea. If it isn't broken, don't touch it. Admins are meant to be contacted !
The UNC DNS team is usually very responsive. Just ask them to change
the IP br.tldp.org is pointing to, and voila.

I wouldn't consider using Gandi or any commercial DNS service.

> and you say just before it's best???

If it's done in-house, yes. But the overhead of managing our own DNS
servers on gabber is hardly justified IMHO.

> and all this should be seen with the real tldp admin (sergius)

Just send them an email, and ask for the change.

-- 
Dr. Guylhem Aznar, MD PhD

Unité d'Analyse Médico-Économique
Service de Santé Publique et d'Économie de la Santé
Pôle SPSSR
CHU de Fort de France
BP 632
97261 Fort De France Cedex
Martinique, France

Tel : 05 96 55 23 47
Fax : 05 96 75 84 57

On Fri, Nov 7, 2008 at 9:28 PM, Guylhem Aznar ####@####.#### wrote:

>> and all this should be seen with the real tldp admin (sergius)
>
> Just send them an email, and ask for the change.

for any dns change req simply use ibiblio.org/help

-- 
"Science is a wonderful thing if one does not have
to earn one's living at it" - Albert Einstein