More information about the Underscore mailing list

[_] DNS resolving oddity

Craig Francis craig at craigfrancis.co.uk
Mon Nov 6 11:16:04 GMT 2017

On 6 Nov 2017, at 10:28, Amias Channer <me at amias.net> wrote:
> Maybe their previous DNS admin left in a hurry.



:-P

I'm also trying to work out how to explain another issue to them...

Imagine a standard <form>, that contains a hidden input field with a nonce.

When the customer submits the form, it takes them to a page this company hosts.

But the page does not accept the same nonce being sent twice.

They say that I just need to "generate a new one each time"... but how do you do that?

I'm thinking of customers who are on a slow or unreliable internet connection, where the nonce is sent, but the page coming back is not received by the customer.

So the customer may then hit the refresh button, which will re-send the same nonce.

Unfortunately the customer gets to see an unhelpful (technical) error message, with no way to try again (other than to use the back button in their browser, which isn't exactly obvious).

:-S







> On 6 Nov 2017, at 10:28, Amias Channer <me at amias.net> wrote:
> 
> Hello _,
> 
> Maybe their previous DNS admin left in a hurry.
> 
> Cheers
> Amias
> 
> On 6 Nov 2017 09:45, "Craig Francis" <craig at craigfrancis.co.uk> wrote:
> 
>> True, but it’s been like this for over a week (took them a week to say
>> everything is fine)... so I doubt they are making changes :-)
>> 
>> 
>> 
>>> On 6 Nov 2017, at 9:35 am, Amias Channer <me at amias.net> wrote:
>>> 
>>> Hello _,
>>> 
>>> 
>>> Low TTL is usually set when expecting to make a lot of changes, then you
>>> crank it back up again when settled
>>> 
>>> Cheers
>>> Amias
>>> 
>>>> On 6 Nov 2017 09:12, "Craig Francis" <craig at craigfrancis.co.uk> wrote:
>>>> 
>>>> Thanks for confirming Oliver,
>>>> 
>>>> I’m trying to help the company who (not surprisingly) had DNS issues
>> last
>>>> week, and the setup seems odd (the 20s TTL seems wrong to me as well).
>>>> 
>>>> This was just the first time I’ve seen a setup where you could get
>> another
>>>> Authority response when asking for an A record (i.e. after doing the NS
>>>> lookups, and being told who should be the authority for that domain).
>>>> 
>>>> And I’m running OSX as well, so not sure why I was needing the +noedns
>>>> flag.
>>>> 
>>>> Craig
>>>> 
>>>> 
>>>> 
>>>>> On 5 Nov 2017, at 10:59 pm, Oliver Humpage <oliver at watershed.co.uk>
>>>> wrote:
>>>>> 
>>>>> 
>>>>>> On 5 Nov 2017, at 17:45, Craig Francis <craig at craigfrancis.co.uk>
>>>> wrote:
>>>>>> 
>>>>>> We finally get the answer, but this seems a bit weird/broken to me...
>>>> yet somehow it works (for all?).
>>>>> 
>>>>> I guess your concern is that a DNS server that should be authoritative
>>>> for the domain isn’t returning an answer.
>>>>> 
>>>>> However, what it is returning (an Authority section) is exactly what
>>>> both the root and .com DNS servers returned. Therefore the client will
>>>> simply carry on following the chain and ask one of the servers in the
>>>> authority section, which as you noted works fine (on OS X I didn’t need
>> the
>>>> +noedns flag).
>>>>> 
>>>>> So it’s slightly odd, but it’s all within spec. Of more concern is the
>>>> 20s TTL, which is insanely low. Whatever you’re doing that requires that
>>>> low a TTL, do it another way, cos that’s not really how DNS is meant to
>>>> work :)
>>>>> 
>>>>> Oliver.
>>>>> 
>>>>> --
>>>>> underscore_ list info/archive -> http://www.under-score.org.uk/
>>>> mailman/listinfo/underscore
>>>> --
>>>> underscore_ list info/archive -> http://www.under-score.org.uk/
>>>> mailman/listinfo/underscore
>>> --
>>> underscore_ list info/archive -> http://www.under-score.org.uk/
>> mailman/listinfo/underscore
>> --
>> underscore_ list info/archive -> http://www.under-score.org.uk/
>> mailman/listinfo/underscore
> -- 
> underscore_ list info/archive -> http://www.under-score.org.uk/mailman/listinfo/underscore