Host name lookup failure?

[victorhooi]

Hi,

For my DNS, I have the NS record for t.mydomain.com pointing towards ns.t.mydomain.com.

I then have an A record for ns.t.mydomain.com pointing to a Ubuntu server.

On that server, I've setup sods like so:

~/sods/sods$ sudo ./sods -d /tmp -L localhost:22 -vvvv t.mydomain.com

Then on the client, I use:

ssh -o ProxyCommand="./sdt -vvv -r 127.0.0.1 t.mydomain.com" 127.0.0.100

However, I get an error about host name lookup failure:

session id = 5348, opt = 0, session = 0
POLL:0-27633.id-58388.down.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-12404.id-58388.down.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-20985.id-58388.down.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-38899.id-58388.down.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-23068.id-58388.down.t.mydomain.com

Is there something faulty in the setup above?

Cheers, Victor

[msantos]

If t.mydomain.com is the domain that is delegated to you, looks like you'll need ns.t.mydomain.com (the real name server) and something like p.t.mydomain.com (the sods server). p.t.mydomain.com would be the name server for the p. domain.

So in your example (should work without any ns configuration):

sudo ./sods -d /tmp -L localhost:22 -vvvv t.mydomain.com

ssh -o ProxyCommand="./sdt -vvv -r 127.0.0.1 p.t.mydomain.com" 127.0.0.100

[victorhooi]

heya,

Wait, I'm a bit confused.

I own the whole domain "mydomain.com".

I'm using Dyndns as my DNS provider, I've created the following two entries:

Host	Type	Data
t.mydomain.com	NS	ns.t.mydomain.com
ns.t.mydomain.com	A	50.34.30.4

(IP address above is just a placeholder).

Do I need to change any of those records? Where does p.t.mydomain.com fit into this?

Cheers, Victor

[msantos]

On Fri, Aug 24, 2012 at 08:14:41AM -0700, victorhooi wrote:

heya,

Wait, I'm a bit confused.

I own the whole domain "mydomain.com".

So you want to delegate a subdomain to a name server. The name server is: t.mydomain.com

When you start up sods, it's told to serve up name requests for the t.mydomain.com:

sods -L 127.0.0.1:22 t.mydomain.com

The sods client makes requests A/TXT/... to a subdomain off of t.mydomain.com, such as p.t.mydomain.com (the "p" can be anything):

sdt p.t.mydomain.com

The command line you cut and pasted talks to the localhost, so you don't need to set up any domains. It's just to prove everything works. When running sods over the internet, it needs to talk to the name server for mydomain.com to find out where the name server t.mydomain.com is.

Hope that clears things up a bit. Feel free to ask if you have any other questions!

I'm using Dyndns as my DNS provider, I've created the following two entries:

Host	Type	Data
t.mydomain.com	NS	ns.t.mydomain.com
ns.t.mydomain.com	A	50.34.30.4

(IP address above is just a placeholder).

Do I need to change any of those records? Where does p.t.mydomain.com fit into this?

Cheers, Victor

---

Reply to this email directly or view it on GitHub: https://github.com/msantos/sods/issues/2#issuecomment-8004266

[victorhooi]

heya,

Ok, wait - I think I had my NS records incorrect.

Before (as per my earlier comment) I had an A record for ns.t.mydomain.com pointing to the server.

Then I had an NS record, delegating queries for t.mydomain.com to ns.t.mydomain.com.

However, I'm not sure if that will work, since ns.t.mydomain.com is under t.mydomain.com, and it would cause some weird recursive lookup?

I've changed the records, so that the server running Sods is ns.mydomain.com

And I've delegated queries for t.mydomain.com to ns.mydomain.com.

Is that now correct?

On the server I run:

sudo ./sods -d /tmp -L localhost:22 -vvvv t.mydomain.com
Forwarded sessions = 1
Forward #0: 127.0.0.1:22
2012-08-25 05:10:05     0-63851.id-46239.Down.P.t.MYDOMain.Com
2012-08-25 05:10:05     0-63851.id-46239.down.p.t.mYdOmaIN.COm
2012-08-25 05:10:05 rejecting request for domain: t.mYdOmAIN.COm
2012-08-25 05:10:06     0-63851.id-46239.Down.P.t.MYDOmain.Com
2012-08-25 05:10:06     0-63851.id-46239.down.p.t.mYoMaIN.COm

What does the "rejecting request for domain" part mean? Also, what's with the weird capitalisation in the above? Is that intentional on Sods part?

On the client side, I run:

./sdt -vvv p.t.mydomain.com
session id = 40884, opt = 0, session = 0
POLL:0-63851.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-918.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-33595.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure

What does the Host name lookup failure here mean?

Have I still got something funky in my setup?

Cheers, Victor

[victorhooi]

heya,

Also, if this helps at all, I seem to be getting more luck if I add -r random to ./sdt.

sudo ./sdt -vvv -r random ssh.t.victorhooi.com
Password:
Using speakeasy (San Francisco) = 64.81.79.2
Using speakeasy (Secondary (tenerus)) = 216.231.41.2
Using speakeasy (San Francisco) = 64.81.79.2
session id = 26507, opt = 0, session = 0
POLL:0-46628.id-35687.down.ssh.t.victorhooi.com
POLL:0-27531.id-35687.down.ssh.t.victorhooi.com
Ramping polling (record type = 16) ...
SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
POLL:39-61907.id-35687.down.ssh.t.victorhooi.com
POLL:39-27209.id-35687.down.ssh.t.victorhooi.com
POLL:39-46897.id-35687.down.ssh.t.victorhooi.com
POLL:39-10123.id-35687.down.ssh.t.victorhooi.com
POLL:39-39297.id-35687.down.ssh.t.victorhooi.com

That is - if I do this, I get less sdt_dns_poll: res_search: Host name lookup failure on the ./sdt client side, and less of the rejecting request for domain: t.mYdOmAIN.COm on the ./sods server side. Is there a reason for this?

Also, still not sure about the best SSH tunnel command for this:

ssh -o ProxyCommand="./sdt -r random ssh.t.victorhooi.com any" 127.0.0.1

That will SSH to port 22 on localhost - and then ./sdt will create a tunnel from 22 on localhost through to the ./sods server, right?

Cheers, Victor

[msantos]

• t.mydomain.com should be type NS and pointing to the IP of your sods server, not ns.mydomain.com
• "What does the "rejecting request for domain" part mean? "

sods got a malformed domain: "t.mYdOmAIN.COm". sods is configured to respond to subdomains like: 0-918.id-46239.down.p.t.mydomain.com Probaby a problem with your zone files. Should be something like:

    t.mydomain.com NS 1.2.3.4

OR

    t.mydomain.com NS your.dyndns.com
    your.dyndns.com CNAME 1.2.3.4

You can disable the checks: sudo ./sods -d /tmp -L localhost:22 -vvvv any

• "Also, what's with the weird capitalisation in the above? Is that intentional on Sods part?"

No, that is bizarre! Shouldn't matter (domain names are case insenstiive).

• "What does the Host name lookup failure here mean? Have I still got something funky in my setup?"

No response is coming back to the client. Run tcpdump on the sods server to see if requests are being received/sent back.

• -r random helps

Looks like everything is working! You got the ssh server banner, nice.

I guess the local DNS server on the network for the sods client is flaky. So talking to a 3rd party DNS is giving you a better connection. When you switched to the 3rd party DNS, did the weird caps go away?

• "ssh -o ProxyCommand="./sdt -r random ssh.t.victorhooi.com any" 127.0.0.1"

"any" is a sods option.

    ssh -o ProxyCommand="./sdt -r random s.t.victorhooi.com" 127.0.0.1 # save 2 bytes :)

• "That will SSH to port 22 on localhost - and then ./sdt will create a tunnel from 22 on localhost through to the ./sods server, right?"

Yup, that's right.

[kotee4ko]

Sir, good evening.

You telling about t.mydomain.com should be type NS and pointing to the IP of your sods server, not ns.mydomain.com

but NS can-not contain IP addres, is it?