Open victorhooi opened 12 years ago
If t.mydomain.com is the domain that is delegated to you, looks like you'll need ns.t.mydomain.com (the real name server) and something like p.t.mydomain.com (the sods server). p.t.mydomain.com would be the name server for the p. domain.
So in your example (should work without any ns configuration):
sudo ./sods -d /tmp -L localhost:22 -vvvv t.mydomain.com
ssh -o ProxyCommand="./sdt -vvv -r 127.0.0.1 p.t.mydomain.com" 127.0.0.100
heya,
Wait, I'm a bit confused.
I own the whole domain "mydomain.com".
I'm using Dyndns as my DNS provider, I've created the following two entries:
Host | Type | Data |
---|---|---|
t.mydomain.com | NS | ns.t.mydomain.com |
ns.t.mydomain.com | A | 50.34.30.4 |
(IP address above is just a placeholder).
Do I need to change any of those records? Where does p.t.mydomain.com fit into this?
Cheers, Victor
On Fri, Aug 24, 2012 at 08:14:41AM -0700, victorhooi wrote:
heya,
Wait, I'm a bit confused.
I own the whole domain "mydomain.com".
So you want to delegate a subdomain to a name server. The name server is: t.mydomain.com
When you start up sods, it's told to serve up name requests for the t.mydomain.com:
sods -L 127.0.0.1:22 t.mydomain.com
The sods client makes requests A/TXT/... to a subdomain off of t.mydomain.com, such as p.t.mydomain.com (the "p" can be anything):
sdt p.t.mydomain.com
The command line you cut and pasted talks to the localhost, so you don't need to set up any domains. It's just to prove everything works. When running sods over the internet, it needs to talk to the name server for mydomain.com to find out where the name server t.mydomain.com is.
Hope that clears things up a bit. Feel free to ask if you have any other questions!
I'm using Dyndns as my DNS provider, I've created the following two entries:
Host Type Data t.mydomain.com NS ns.t.mydomain.com ns.t.mydomain.com A 50.34.30.4 (IP address above is just a placeholder).
Do I need to change any of those records? Where does p.t.mydomain.com fit into this?
Cheers, Victor
Reply to this email directly or view it on GitHub: https://github.com/msantos/sods/issues/2#issuecomment-8004266
heya,
Ok, wait - I think I had my NS records incorrect.
Before (as per my earlier comment) I had an A record for ns.t.mydomain.com pointing to the server.
Then I had an NS record, delegating queries for t.mydomain.com to ns.t.mydomain.com.
However, I'm not sure if that will work, since ns.t.mydomain.com is under t.mydomain.com, and it would cause some weird recursive lookup?
I've changed the records, so that the server running Sods is ns.mydomain.com
And I've delegated queries for t.mydomain.com to ns.mydomain.com.
Is that now correct?
On the server I run:
sudo ./sods -d /tmp -L localhost:22 -vvvv t.mydomain.com
Forwarded sessions = 1
Forward #0: 127.0.0.1:22
2012-08-25 05:10:05 0-63851.id-46239.Down.P.t.MYDOMain.Com
2012-08-25 05:10:05 0-63851.id-46239.down.p.t.mYdOmaIN.COm
2012-08-25 05:10:05 rejecting request for domain: t.mYdOmAIN.COm
2012-08-25 05:10:06 0-63851.id-46239.Down.P.t.MYDOmain.Com
2012-08-25 05:10:06 0-63851.id-46239.down.p.t.mYoMaIN.COm
What does the "rejecting request for domain" part mean? Also, what's with the weird capitalisation in the above? Is that intentional on Sods part?
On the client side, I run:
./sdt -vvv p.t.mydomain.com
session id = 40884, opt = 0, session = 0
POLL:0-63851.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-918.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
POLL:0-33595.id-46239.down.p.t.mydomain.com
sdt_dns_poll: res_search: Host name lookup failure
What does the Host name lookup failure here mean?
Have I still got something funky in my setup?
Cheers, Victor
heya,
Also, if this helps at all, I seem to be getting more luck if I add -r random
to ./sdt.
sudo ./sdt -vvv -r random ssh.t.victorhooi.com
Password:
Using speakeasy (San Francisco) = 64.81.79.2
Using speakeasy (Secondary (tenerus)) = 216.231.41.2
Using speakeasy (San Francisco) = 64.81.79.2
session id = 26507, opt = 0, session = 0
POLL:0-46628.id-35687.down.ssh.t.victorhooi.com
POLL:0-27531.id-35687.down.ssh.t.victorhooi.com
Ramping polling (record type = 16) ...
SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
POLL:39-61907.id-35687.down.ssh.t.victorhooi.com
POLL:39-27209.id-35687.down.ssh.t.victorhooi.com
POLL:39-46897.id-35687.down.ssh.t.victorhooi.com
POLL:39-10123.id-35687.down.ssh.t.victorhooi.com
POLL:39-39297.id-35687.down.ssh.t.victorhooi.com
That is - if I do this, I get less sdt_dns_poll: res_search: Host name lookup failure
on the ./sdt client side, and less of the rejecting request for domain: t.mYdOmAIN.COm
on the ./sods server side. Is there a reason for this?
Also, still not sure about the best SSH tunnel command for this:
ssh -o ProxyCommand="./sdt -r random ssh.t.victorhooi.com any" 127.0.0.1
That will SSH to port 22 on localhost - and then ./sdt will create a tunnel from 22 on localhost through to the ./sods server, right?
Cheers, Victor
sods got a malformed domain: "t.mYdOmAIN.COm". sods is configured to respond to subdomains like: 0-918.id-46239.down.p.t.mydomain.com Probaby a problem with your zone files. Should be something like:
t.mydomain.com NS 1.2.3.4
OR
t.mydomain.com NS your.dyndns.com
your.dyndns.com CNAME 1.2.3.4
You can disable the checks: sudo ./sods -d /tmp -L localhost:22 -vvvv any
No, that is bizarre! Shouldn't matter (domain names are case insenstiive).
No response is coming back to the client. Run tcpdump on the sods server to see if requests are being received/sent back.
Looks like everything is working! You got the ssh server banner, nice.
I guess the local DNS server on the network for the sods client is flaky. So talking to a 3rd party DNS is giving you a better connection. When you switched to the 3rd party DNS, did the weird caps go away?
"any" is a sods option.
ssh -o ProxyCommand="./sdt -r random s.t.victorhooi.com" 127.0.0.1 # save 2 bytes :)
Yup, that's right.
Sir, good evening.
You telling about t.mydomain.com should be type NS and pointing to the IP of your sods server, not ns.mydomain.com
but NS can-not contain IP addres, is it?
Hi,
For my DNS, I have the NS record for t.mydomain.com pointing towards ns.t.mydomain.com.
I then have an A record for ns.t.mydomain.com pointing to a Ubuntu server.
On that server, I've setup sods like so:
Then on the client, I use:
However, I get an error about host name lookup failure:
Is there something faulty in the setup above?
Cheers, Victor