1. 19
    How do you tell if a problem is caused by DNS? networking jvns.ca
    calvin avatar via calvin 2 years ago |
    Archive.org Archive.today Ghostarchive
    | 10 comments
    1. 8
      zimbatm avatar zimbatm 2 years ago | link

      I’m still waiting for somebody to write a little CLI that does all these tests and prints out a report. Imagine how many thousands of hours it would save if that tool came installed by default on all systems.

      $ is_it_up https://jvns.ca
ping: 80ms
DNS: resolving 1.2.3.4
system DNS: resolving 1.2.3.4
TLS: certificate valid for 23 more days
HTTPS: got 200 OK

All good!
      1. 3
        zie avatar zie 2 years ago | link

        Bonus when an error happens, it prints out the command to replicate that exact test.

        1. 2
          aleph avatar aleph 2 years ago | link

          Welp this should be fun to write.

          1. 1
            zie avatar zie 2 years ago | link

            yes please! I’m to lazy and sidetracked with other things at the moment.

    2. 6
      proctrap avatar proctrap 2 years ago | link

      It’s not DNS -> it’s never DNS -> it can’t be DNS -> it’s DNS

      1. 5
        kqr avatar kqr 2 years ago | link

        Huh, in my experience it’s almost always DNS.

        1. 2
          jvns avatar jvns 2 years ago | link

          what do you mean by this? I’m curious because i hear “it’s always DNS” a lot and that’s not my experience at all – I’ve found that some networking issues are caused by DNS and some aren’t.

          It does feel like weird/inexplicable issues are disproportionately likely to be caused by DNS though, because non-DNS problems are more straightforward to diagnose.

        2. 1
          joshka avatar joshka 2 years ago | link

          It’s not DNS -> it’s never DNS -> it can’t be DNS -> it’s DNS

          This was possibly a reference to https://www.cyberciti.biz/humour/a-haiku-about-dns/

          It’s not DNS

          There’s no way it’s DNS

          It was DNS

    3. 1
      kjensenxz avatar kjensenxz 2 years ago | link

      Remember kids, don’t dig, drill!

      nslookup or ping if you REALLY have to

      1. 2
        phaer avatar phaer 2 years ago | link

        Could you elaborate on that?

        https://nlnetlabs.nl/projects/ldns/about/ mentions DNSSEC support and

        A lot of DNS debugging is done with dig, but as dig is made with the same libraries as BIND8/9 (the most used DNS server out there), what are you actually debugging/testing? drill has nothing in common with either NSD nor BIND. During the development process we are actually uncovering obscure bugs in NSD and BIND (and in drill itself).

        …but as we are not talking about testing DNS implementations, that does not seem too relevant? What other advantages does drill have compared to dig?