MIsbehaving DNS servers (was: Re: {distfiles, packages, rsync, trac}.macports.org are back up)
Rainer Müller
raimue at macports.org
Thu Nov 27 11:31:22 PST 2014
On 2014-11-27 20:01, Dave Horsfall wrote:
> Which reminds me: I erred in a previous post about Mac/FreeBSD ports
> recovering in the face of "helpful" ISPs interfering with the DNS; FreeBSD
> merely keeps trawling through a local list (updated every so often) until
> it gets a bite, ignoring any silly responses along the way.
>
> I really must set up my own name server, instead of relying upon my broken
> ISP (they are The Phone Company, after all, and own all of the
> infrastructure).
Usually MacPorts is able to detect this kind of DNS problems, in which
case the following link will be provided:
https://trac.macports.org/wiki/MisbehavingServers
We can detect the problem by resolving a domain name that definitely
does not exist, but we can never be sure whether the DNS response for
any other domain name in the list of mirrors is valid or not. We only
guess if we get HTML content instead of the expected tarball, it is
probably this problem.
Furthermore, just skipping over a bogus answer instead of NXDOMAIN would
be wrong in my opinion. It is a problem with the internet connection as
provided by your ISP, you should contact them and ask them to resolve
it. Hopefully, the deployment of DNSSEC in the (near) future will stop
this DNS hijacking anyway.
Rainer
More information about the macports-users
mailing list