WEBVTT 00:00:00.000 --> 00:00:00.000 and you're muted. 00:00:00.000 --> 00:00:19.000 And yep. Oh, I thought we already had. Okay, I thought we already started the recording. My fault. Good evening, everybody. This is the St. Louis Linux user group, St. Louis log. This is Thursday, March the 19th, 2026. Third, there is day of the month. 00:00:19.000 --> 00:00:37.000 It's our usual monthly log meeting, and tonight our speaker is Grant Taylor. He's going to speak to us on Dns. Who's on first? What's on second? With apologies to Abbott and Costello. It's part of our continuing grants, continuing talks on DNS. 00:00:37.000 --> 00:01:00.000 So with our usual. Beginning of the meeting, we'll have a few announcements here. Uh, the Linux-focused presentations are the ones tonight, the LUG meeting, and uh… See, Stan, I see your mouth moving, but I don't know what you're saying. 00:01:00.000 --> 00:01:02.000 and we still don't hear words, Dan. Oh, good. Okay. 00:01:02.000 --> 00:01:08.000 Good. you know, could it would have burned everybody's ears. 00:01:08.000 --> 00:01:09.000 Ah, okay. All right. 00:01:09.000 --> 00:01:16.000 Particularly yours. 00:01:16.000 --> 00:01:17.000 Go ahead. Go ahead. You seem to know what the hell you're doing. Go ahead. 00:01:17.000 --> 00:01:24.000 Oh. The slides disappeared. 00:01:24.000 --> 00:01:28.000 Why bother? You never follow any of them. 00:01:28.000 --> 00:01:45.000 Well, it's trying. 00:01:45.000 --> 00:01:49.000 Okay, looks like we're not going to have slides. 00:01:49.000 --> 00:01:50.000 Oh, there? 00:01:50.000 --> 00:01:58.000 It was a screen… you may have to flip to another screen. 00:01:58.000 --> 00:02:09.000 Apparently. Don't blame me anyway. Okay. While we. 00:02:09.000 --> 00:02:23.000 See what else we might be able to put together here quickly. I mean, our speaker, Grant, is here, but as far as opening questions and answers, anybody have any questions, comments that they want to make? 00:02:23.000 --> 00:02:24.000 They use technetium, but like I said, it could be afterwards. 00:02:24.000 --> 00:02:28.000 Okay. 00:02:28.000 --> 00:02:29.000 There he is. Okay. 00:02:29.000 --> 00:02:32.000 I'm sorry, Tyler. I didn't understand that. 00:02:32.000 --> 00:02:38.000 The technetium DNS server anybody has anybody used it before? 00:02:38.000 --> 00:02:39.000 Hi. 00:02:39.000 --> 00:02:40.000 Yes. Hexisco guy. So, build a Cisco regional eggs. 00:02:40.000 --> 00:02:41.000 Nope. 00:02:41.000 --> 00:02:49.000 Good, bad. Good, bad… 00:02:49.000 --> 00:03:02.000 Good, bad. Avoid it at all costs. 00:03:02.000 --> 00:03:14.000 I think Tyler is asking if TechTM DNS server is worth messing with or if it's more avoidant. Is that correct, what you're asking, Tyler? 00:03:14.000 --> 00:03:24.000 Yeah. Yep. Has anybody used it as a bit them in the back rear end? 00:03:24.000 --> 00:03:36.000 I guess I should check to see if there's a… 00:03:36.000 --> 00:03:43.000 Terraform module for it. 00:03:43.000 --> 00:03:44.000 Nice. 00:03:44.000 --> 00:03:46.000 Gary, go ahead. 00:03:46.000 --> 00:04:02.000 Okay. Let's see other things going on this month. Normally last month was our annual vote due to some problems with the US mail. We have extended the voting for one more month. 00:04:02.000 --> 00:04:22.000 So you have until the 1st. first Monday of next month, I guess first Monday of April when our steering committee meeting is, you can vote online or you can vote by US mail. Instructions are out there on the website. 00:04:22.000 --> 00:04:23.000 Let's see what else do we have? 00:04:23.000 --> 00:04:30.000 If you have attended 2 meetings in the year, you are eligible to vote. 00:04:30.000 --> 00:04:39.000 That is correct. There's no membership dues, just if you are in the calendar year, if you were at any two of our meetings, you're eligible to vote. 00:04:39.000 --> 00:04:49.000 and Grant and Lee are the incumbents on the seats that are up for election on our 5 member board of directors. 00:04:49.000 --> 00:04:55.000 So… And let's see. 00:04:55.000 --> 00:04:58.000 I can't remember any other specific announcements. 00:04:58.000 --> 00:05:10.000 we have the multiple mailing lists. There's announce, which is low traffic, usually just upcoming events. 00:05:10.000 --> 00:05:16.000 There's discuss. which is open for general discussion of any. 00:05:16.000 --> 00:05:29.000 Unix-related topic, maybe even other. If you want. We have the assistant mailing list that is for. 00:05:29.000 --> 00:05:44.000 people that help operate the slug. internal infrastructure that's not necessarily open to the world in case we accidentally publish something to the list that's a little sensitive. 00:05:44.000 --> 00:05:55.000 But if you want to participate, reach out to any SLUB member and we can help get you connected to it. 00:05:55.000 --> 00:06:05.000 There's a steer com list. that is discussions about the organization, suggestions, hey, I think you should do something different type thing. 00:06:05.000 --> 00:06:13.000 Uh, though we do ask that you come with suggestions on what to do different and be willing to help. 00:06:13.000 --> 00:06:17.000 Any other mailing lists, Gary, or does that cover it? 00:06:17.000 --> 00:06:24.000 I think that covers it. The good list. Thank you. 00:06:24.000 --> 00:06:35.000 Let's see. Oh, we don't yet have a speaker set up for the general meeting. The first or the second Wednesday of next month, but we'll have one soon. Stay tuned. 00:06:35.000 --> 00:06:42.000 And. Let's see. 00:06:42.000 --> 00:06:47.000 Seemed like there was something else I was going to mention. I can't think what it is now. It'll come to me. 00:06:47.000 --> 00:06:56.000 So, um… Anybody have any other general questions? 00:06:56.000 --> 00:06:57.000 It'll be tough. 00:06:57.000 --> 00:07:06.000 Just wanted to mention that, uh… Next Tuesday, I think it is, the fourth Tuesday will be the, uh… The newcomers Lennox meeting. 00:07:06.000 --> 00:07:14.000 Oh, thank you. Thank you. 00:07:14.000 --> 00:07:19.000 I think just about everybody here is familiar with that group. You don't have to be. 00:07:19.000 --> 00:07:24.000 new to Linux. It's just that whoever claims to be. 00:07:24.000 --> 00:07:38.000 the newest person who's come to Linux gets to ask the questions until their questions are satisfied. But it's amazing for those of us who've been around Linux for a little bit longer. It's always a good meeting to go to, because. 00:07:38.000 --> 00:07:48.000 Everybody has a different idea of how something can be done. Somehow I always learn something. I didn't realize was a way of doing it. 00:07:48.000 --> 00:08:06.000 Okay. If there are no other announcements, I I know also Stan has a lot of information on the I believe it's called Rica. It's the radiation exposure Act. 00:08:06.000 --> 00:08:13.000 There was a lot of radioactive contamination in the St. Louis area, particularly from. 00:08:13.000 --> 00:08:24.000 The northern edge of downtown going all the way out through North County into St. Charles County. Um, so, uh, anybody who. 00:08:24.000 --> 00:08:35.000 has types of cancer or other diseases that can be traced back to radiation exposure over the multiple decades. We talk all the way back to. 00:08:35.000 --> 00:08:40.000 late 40s all the way through up until very recently. 00:08:40.000 --> 00:08:59.000 Stan's got some information available online and he can help get you directed towards finding out how there can be some compensation, so… Check into that if you any of your family, any of your friends have a situation like that. 00:08:59.000 --> 00:09:03.000 One of the other things that we normally mention is if you go to our website, there's a calendar on the front page. 00:09:03.000 --> 00:09:06.000 Okay. 00:09:06.000 --> 00:09:21.000 It lists SLUG-sponsored events. I'm in red, and it lists other events that we're aware of that people may be interested in. I think they're another color. 00:09:21.000 --> 00:09:25.000 And kind of, if you're looking for more content. 00:09:25.000 --> 00:09:31.000 take a gander at the calendar. 00:09:31.000 --> 00:09:34.000 Thank you. That's an excellent point. Morning. 00:09:34.000 --> 00:09:40.000 We're working from memory here. We're going to get a passing grade from Stanford. 00:09:40.000 --> 00:09:41.000 Of course, he's made the PDF available, I just don't have it open right now. 00:09:41.000 --> 00:09:50.000 Yeah. 00:09:50.000 --> 00:09:56.000 Okay. I think we probably covered the major points. And. 00:09:56.000 --> 00:10:03.000 Uh, anything else we'll think of afterward. Grant. Grant's been. 00:10:03.000 --> 00:10:20.000 bringing us along the last few months with some good clues as to how DNS gets gets us from a domain name to the IP address that it wants to go to. So… With that, I think I'm going to hand it over to Grant and let him start tonight. Who's on first? 00:10:20.000 --> 00:10:25.000 We're going deeper than that tonight. 00:10:25.000 --> 00:10:27.000 Gonna get to 3rd base. 00:10:27.000 --> 00:10:33.000 this is a family show. We're not talking about that. 00:10:33.000 --> 00:10:38.000 Hmm. There it is. 00:10:38.000 --> 00:10:45.000 is Zoom been remotely cooperating? 00:10:45.000 --> 00:10:49.000 and you see my screen. All right. 00:10:49.000 --> 00:10:50.000 Clearly, if you can make the text bigger, it might help a little bit. 00:10:50.000 --> 00:10:56.000 Yeah, sure. 00:10:56.000 --> 00:10:57.000 Keep going. 00:10:57.000 --> 00:10:58.000 That helps. 00:10:58.000 --> 00:11:14.000 It's… my amateur webmaster. It's throwing some things out. I can make the text bigger, but I have to make the window bigger, which is counterproductive to making the text bigger. 00:11:14.000 --> 00:11:19.000 Well, I don't break it. That's fine. That's better than it was. 00:11:19.000 --> 00:11:25.000 Okay, um, when we go into each one, we can probably Zoom a little bit more. 00:11:25.000 --> 00:11:36.000 So as discussed. last month, I'm not sure which meeting it was on, because we're trying to rotate complies. 00:11:36.000 --> 00:11:37.000 Oh, okay. 00:11:37.000 --> 00:11:47.000 is we're doing ENS theme discussion series. And we kind of did a skit, which will have a reprise of shortly. 00:11:47.000 --> 00:11:53.000 Um, but the idea is, what is DNS? What does it work? How does it work? Etc. 00:11:53.000 --> 00:12:01.000 And we want audience engagement. We want to know your questions to make sure we can talk to them. 00:12:01.000 --> 00:12:16.000 Hey, Grant, I'm going to interrupt for just a second. We've already had a question in the chat, and the question was, is the recording being shared? So yes, we will put the recording on the archive, and it will be available after this meeting. 00:12:16.000 --> 00:12:23.000 And the slide deck is already available. I'm actually showing it off the server. 00:12:23.000 --> 00:12:24.000 Excellent. 00:12:24.000 --> 00:12:36.000 so. sound off if you have questions. And can somebody be a chat monitor that has a microphone and can sound off. 00:12:36.000 --> 00:12:40.000 If there's a question or comment in the chat. 00:12:40.000 --> 00:12:42.000 Alrighty. 00:12:42.000 --> 00:12:57.000 Okay. So I just sat down, started thinking about what is Dns? What is a domain name? One question led to an answer which led to another question, and I just picked. 00:12:57.000 --> 00:13:11.000 more than a handful, less than a bushel. And put them together as a question and an answer. And I am hoping that people will actually engage, ask for follow up, etc. 00:13:11.000 --> 00:13:17.000 So without further ado. What is Dns? 00:13:17.000 --> 00:13:29.000 Let me. Okay. Dns can actually stand for multiple different things, domain name, system, domain name, service, domain name server. 00:13:29.000 --> 00:13:41.000 kind of pick your poison, and it's kind of somewhat context sensitive, but it's different things that have to do with publishing domain name information. 00:13:41.000 --> 00:13:52.000 DNS itself is a bunch of interconnected servers that work in concert with each other. We'll kind of get into here in a little bit. 00:13:52.000 --> 00:13:59.000 It is a massively distributed database. that is eventually consistent. 00:13:59.000 --> 00:14:09.000 And different people are responsible for different parts. 00:14:09.000 --> 00:14:13.000 Any questions? 00:14:13.000 --> 00:14:14.000 Hmm. 00:14:14.000 --> 00:14:25.000 So it's made up of different parts. Each part is different, and they're all pulled together into one, or they each have… is there a separate copy, or… identical copies in various places. 00:14:25.000 --> 00:14:40.000 Good question, and they are separate pieces that point to each other, and like the root will point to org. Org will point to slug and Slug can answer www. 00:14:40.000 --> 00:14:54.000 And we'll get more into that. So each little piece is responsible for a small subset, but it is very well defined how to interact and find the other pieces. 00:14:54.000 --> 00:14:57.000 So if one piece breaks, what happens? 00:14:57.000 --> 00:15:03.000 Depends what that piece is. If it is slugs, Dns server. 00:15:03.000 --> 00:15:10.000 the sysadmins are having a bad day, and mail queues up on sending. 00:15:10.000 --> 00:15:17.000 people subscribe to the mailing list sending servers, and gets delivered when. 00:15:17.000 --> 00:15:18.000 All right. 00:15:18.000 --> 00:15:29.000 we get it fixed. If google.com has a DNS issue, it's a whole lot bigger issue. Or if Amazon has a DNS issue, about half the internet stops for. 00:15:29.000 --> 00:15:31.000 bad reasons. Mm-hmm. Great questions. Thank you. 00:15:31.000 --> 00:15:37.000 Okay, thanks. 00:15:37.000 --> 00:15:44.000 So if Dns is meant to publish domain names. What's a domain name? 00:15:44.000 --> 00:15:50.000 and a domain is really a collection of things. 00:15:50.000 --> 00:15:54.000 It can be a collection of systems, what have you. 00:15:54.000 --> 00:16:04.000 It references the organization. So SLUG as an organization has the domain name slug.org. 00:16:04.000 --> 00:16:12.000 I have a personal one. Lee has his personal one. Google has theirs, Google.com. 00:16:12.000 --> 00:16:19.000 It's just a name for a collection of things. 00:16:19.000 --> 00:16:26.000 Dns uses what are called fully qualified domain names. 00:16:26.000 --> 00:16:33.000 And what is a fully qualified domain name? Www.slug.org. 00:16:33.000 --> 00:16:42.000 is a fully qualified domain name, or Bach.sloo.org is a fully qualified domain name. 00:16:42.000 --> 00:16:50.000 Um… What do I have here? Fully qualified domain name is a domain that includes all the components. 00:16:50.000 --> 00:16:56.000 Versus domain, a name that does not include components all. 00:16:56.000 --> 00:17:05.000 That gets into the next question, but… Anything else before I go to the next slide? Any questions? 00:17:05.000 --> 00:17:20.000 Okay. What type of domain names don't include all of the components? And that's an unqualified domain name. I referred to Bach.slook.org. When we're talking internally, we say Bach. 00:17:20.000 --> 00:17:28.000 Or we say, or I say my test lab at home. I know what it is in the context of the discussion. 00:17:28.000 --> 00:17:39.000 But it is unqualified, so the world doesn't know what it is, kind of comparing and contrasting between the fully qualified a moment ago and unqualified now. 00:17:39.000 --> 00:17:49.000 Do those make sense? Gary, I'm looking at you. 00:17:49.000 --> 00:17:50.000 Sure. 00:17:50.000 --> 00:17:56.000 Gary.slug.org. That's where all those 20 gig of mail. He's never written. 00:17:56.000 --> 00:18:05.000 Hey, I have evidence. He read some email. It was an accident. It won't happen again. 00:18:05.000 --> 00:18:10.000 Uh, we have removed gary.sloob.org from DNS. Hmm. 00:18:10.000 --> 00:18:16.000 Hey, it's it's all on those clay tablets, and then. 00:18:16.000 --> 00:18:29.000 So what types of Dns software is there? There's really only two pieces, a client, somebody that asks questions, and a server. 00:18:29.000 --> 00:18:36.000 something that answers questions. That's as simple as it gets. 00:18:36.000 --> 00:18:40.000 And it's a model you see all over the internet. 00:18:40.000 --> 00:18:45.000 Um, what roles do the different types of software have? 00:18:45.000 --> 00:18:52.000 The client, that's what's in your web browser that opens the Slug website. 00:18:52.000 --> 00:19:06.000 Or it… Zoom is a client software that said, hey, where is this weird funky Zoom address to log in to get to the meeting? 00:19:06.000 --> 00:19:20.000 The next critical piece is what's called a recursive server. It's what your client uses, and it is also what goes out and gets answers from or for you. 00:19:20.000 --> 00:19:34.000 The third piece is an authoritative server. Bach unqualified name is the authoritative server for slug.org Dns. 00:19:34.000 --> 00:19:42.000 It will answer questions for slug.org. It will not answer questions for google.com. 00:19:42.000 --> 00:19:47.000 You have to go to Google's authoritative server to say, where is www.google.com? 00:19:47.000 --> 00:19:56.000 So authoritative servers are busy answering requests for things they are responsible for. 00:19:56.000 --> 00:20:06.000 They won't do other things. It's the recursive server's job to find the proper authoritative server to get the information that's needed. 00:20:06.000 --> 00:20:11.000 We'll go more into that in a minute, but are there any questions before I move on? 00:20:11.000 --> 00:20:17.000 I was curious about, uh… I hear resolver used a lot. Are they referring to the client or the server when they say resolver? 00:20:17.000 --> 00:20:22.000 Mm-hmm. 00:20:22.000 --> 00:20:37.000 That is a very good question, and it is probably context dependent. It… could refer to the client that is asking, like there is a resolver stub library inside of. 00:20:37.000 --> 00:20:45.000 my web browser that asks the computer, Hey. Where is this address? 00:20:45.000 --> 00:20:57.000 And it's really just a library call and then computer or the operating system operating system says, I don't know, let me go ask the recursive server for you. 00:20:57.000 --> 00:21:07.000 Or it could be a reference to the recursive server which resolves and gives you an address. 00:21:07.000 --> 00:21:13.000 Do you have a example of context, and I might be able to tell you better? 00:21:13.000 --> 00:21:19.000 No, I just, I just remember seeing a couple of things where they're talking about a resolver. 00:21:19.000 --> 00:21:20.000 Yeah. 00:21:20.000 --> 00:21:28.000 I'm trying to figure out, like you say, I guess context or whatever are they talking about? Is that a server, or is that a client? 00:21:28.000 --> 00:21:29.000 So thank you. 00:21:29.000 --> 00:21:38.000 It. Yep, I can't quite tell from that. It's kind of a 6040, and I don't know if it's 60 40 or 40, 60. 00:21:38.000 --> 00:21:40.000 So what… Okay. 00:21:40.000 --> 00:21:48.000 We have a question in chat from Paul. The question was, server URL question mark. 00:21:48.000 --> 00:21:51.000 Ah. you are. 00:21:51.000 --> 00:21:55.000 I think that's the context of that. I think he was curious about. 00:21:55.000 --> 00:22:01.000 When you said that you were operating these slides off of the server. 00:22:01.000 --> 00:22:02.000 I guess I… so that's why I put salute on there. 00:22:02.000 --> 00:22:13.000 Oh. Gotcha. Uh, give me a minute… Where is the chat hiding? 00:22:13.000 --> 00:22:17.000 Zoom. You are annoying. 00:22:17.000 --> 00:22:22.000 Should be right next to participants on the bottom. 00:22:22.000 --> 00:22:26.000 Yeah, it should be, but I'm sharing my screen, and it won't. 00:22:26.000 --> 00:22:28.000 Oh, you got to find the toolbar. Uh, it might be under the three dots. 00:22:28.000 --> 00:22:35.000 I'm looking at it. 00:22:35.000 --> 00:22:45.000 on the right side of the toolbar. 00:22:45.000 --> 00:22:48.000 Oh… 00:22:48.000 --> 00:22:53.000 Anyway, the question was, he asked server URL question mark. 00:22:53.000 --> 00:22:56.000 When you had mentioned you were pulling the slides off a server. 00:22:56.000 --> 00:23:01.000 Yeah. 00:23:01.000 --> 00:23:08.000 Let's try… 00:23:08.000 --> 00:23:13.000 There. Can you see that URL to read it and copy it? 00:23:13.000 --> 00:23:17.000 Well. Why don't you put that in chat? 00:23:17.000 --> 00:23:26.000 I can't find the chat, or I would. It's what I was looking for. 00:23:26.000 --> 00:23:30.000 Zoom sucks. 00:23:30.000 --> 00:23:32.000 Chat's right down at the bottom. 00:23:32.000 --> 00:23:33.000 No, it isn't. 00:23:33.000 --> 00:23:37.000 Now, when you're sharing the screen. 00:23:37.000 --> 00:23:39.000 is on mine. 00:23:39.000 --> 00:23:40.000 You're not sharing the screen. Then it's not… then the chance at their insurance screen. 00:23:40.000 --> 00:23:43.000 "No, I'm not. 00:23:43.000 --> 00:23:51.000 Yeah, we've moved it behind the menu. 00:23:51.000 --> 00:23:57.000 I think I. Bear with me a minute. 00:23:57.000 --> 00:23:59.000 There you go. Try that. Take the number off the end of it. 00:23:59.000 --> 00:24:08.000 There we go. 00:24:08.000 --> 00:24:21.000 Okay. Did that answer the question? 00:24:21.000 --> 00:24:28.000 They were. I think it probably does, but Mal, anytime you get a chance, you can tell us yes or no there in the chat, or you can turn your microphone if you have that ability. 00:24:28.000 --> 00:24:37.000 Okay. So Zoom is an example of a client. 00:24:37.000 --> 00:24:47.000 Your ISP or Open Dns. or Google. They offer recursive services to people. 00:24:47.000 --> 00:25:00.000 Anybody that wants to publish a domain will need to utilize an authoritative server somewhere. 00:25:00.000 --> 00:25:18.000 What is a DNS client? I kind of talked about that a moment ago. That is what is inside of your application. It is what says, what is the IP address of www.sloob.org. 00:25:18.000 --> 00:25:25.000 It is your computer. It is the thing asking for information, asking the questions. 00:25:25.000 --> 00:25:34.000 What is a DNS server? It is the thing that answers questions and provides information to clients. 00:25:34.000 --> 00:25:44.000 Um, the type of server I've touched on a moment ago, there are a couple of different types, and we'll go into the differences here in a moment. 00:25:44.000 --> 00:25:51.000 Comments, questions, concerns? 00:25:51.000 --> 00:25:57.000 Um, what type of DNS servers? They're recursive and authoritative. We've touched on. 00:25:57.000 --> 00:26:01.000 What is the difference between a recursive and authoritative server? 00:26:01.000 --> 00:26:12.000 Recursive server receives the DNS query from your client and goes out and gets the information from authoritative servers on your behalf. 00:26:12.000 --> 00:26:18.000 It will go out, and it will talk to a whole bunch of different servers to get what you want. 00:26:18.000 --> 00:26:29.000 Conversely, an authoritative server only answers for the zones or domains that it is responsible for. 00:26:29.000 --> 00:26:40.000 Authoritative servers do not answer other queries. Like, if you ask… Bach or Bach.sloop.org. 00:26:40.000 --> 00:26:54.000 for fully qualified, wear www.google.com is. It will return an error message because it is an authoritative server, and it does not do recursive queries. 00:26:54.000 --> 00:26:56.000 Yeah, okay. That was ah, okay. 00:26:56.000 --> 00:27:02.000 What's that, Gary? Okay. 00:27:02.000 --> 00:27:08.000 And that kind of gets… Before we go deeper. 00:27:08.000 --> 00:27:20.000 Let's ruminate a moment, see if there are any other questions regarding the types of servers. 00:27:20.000 --> 00:27:31.000 Okay. So… You'll hear the phrase or the word zone and the word domain. 00:27:31.000 --> 00:27:40.000 When it comes to DNS, they're not quite the same thing. But they're kind of close, especially from the Internet. 00:27:40.000 --> 00:27:48.000 Um, what's the difference between a zone and a domain? Little of this, some of that. 00:27:48.000 --> 00:27:56.000 A zone is a collection of one or more domains grouped together under it for administrative purposes. 00:27:56.000 --> 00:28:07.000 For the purposes of this discussion, they're approximately equal. We'll get into the minutiae of what the differences are in a bit. But for now. 00:28:07.000 --> 00:28:13.000 a zone and a domain are approximately the same. 00:28:13.000 --> 00:28:19.000 And then how to apparently I got some things out of order. 00:28:19.000 --> 00:28:24.000 How does a recursive DNS server get answers for clients? 00:28:24.000 --> 00:28:29.000 recursive DNS server goes out to successive authoritative servers. 00:28:29.000 --> 00:28:49.000 to figure out, okay. What is this piece of information gets pointed over to another server, goes to that other server, gets another piece of information, and once it gets the answer, it goes back and it provides it to the client. That is the recursion process. It's a recursive loop of. 00:28:49.000 --> 00:28:56.000 go ask a server, get a redirect, go ask the redirect server, get another redirect, go ask the redirect redirect server. 00:28:56.000 --> 00:29:08.000 Prince Lather repeat until you get the answer or a hard error, and then exit the recursive loop. 00:29:08.000 --> 00:29:29.000 Hearing nothing. I'm going on the lucky 13. And this is more… Let's do a rehash of last month's presentation. This is the page that talks about it and it outlines. And Zoom, why are you covering things I want to see with the pencil? 00:29:29.000 --> 00:29:36.000 So I need some volunteers. 00:29:36.000 --> 00:29:42.000 Lee, who do you want to be? 00:29:42.000 --> 00:29:43.000 I'll do the first one, since my name is on it. 00:29:43.000 --> 00:29:46.000 I don't know. I can't read it. 00:29:46.000 --> 00:29:47.000 Okay. 00:29:47.000 --> 00:29:53.000 Great! What's the IP address of www.sloo.org? 00:29:53.000 --> 00:29:59.000 Well, hang on, let's I'll be the recursive. Lee, I think you were. 00:29:59.000 --> 00:30:08.000 the one of the authoritatives. Gary, do you want to be the root, or do you want to be a top level? 00:30:08.000 --> 00:30:16.000 Oh, let's see. I don't look good in green, so I can't be those leafy green things on the top levels. I guess I have to be the root. I kind of keep my head in the ground. 00:30:16.000 --> 00:30:21.000 Okay. Fair enough buried under email. 00:30:21.000 --> 00:30:22.000 Mm-hmm. 00:30:22.000 --> 00:30:31.000 I need one more volunteer. 00:30:31.000 --> 00:30:33.000 pick me. That was wrong. 00:30:33.000 --> 00:30:39.000 Uh, who was that? Okay, thank you, Ron. 00:30:39.000 --> 00:30:51.000 So. You should see your name next to line, and everybody that me has one line to read. 00:30:51.000 --> 00:30:54.000 Phil, you are our client. Please read your lie. 00:30:54.000 --> 00:30:59.000 Yeah. Okay. Grant. 00:30:59.000 --> 00:31:06.000 The recursive. What is the IP address of www.slew.org? 00:31:06.000 --> 00:31:14.000 So I get Phil's question, and I think to myself, I don't know that. Let me find out. 00:31:14.000 --> 00:31:22.000 Uh, hey, Gary, as the root, what is the IP address of www.slug.org? 00:31:22.000 --> 00:31:31.000 Grant recursive. You should ask Ron what the IP address of wwsloop.org is. 00:31:31.000 --> 00:31:42.000 Okay, let me go ask Ron. I'll go deeper in this recursion loop. Hey, Ron, buddy, old pal. What's the IP address of www.sloop.org? 00:31:42.000 --> 00:31:47.000 Grant, you should ask Lee what the IP address of slug.org is. 00:31:47.000 --> 00:31:55.000 Boy, I seem to have to be going to a whole bunch of different servers. Lee, do you know what the address for www.sloop.org is? 00:31:55.000 --> 00:32:03.000 Grant, the IP address of www.sloop.org is 206197251210. 00:32:03.000 --> 00:32:17.000 Finally. Hey, Phil, sorry it took so long. The address for www.sloop.org finally got it for you. 206197-251-210. 00:32:17.000 --> 00:32:18.000 Thank you. 00:32:18.000 --> 00:32:19.000 You're welcome. Okay. 00:32:19.000 --> 00:32:31.000 I have a bit of a question, Grant. Um, at some point, would… let me just… reconcile here names with positions. 00:32:31.000 --> 00:32:32.000 Hang on. 00:32:32.000 --> 00:32:41.000 Would I not answer with, uh… Ask Grant what the IP address of .org is. 00:32:41.000 --> 00:32:42.000 And then it kind of works its way back from there. 00:32:42.000 --> 00:32:51.000 Oh. Very good question, and contemporary. 00:32:51.000 --> 00:32:58.000 Yes, you are correct. However, historically, that was not the case. 00:32:58.000 --> 00:33:12.000 and I'll go more into that in a moment. 00:33:12.000 --> 00:33:18.000 Historically. when recursive servers. 00:33:18.000 --> 00:33:33.000 asked for information. From the various different servers during the process of recursion, they would ask the football question like www.slug.org. 00:33:33.000 --> 00:33:45.000 I would ask that to everybody. That means that every server that I'm asking, when I ask Gary, when I ask Ron, when I ask Lee. 00:33:45.000 --> 00:33:55.000 That actually means that they can know. What one of the clients that's asking me. 00:33:55.000 --> 00:34:09.000 what they're actually looking for. I don't remember when it was, but for privacy and expediency reasons, there is something called query minimization, which. 00:34:09.000 --> 00:34:24.000 In the back of my head, I was planning on talking about this with a different slide at some other meeting with a tweak of this that applied query minimization, as in maybe a checkbox. Do you want to minimize queries or not? 00:34:24.000 --> 00:34:31.000 In that case, Phil would ask me, what is the address of www.sloop.org? 00:34:31.000 --> 00:34:37.000 Because he's the client he's asking me as the recursive for the entire address. 00:34:37.000 --> 00:34:42.000 But I would only ask Gary as the root. 00:34:42.000 --> 00:34:50.000 What is? Where do I go for org? Gary would tell me org is over there. Go talk to Ron. 00:34:50.000 --> 00:34:58.000 I would then ask Ron, hey, Ron, where should I go for slug.org? Ron would say, go talk to Lee. 00:34:58.000 --> 00:35:08.000 Since Lee is authoritative for sloop.org, I would ask Lee, what is the address for www.sloop.org? 00:35:08.000 --> 00:35:22.000 that is newer… I want to say the last 10 or 15 years. I don't remember when query minimization became a thing. 00:35:22.000 --> 00:35:23.000 Yep, sure does. Thanks. 00:35:23.000 --> 00:35:33.000 Does that answer your question? Okay, great question was planning on going there more later, not tonight, but you're ahead of the class. 00:35:33.000 --> 00:35:49.000 Okay? Any other comments or questions about? This. 00:35:49.000 --> 00:35:58.000 Not hearing any, so… I will go back to the slide deck. And this is just a rehash. 00:35:58.000 --> 00:36:06.000 of some of what we just did. And copying and pasted the actual. 00:36:06.000 --> 00:36:12.000 Phil asks Grant, Grant asks. Something important to note. 00:36:12.000 --> 00:36:17.000 Phil is the DNS client. He only asked one question. 00:36:17.000 --> 00:36:26.000 He asked the recursive server. Also important is each authoritative server and. 00:36:26.000 --> 00:36:32.000 Gary was authoritative for the route. Ron was authoritative for .org. 00:36:32.000 --> 00:36:41.000 Lee was authoritative for Slug.org, so they're all three authoritative, but authoritative for different pieces. 00:36:41.000 --> 00:36:49.000 But they each point… in a hierarchy to provide a whole bunch of information. 00:36:49.000 --> 00:36:59.000 Like org could say com is at Stan's place, and Stan could say, Google is at Steve's place. 00:36:59.000 --> 00:37:06.000 So each one carries a little bit of load. They point to the next chain in the link. 00:37:06.000 --> 00:37:21.000 all authoritatives respond for their information only. It's the recursive server that has to go and talk to all of the authoritatives, and spends more time and energy. 00:37:21.000 --> 00:37:26.000 To get a simple answer to reply to the client. 00:37:26.000 --> 00:37:33.000 Does that make sense? 00:37:33.000 --> 00:37:38.000 Gary, are you going to be asked on recursion? 00:37:38.000 --> 00:37:39.000 I'm sorry. Say again. 00:37:39.000 --> 00:37:44.000 Maybe that one more time. It's the say that last sentence one more time. It is the authoritative that. 00:37:44.000 --> 00:37:54.000 The authoritative servers only answer queries about the information they are responsible or authoritative. 00:37:54.000 --> 00:37:57.000 4. 00:37:57.000 --> 00:37:59.000 which is why they're called authoritative. 00:37:59.000 --> 00:38:09.000 Yes, and it is the recursive server that goes out and talks to all the necessary authoritative servers recursively. 00:38:09.000 --> 00:38:14.000 to get the ultimate answer to pass back to the client. 00:38:14.000 --> 00:38:16.000 Okay. 00:38:16.000 --> 00:38:23.000 Client asks one question. authoritative servers each answer one question. 00:38:23.000 --> 00:38:37.000 recursive goes in a loop, goes crazy, talking to a whole bunch of other servers to get an answer to give to the client. 00:38:37.000 --> 00:38:38.000 makes sense. 00:38:38.000 --> 00:38:42.000 Yep. 00:38:42.000 --> 00:38:50.000 Okay. So what is a domain? 00:38:50.000 --> 00:39:03.000 It's a collection of various Dns records. Um, and they're separated at the dot boundary. So www. 00:39:03.000 --> 00:39:12.000 And I know I referred to a domain earlier as an organization more accurately, the domain is the piece. 00:39:12.000 --> 00:39:25.000 of text in between the dots. Don't talk to me about emojis or Unicode. They're another form of text between dots. They just display differently. 00:39:25.000 --> 00:39:33.000 Every dot boundary separates a domain. Domain is a technical construct. 00:39:33.000 --> 00:39:39.000 That last bit is important. We'll get to momentarily. 00:39:39.000 --> 00:39:46.000 What is a subdomain? It is a domain that is contained. 00:39:46.000 --> 00:39:56.000 below a parent domain in a hierarchy. So. Slug is a subdomain of org. 00:39:56.000 --> 00:40:13.000 Technically, www. Is a subdomain of slug.org. What is the parent domain? It's a domain that has child domains. 00:40:13.000 --> 00:40:22.000 Any questions on that for the moment. 00:40:22.000 --> 00:40:35.000 Okay, what is a zone? A zone is an administrative collection of Dns records which contain at least one domain and may contain multiple subdomains. 00:40:35.000 --> 00:40:44.000 zones span dot boundaries, or they can. Zones are a human construct. 00:40:44.000 --> 00:40:50.000 Domains are a technical construct. Zones are a human construct. 00:40:50.000 --> 00:40:58.000 Humans decide where to separate who's responsible for what. 00:40:58.000 --> 00:41:06.000 frequently domains are zones. Particularly from the point of view of the big bad internet. 00:41:06.000 --> 00:41:15.000 you end up with the root, which we'll talk about in a moment, says it is controlled by one org and says there's this. 00:41:15.000 --> 00:41:24.000 org that is controlled by a different organization. That is a separate zone. They are responsible for it. 00:41:24.000 --> 00:41:36.000 You go to org, you find that Slug is a separate organization and it has separate administrative people. So it is a separate zone. 00:41:36.000 --> 00:41:46.000 You go to slug.org and you'll find that www.sloop.org or balk.sloop.org or. 00:41:46.000 --> 00:41:55.000 beta.ww.slug.org. Those are all under Slug. Those are multiple. 00:41:55.000 --> 00:42:04.000 addresses in the Slug zone. The zone is the administrative boundary, route is controlled by one group. 00:42:04.000 --> 00:42:10.000 org is controlled by another group. Slug controls our own zone. 00:42:10.000 --> 00:42:15.000 What is in the zone is determined by the humans. 00:42:15.000 --> 00:42:20.000 When you're going between entities is when there is a zone boundary. 00:42:20.000 --> 00:42:29.000 So that makes sense. 00:42:29.000 --> 00:42:32.000 Lee? Okay. And the picture at the bottom. 00:42:32.000 --> 00:42:38.000 Yeah. 00:42:38.000 --> 00:42:52.000 is shamelessly taking. from the DNS and bind book by Cricket Lou. There are multiple versions. I consider it to be one of the authoritative tomes on. 00:42:52.000 --> 00:42:59.000 Dns and bind as an authoritative or a very. 00:42:59.000 --> 00:43:05.000 prominent Dns server can be authoritative and or recursive, whatever you want. 00:43:05.000 --> 00:43:14.000 But what we have here is the weird. upside down you. 00:43:14.000 --> 00:43:23.000 is the CA zone. which contains multiple things. 00:43:23.000 --> 00:43:29.000 in it. However, there are other pieces carved out. 00:43:29.000 --> 00:43:41.000 ab.ca. That is a separate zone. and then on.ca is a separate zone, and Qc. Is a separate zone. 00:43:41.000 --> 00:43:51.000 It's trying to show how you can have multiple things at different levels in the same zone. 00:43:51.000 --> 00:43:56.000 It's one of the better graphics I found. I haven't bother trying to create one of my own. 00:43:56.000 --> 00:44:03.000 You could compare a zone to a mounted file system. 00:44:03.000 --> 00:44:22.000 And domains to directory structures thereon. So does that make sense? Does the analogy work? 00:44:22.000 --> 00:44:28.000 Yeah. the analogy works. 00:44:28.000 --> 00:44:41.000 Okay? Does it help separate? zones and domains. 00:44:41.000 --> 00:44:48.000 think so? Yeah. 00:44:48.000 --> 00:44:49.000 Anybody got a different view of that or one wants to. 00:44:49.000 --> 00:44:53.000 All right. Moving on. 00:44:53.000 --> 00:44:58.000 suggest that there might be a different way or ask. 00:44:58.000 --> 00:45:02.000 If something's wrong, not wrong, but. So for me. 00:45:02.000 --> 00:45:09.000 I have a question. the zones be the part after the domain. 00:45:09.000 --> 00:45:15.000 and I'll you know, like, you usually have a slash and then something else after that in the URL. 00:45:15.000 --> 00:45:23.000 No. No, so I if you can see the screen, I think you're asking about. 00:45:23.000 --> 00:45:28.000 the highlighted portion as opposed to the www.slug.org. Is that correct? 00:45:28.000 --> 00:45:30.000 Right. Right. 00:45:30.000 --> 00:45:38.000 No. That is actually. When you start talking about URLs. 00:45:38.000 --> 00:45:49.000 The URL is the whole thing, and there are different pieces and it has its own… nomenclature, which I have to look up because I don't use it very often. 00:45:49.000 --> 00:45:57.000 in a better example of. So, there's the root. 00:45:57.000 --> 00:46:04.000 zone which knows about. com net org. 00:46:04.000 --> 00:46:09.000 Gov. name, what have you, all the. 00:46:09.000 --> 00:46:16.000 top-level domains and we'll talk about those in an upcoming slide. 00:46:16.000 --> 00:46:32.000 it as. Gary as the root knows about just a few pieces in his zone, in his administrative control. 00:46:32.000 --> 00:46:44.000 He knows the other things exist, but he points to a different server and says, go ask that server for something that is in a different zone. 00:46:44.000 --> 00:46:54.000 Ron repeated that process to find Slough. Slug can have www.slug. 00:46:54.000 --> 00:47:07.000 beta.ww.slugbach.slug. This dot is dot really dot long dot name dot slug.org. 00:47:07.000 --> 00:47:16.000 That is all in the slug.org zone like. from the slug. 00:47:16.000 --> 00:47:20.000 To the left. is in. 00:47:20.000 --> 00:47:41.000 the Slug zone, because that's Slug's administrative control. One of the things that makes domains versus zones tricky is on the Internet, particularly from the root. You're crossing multiple companies, multiple administrative control. 00:47:41.000 --> 00:47:52.000 groups to get to sleep. Once you're at Slug, we can do whatever we want in our zone, and it's all within our zone. 00:47:52.000 --> 00:47:57.000 But it can be multiple subdomains. all in our zone. 00:47:57.000 --> 00:48:04.000 kind of like you can put a whole bunch of files on a mounted file system. 00:48:04.000 --> 00:48:12.000 Does that make sense? 00:48:12.000 --> 00:48:20.000 You're welcome. The goal is to get it. So if you have questions or want something clarified, please ask. 00:48:20.000 --> 00:48:32.000 So. Okay, what is a top level domain? That is com net org. 00:48:32.000 --> 00:48:43.000 Example. there's a whole bunch of them. Goog has their own top. Google has their own top level domain goog. 00:48:43.000 --> 00:48:52.000 Getting those takes money. Not that they're expensive to purchase. 00:48:52.000 --> 00:49:04.000 to get them, you have to demonstrate the ability to run equipment at a certain level and certain resiliency, and the ability to do that to meet the requirements. 00:49:04.000 --> 00:49:13.000 Takes money. Like millions of dollars a year money. 00:49:13.000 --> 00:49:20.000 There's not going to be a slew of top-level domain anytime soon. 00:49:20.000 --> 00:49:26.000 We need a whole bunch more. really rich people before we'll have that. 00:49:26.000 --> 00:49:34.000 Grant would now be a good time to talk about our possible new program of charging a membership fee. 00:49:34.000 --> 00:49:35.000 No, we canceled that program before it got off the line. 00:49:35.000 --> 00:49:39.000 No, I guess not. 00:49:39.000 --> 00:49:40.000 We want to teach people, Gary, I'm wagging my finger at you. 00:49:40.000 --> 00:49:46.000 Okay. 00:49:46.000 --> 00:49:52.000 We charge for copies of the recording. 00:49:52.000 --> 00:49:57.000 Yeah, no, I take is 63,000 years to come up with money for our own TLD. 00:49:57.000 --> 00:50:06.000 Yeah, by then, it's gonna be trillions of dollars, and we're why are we even running behind that bus? We're never going to catch it. 00:50:06.000 --> 00:50:08.000 Okay. Y'all. 00:50:08.000 --> 00:50:11.000 The top domain. I'm sorry. Go ahead. 00:50:11.000 --> 00:50:20.000 I said, besides which, every TLD has to be authorized by, I forget who does it, but. 00:50:20.000 --> 00:50:23.000 ICANN, I think? 00:50:23.000 --> 00:50:28.000 It might be. But but the point is, you can't just put one out there. You have to. 00:50:28.000 --> 00:50:34.000 go jump through a bunch of hoops, both from a financial, technical, and legal aspect. 00:50:34.000 --> 00:50:36.000 to justify it. 00:50:36.000 --> 00:50:47.000 Yes. You can't do one officially. There are some alternate DNS trees that make it much easier to do. 00:50:47.000 --> 00:50:57.000 But your friends, neighbors, niece. is not going to be able to find it because it's not on the internet Dns tree. 00:50:57.000 --> 00:51:10.000 Getting that one is exactly what you described. So does what a top level domain is make sense? 00:51:10.000 --> 00:51:11.000 Gary, what's an example? Domain. 00:51:11.000 --> 00:51:16.000 wouldn't happen to have a number of how many top level domains there are right now, would you? 00:51:16.000 --> 00:51:22.000 Oh, it's an insane number. It's in the thousands. 00:51:22.000 --> 00:51:27.000 So like country codes are top level domains as well. 00:51:27.000 --> 00:51:37.000 So dot us is a top level domain. I actually have copies of the root zone, and I can look that up. 00:51:37.000 --> 00:51:45.000 and if somebody wants to put a reminder in the chat, I will look that up after I finish the screen share. 00:51:45.000 --> 00:51:49.000 It looks to be 1,200. 00:51:49.000 --> 00:51:52.000 It's lower than I would have expected, but thank you, Lee. 00:51:52.000 --> 00:51:58.000 Wait a minute. Wait a minute. 9 1,29,700. 00:51:58.000 --> 00:52:01.000 Who knows? dispatch. 00:52:01.000 --> 00:52:06.000 There's a big difference between let's put a pin in that and come back to it. 00:52:06.000 --> 00:52:14.000 the number of them, it is a much larger number. And it will surprise you. 00:52:14.000 --> 00:52:15.000 Esta. I'm sorry. What was the question? 00:52:15.000 --> 00:52:30.000 Gary, what's an example of a top-level domain? What is an example of a top-level domain? 00:52:30.000 --> 00:52:31.000 Yeah. 00:52:31.000 --> 00:52:36.000 which is reserved for military sites, navy army that, of course, was originally considered just to be the United States military sites. 00:52:36.000 --> 00:52:44.000 gov, which not only is federal government sites, but also you could have them. 00:52:44.000 --> 00:52:49.000 Mo.gov, which would be a Missouri subdomain of government. 00:52:49.000 --> 00:52:54.000 You're just going for brownie points. You got two top levels and a sub. 00:52:54.000 --> 00:53:09.000 And dot edu. The original Edu's were just about all universe, not all universities, but all of the dot edu's tended to be universities in the. 00:53:09.000 --> 00:53:25.000 mid 1970s. And of course, now you can wind up with high schools, some even great schools could get themselves a .edu. They do try and enforce all 3 of those. 00:53:25.000 --> 00:53:35.000 Domains to be the type of things you would expect. So even though grade schools are now allowed in, they try and make it educational institutions. 00:53:35.000 --> 00:53:51.000 dot coms, which are the extreme opposite. Any company, any body can, if they've got the money to pay for it, can register as a dot com for commercial institution. 00:53:51.000 --> 00:53:55.000 So, in other words, if you got the money, you can be a dot com. 00:53:55.000 --> 00:53:56.000 Yep. Lee, are you feeding him cookies? 00:53:56.000 --> 00:54:01.000 see other good examples. 00:54:01.000 --> 00:54:06.000 No, I blocked him. One that always frustrates me. 00:54:06.000 --> 00:54:11.000 You know, Girl Scout cookies like everything he answers. 00:54:11.000 --> 00:54:21.000 But by the way, the actual count is 1593 TLDs in the root servers. 00:54:21.000 --> 00:54:26.000 Uh, can you type that number in chat, please? 00:54:26.000 --> 00:54:32.000 One of my favorite ones were the original rule has been. 00:54:32.000 --> 00:54:41.000 abused, ignored, suspended. There was the .NET domain.net. And originally. 00:54:41.000 --> 00:54:57.000 you were only supposed to be in the .net top level domain. If you had something to do with running the Internet. You know, you were an institution that was helping to control it, or, you know, and the stuff that was on. 00:54:57.000 --> 00:55:10.000 Something with a .NET domain was supposed to be a part of what ran the Internet and sadly, I don't know who made the decision or how this happened, but. 00:55:10.000 --> 00:55:20.000 They let it get sloppy with who they allowed in. So it became a thing where, well, if a company like. 00:55:20.000 --> 00:55:36.000 Hewlett Packard. I shouldn't pick. I don't know. Anyway, if a company sold routers, they could apply for a dot net domain because they figured they were in the business. Or if you were a consulting firm, and you were trying to do. 00:55:36.000 --> 00:55:51.000 work on networks. Well, they let you sign up as a .NET. That was not the original intention, and so unfortunately, that's one of, in my mind, the most abused domain names, top domain names. 00:55:51.000 --> 00:55:52.000 What? 00:55:52.000 --> 00:56:01.000 Yeah, the requirements around use. has really slacked off, and even some of the country code TLDs. 00:56:01.000 --> 00:56:06.000 LY, and I can't remember the country it's for. 00:56:06.000 --> 00:56:14.000 has many people. using their top-level domain that are not. 00:56:14.000 --> 00:56:17.000 based in that country. And. Yeah. Thank you. 00:56:17.000 --> 00:56:19.000 Libya. 00:56:19.000 --> 00:56:23.000 Yeah, like like goog dot le. 00:56:23.000 --> 00:56:26.000 Uh-huh. 00:56:26.000 --> 00:56:31.000 Oh, okay. Well, that took a while, too. 00:56:31.000 --> 00:56:40.000 Hey, we don't mind 14, 4 modems. They get it downloaded eventually. 00:56:40.000 --> 00:56:41.000 Okay. 00:56:41.000 --> 00:56:48.000 And just to reflect back on that, the reason why there were country code domains is because. 00:56:48.000 --> 00:57:03.000 Most of the ones that I described were the ones that were originally envisioned, and they were originally envisioned by the people who were working on this, which at that time was the military and certain educational institutions and. 00:57:03.000 --> 00:57:10.000 Yeah, the the dot coms. Yeah, certainly there would be businesses who wanted in on this after the. 00:57:10.000 --> 00:57:26.000 University military group got it designed. And well, the thing is, is then rest of the world wanted to do it their way. And while they couldn't change what we had already set up, so coming up with country codes. 00:57:26.000 --> 00:57:34.000 as the top level. you know, let countries have their own top level domain and. 00:57:34.000 --> 00:57:37.000 Now it's just assumed if something ends in dot com. 00:57:37.000 --> 00:57:42.000 It's registered in the United States, whether it's a United States company or not. 00:57:42.000 --> 00:57:56.000 But if something ends in .ly. or .fr, or .uk. No, it's whoever's setting things up in that country is controlling the domains underneath that now. 00:57:56.000 --> 00:58:05.000 It's almost as if it was a different zone that had its own administrative rules. 00:58:05.000 --> 00:58:06.000 Here's here's an interesting one. The dot Su for Soviet Union. 00:58:06.000 --> 00:58:10.000 Wow! 00:58:10.000 --> 00:58:20.000 uh, was issued, I think, a few months before the Soviet Union collapsed, and I believe it's ICANN or whomever has been wanting to. 00:58:20.000 --> 00:58:38.000 deprecate it right out of existence for quite a while now, and Russia has been still playing around with it a bit and making some use of it, maybe selling some of the, uh… selling domains within that zone or whatever. 00:58:38.000 --> 00:59:02.000 and so that's that's been causing a little bit of controversy here and there, and… Somebody pointed out that, well, actually.uk is not an official country code for England, but they use that all the time, and nobody's threatening to pull away .uk from England, so should they really be pulling away .su from Russia? I thought it an interesting. 00:59:02.000 --> 00:59:04.000 An interesting question. 00:59:04.000 --> 00:59:15.000 You are absolutely right. There are some. interesting political heated discussions that happen in the DS community. 00:59:15.000 --> 00:59:21.000 Fortunately, it's a very small subset of people that. 00:59:21.000 --> 00:59:40.000 Get deep in that. You don't have to participate in that to run your own DNS server with your own domain like Lee, I bet you have not considered.su or dot Uk as you operate Slug on our behalf. Have you? 00:59:40.000 --> 00:59:41.000 No, not really. 00:59:41.000 --> 00:59:48.000 Okay, so yeah, there, as with everything, there's always some political infighting. 00:59:48.000 --> 00:59:52.000 And they are off over in a corner duking it out. 00:59:52.000 --> 00:59:57.000 and once one of them comes out is the. 00:59:57.000 --> 01:00:02.000 Clear Victor. Then I'll hear what they have to say. But for now. 01:00:02.000 --> 01:00:14.000 Not my circus, not my monkeys. So. But yes, very interesting. If you care to get deep into it. 01:00:14.000 --> 01:00:19.000 Any questions on top level domains? 01:00:19.000 --> 01:00:25.000 Okay. What is the invisible domain component? 01:00:25.000 --> 01:00:31.000 And I think somebody I was talking to earlier when we were looking at. 01:00:31.000 --> 01:00:43.000 Dns zone file. It's like, do I need the dot after the name or not? And I told him no, because where it was at, it would have caused problems. 01:00:43.000 --> 01:00:51.000 The root zone is actually separated from top-level domains by a dot. 01:00:51.000 --> 01:00:56.000 But the root zone… How do you represent it? 01:00:56.000 --> 01:01:02.000 It is functionally a null character. You don't see it. 01:01:02.000 --> 01:01:09.000 There's nothing there, so I will occasionally see it written as, like, root in parentheses. 01:01:09.000 --> 01:01:16.000 You will notice it most when you see something like. 01:01:16.000 --> 01:01:23.000 www.slug.org. What's on the right side of that last dot? 01:01:23.000 --> 01:01:27.000 That's the root zone. So the null root. 01:01:27.000 --> 01:01:33.000 Delegates to org. or delegates to Slug type thing. 01:01:33.000 --> 01:01:46.000 As you get deeper into Dns. I want to admin your own server. You'll start seeing references to root like the root zone which Lee, I believe you were. 01:01:46.000 --> 01:01:52.000 Did you have a local copy of the root zone you queried, or did you do it? 01:01:52.000 --> 01:01:55.000 web search to find that. 01:01:55.000 --> 01:02:01.000 That has been D handles it. Automatically. 01:02:01.000 --> 01:02:07.000 There's a list of root servers, if I remember correctly, that we started with 20 years ago. 01:02:07.000 --> 01:02:13.000 Yes, A through M. I don't remember the exact domain name, and I can look it up. 01:02:13.000 --> 01:02:21.000 But those are names that are heavily multicast or any casted and multiple instances. 01:02:21.000 --> 01:02:26.000 But there is… When dealing with the root zone. 01:02:26.000 --> 01:02:36.000 There are references to it. Something to be aware of as you get deeper in DNS. 01:02:36.000 --> 01:02:42.000 Any questions? 01:02:42.000 --> 01:02:56.000 What makes Www.slug.org. fruit a record inside of the slug.org zone or domain instead of its own zone or subdomain. 01:02:56.000 --> 01:03:03.000 Uh, we as the SLUG administrator say it's part of the slug.org zone. 01:03:03.000 --> 01:03:16.000 We are not delegating to a separate entity. If there was, um… somebody else who wanted to have a piece. 01:03:16.000 --> 01:03:20.000 of sloop.org. like. 01:03:20.000 --> 01:03:30.000 Lee might want Omnitech.slug.org. we could delegate that Omnitech.sloob.org. 01:03:30.000 --> 01:03:45.000 to Lee, and that would become a subzone. going over to Lee as a separate administrative entity, Omnitech, instead of the Slug organization. 01:03:45.000 --> 01:03:50.000 It's what we as the zone operators decide we want to do. 01:03:50.000 --> 01:03:56.000 And our use case. 01:03:56.000 --> 01:04:06.000 interesting, Stan. I was not aware that dig without any other parameters would list roots. 01:04:06.000 --> 01:04:11.000 And this is why we like people that know things. We show up and we learn. 01:04:11.000 --> 01:04:17.000 Thank you, Sam. Comments, questions, concerns about. 01:04:17.000 --> 01:04:28.000 What is and is not, what determines if it's a zone or subdomain. 01:04:28.000 --> 01:04:33.000 Okay. What is the root zone? 01:04:33.000 --> 01:04:40.000 We talked about that a little bit earlier. It is the zone, the. 01:04:40.000 --> 01:04:48.000 root in parentheses that has no display character that knows about com, net, or mill. 01:04:48.000 --> 01:04:57.000 It knows about the top level domains and says they are over at these other organizations. Dns servers. Go talk to them. 01:04:57.000 --> 01:05:08.000 It's the collection of what primes the Internet. What is delegation? Delegation is the process that says. 01:05:08.000 --> 01:05:16.000 Root says, well, org, that's that other company. Go talk to them. Their DNS servers are. 01:05:16.000 --> 01:05:27.000 That is the delegation process. It's actually… Not trying to be recursive, no pun intended, or… wow. 01:05:27.000 --> 01:05:33.000 Double. It is. Allowing somebody else. 01:05:33.000 --> 01:05:41.000 to be responsible. for a subtree in DNS. 01:05:41.000 --> 01:05:47.000 Any questions? Okay. 01:05:47.000 --> 01:05:53.000 What is a public suffix? Now we're kind of crossing into web. 01:05:53.000 --> 01:05:58.000 Um… 01:05:58.000 --> 01:06:05.000 Lee, do you know the difference? from a web browser standpoint. 01:06:05.000 --> 01:06:15.000 in dot com. and co.uk, or like example.com. 01:06:15.000 --> 01:06:20.000 Versus example.co.uk. 01:06:20.000 --> 01:06:24.000 Well, they've got different. They've got different root servers. 01:06:24.000 --> 01:06:35.000 Yes, but what will a web browser treat them differently or the same? 01:06:35.000 --> 01:06:40.000 I would think the same, but I've never… looked at it. 01:06:40.000 --> 01:06:51.000 So they it does treat them the same. But what's happening is dot com. 01:06:51.000 --> 01:07:01.000 things. The next domain. below the comm, Google or Amazon or take your pick. 01:07:01.000 --> 01:07:07.000 Those are considered. separate companies. 01:07:07.000 --> 01:07:13.000 So dot com, multiple things and .com are separate companies. 01:07:13.000 --> 01:07:20.000 But much like zones versus domains. You can't rely on that dot boundary. 01:07:20.000 --> 01:07:28.000 to say everything in.com. is a separate institution. 01:07:28.000 --> 01:07:35.000 Because if you apply that same rule. to Co.uk. 01:07:35.000 --> 01:07:39.000 Well, if you say that, everything that is UK. 01:07:39.000 --> 01:07:47.000 is a separate organization, but everything every organization down is the same like. 01:07:47.000 --> 01:07:52.000 If you treat what's to the left of the top level. 01:07:52.000 --> 01:07:59.000 As an entity. You can't do that with COUK. 01:07:59.000 --> 01:08:12.000 Because you've got company one.co.uk, company two.co.uk. If we say everything star.co.uk. 01:08:12.000 --> 01:08:15.000 is the same entity. That's wrong. 01:08:15.000 --> 01:08:16.000 Well, sure, because you got the country code on the end. You have to disregard. 01:08:16.000 --> 01:08:26.000 So. Right. The public suffix list says com is a public suffix. 01:08:26.000 --> 01:08:38.000 says co.uk is a public suffix, so the things to the left of what's on the public suffix are separate institutions. So. 01:08:38.000 --> 01:08:45.000 Company one. to the left of COUK public suffix is. 01:08:45.000 --> 01:08:52.000 an institution. And Company 2.co.uk. 01:08:52.000 --> 01:08:58.000 public suffix is. institution from Company 1. 01:08:58.000 --> 01:09:08.000 And this comes into play in web browsers. When you start talking about same origin or Javascript security policies or cookies. 01:09:08.000 --> 01:09:13.000 Some of those can be shared within an organization. 01:09:13.000 --> 01:09:19.000 but not between organizations. So there needs to be a list that says. 01:09:19.000 --> 01:09:26.000 com is public. Co.uk is public. And a whole bunch more. 01:09:26.000 --> 01:09:36.000 net is public, and there are many other. multi domain public suffixes. I just can't think of any right now. 01:09:36.000 --> 01:09:39.000 So that makes sense. 01:09:39.000 --> 01:09:46.000 Yeah, but isn't that the responsibility of the TLD involved like that Uk? 01:09:46.000 --> 01:09:51.000 Why would anybody else care about it? Because the Tl.uk has to has to. 01:09:51.000 --> 01:09:58.000 define that logic, not everybody… not everybody that doesn't use it.uk. 01:09:58.000 --> 01:10:07.000 Um, I don't disagree with you, but the DNS community is focused on. 01:10:07.000 --> 01:10:17.000 records to their value. They're not. They specifically stay out of who is who? 01:10:17.000 --> 01:10:30.000 So that leaves a hole, and the browser vendors have stepped up, and I believe it's actually Mozilla that maintain is currently maintaining. 01:10:30.000 --> 01:10:40.000 the public suffix list. Because it is more a browser-centric thing for the security measures in the browser. 01:10:40.000 --> 01:10:49.000 than it is a DNS issue. It is very closely related to Dns, because it uses Dns extensively. 01:10:49.000 --> 01:11:00.000 But it is not a Dns problem. Does that make sense? 01:11:00.000 --> 01:11:01.000 That is sorted. 01:11:01.000 --> 01:11:09.000 Another way to think about it is. We offer email for SLUG members. 01:11:09.000 --> 01:11:20.000 We do not care if they're trading recipes or knitting patterns, or talking about their favorite breed of cat or dog. 01:11:20.000 --> 01:11:27.000 That's none of our business. We are in the business to provide the email service. 01:11:27.000 --> 01:11:33.000 for the members that use it. It is somebody else that cares. 01:11:33.000 --> 01:11:41.000 who's talking about what? 01:11:41.000 --> 01:11:52.000 Make sense? 01:11:52.000 --> 01:11:54.000 Lee. Okay. 01:11:54.000 --> 01:11:58.000 Yeah, pretty much. 01:11:58.000 --> 01:12:08.000 It's a weird niche thing that is… closely related, and it's here more as a pointer to if you want to know more. 01:12:08.000 --> 01:12:12.000 Go. Take a look at it. 01:12:12.000 --> 01:12:13.000 So. That is the question. Oh, go ahead. 01:12:13.000 --> 01:12:18.000 I got it. 01:12:18.000 --> 01:12:27.000 I can say I doubt very seriously anybody other than us would ever come up with that idea. 01:12:27.000 --> 01:12:33.000 Yeah, I'm still not sure that I. 01:12:33.000 --> 01:12:50.000 Yeah, I need to. I need to hear more about public suffix. I I don't know if I. 01:12:50.000 --> 01:13:04.000 Well, the way I think of it, Gary. Is that there are quite a few domain combinations like the country codes where their domain. 01:13:04.000 --> 01:13:15.000 structure does not fit what everybody defined originally like .com.net.org, et cetera. So public suffix is a. 01:13:15.000 --> 01:13:26.000 discussion tool. So that you can say dot com is a public suffix and .co.uk is a public suffix. 01:13:26.000 --> 01:13:31.000 So that everything to the left of that is an actual domain or company. 01:13:31.000 --> 01:13:36.000 Oh, okay, okay. Is that a good way of describing it, Grant? 01:13:36.000 --> 01:13:43.000 Yes, company, because… in between each dot is a domain. But yes, company. 01:13:43.000 --> 01:13:50.000 Yeah, okay. So the the actual domain entity. 01:13:50.000 --> 01:13:54.000 in one case has… One Tld. 01:13:54.000 --> 01:14:12.000 For the dot com. For the UK, there's two components to the TLD.co.uk. So you have to have a logical construct such that .co.uk matches your template as well as .com. Okay. Yeah, yeah, yeah. 01:14:12.000 --> 01:14:24.000 Gotcha, gotcha. And like I say, nobody but Grant and I would ever want to yak about that, because it's meaningless to anybody else. 01:14:24.000 --> 01:14:30.000 It is extremely germane when you're talking about security. 01:14:30.000 --> 01:14:37.000 of certain things on the Internet. It is very common in web browsers. 01:14:37.000 --> 01:14:46.000 So they know that cookies for… Well, let's just bbc.co.uk. 01:14:46.000 --> 01:15:01.000 does not get shared with Amazon.co.uk. the COUK is the public suffix, so things to left of it are separate entities. 01:15:01.000 --> 01:15:16.000 But you can share cookies with… Doctor Who.bbc.co.uk and. 01:15:16.000 --> 01:15:29.000 blue.bbc.co.uk because BBC is the entity things under it can share cookies and various other. 01:15:29.000 --> 01:15:32.000 web-related security settings. public suffix list is very much web centric. 01:15:32.000 --> 01:15:39.000 Right. 01:15:39.000 --> 01:15:52.000 Which is why DNS. operators tend to go, meh. 01:15:52.000 --> 01:15:55.000 Okay. 01:15:55.000 --> 01:16:06.000 There's. Oh, wow, I had no idea. 01:16:06.000 --> 01:16:07.000 Wow. 01:16:07.000 --> 01:16:17.000 Amazon had registered their different. remains as separate PSLs, but that is germane, because people that host things on S. 3. 01:16:17.000 --> 01:16:23.000 Not to share. across between S. 3 buckets. 01:16:23.000 --> 01:16:27.000 Sometimes it's surprising what you find in these lists. 01:16:27.000 --> 01:16:30.000 Yeah. 01:16:30.000 --> 01:16:34.000 I put a link to it if you want to. 01:16:34.000 --> 01:16:43.000 Did you see the one about in chat about Dns should be org.sloop. 01:16:43.000 --> 01:16:50.000 Oh! Ron BC. 01:16:50.000 --> 01:16:53.000 Hang on. 01:16:53.000 --> 01:16:56.000 I figured that should derail the conversation for a while. 01:16:56.000 --> 01:17:02.000 Uh, I wouldn't call it derailed. I'd say pulled into the siding. 01:17:02.000 --> 01:17:13.000 Huh. DNS… chose to do. 01:17:13.000 --> 01:17:23.000 most specific on the left. other protocols and naming hierarchies did. 01:17:23.000 --> 01:17:33.000 more specific on the right. ISO protocol, I think, was more specific on the right. 01:17:33.000 --> 01:17:38.000 It's… I don't know why the decision was made that it was. 01:17:38.000 --> 01:17:45.000 But that's what was decided in the 80s when Dns was created. 01:17:45.000 --> 01:17:50.000 we've been living with it ever since. 01:17:50.000 --> 01:17:55.000 And the funny part is, it's used both ways. 01:17:55.000 --> 01:18:00.000 depending on what tool or note are what environments you're in. 01:18:00.000 --> 01:18:03.000 It can be either way. 01:18:03.000 --> 01:18:05.000 And then there's reverse Dns. 01:18:05.000 --> 01:18:08.000 Yeah. 01:18:08.000 --> 01:18:18.000 Ron, no, that is not a hot take. You are absolutely correct. Dates should be largest unit to smallest unit. 01:18:18.000 --> 01:18:21.000 lexical sorting is a thing. 01:18:21.000 --> 01:18:25.000 Yeah, it's almost like we didn't learn anything from Y2K. 01:18:25.000 --> 01:18:27.000 among other things, yeah. 01:18:27.000 --> 01:18:37.000 Why to learn my number 2 lead pencil had no problems working despite the lights going out and the TV going off. 01:18:37.000 --> 01:18:43.000 And nothing working right since year 2000. 01:18:43.000 --> 01:18:50.000 All I gotta say is that you… What's reading? If it's a computer? Yeah. 01:18:50.000 --> 01:18:59.000 Largest to smallest, but if it's a human. I may have a bad habit of spelling out the month. 01:18:59.000 --> 01:19:08.000 Because I have really annoying… How about is this the 5th of December or the 12th of May? 01:19:08.000 --> 01:19:22.000 Yeah. That's why programmers get confused between Christmas and Halloween. 01:19:22.000 --> 01:19:26.000 And I have ruined that joke. 01:19:26.000 --> 01:19:30.000 Yeah, I think I might have went over a lot of guys' heads. 01:19:30.000 --> 01:19:40.000 Oh. 01:19:40.000 --> 01:19:45.000 In 31 1225. Oh. 01:19:45.000 --> 01:19:54.000 December 31st, an octal. is the same as 25 in decimal. 01:19:54.000 --> 01:19:55.000 Okay. 01:19:55.000 --> 01:19:57.000 you. 01:19:57.000 --> 01:20:03.000 Okay, okay, that's good. 01:20:03.000 --> 01:20:09.000 I've never heard that before, and I didn't get it, so… Boo to me. 01:20:09.000 --> 01:20:15.000 I'm sorry, and have fun with it. 01:20:15.000 --> 01:20:22.000 Well, you see, so some of us sort of skip the octal generation, because I went from binary to hex, because I never worked on a deck computer. 01:20:22.000 --> 01:20:30.000 Okta. Lee Octal or Octa. 01:20:30.000 --> 01:20:38.000 Octo. 01:20:38.000 --> 01:20:39.000 So… 01:20:39.000 --> 01:20:47.000 I would tell you… a UDP joke, but I don't know if you get it. 01:20:47.000 --> 01:21:01.000 That's alright, that's why I have an application layer monitoring for things. Go ahead, tell me your joke. It didn't make it to me. Please repeat. 01:21:01.000 --> 01:21:17.000 Okay, any questions about Dns from this evening? 01:21:17.000 --> 01:21:28.000 So, if I wanted to build a… DNS server in my house so that… Kubernetes could shove. 01:21:28.000 --> 01:21:36.000 Records in and out of it without issue. I'll leave my TLDs in Cloudflare. 01:21:36.000 --> 01:21:42.000 or the route. and Cloudflare. 01:21:42.000 --> 01:21:45.000 Coffer has to be able to talk to those. 01:21:45.000 --> 01:21:51.000 DNS servers, right? 01:21:51.000 --> 01:21:57.000 It depends if you want somebody outside your house. 01:21:57.000 --> 01:22:01.000 to be able to query your names or not. 01:22:01.000 --> 01:22:03.000 No. 01:22:03.000 --> 01:22:18.000 If you are wanting to leverage. a domain name you have fronted with Cloudflare and your computer on your network to be able to resolve something. 01:22:18.000 --> 01:22:29.000 And get to something else on your network. As long as you are using a DNS server in your house. 01:22:29.000 --> 01:22:43.000 or in your network. And let's say you have… Kubernetes.example.com, and you're having Cloudflare host example.com for you. 01:22:43.000 --> 01:22:52.000 You could, inside your example.com. Zone hosted with Cloudflare. You could delegate. 01:22:52.000 --> 01:23:00.000 Kubernetes.example.com. to the a name. 01:23:00.000 --> 01:23:06.000 that resolves to the DNS server in your house, so you could delegate. 01:23:06.000 --> 01:23:15.000 your example.com. could delegate Kubernetes.example.com to. 01:23:15.000 --> 01:23:25.000 Ns. One. dot example.com, and that would resolve to an IP address on your network. 01:23:25.000 --> 01:23:33.000 So the Dns server in your house. When clients ask for. 01:23:33.000 --> 01:23:41.000 test.kubernetes.example.com. They could go from the root. 01:23:41.000 --> 01:23:51.000 root would say talk to com, com would say talk to example. Example would say Kubernetes has been delegated to this name and address. 01:23:51.000 --> 01:23:57.000 And then the DNS server in your house would go to that address at your house. 01:23:57.000 --> 01:24:04.000 I say could, because you're probably more reasonable than me and would only run one DNS server in your house. 01:24:04.000 --> 01:24:08.000 And it would be the DNS server that would have. 01:24:08.000 --> 01:24:23.000 Those addresses. So it could just answer them directly. It wouldn't have to go through from the root down. It is authoritative. You ask it for something that is authoritative. It just gives you the answer because it hasn't. 01:24:23.000 --> 01:24:24.000 But that is possible. 01:24:24.000 --> 01:24:31.000 Yeah, and… And actually, Tyler, there's a lot simpler way of doing that entire process with one file. 01:24:31.000 --> 01:24:38.000 and one tool called DNS mask. That allows you to split your horizon. 01:24:38.000 --> 01:24:45.000 any name. that you want to define internally. You put in Dns mask. 01:24:45.000 --> 01:24:52.000 And DNS mask will resolve at that level with whatever IP you have in your local internal host file. 01:24:52.000 --> 01:24:59.000 If it's not in the file, then it will push it out to a normal DNS inquiry externally. 01:24:59.000 --> 01:25:00.000 Okay. 01:25:00.000 --> 01:25:08.000 Dns mask is a wonderful and terrible tool at the same time. 01:25:08.000 --> 01:25:20.000 It is wonderful in what it is capable of doing, and how it just takes the rulebook and mic drop. Why am I bothering with those? I'm gonna do what I want to! 01:25:20.000 --> 01:25:27.000 and it is terrible, because it does a mic drop of the rule book and does whatever it wants to. 01:25:27.000 --> 01:25:31.000 You can shoot yourself in the foot with it. 01:25:31.000 --> 01:25:35.000 But you can also do some beautiful things with it. 01:25:35.000 --> 01:25:45.000 Wonderfully and terrible. I personally… my DNS server of choice is Bind. 01:25:45.000 --> 01:26:02.000 And that is an 800-pound gorilla that I can get to do a lot of different things. A lot of people say is not possible. I look at the silverback girl, I go, but it's doing it perfectly fine. 01:26:02.000 --> 01:26:07.000 Oh, that's what I've been looking at technetium for, is to see if. 01:26:07.000 --> 01:26:14.000 It has a DNS and DHCP server or wholesale replacement for. 01:26:14.000 --> 01:26:22.000 what I'm running in… Oh. 01:26:22.000 --> 01:26:23.000 What are you using now? 01:26:23.000 --> 01:26:34.000 Right now, to unify a resolver inside of. See, then if I… DMS. 01:26:34.000 --> 01:26:35.000 Or, you know, file. 01:26:35.000 --> 01:26:42.000 There isn't. There is a surprisingly good chance it's using DNS mask under the hood. 01:26:42.000 --> 01:26:56.000 I wouldn't be surprised. In times of corporate… Our stuff uses stuff I'll take. The problem is, is how do I get it to manipulate it to do the thing I want it to do? 01:26:56.000 --> 01:27:08.000 Let alone… I'm sitting here going… I'm gonna set this all up, I'm gonna then blow up my router for some god awful reason, probably because of an update, and… Then I'm gonna have to rebuild it all. 01:27:08.000 --> 01:27:09.000 Yep. 01:27:09.000 --> 01:27:13.000 Hence my idea of putting this all into, um… 01:27:13.000 --> 01:27:29.000 That is why my preference is to use a generic Linux that I have full control over and no restricted interfaces that say, no, you can't do what it's perfectly capable of doing. 01:27:29.000 --> 01:27:41.000 It's great for people that want it. Not my good team. 01:27:41.000 --> 01:27:42.000 Mm-hmm. 01:27:42.000 --> 01:27:49.000 Oh, and that's the other thing. Pixie Birdie, the DNS or the DNS DHCP server in unify will not break out the architectures. 01:27:49.000 --> 01:27:52.000 It only gives you one option for the pixie bit. 01:27:52.000 --> 01:27:58.000 So if you have some equipment running on its UEFI BIOS. 01:27:58.000 --> 01:28:03.000 And some are still working on the old Pixie slash BIOS. 01:28:03.000 --> 01:28:10.000 firmware you're screwed. You gotta have one or the other. 01:28:10.000 --> 01:28:24.000 Well, that seems limiting and artificial. I have done a little bit of Pxe booting. It's traditional bios based systems. Well. 01:28:24.000 --> 01:28:33.000 Not UEFI. Spark servers are not bios based. They are their own firmware. 01:28:33.000 --> 01:28:41.000 I would actually be interested in having a discussion about that, probably on the discuss list. 01:28:41.000 --> 01:28:50.000 And if you want to talk more about how to set up Dns for what you're trying to do. 01:28:50.000 --> 01:29:01.000 I think that would be a wonderful sidebar to work and figure out and then do a base presentation, high level of. 01:29:01.000 --> 01:29:02.000 what has been done, and hey, if somebody else wants to try it. 01:29:02.000 --> 01:29:05.000 Oh yeah. 01:29:05.000 --> 01:29:06.000 So. 01:29:06.000 --> 01:29:16.000 Oh, I've been, I promised I would put together a presentation. This is my hang up is… Getting the DHCP booting to work because half of my. 01:29:16.000 --> 01:29:22.000 equipment that I tried on is like, oh. We're in BIOS modal or UEFI mode. I'm like. 01:29:22.000 --> 01:29:28.000 I can't just pick one, can I? Because that would be simple. 01:29:28.000 --> 01:29:29.000 Um, I am… 01:29:29.000 --> 01:29:45.000 So hence the reason I've been… because… Every time I've implemented DNS, it's been married at the hip with… DHCP because DHCP usually automatically inserts a records. 01:29:45.000 --> 01:29:56.000 for the local clients, I luckily, went out and spent the money on a internal, fully qualified domain that I use and have abused with NGINX. 01:29:56.000 --> 01:30:13.000 proxy manager to get. SSL certificates onto my… R720 back here for all my applications, so that when I tell Terraform to go talk to something, it doesn't go, but the certificates self-signed. 01:30:13.000 --> 01:30:23.000 Oh, kudos to you, sir. I know your pain. I am sorry. 01:30:23.000 --> 01:30:26.000 and it's not going to get any better. 01:30:26.000 --> 01:30:32.000 Well, this is… if I want to be a full-fledged DevOps, I got to be able to deal with all this. 01:30:32.000 --> 01:30:34.000 hear me. 01:30:34.000 --> 01:30:41.000 I would like to agree with you, but I have dealt with too many people over my career that. 01:30:41.000 --> 01:30:51.000 It works for me, ship it. That's securities problem after the fact. No, I won't make any change. Make security's life easier. Go away. 01:30:51.000 --> 01:30:58.000 Let me put it to you this way. I'm trying to implement Terraform and the work. 01:30:58.000 --> 01:30:59.000 The morons find the privileged Access Manager, aka my key vault. 01:30:59.000 --> 01:31:04.000 Mm-hmm. 01:31:04.000 --> 01:31:16.000 with an internally signed certificate that is. uh, allowed… Only signed by the internal CA and not a public one. 01:31:16.000 --> 01:31:24.000 Is it a private? domain FQDN. 01:31:24.000 --> 01:31:41.000 No, it's the internal Siemens.net. FQDN. They just went out to AD and got the the internal certificate signed instead of going out to and paying the 60 bucks or 60 euro a year to get the full blown. 01:31:41.000 --> 01:31:48.000 certificate. 01:31:48.000 --> 01:31:53.000 Oh, I know how to fix it. I fixed it in Python multiple times. 01:31:53.000 --> 01:32:07.000 Yeah, um… So the way to fix it, in my opinion, is to take the internal root certificate and add it to the certificate, trusted certificate stores on all your systems. 01:32:07.000 --> 01:32:08.000 Um… 01:32:08.000 --> 01:32:16.000 Wow, that's if… that's if the programming language follows the internal certificate store. 01:32:16.000 --> 01:32:17.000 Python and Java does not. 01:32:17.000 --> 01:32:24.000 Oh, I guess… Oh, Java key store tool is a thing. It is a bad thing, but it is a thing. 01:32:24.000 --> 01:32:31.000 Yes, and I have it scripted to pull that. 01:32:31.000 --> 01:32:33.000 It's been that much of a problem. 01:32:33.000 --> 01:32:46.000 I'll believe it. the… So if you're using a private Fqdn, you cannot use public Cas. 01:32:46.000 --> 01:32:52.000 If you had a, uh… Fqdn. 01:32:52.000 --> 01:33:02.000 from the Internet DNS tree. as your name, you could get an external CA. 01:33:02.000 --> 01:33:07.000 to issue a cert or cross-sign an existing cert. 01:33:07.000 --> 01:33:16.000 I got it. I already got that, because instead of… Using the ACME protocol, aka Let's Encrypt. 01:33:16.000 --> 01:33:24.000 I got it. Nginx to. create a DNS challenge. 01:33:24.000 --> 01:33:25.000 So hence the reason why I'm leaving my DNS with. 01:33:25.000 --> 01:33:29.000 Mm-hmm. 01:33:29.000 --> 01:33:40.000 With Cloudflare. Because there's that application level interface where I can say it can go out and say, I'd like to get a certificate, put this in DNS. 01:33:40.000 --> 01:33:41.000 It says, okay, I'll put this text into DNS. 01:33:41.000 --> 01:33:44.000 Yeah. Yep. 01:33:44.000 --> 01:33:48.000 That makes ThutsEncrypt happy. Who doesn't care that it can't touch the server. 01:33:48.000 --> 01:33:51.000 What? Right. It could. 01:33:51.000 --> 01:33:59.000 It just it's authenticated. The challenge is has been successful and it's gone on with life. 01:33:59.000 --> 01:34:04.000 Yep, it can see the bits it wants to see from its vantage point. 01:34:04.000 --> 01:34:09.000 the way I do it is I have my own DNS server. 01:34:09.000 --> 01:34:16.000 happens to be at my house, and I update it however I see fit, either. 01:34:16.000 --> 01:34:25.000 VI or Ns update, or pick my poison. I could even use Ed, the standard editor if I wanted to. 01:34:25.000 --> 01:34:38.000 and I… then have Linode do a secondary zone transfer from my authoritative DNS server. 01:34:38.000 --> 01:34:45.000 Out. And the world can get to that. So, when my clients want to do. 01:34:45.000 --> 01:34:57.000 renew their let's Encrypt cert. They update the internal Dns server which pushes the update out to Linode. And that is what. 01:34:57.000 --> 01:35:04.000 Let's encrypt when they check seconds later, see the record is there. 01:35:04.000 --> 01:35:20.000 And that is standard Dns protocols that is not… what people would call an Api today, although I could argue Dns protocol is its own form of Api. 01:35:20.000 --> 01:35:26.000 JSON bits bytes. It's all just. Things talking to each other. 01:35:26.000 --> 01:35:42.000 It's a protocol in that both parties agree how it is spoken on the wire, and what the different pieces mean. 01:35:42.000 --> 01:35:47.000 Stan, I don't know if your microphone's working. I haven't heard you recently. Do you have any? 01:35:47.000 --> 01:35:50.000 Comments, questions or concerns? 01:35:50.000 --> 01:35:54.000 I'm trying to think of other profanities throughout. 01:35:54.000 --> 01:36:01.000 Well, okay. Hopefully, they're not directed at me personally. 01:36:01.000 --> 01:36:04.000 No, it's… Zoom is a piece of garbage. 01:36:04.000 --> 01:36:08.000 Yes, I agree. uh… 01:36:08.000 --> 01:36:12.000 We could talk about meetup instead. 01:36:12.000 --> 01:36:15.000 No, this is family friendly. 01:36:15.000 --> 01:36:16.000 Jesus. 01:36:16.000 --> 01:36:17.000 Oops. 01:36:17.000 --> 01:36:24.000 wrong. Do you have any? questions or thoughts? 01:36:24.000 --> 01:36:32.000 I'll throw it a thought. Yeah, Zoom sucks. Jitsi sucks maybe worse. Has anybody tried Nextcloud's. 01:36:32.000 --> 01:36:40.000 talk app, which is… a WebRTC video conferencing built into Nextcloud. 01:36:40.000 --> 01:36:44.000 No, but that's probably on my list of things that I should check. 01:36:44.000 --> 01:36:45.000 We'll wrap? Ron, since you're the next cloud fan, why don't you demo it for us? 01:36:45.000 --> 01:36:46.000 Sometimes. 01:36:46.000 --> 01:36:52.000 Yeah, I find it's. 01:36:52.000 --> 01:37:03.000 I… don't have a lot of time to do a full demo of Nextcloud. It's a big project, but I could, uh… You know, I… 01:37:03.000 --> 01:37:07.000 That's cloud, just the Zoom equivalent. 01:37:07.000 --> 01:37:13.000 You know what? I could do that. Hang on a second here… 01:37:13.000 --> 01:37:18.000 Gary, when did you say you needed a presenter for? 01:37:18.000 --> 01:37:19.000 You know, bits and pieces for bass was is always good. 01:37:19.000 --> 01:37:23.000 And I'm kidding. 01:37:23.000 --> 01:37:26.000 Yeah, how about base next month, Ron? 01:37:26.000 --> 01:37:37.000 In all seriousness, Ron, even if it was a 5 min screen share of you opening the client and doing something, maybe a. 01:37:37.000 --> 01:37:44.000 get Lee or I to connect and show just a hey? Here's what it looks like. 01:37:44.000 --> 01:37:47.000 Lee, can you hear me through the new thing? 01:37:47.000 --> 01:37:49.000 Cool, let's play with it type thing. 01:37:49.000 --> 01:37:59.000 As everyone who's ever done a presentation can attest, you can prepare 10 min of material, and there will be 20 min of questions about it. 01:37:59.000 --> 01:38:00.000 Indeed. Yeah, it is. 01:38:00.000 --> 01:38:04.000 I think that a good thing? 01:38:04.000 --> 01:38:12.000 Let me consider this. I have a little bit on my plate at the moment, but I would almost post. 01:38:12.000 --> 01:38:25.000 I… my first thought on doing it is, we meet here, I post a link to there, and we all decamp to there for my presentation portion, and then we come back here for the rest of it. 01:38:25.000 --> 01:38:48.000 Um, so that we can all not just watch through a 2D screen of what it looks like, but we can actually take part in a meeting hosted there, and sort of review some of the features and things. Let me… let me give that some thought, if I have time for it. I really do like, um… couple of the things… 01:38:48.000 --> 01:38:51.000 about… about it… That I would like to show. 01:38:51.000 --> 01:38:54.000 Okay. Cool. 01:38:54.000 --> 01:39:02.000 There are 12 months in a year. and it doesn't have to be next month. It could be something following. 01:39:02.000 --> 01:39:03.000 Right. 01:39:03.000 --> 01:39:04.000 Yeah. No, I'm poking Gary when I say. 01:39:04.000 --> 01:39:15.000 I like the way you think, Ron. I mean, that is awesomely different way of doing an online presentation. I started one. 01:39:15.000 --> 01:39:20.000 utility. And then, as you say, decamp, go to the other one. 01:39:20.000 --> 01:39:23.000 Yeah. Hey, we're going next door. Follow me. 01:39:23.000 --> 01:39:25.000 Yeah. 01:39:25.000 --> 01:39:34.000 Okay. Ron, do you have any comments about DNS? 01:39:34.000 --> 01:39:49.000 Uh, no, I think everything's been covered. I did not know about public suffix, so that was pretty interesting to learn about that. And some of the repercussions had not occurred to me when you were describing the .co.uk. 01:39:49.000 --> 01:40:11.000 I was like, man, well, this seems to be, like, moving the decimal over by one. I don't see… oh, right, sharing cookies among all the .co.uk or star.amazonaws.whatever, yeah, that's a serious implication that I… I had not thought of, never heard a public suffix, particularly interesting to me. 01:40:11.000 --> 01:40:22.000 Uh, Tyler, do you have any comments, questions about Dns? And I'm just going through the list of participants as Zoom is presenting it to me. 01:40:22.000 --> 01:40:33.000 No, I'm just attempting to rebuild my lab using… Talos OS and… Kubernetes and. 01:40:33.000 --> 01:40:39.000 This is the last… Major component. 01:40:39.000 --> 01:40:48.000 To get the services within Kubernetes to. Oh. 01:40:48.000 --> 01:41:06.000 actually be available is because when you… Fire up a… Then external… Service, it has to hit the the Kubernetes cluster with a full name for it right to know where to go. 01:41:06.000 --> 01:41:16.000 And usually you… set up a special relationship between the Kubernetes cluster and DNS. So I can just publish those public records. 01:41:16.000 --> 01:41:21.000 Yep, and dynamic Dns is a thing. I've done a fair bit with it. 01:41:21.000 --> 01:41:27.000 and would actually love to have a conversation with you about it. 01:41:27.000 --> 01:41:34.000 So. Uh, Stan, I think I saw your hand went up. 01:41:34.000 --> 01:41:47.000 Right. Over the last year, this is a slightly different, but I've started using local.lan in all my designations of my host files. 01:41:47.000 --> 01:41:55.000 For each of my different machines, and it seems to me to make a lot of sense, and. 01:41:55.000 --> 01:42:02.000 I don't know why… But I seem to have read somewhere that local.land has been. 01:42:02.000 --> 01:42:07.000 Deprecated, which… Seems strange. 01:42:07.000 --> 01:42:12.000 Um… I'm not familiar with local.lan. 01:42:12.000 --> 01:42:18.000 It's kind of in the same category like example.com. It's, you know. 01:42:18.000 --> 01:42:19.000 one time it was recommended. 01:42:19.000 --> 01:42:30.000 Yeah, example.com. example.com and net and org and start on example are actually reserved. 01:42:30.000 --> 01:42:35.000 Ostensibly for documentation, but you can abuse them for your own uses. 01:42:35.000 --> 01:42:43.000 home .internal and .lanar for internal DNS. 01:42:43.000 --> 01:42:55.000 avoid.local because it's reserved by MDNS which is used by Bonjour, very conf. 01:42:55.000 --> 01:42:56.000 That doesn't make any sense to me. I don't know enough about any of those to worry about it. 01:42:56.000 --> 01:43:03.000 Yeah. Microsoft. 01:43:03.000 --> 01:43:08.000 That's the reason why I spent… Or spend 20 bucks on a domain. 01:43:08.000 --> 01:43:09.000 It's mine, it's all mine, you can't touch it! 01:43:09.000 --> 01:43:13.000 Yeah. Yeah. 01:43:13.000 --> 01:43:22.000 So looks like Brad has his hand raised. 01:43:22.000 --> 01:43:23.000 Yes. 01:43:23.000 --> 01:43:24.000 Yes, we can. 01:43:24.000 --> 01:43:37.000 Yeah, can you guys hear me? Oh, good, sorry. I don't… I know you said you're going through the Zoom names. I have had one of those days that I've only caught part of this presentation, I'm going to go back and look up. 01:43:37.000 --> 01:43:39.000 Uh, you cut out if there was a question. 01:43:39.000 --> 01:43:41.000 to it. I'm sure. 01:43:41.000 --> 01:43:44.000 you were going to go back and watch the pre… 01:43:44.000 --> 01:43:50.000 Yeah, I'm driving, sorry, I had to… it was just one of those nights, and I just left the school board meeting. 01:43:50.000 --> 01:44:11.000 I was listening to you guys while I was trying to watch the board meeting, because I had to run the board meeting, but… I'm gonna go back and watch the recording, but… As far as you guys are talking about presentations and stuff, I just did a presentation on Acme, and I don't know how much was discussed tonight, because, like I said, I didn't get to watch a whole lot of the meeting. 01:44:11.000 --> 01:44:17.000 If you guys want me to do the presentation, it was an hour and a half session at the last conference I was at. 01:44:17.000 --> 01:44:30.000 Um, and it didn't go over half an hour. It was slated to be an hour and a half, but it wasn't an hour and a half. It's basically acne with a… Acme DNS server. 01:44:30.000 --> 01:44:45.000 Uh, so that's… you can host it, or have it hosted in the cloud, but basically, you're… it's a second… or it's a… to me, as an internal DNS server that does the DNS challenge so that all of your internal certs. 01:44:45.000 --> 01:44:59.000 can be publicly supported? And it's… I have a functioning… Demo at work and that I have to move to production as soon as I can, so… Just throwing it out there, throwing it out there. 01:44:59.000 --> 01:45:14.000 I think. I think that would be a wonderful presentation, and let's chat more about it on the discuss mailing list and find a time that's convenient for you, and I would love to learn from you. 01:45:14.000 --> 01:45:33.000 Alright, and I don't know at all, because I hate DNS, and I've done it for 20 plus years, and everybody I talk to is like, yeah, you're never going to master it. So, um, but I got a working demo, uh… I… I don't know if I've ever been on a discussion list. Uh, I need to sign up for them, and then we can talk about it. 01:45:33.000 --> 01:45:34.000 Okay, um. 01:45:34.000 --> 01:45:46.000 Okay. If you don't want your. email address known. I mean, you can in the chat, can you can you type stuff in chat while you're driving? 01:45:46.000 --> 01:45:59.000 I just pulled into my driveway, so yes. 01:45:59.000 --> 01:46:00.000 I would rather… 01:46:00.000 --> 01:46:05.000 Okay, I mean, if you put your email address into the chat, I'll see it, and Grant will see it, and we'll be back in contact with you about setting something up to do the presentation. If you don't want it to be released to everybody, just make it a private message to Grant, and uh… 01:46:05.000 --> 01:46:11.000 I have one better. 01:46:11.000 --> 01:46:15.000 You guys, there we are. You got it, Grant? 01:46:15.000 --> 01:46:16.000 Yeah, I already put it out there, but. Go ahead. 01:46:16.000 --> 01:46:25.000 Okay, I would. Um, I don't know if you can delete that. Let me copy it. 01:46:25.000 --> 01:46:27.000 It does let me delete it. Go ahead and delete it. 01:46:27.000 --> 01:46:37.000 Okay. And I actually put the… yeah, you can delete it. I put the wrong thing for my own. 01:46:37.000 --> 01:46:41.000 Love that. I didn't know. I didn't realize delete works in cool. 01:46:41.000 --> 01:46:45.000 I didn't hear. 01:46:45.000 --> 01:46:53.000 But if you're fast enough? 01:46:53.000 --> 01:46:59.000 Now, that is… that is my… I worked for Winstall School District. I've been there for 28 years. 01:46:59.000 --> 01:47:08.000 My… I have a personal company on the side, it's Dengy PC, used to be PC Tech, but that domain is taken, so I came up with something that probably was never taken. Stnggy PC. 01:47:08.000 --> 01:47:21.000 Uh, and then, um… It's an address I don't use a lot, but I'm going to start using it once I can retire, and if I can go to my business full time. So. 01:47:21.000 --> 01:47:22.000 But you guys can email me on it. Sure. 01:47:22.000 --> 01:47:30.000 Cool. 01:47:30.000 --> 01:47:35.000 And it looks like Grant got kicked off for some reason. 01:47:35.000 --> 01:47:51.000 Really? Yeah. It looks like we've lost our speaker, Grant Taylor. I don't know why he's off the system, but he may sign back in and may have just been a technical problem. But but yeah, thank you very much for. 01:47:51.000 --> 01:48:04.000 talking about. Brad, but doing, redoing your presentation for us. That sounds like could be very interesting. So yeah, yeah, really. 01:48:04.000 --> 01:48:06.000 Grant seems to be back now. 01:48:06.000 --> 01:48:18.000 Hi, sorry about that. Kind of did something nasty to the bed. 01:48:18.000 --> 01:48:19.000 I did to get Brad's email address. 01:48:19.000 --> 01:48:29.000 Zoom wouldn't do that. Yeah, Brad, Grant, and Ron, you know, we've been looking for alternatives to Zoom for years. 01:48:29.000 --> 01:48:36.000 We tried to set up a Jitsi session about 3 years ago, and this did not go well. So we've been using Zoom ever since. 01:48:36.000 --> 01:48:54.000 If somebody has a good open source alternative. And or can… help us get the problems resolved on Jitsi that broke it to ours years ago. We'd be more than happy to talk. 01:48:54.000 --> 01:49:01.000 The advantage I see with Zoom is that. Despite all the problems I have with it, the recordings work very well, and it records the chats. 01:49:01.000 --> 01:49:07.000 Yep. 01:49:07.000 --> 01:49:13.000 and the captions. Um, I independently record. 01:49:13.000 --> 01:49:32.000 the Zoom sessions with simple screen recorder. But just in the last week, I have been looking back at Jitsi, and it… I want to do some experimentation with Phil and a couple other guys. I may be going back to using Jitsi for the. 01:49:32.000 --> 01:49:42.000 Slack meeting and the new Linux meeting. Because we don't do, we don't record the presentations there. 01:49:42.000 --> 01:49:43.000 So… 01:49:43.000 --> 01:49:47.000 Yeah, Jitsi is supposed to record now. Yeah. 01:49:47.000 --> 01:49:53.000 Oh, really? Like I said, I've only been going looking back at it the last week or so. 01:49:53.000 --> 01:49:58.000 And the reason I've gone back to it is they did have a problem where. 01:49:58.000 --> 01:50:05.000 everybody came in had, uh… Complete access and could kick anybody else off, and it. 01:50:05.000 --> 01:50:10.000 Stan, Stan, that's only if you use the public server. 01:50:10.000 --> 01:50:11.000 Memory. 01:50:11.000 --> 01:50:19.000 All right. The public server now has the ability for one guy to be the only moderator. 01:50:19.000 --> 01:50:20.000 Well, if we're going to do it, you know, we'd set up our own. 01:50:20.000 --> 01:50:23.000 That's been… that's changed in the last year. And… 01:50:23.000 --> 01:50:25.000 So everybody, everybody that had a. 01:50:25.000 --> 01:50:36.000 Well, I wanted to start playing with it to understand what all I can do with before diving into trying to set up a Jitsi. 01:50:36.000 --> 01:50:38.000 our own Jitsi server. 01:50:38.000 --> 01:50:52.000 Let's talk more details about that on discuss or sysadmin. I kind of want to finish going through, seeing if people have questions about Dns, since that is the. 01:50:52.000 --> 01:50:55.000 Excellent. 01:50:55.000 --> 01:50:56.000 Good boy. Good point. 01:50:56.000 --> 01:51:09.000 topic at hand still. So… Okay. Abdul, do you have any comments or questions about this evening's DNS talk? 01:51:09.000 --> 01:51:13.000 And I see you're muted. If you would prefer to type into chat. 01:51:13.000 --> 01:51:18.000 That is perfectly fine. 01:51:18.000 --> 01:51:19.000 I am Benton Anonymous coward doesn't have any questions. 01:51:19.000 --> 01:51:25.000 You say Bill or Phil? 01:51:25.000 --> 01:51:34.000 We heard from Brad. Sounds like Brad has an interesting presentation possibility. Gary, do you have any questions? 01:51:34.000 --> 01:51:40.000 Oh, Albert, I I I still haven't figured out who's on first. 01:51:40.000 --> 01:51:43.000 Don't worry about it, focus about what's on second. 01:51:43.000 --> 01:51:51.000 I don't know. 01:51:51.000 --> 01:52:00.000 Actually, and now I'm blanking. Blinking blinking, blinking. Blinking, blinking. Yeah. 01:52:00.000 --> 01:52:07.000 Oh, boy, now I can't even remember the term. It was late in the talk. 01:52:07.000 --> 01:52:12.000 the the 1 2 suffixes were combined. Public suffix list. Yes, that that was a. 01:52:12.000 --> 01:52:18.000 Oh, the public suffix list. 01:52:18.000 --> 01:52:27.000 a term which, yes, I had heard before, and it completely dropped out of my brain cells. So thank you. 01:52:27.000 --> 01:52:30.000 Memory. 01:52:30.000 --> 01:52:38.000 John Steinmeier. 01:52:38.000 --> 01:52:39.000 Okay, go. 01:52:39.000 --> 01:52:46.000 No, I'm sorry, I don't, you lost me way back. So I can't, I can't make an intelligent question. 01:52:46.000 --> 01:52:50.000 Well, if even if you… 01:52:50.000 --> 01:52:56.000 I'll be watching it probably, you know, uh… on the recording. 01:52:56.000 --> 01:52:57.000 0. 01:52:57.000 --> 01:53:07.000 Okay, if you have any comments or questions while watching the recording, please ask on discuss or feel free to email me directly and happy to have a conversation. 01:53:07.000 --> 01:53:09.000 Okay, thank you very much. 01:53:09.000 --> 01:53:21.000 Okay. Phil. 01:53:21.000 --> 01:53:27.000 Bill's on mute if he's talking. We'll come back. 01:53:27.000 --> 01:53:38.000 Steve, any questions from you? 01:53:38.000 --> 01:53:40.000 Okay, I'm unmuted now. 01:53:40.000 --> 01:53:43.000 Okay, Phil, buddy old pal. 01:53:43.000 --> 01:53:56.000 It was a good talk. You know, a lot of stuff there that was… different, you know, like they were talking about with the, uh… the public staff. 01:53:56.000 --> 01:54:03.000 other than that. I guess I noticed one little minor thing that. 01:54:03.000 --> 01:54:14.000 a correction, I guess you could say, in the chat. You spelled Dns mask Dnsma, and it's Masq. 01:54:14.000 --> 01:54:15.000 So… 01:54:15.000 --> 01:54:19.000 Thank you, sir. I would have had to look that up, and I was… 01:54:19.000 --> 01:54:21.000 Yeah. Was that a test? Did I pass? 01:54:21.000 --> 01:54:34.000 Uh, thanks. And I fail. And so you're doing the next talk on Dns mask sometime in the next 12 months. 01:54:34.000 --> 01:54:43.000 So thank you, sir. I appreciate the correction help those looking to research it. 01:54:43.000 --> 01:54:49.000 Uh, and Zoom is unhelpfully reordering things on me. 01:54:49.000 --> 01:55:00.000 Tony, do you have any comments or questions? 01:55:00.000 --> 01:55:09.000 You're on mute if you're talking. 01:55:09.000 --> 01:55:23.000 Tyler, I think I asked, but you're next on list. So I'll ask again, and you are muted. 01:55:23.000 --> 01:55:37.000 All right. Vincent, you're next up. Do you have any questions or comments? And you are also muted. 01:55:37.000 --> 01:55:45.000 All right. Last, but definitely not least, Wayne, do you have any comments or questions? And you. 01:55:45.000 --> 01:55:59.000 Thanks for the presentation. I learned a lot. I actually got my own domain, actually several domains in 2002 for a website I had. And at the time. 01:55:59.000 --> 01:56:14.000 I knew .com was something I needed, but then I also thought, well, better, if you don't, if you're afraid that there might be competitors that grab the one next to you, I grabbed also at the same time, because they were very inexpensive. 01:56:14.000 --> 01:56:26.000 org and .net. And then I learned later that dot net was actually what a lot of people were using for their own personal domains names. 01:56:26.000 --> 01:56:42.000 Uh, but then I learned tonight that it really meant something different. It was really meant for the network, for the… for the internet overall. But, uh, in any case, yeah, I still have those domains, which I don't really use. They just forward to. 01:56:42.000 --> 01:56:49.000 to my .com domain. And I actually thought .com was for commercial only. 01:56:49.000 --> 01:56:52.000 That is what it was originally intended as at enforcement fell by the wayside. 01:56:52.000 --> 01:56:59.000 Yeah. Yeah, that's probably like with a lot of them. 01:56:59.000 --> 01:57:00.000 Mm-hmm. You're welcome. Thank you. 01:57:00.000 --> 01:57:04.000 But, uh, alright, thank you. 01:57:04.000 --> 01:57:10.000 Um, with Zoom having crashed on me, and reordering the list. 01:57:10.000 --> 01:57:19.000 I, if you have any comments or questions, please unmute and sound off. 01:57:19.000 --> 01:57:24.000 I pasted a curl command into chat earlier that. 01:57:24.000 --> 01:57:32.000 Is… quite a… an interesting thing to behold. 01:57:32.000 --> 01:57:34.000 Can you paste it again? Because… 01:57:34.000 --> 01:57:40.000 There's… there's one of them, so it's… it's a web page and a terminal. 01:57:40.000 --> 01:57:57.000 Sort of. And the one. So that's that's interesting to look at. It's just like, oh, that's that's clever. But the one that he raised recently was… Uh… 01:57:57.000 --> 01:57:58.000 Hot dogstrand.lol. 01:57:58.000 --> 01:58:16.000 That one… Yeah… It is, um… Dave from YSAP did… a 25-minute video about the hot dogstand.lol and. 01:58:16.000 --> 01:58:37.000 I ended up spending about $90 to 120 minutes on it, pause the video and run the curl, and then… undo the curl output and stuff, and that was… Interesting… Also… mildly painful. 01:58:37.000 --> 01:58:49.000 But it was something that, uh, could make a good talk if anybody's interested in terminals, in ANSI codes. 01:58:49.000 --> 01:58:57.000 Yeah, that kind of stuff. It… the output is remarkable, and uh… depending on which shell you're running. 01:58:57.000 --> 01:59:10.000 you may end up just exiting out, but if you're… a nut bar nerd like me, you'll probably spend 90 plus minutes trying to get your terminal back to where it was. 01:59:10.000 --> 01:59:18.000 and good luck! 01:59:18.000 --> 01:59:19.000 It's. 01:59:19.000 --> 01:59:31.000 Sounds scary. There is actually another one that's kind of interesting, the curl WTTR.in, which gives you your local weather forecast and it's like a web page in your terminal. 01:59:31.000 --> 01:59:40.000 Uh, it's overloaded right now, uh, so if you try it, you won't get anything, or at least I didn't, but try it tomorrow and it's actually quite interesting. 01:59:40.000 --> 01:59:42.000 Yeah, that's a neat one, too. 01:59:42.000 --> 01:59:49.000 Yeah. 01:59:49.000 --> 02:00:05.000 It, uh… Knowing tonight's subject matter. I was talking to a group which had a lot of younger folks in it, a lot of students. And the initial reaction was. 02:00:05.000 --> 02:00:12.000 Well, yeah, but it's just the way things work. I mean, you know, we don't have to totally understand it. It's just the way things work. 02:00:12.000 --> 02:00:22.000 And then it was like, have they always worked that way? And this goes back to I find myself now being old enough to remember when. 02:00:22.000 --> 02:00:29.000 Those of us who were dealing with Unix-type systems used to use the bang addresses, and. 02:00:29.000 --> 02:00:30.000 Hmm. 02:00:30.000 --> 02:00:44.000 Those of you who… Don't. I'll try not to confuse this and just make it short. But if I was going to send something from me to Lee, for instance, if I'm at home. 02:00:44.000 --> 02:00:50.000 I may have to send it to an address that would be. 02:00:50.000 --> 02:01:06.000 slew physics, and then bang. Bang is an exclamation point. And then after that put Urbana physics and then a bang, and then after that. 02:01:06.000 --> 02:01:13.000 foot. Omnitech and a bang and then Lee. 02:01:13.000 --> 02:01:18.000 And the difference is is back in those days before we had. 02:01:18.000 --> 02:01:24.000 What Grant is so well described tonight, you actually had to put the routing. 02:01:24.000 --> 02:01:31.000 into the email address. So what I just described to you is from my system at home. 02:01:31.000 --> 02:01:41.000 The 1st thing in an address would be okay. What phone number does it have to call up? Because back in those days we all didn't have. 02:01:41.000 --> 02:01:56.000 DSL lines coming into the house. No, you… No, we all had BBSs. It had to dial a phone number and go out on a phone line, so you had to maintain a lookup table. 02:01:56.000 --> 02:02:05.000 Uh, on your own computer of, okay, if I'm going to go to slew physics, then. 02:02:05.000 --> 02:02:14.000 the modem has to dial this number, and that will try to call… the computer called slew of physics at its phone number. 02:02:14.000 --> 02:02:29.000 And then the mail will be dropped off there, and it would show up in the mail system on that computer. The mail system on that computer then would send out its mail, and, okay, the ad… next thing on the address was Urbana Physics, so. 02:02:29.000 --> 02:02:45.000 the slew computer would dial the University of Illinois at Urbana and talk to their computer, and it would drop off my piece of mail there. The next part of the address would be Omnitech Lee's company. And so Urbana's computer would have to. 02:02:45.000 --> 02:02:54.000 Make a phone call to Lee's computer at Omnitech, and then it would show up in the username Lee. 02:02:54.000 --> 02:03:11.000 on Omnitech. But yeah, it. For everybody who went, okay, this was a neat but very technical talk that Grant did tonight. That's why it's so technical, and we completely divorced the world of. 02:03:11.000 --> 02:03:16.000 how to get there from what a name means and back in the. 02:03:16.000 --> 02:03:37.000 as late as the late seventies, maybe even early 80s. That was the way mail and other things got around. You had to as part of the address, you had to tell it exactly how to get there, including phone numbers or in the late 80s, early 90s. That's when you had Bbs. Yeah. 02:03:37.000 --> 02:03:43.000 Um, that is commonly referred to now as source-based routing. 02:03:43.000 --> 02:03:44.000 for how to get the message from the source through the multiple hops. 02:03:44.000 --> 02:03:48.000 Mm-hmm. 02:03:48.000 --> 02:03:49.000 Mm-hmm. 02:03:49.000 --> 02:03:55.000 to the end destination. 02:03:55.000 --> 02:04:00.000 and I have a minor nitpick with your comment. 02:04:00.000 --> 02:04:03.000 Oh. 02:04:03.000 --> 02:04:14.000 Urbana did not necessarily have to call Lee. Lee could call Urbana and pick up mail that is waiting for him. 02:04:14.000 --> 02:04:15.000 Oh, yep, that's true. That's true. 02:04:15.000 --> 02:04:21.000 either side. Basically, it was batched hops, and one side or the other could initiate. 02:04:21.000 --> 02:04:24.000 And they would both… it would transfer both ways. 02:04:24.000 --> 02:04:26.000 Mm-hmm, mm-hmm. 02:04:26.000 --> 02:04:34.000 I have actually done some UUCP-based networking over Ssh. 02:04:34.000 --> 02:04:35.000 to have store and forward. That way, it's interesting. 02:04:35.000 --> 02:04:40.000 Mm-hmm. 02:04:40.000 --> 02:04:46.000 Mm-hmm. And at that point. 02:04:46.000 --> 02:04:56.000 You, the user, since you had control of exactly which hops it was going through people would. 02:04:56.000 --> 02:05:16.000 start to realize whose phones were less busy. Some places you could send mail, and you may have to wait all day before the phone, you know, winds up open that you could, you know, get in on the line to that machine. And I shouldn't just say phoned obviously at some point. 02:05:16.000 --> 02:05:35.000 These institutions were getting dedicated lines, and. So, and in fact, that was the way you usually got mail across the country or out of the country is getting to a large company or a university who was willing to, as a public service. 02:05:35.000 --> 02:05:39.000 Schlup mail long distance. 02:05:39.000 --> 02:05:46.000 Yeah, back in the days when that long distance phone call and sending the data actually cost real money. 02:05:46.000 --> 02:06:00.000 Mm-hmm. 02:06:00.000 --> 02:06:09.000 Hmm. All right. Anybody else? 02:06:09.000 --> 02:06:22.000 I think somebody earlier mentioned about. They had a question on something that was off topic for tonight's talk, and so since it seems like we're slowing down on. 02:06:22.000 --> 02:06:34.000 On comments, questions specific to tonight's talk. If anybody wants to ask or comment on something of a broader nature, now would be a welcome time to do it. 02:06:34.000 --> 02:06:49.000 already dealt with. Morning. Uh… Terraform. 02:06:49.000 --> 02:06:51.000 Running Terraform. 02:06:51.000 --> 02:06:52.000 Yeah. Has anybody learned? 02:06:52.000 --> 02:06:56.000 Was that question, is anybody running terraform? 02:06:56.000 --> 02:07:02.000 Gone through the process of learning Terraform. I'm… 02:07:02.000 --> 02:07:08.000 I have not. 02:07:08.000 --> 02:07:16.000 For those who are curious, Terraform is a. What they call a desired state language. 02:07:16.000 --> 02:07:26.000 that has multiple… Modules, so using the same… JSON structure you. 02:07:26.000 --> 02:07:33.000 Can define, let's say I need a Kubernetes clusters with X number of pods. 02:07:33.000 --> 02:07:42.000 In there, I need a namespace. And the idea is you're using the same language to define Amazon Web Services. 02:07:42.000 --> 02:07:53.000 Azure Kubernetes services. Um, even… Local, there's… I've seen plugins for Proxmox. 02:07:53.000 --> 02:08:02.000 It's all just JSON files. Then you say, okay, this is what I want things to look like, and then you turn around and say. 02:08:02.000 --> 02:08:06.000 go and it goes out and… pokes all the buttons. 02:08:06.000 --> 02:08:10.000 Hmm. 02:08:10.000 --> 02:08:29.000 Since I need to convert… I… master project into a Amazon web service. I've been trying to sit here and go through. Okay, how do I not screw this up? 02:08:29.000 --> 02:08:35.000 And some of the things it can do is, for example, I'm trying to get it to. 02:08:35.000 --> 02:08:48.000 Take all the… Uh, security-based pieces of information that they'd need hold onto and make sure it's stored within a. 02:08:48.000 --> 02:08:54.000 Uh, a service like Bitwarden. 02:08:54.000 --> 02:09:03.000 Um… having entirely too much… Fun banging my head over it, try and teach it what to do. 02:09:03.000 --> 02:09:07.000 Oh. 02:09:07.000 --> 02:09:18.000 I don't know if it's my head or just, you know… Dealing with the fact that people can't. 02:09:18.000 --> 02:09:19.000 Mm-hmm. 02:09:19.000 --> 02:09:37.000 deal or issue proper certificates. You can get them for free from LexiCrick. 02:09:37.000 --> 02:09:47.000 Certificates are… a complex world unto their own that has a lot of interaction with. 02:09:47.000 --> 02:09:58.000 Internet networking services. And if not done carefully, you can really expose yourself. 02:09:58.000 --> 02:10:21.000 or shoot yourself in the foot. a fair bit to it. A lot of times you can get by with knowing little of it, but sometimes it's worth the time to buy a $10 book and read. 02:10:21.000 --> 02:10:28.000 And people wonder why I keep everything local. 02:10:28.000 --> 02:10:39.000 It's almost like I know that I'm going to screw the damn thing up, and if it's between me, if there's a firewall between me and the rest of my stuff and the rest of the world. 02:10:39.000 --> 02:10:42.000 There's less that they can do about it. 02:10:42.000 --> 02:10:45.000 Yep. Stay it. 02:10:45.000 --> 02:10:49.000 Stan, raising your hand to attract our attention. 02:10:49.000 --> 02:10:56.000 Yes. Grant, since this is going to be, or seems to be an ongoing series of you. 02:10:56.000 --> 02:11:00.000 thought of what you're going to do next on the DNS. 02:11:00.000 --> 02:11:05.000 Just a rough idea or not yet. Parts. Okay. 02:11:05.000 --> 02:11:14.000 Not yet. I I have some ideas, and I have recorded some questions from the previous. 02:11:14.000 --> 02:11:28.000 base presentation. I envision… We've talked about how to use. I think we were talking about Dns mask. 02:11:28.000 --> 02:11:42.000 To stand something up for your home network. And we've talked about Pi Hole, and I would actually be interested in going into. 02:11:42.000 --> 02:11:47.000 Presuming the audience is there. More traditional DNS servers. 02:11:47.000 --> 02:11:55.000 Bind… And Lee, I'm sure, has something else he could bring to the table. 02:11:55.000 --> 02:12:00.000 And if there is interest, even if you wanted to. 02:12:00.000 --> 02:12:07.000 go out and register a domain name. What you would need to do to set that up. 02:12:07.000 --> 02:12:12.000 Or if you want… to poke something for a few weeks. 02:12:12.000 --> 02:12:22.000 without spending some money, I would be willing to do a delegation from one of my domains to people to play with. 02:12:22.000 --> 02:12:32.000 And I just generally want to answer the questions to the interest of the audience. 02:12:32.000 --> 02:12:37.000 And help enable them to learn what they want to. 02:12:37.000 --> 02:12:41.000 make it possible for them to do so. 02:12:41.000 --> 02:12:47.000 Just as a note, 10-minute warning. 02:12:47.000 --> 02:12:59.000 We're coming up on the 9 o'clock mark. Uh, we don't have to end the meeting, but we used to end it at 9 because of. 02:12:59.000 --> 02:13:06.000 when we met at… public libraries, they would throw us out at 9. 02:13:06.000 --> 02:13:14.000 It's a traditional warning. Plus… Some of us are approaching our bedtimes. 02:13:14.000 --> 02:13:18.000 approaching. Thought we were past. 02:13:18.000 --> 02:13:27.000 I have a domain that can be used as kind of there for a project that I never got around to. 02:13:27.000 --> 02:13:31.000 need to… I can point the… Registration, anyway. 02:13:31.000 --> 02:13:33.000 I don't care what happens to it. I was kind of waiting around what happened with French Indonesia and the .io domains. 02:13:33.000 --> 02:13:43.000 Yeah. 02:13:43.000 --> 02:13:45.000 Interesting. 02:13:45.000 --> 02:13:52.000 io domain. Oh, Indian Ocean. 02:13:52.000 --> 02:13:53.000 Input output. Oh. Hmm. 02:13:53.000 --> 02:14:02.000 French… It used to be the, uh… British Indian Ocean Territories. 02:14:02.000 --> 02:14:03.000 Which were some islands that got returned to you. 02:14:03.000 --> 02:14:06.000 Oh, wow. 02:14:06.000 --> 02:14:14.000 Sure, either India or one of the… Um… 02:14:14.000 --> 02:14:15.000 I think it got handed over to Madagascar or Mauritius or something. 02:14:15.000 --> 02:14:22.000 Rascals? So, yeah. 02:14:22.000 --> 02:14:27.000 Um… 02:14:27.000 --> 02:14:38.000 Yep. How should I put this? So it's kind of been in flux, and I had a blog that I wanted to throw up there using… flag tail. 02:14:38.000 --> 02:14:50.000 Yes, I am using… Log rebuild as a… Oh. 02:14:50.000 --> 02:14:54.000 How should I put it? Guinea pig to my machinations. 02:14:54.000 --> 02:15:00.000 Yeah, as one does. I've done silly things like that and learned a lot. 02:15:00.000 --> 02:15:19.000 But yeah, I can point the registrar entry anywhere you want, and… You can play with it that way. It's like RMDIO. 02:15:19.000 --> 02:15:29.000 I've got a. a request for a party who hasn't shown up yet. He said he was going to try and log in when he got. 02:15:29.000 --> 02:15:32.000 got out of another commitment that he had earlier tonight. 02:15:32.000 --> 02:15:39.000 But I know what his question is. He's he's forced to use Microsoft. 02:15:39.000 --> 02:16:01.000 at work. He really. was with our group as a Bsd user. He was always having more fun on BSD than he was on Linux, and uh… Uh, but now he's building a new box and figures, okay, he's going to put Linux on this box. 02:16:01.000 --> 02:16:10.000 And as I say, he's an experienced BSD user, but his question was kind of like, okay. 02:16:10.000 --> 02:16:19.000 Has anybody got enough? Memory familiarity with VSD that you know what what what? 02:16:19.000 --> 02:16:33.000 distro of Linux. would be useful, appropriate for somebody who considers themselves. Well, who should be considered a competent BSD user. What? What are the pros and cons of any particular distro? 02:16:33.000 --> 02:16:38.000 Anybody have an opinion? Make any difference. You want a good virtualization learner? 02:16:38.000 --> 02:16:40.000 Okay. 02:16:40.000 --> 02:16:51.000 Me… to me, the question is… How much… freedom and configure. 02:16:51.000 --> 02:16:59.000 Capability. Freebsd has a lot of freedom under the port system and. 02:16:59.000 --> 02:17:07.000 compiling world. If he's did things like that and enjoys that power. 02:17:07.000 --> 02:17:16.000 He is probably going to be happier on arch or Gen 2, or a compile from source. 02:17:16.000 --> 02:17:25.000 Distro. If instead looking for ultra stable. 02:17:25.000 --> 02:17:38.000 And you can measure uptime bounded by power outages on either end of 2 to 3 digits. 02:17:38.000 --> 02:17:43.000 Probably not. 02:17:43.000 --> 02:17:48.000 mainstream distros. 02:17:48.000 --> 02:17:55.000 I might actually recommend FreeBSD. 02:17:55.000 --> 02:18:01.000 Yeah, you can get Red Hat and Seuss to be extremely stable. 02:18:01.000 --> 02:18:07.000 Fedora by nature of what it is, is a science project all the time. 02:18:07.000 --> 02:18:11.000 Same thing for tumbleweed. But you know, there's they're stable versions next month. 02:18:11.000 --> 02:18:14.000 Yeah. 02:18:14.000 --> 02:18:15.000 I'm trying. 02:18:15.000 --> 02:18:25.000 But yeah, that that question, though, there's a question under that. What's your host os? 02:18:25.000 --> 02:18:26.000 Well, that wasn't the question. You know, you mentioned a working Windows environment. 02:18:26.000 --> 02:18:30.000 Well, if it's bare metal. It… 02:18:30.000 --> 02:18:46.000 Well, his his his real environment at work is Microsoft Windows. Anything? Is that where he wants to run the Vsd? And that is the question. Is he going to try and… run this as a virtual machine. 02:18:46.000 --> 02:18:51.000 on a Microsoft host or does he just need to? 02:18:51.000 --> 02:18:52.000 Yep. 02:18:52.000 --> 02:19:06.000 I took the question as to be as a Bsd user who is forced to use windows at work. What Linux distro would you recommend he use at home? Is how I took it. 02:19:06.000 --> 02:19:19.000 Yeah. I think that's the 1st thing he should be answering for himself is, yeah, exactly as you just described it, Grant. 02:19:19.000 --> 02:19:24.000 how to kind of get his Linux specific skills. 02:19:24.000 --> 02:19:25.000 Back up to speed. Well, the question is, if he wants to run free BSD at home. 02:19:25.000 --> 02:19:30.000 Hmm. 02:19:30.000 --> 02:19:46.000 Why not bear hardware? If he wants to run it at work, you're going to have to deal with Windows and run it under Wizzle, and it's not going to be, uh… good solution. Pre-bsd is compatible with Wizl, but. 02:19:46.000 --> 02:19:54.000 You know, you're running all kinds of UI issues. Yeah, no, he's not going to run it at work. This is strictly a whole home. 02:19:54.000 --> 02:20:02.000 whole machine. Yeah, well, if you want multiple machines, then your best your best bet, from what I'm seeing here is Proxmox. 02:20:02.000 --> 02:20:13.000 That's a. It's supposed to be more compatible with BSD than any other tools. Okay. 02:20:13.000 --> 02:20:17.000 It's prox m-ox. Yeah. 02:20:17.000 --> 02:20:24.000 Yeah, Proxmox is. hypervisor tuned distro to run. 02:20:24.000 --> 02:20:32.000 virtual machines on. I like VMware or Hyper-V or Zen. 02:20:32.000 --> 02:20:39.000 Except it's as closer to yeah, it's closer to being VMware than anything else, because. 02:20:39.000 --> 02:20:42.000 It's designed to run on bare hardware, and then you manage it remotely. 02:20:42.000 --> 02:20:49.000 Yeah. 02:20:49.000 --> 02:20:53.000 you know, but you could also run Kvm. 02:20:53.000 --> 02:20:54.000 Yeah, I think there's a healthy component of Kvm in Proxbox. 02:20:54.000 --> 02:21:03.000 If… Yeah. I think it's more… I think it's basically Debian. 02:21:03.000 --> 02:21:04.000 With KVM. 02:21:04.000 --> 02:21:15.000 Yeah. It is to me rocks box is a Debian based distro heavily optimized or tuned for virtualization hosting. 02:21:15.000 --> 02:21:22.000 Okay. 02:21:22.000 --> 02:21:44.000 To me, it really depends more if. This person wants to do… compilation and control a whole bunch of different things, or if just wanting ultra stable to do day-to-day activities. 02:21:44.000 --> 02:21:47.000 Because BSD can go both ways. 02:21:47.000 --> 02:21:54.000 Of course, a better solution is go get yourself a Pi 4 for your BSD. 02:21:54.000 --> 02:21:55.000 or 5. 02:21:55.000 --> 02:22:02.000 Well, it sounds like. for whatever reason, he's wanting to make the transition to Linux. 02:22:02.000 --> 02:22:09.000 instead of Bsd, and is asking what would be a recommended Linux to try. 02:22:09.000 --> 02:22:15.000 Yeah, I think that's more what he's driving at is is putting up a Linux. 02:22:15.000 --> 02:22:21.000 so he can. get back into the Linux world and get. 02:22:21.000 --> 02:22:28.000 brushing off his Linux experiences. even though, like I say, his background, he's really more of a Bsd user from from. 02:22:28.000 --> 02:22:39.000 I would also ask the question of. Is he trying to… freshen up his Linux experience. 02:22:39.000 --> 02:22:52.000 to help support something at work, and if so, I would probably lean towards whatever distro is being used at work. 02:22:52.000 --> 02:22:53.000 Yeah, I I got the feeling from him that that wasn't the case. 02:22:53.000 --> 02:23:04.000 Because… Okay. 02:23:04.000 --> 02:23:22.000 I mean. You can do Fedora. I would probably run Red Hat proper over Fedora, which you can get developer licensing for free that gives you either 8 or 16. 02:23:22.000 --> 02:23:26.000 Red Hat. Enterprise Linux. 02:23:26.000 --> 02:23:36.000 We're free for non-commercial use. Um… Debbie and I find their politics annoying. 02:23:36.000 --> 02:23:37.000 Mm-hmm. 02:23:37.000 --> 02:23:49.000 like you don't get thunderbird. You get the Thunderbird code branded as something else with different icons, but it's Thunderbird by it. 02:23:49.000 --> 02:23:50.000 Well, if you're really a Red Hat fan, why not go Almo? 02:23:50.000 --> 02:23:57.000 ice or something. 02:23:57.000 --> 02:24:05.000 I would say if you were happy with CentOS Alma, probably. But particularly if you're trying to get. 02:24:05.000 --> 02:24:16.000 learn how to support Red Hat in a commercial environment. There are aspects of Red Hat like Red Hat Network subscriptions, etc. 02:24:16.000 --> 02:24:25.000 That are Red Hat specific. So REL, you actually get more proper hands on. 02:24:25.000 --> 02:24:38.000 Um… A comparison could be like, it's been a while since I've driven cars, and I want to get back up to speed, and I plan on driving a big rig truck. 02:24:38.000 --> 02:24:51.000 which is a fair bit different than passenger vehicles. 02:24:51.000 --> 02:25:00.000 really depends on the end goal. 02:25:00.000 --> 02:25:10.000 I think it was a smart… idea for him to basically see if anybody here in the group. 02:25:10.000 --> 02:25:18.000 They had enough cross experience between the BSD world and the Linux that might be able to clue them in. 02:25:18.000 --> 02:25:19.000 Okay. 02:25:19.000 --> 02:25:25.000 And the most I did with that was fight with it for TrueNaz before they switched over to Debian. 02:25:25.000 --> 02:25:29.000 I'm sorry. I was a little… that was a little garbled, Tyler. 02:25:29.000 --> 02:25:43.000 The most I've done with that, with, uh… Uh, FreeBSD, well… I guess I also had the PFSense firewall that was running FreeBSD, but that was all through the UI. 02:25:43.000 --> 02:25:49.000 My return as core, the old version of TrueNAS. 02:25:49.000 --> 02:26:09.000 is for our free BSD, and I was mucking around with the inside of it to get it to do what I wanted it to do, but… They just switched over to using Debian themselves with TrueNAS scale. 02:26:09.000 --> 02:26:15.000 And are going to deprecate. course sometime. 02:26:15.000 --> 02:26:22.000 I I I think we should not give an answer here unless we know more about what his end goal is. 02:26:22.000 --> 02:26:29.000 I say, with me, I… I'm looking to replace Windows on my VR set or. 02:26:29.000 --> 02:26:42.000 VR rig. And I am actually looking at using Cache EOS, because there's instructions on setting up SteamVR on that OS itself. 02:26:42.000 --> 02:26:48.000 Not that I want to deal with Arch or I want to… X, Y, or Z. 02:26:48.000 --> 02:26:56.000 It's because there's the instructions that do what I need on that OS. 02:26:56.000 --> 02:26:57.000 Yeah. And I think that's a good motivation for that. 02:26:57.000 --> 02:26:59.000 No. 02:26:59.000 --> 02:27:01.000 particular distro. 02:27:01.000 --> 02:27:05.000 Yeah, you know, if you've got a specific use case. 02:27:05.000 --> 02:27:21.000 Then you want to focus on the distro that best supports that use case. You know, if you're building a server, you don't need a GUI. So who cares whether it's X or Wayland or whatever. Yeah. You know, you build a server and leave the GUI off. If you want a desktop. 02:27:21.000 --> 02:27:39.000 Then you gotta have you got to pick your GUI X your wayland's current X is, you know, more compatible. But I found a lot of problems with that here in the last year. That's why I had to switch to humble weed and whaling. Okay. 02:27:39.000 --> 02:27:50.000 Yeah, with me, I had, uh… I switched over to Bazite, which seems to be a problem, because they have this whole atomic mindset that just drives me nuts as a. 02:27:50.000 --> 02:28:03.000 My programming… Um… But I switched to it because it was using Wayland, because X kept on eating through. 02:28:03.000 --> 02:28:17.000 Over half of my video memory. And whenever I would fire a game up, I usually play a game and I throw up something that I need to listen to that's, you know, dry and repetitive. 02:28:17.000 --> 02:28:25.000 And… It just everything would tank where it was working just fine. 02:28:25.000 --> 02:28:33.000 before on Linux meant it was like, okay, what happened to the to my video memory here? 02:28:33.000 --> 02:28:40.000 Something in X. was eating half my memory. I'm like. 02:28:40.000 --> 02:28:41.000 That would have to be the X display server. 02:28:41.000 --> 02:28:44.000 Oh, this isn't acceptable. 02:28:44.000 --> 02:28:49.000 the what actually talks to the video card, because. 02:28:49.000 --> 02:28:56.000 Arguably the rest of X is. relatively small libraries. 02:28:56.000 --> 02:29:07.000 Great. I just don't know what happened. I'll just open up MVTop to check what was going on with my graphics card in the middle of my game playthrough, I'm like. 02:29:07.000 --> 02:29:14.000 Why are you using 4GB of memory while I'm sitting on the desktop in the video card? 02:29:14.000 --> 02:29:19.000 Reboot it. Goes away. Like… This is annoying. 02:29:19.000 --> 02:29:24.000 That almost sounds like caching. 02:29:24.000 --> 02:29:32.000 And you know what? I hate to say it, I have $1,000 worth of memory in this system. 02:29:32.000 --> 02:29:33.000 It's not using the $1,000 worth of memory, it's gotta use the memory on the video card. 02:29:33.000 --> 02:29:37.000 Yeah. 02:29:37.000 --> 02:29:47.000 Yeah, I'm thinking the video, uh, the X server is using caching inside the video card. 02:29:47.000 --> 02:29:55.000 for, like… cells are pre-rendered things to avoid having to re-render them. 02:29:55.000 --> 02:30:01.000 And it. 02:30:01.000 --> 02:30:09.000 and arguably, if you've got the memory and it's not being used for anything else. 02:30:09.000 --> 02:30:13.000 Why not let the video memory use it? 02:30:13.000 --> 02:30:26.000 Yeah, right until I launch… video game, and he says, oh, I need to load the video game into memory, and it's used by… What? 02:30:26.000 --> 02:30:27.000 That's it. 02:30:27.000 --> 02:30:28.000 I… 02:30:28.000 --> 02:30:32.000 Seems like a badly designed program. 02:30:32.000 --> 02:30:38.000 Somebody made a mistake in the programming just to automatically default to video memory instead of the RAM with whatever's already on the system. 02:30:38.000 --> 02:30:46.000 No, I'm thinking, like, the video card itself. rendered something and cached internally. 02:30:46.000 --> 02:31:01.000 I'm guessing something within cinnamon. Decided, oh, we're going to use the video memory to do X, and they didn't write a cleanup that says, oh, by the way, when. 02:31:01.000 --> 02:31:05.000 XYZ starts up… You're to exit. 02:31:05.000 --> 02:31:11.000 And you should let the video card use this and it's like. 02:31:11.000 --> 02:31:20.000 You know, it's X, it's older than dirt, there's like, what, two people working on it? 02:31:20.000 --> 02:31:21.000 Yeah, the biggest problems with X, it's your your old spaghetti code. 02:31:21.000 --> 02:31:26.000 Maybe? And so… 02:31:26.000 --> 02:31:31.000 There's been so many people working on on it for the last 30 years that. 02:31:31.000 --> 02:31:35.000 There's there's problems in there that nobody know how to fix. Nobody knows how to fix. 02:31:35.000 --> 02:31:38.000 Yeah. 02:31:38.000 --> 02:31:54.000 Yeah, yeah. All right. Should we pull the plug, Gary? I want to ask one more question which may spark a little discussion. But last month this meeting last month our speaker was from Red Hat. 02:31:54.000 --> 02:32:07.000 And he spoke about boot C after a month of thinking about it. Did anybody have any comments, follow ups, questions? 02:32:07.000 --> 02:32:13.000 I guess I meant to prompt for that in the discussion email. I just never had a chance. 02:32:13.000 --> 02:32:16.000 I've gone back and looked at part of the video. 02:32:16.000 --> 02:32:29.000 Uh, recording that Stan graciously makes available. And to gather some details about how the file system is working, and I actually posted those to discuss. 02:32:29.000 --> 02:32:35.000 I have a desire to explore. that capability. 02:32:35.000 --> 02:32:52.000 But not necessarily under boot C. But I do have a habit of playing with Lego sets to find the pieces I like to pull out and use in my own custom builds. 02:32:52.000 --> 02:32:53.000 Okay. 02:32:53.000 --> 02:33:02.000 Sorry, I'm having too much fun with Talos. The thing is tiny. 02:33:02.000 --> 02:33:10.000 Okay. I mean, my comment was, I've been using Boot C for 10 years in Butterfs. 02:33:10.000 --> 02:33:17.000 The exact same concept. Except it's more flexible in butter. 02:33:17.000 --> 02:33:23.000 I would say that. It is a similar high level concept. 02:33:23.000 --> 02:33:28.000 the execution of how it does it is completely different. 02:33:28.000 --> 02:33:34.000 Well, yeah, because you have a file system that you can version, basically. 02:33:34.000 --> 02:33:39.000 Versus a container, you have to modify and then. 02:33:39.000 --> 02:33:50.000 swap in and in or out. you know, the the advantage about Rfs is you can have any number of versions there instead of one you're using, and one you're switching. 02:33:50.000 --> 02:33:58.000 from looking at it, I don't think that the what's being used. 02:33:58.000 --> 02:34:04.000 is limited to two versions. That probably is more. 02:34:04.000 --> 02:34:09.000 an artificial. Side effect of boot C is a higher level. 02:34:09.000 --> 02:34:11.000 construct. 02:34:11.000 --> 02:34:18.000 Well, the the problem with Bucci is you're running one, and you're switching to one. You've only got 2 versions. 02:34:18.000 --> 02:34:23.000 Maybe with Bootsy, but I see no reason why. 02:34:23.000 --> 02:34:27.000 with what it's doing to the file system underneath, you couldn't have. 02:34:27.000 --> 02:34:29.000 40, pick a number. 02:34:29.000 --> 02:34:32.000 Well, yeah, that's that's butterfs. 02:34:32.000 --> 02:34:35.000 No. 02:34:35.000 --> 02:34:40.000 No, I'm saying if you want to use the file system to version your. 02:34:40.000 --> 02:34:45.000 But if you want to use the file system itself to version your file systems. 02:34:45.000 --> 02:34:53.000 then ButterFS provides that. Boot C, you have the running version, and you have the switching version. 02:34:53.000 --> 02:35:04.000 And if the switching version fails, you can go back to the one that you started from the way the way I understood it. 02:35:04.000 --> 02:35:14.000 But with, you know, with ButterFs, I have to look every few every every month because I may have 10 or 15 different snapshots there. Yeah. Okay. 02:35:14.000 --> 02:35:19.000 in which case, I throw all of them away except for the last 3 or 4. 02:35:19.000 --> 02:35:20.000 Okay. 02:35:20.000 --> 02:35:27.000 something to keep in mind with the way Boot C is, and I can't. It's not. 02:35:27.000 --> 02:35:31.000 overlay is part of it. I'd have to open my email to find what I sent. 02:35:31.000 --> 02:35:36.000 Um… 02:35:36.000 --> 02:35:41.000 It's… Compose FS. 02:35:41.000 --> 02:35:50.000 and overlay combined. It is using object store. So if you have the same. 02:35:50.000 --> 02:36:02.000 File, the library or ISO image, or what have you, a blob for all intents and purposes, that is the same across multiple versions. 02:36:02.000 --> 02:36:08.000 It is one copy on disk. that is instantiated. 02:36:08.000 --> 02:36:14.000 as many different versions as you have, like a hard link to it. 02:36:14.000 --> 02:36:24.000 And it is switching… not quite link farms, but similar. 02:36:24.000 --> 02:36:30.000 So if you have… multiple successive versions. 02:36:30.000 --> 02:36:35.000 of an Os, but 90% of the files are not changing. 02:36:35.000 --> 02:36:40.000 you're only going to have, call it a 10% growth. 02:36:40.000 --> 02:36:46.000 with each version. Whereas if it's a full snapshot. 02:36:46.000 --> 02:36:54.000 Unless it's copy on right, you're going to end up with more disk space consumed for versions. 02:36:54.000 --> 02:36:59.000 and I'm not sure if Butter is using copy on right or not. 02:36:59.000 --> 02:37:04.000 But there is copy on right? 02:37:04.000 --> 02:37:08.000 So so the the the concept there is similar. 02:37:08.000 --> 02:37:13.000 you know, and and but in the butter case, the file system handles the versions. 02:37:13.000 --> 02:37:18.000 in the Bootsy case. You've got. 02:37:18.000 --> 02:37:25.000 Some another construct running on top of the file system that's keeping track of your two versions. 02:37:25.000 --> 02:37:30.000 Yeah. 02:37:30.000 --> 02:37:37.000 Okay, I don't know that that almost sounds like a solution looking for a problem. 02:37:37.000 --> 02:37:44.000 Anyway. Okay. let's see. 02:37:44.000 --> 02:37:50.000 Couple other things I just stumbled across here in the last couple of weeks. 02:37:50.000 --> 02:38:07.000 Doherty Business Systems was a benefactor of our group for a number of years. We used to hold our steering committee meetings there, and they've also benefited some other groups around town. I noticed that the St. Louis Data Visit. 02:38:07.000 --> 02:38:15.000 Visards group is desperately looking for a new leader, which made me wonder, hmm. 02:38:15.000 --> 02:38:27.000 Why are they folding? And here's the one wants to pay 100 bucks a month. I I guess, and I suspect probably Doherty had been doing that. Doherty also used to provide the meeting space and. 02:38:27.000 --> 02:38:42.000 food and that kind of stuff for the meetings of that group. And then I think in 2024, they only met three times and haven't met since, which made me wonder… I hadn't heard. 02:38:42.000 --> 02:38:57.000 Anything from Doherty in quite some time. And so, yes, Doherty Business Systems sold themselves to a Canadian company from Montreal, uh, that was effective, uh, I guess January of last year. 02:38:57.000 --> 02:39:14.000 And I noticed that Ron Doherty is now the head of the Doherty Foundation and they're involved in doing charity stuff for Alzheimer's disease and some other medical stuff. So I don't know if Ron is still. 02:39:14.000 --> 02:39:28.000 working with. the new merged company, or the new owners of his old consulting firm, but so yeah, I I don't know. So just those of you who are here in town changing what's going on in town. 02:39:28.000 --> 02:39:38.000 So with that, yes, I guess unless somebody has something else that we need to discuss tonight, we can wrap it up for this evening. 02:39:38.000 --> 02:39:43.000 We'll all meet again. 02:39:43.000 --> 02:39:48.000 I will toss out there. If you have questions. 02:39:48.000 --> 02:39:54.000 you would like to see or hear answered in the larger DNS theme. 02:39:54.000 --> 02:39:58.000 Please let somebody know so we can make sure we talk about them. 02:39:58.000 --> 02:40:19.000 Thank you. Thank you, thank you. Very good. With that, before we turn off the recording. This has been the St. Louis Lug, the St. Louis Linux user group. Today's date was Thursday, March the 19th, 2026. Our speaker this evening was Grant Taylor. 02:40:19.000 --> 02:40:35.000 who was doing part of his series on DNS. I was DNS. Who's on first? What's on second? And it was kind of the working walkthrough of how these DNS requests get handled. Thank you, Grant. It was an excellent talk tonight. 02:40:35.000 --> 02:40:39.000 Quick question. Anybody using AI tools? What type? 02:40:39.000 --> 02:40:49.000 Oh, yeah. You're. Chat Gpt. Mostly, I'm building my own now. 02:40:49.000 --> 02:40:55.000 I've been using chat, too. I'm sorry? 02:40:55.000 --> 02:41:03.000 What use case? What type of use case for for Dns management, or what? 02:41:03.000 --> 02:41:04.000 OS. Play. 02:41:04.000 --> 02:41:11.000 Oh, just meeting on some of my computers, network, whatnot. 02:41:11.000 --> 02:41:22.000 Mm-hmm. I was thinking small projects, or maybe one or two committers, if somebody builds an agent that updated the email list when there are problems, and set up discussions, that would be a good use case. 02:41:22.000 --> 02:41:25.000 Yeah. I'm amazed at how effectively they understand English. 02:41:25.000 --> 02:41:30.000 Mm-hmm. 02:41:30.000 --> 02:41:40.000 Mm-hmm. Yeah. Well, probably know the language better than us. They study more about it. They can look at more of the ones who have large memory. 02:41:40.000 --> 02:41:46.000 And that'd be a use case with mailing lists when everybody who has got a copy downloaded a copy of a version, when you got an updated version? 02:41:46.000 --> 02:41:54.000 And then… but if they submit it back to human review, that'd be even better. 02:41:54.000 --> 02:41:58.000 Scott Graneman has offered to do a presentation on various. 02:41:58.000 --> 02:42:00.000 So this is Zoom time. 02:42:00.000 --> 02:42:07.000 AI tools and so forth, and it may be in our future, in the next month or so. 02:42:07.000 --> 02:42:08.000 That'd be great. Okay. 02:42:08.000 --> 02:42:09.000 That'd be great. posted to the list. 02:42:09.000 --> 02:42:11.000 Right, Gary? 02:42:11.000 --> 02:42:16.000 All rightMm-h