Domain Name System – How to write a middleware DNS server labeled "I don't know the answer, ask this name server".

I am implementing a middleware DNS server (I know, I know, I probably shouldn't) to create a DNS based service discovery (like Kubernetes) for my infrastructure.

I am currently using a go-based DNS library and it has been running smoothly so far. I am using this server localhost:53 of all my machines (by overwriting the nameserver in /etc/resolv.conf).

All DNS questions in my infrastructure go through this custom DNS server I wrote.

I want to deal with this middleware DNS server:

  • local domains (e.g. *.foo.local.): No problem here.

  • external domains (e.g. example.com.): Forward (NOT proxy or recursion) the clients to the original nameserver the machine (e.g. the original value that I save in /etc/resolv.conf)

In order to implement the last point above, I have to answer DNS queries as follows: "I don't know the answer to this message, query this other name server". Is there something that customers recognize?

So far I have tried to answer with rcode: NOERROR and send NS RRs with
the IP address of the original name server in the response area. That didn't work (customers don't understand).

(I can implement recursion in my DNS server, but I prefer not to.)


Aside: I have found that some public DNS servers (not all like 8.8.8.8 or 1.1.1.1) actually respond with a "permission section" pointing to other name servers.

For example, here is the Comcast's DNS server (75.75.75.75) that responds to a .dev domain search by sending it to Google Domains name servers:

dig +norecurse @75.75.75.75 ahmet.dev.

; <<>> DiG 9.10.6 <<>> +norecurse @75.75.75.75 ahmet.dev.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21419
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 11

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ahmet.dev.         IN  A

;; AUTHORITY SECTION:
dev.            72560   IN  NS  ns-tld4.charlestonroadregistry.com.
dev.            72560   IN  NS  ns-tld2.charlestonroadregistry.com.
dev.            72560   IN  NS  ns-tld5.charlestonroadregistry.com.
dev.            72560   IN  NS  ns-tld3.charlestonroadregistry.com.
dev.            72560   IN  NS  ns-tld1.charlestonroadregistry.com.

;; ADDITIONAL SECTION:
ns-tld4.charlestonroadregistry.com. 158960 IN A 216.239.38.105
ns-tld4.charlestonroadregistry.com. 158960 IN AAAA 2001:4860:4802:38::69
ns-tld2.charlestonroadregistry.com. 158960 IN A 216.239.34.105
ns-tld2.charlestonroadregistry.com. 158960 IN AAAA 2001:4860:4802:34::69
ns-tld5.charlestonroadregistry.com. 158960 IN A 216.239.60.105
ns-tld5.charlestonroadregistry.com. 158960 IN AAAA 2001:4860:4805::69
ns-tld3.charlestonroadregistry.com. 158960 IN A 216.239.36.105
ns-tld3.charlestonroadregistry.com. 158960 IN AAAA 2001:4860:4802:36::69
ns-tld1.charlestonroadregistry.com. 158960 IN A 216.239.32.105
ns-tld1.charlestonroadregistry.com. 158960 IN AAAA 2001:4860:4802:32::69

;; Query time: 56 msec
;; SERVER: 75.75.75.75#53(75.75.75.75)
;; WHEN: Sat Feb 29 15:56:32 PST 2020
;; MSG SIZE  rcvd: 394

I don't quite understand how someone adds an authority section to a message (is that just a "reply section" with NS records?).

So it seems that a name server can actually answer questions by sending the client to another name server? How do I implement this answer myself?

Azure SQL database – Invoke-ProcessASDatabase fails with "Unable to connect to server".

I occasionally get the following error message:

Cannot connect to server 'myASCube'. Client with IP Address 'x.x.x.x' is not allowed to 
access the server. To enable access, use the Firewall settings in Azure Management Portal. 
It may take up to 5 minutes for this change to take effect. More information on configuring  
firewall and setting IP address ranges can be found here: https://go.microsoft.com/fwlink/?linkid=2099963

I can add the IP address in "Analysis Services" -> "Firewall" and then run it again for a few days before it fails with a new IP address.

This is the powershell command that I execute

$AzureCred = Get-AutomationPSCredential -Name "CredForRefreshCube"
Add-AzureAnalysisServicesAccount -RolloutEnvironment 'westeurope.asazure.windows.net' -ServicePrincipal -Credential $AzureCred -TenantId "56cb8dc0-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
Invoke-ProcessASDatabase -server "asazure://westeurope.asazure.windows.net/myASCube" -DatabaseName "mydatabase" -RefreshType Full

I checked if DbaTools could work with Analysis Services and looked for solutions. I found https://www.inovex.de/blog/azure-automation-analysis-services/ from which I copied the powershell code.

How do I make sure that Automation Services do not change the IP, or should I only allow all IP addresses to access my Cube?

php – Why do I get the "Cannot output to Linux server" error when using MPDF?

I just migrated from the server and found a problem with MPDF. It turns out that I have a script that creates PDF documents and saves them in a folder on my server called Documents

I have already made sure that my folder has the necessary permissions. Your permissions are 777,

I don't know if it has anything to do with parent folder permissions because they have different permissions.

The error that mpdf returns is the following:

An unrecognized exception was found

Type: MpdfException

Message: Cannot create output file:
/home/vuelosenglobos/domains/erp.vueloenglobo.mx/public_html/application/controllers/../../assets/cdn/documentos/5e0ce5c76665a20200101123239.pdf

As further information I use Ubuntu Server 18.04.

The part of my PHP script that works on another server with cpanel (but doesn't work on this new server with Ubuntu 18.04) is the following:

$path_name = __DIR__ . "/../../assets/cdn/documentos/" . $file_name . ".pdf";

$mpdf->Output($path_name, "F");  

I hope you can help me fix the problem. I have already tried to delete and create the folder using the console or FTP and it does not work. Thank you very much

What does "Connecting to the Internet via proxy server" mean?

Sometimes in my school, websites are only accessible when connected to a proxy server provided by the school. If the proxy server settings are not configured in Firefox / Chrome, we can not connect to the Internet and access the sites.

I'm trying to understand how a proxy server like this works. However, I can not find much success on the internet.

My main concern is that when connected to the internet, I should be able to access the site through the browser. Why does traffic have to be routed through the proxy server so I can access websites?

SharePoint Personnel Picking Error "Sorry we could not reach the server"

My users face errors in SharePoint 2016 when trying to add more than 15 users to share a file / folder. However, this error occurs intermittently and has different results on different network connections. I have extended the timeout from standard 25s to 60s. After that, the problem occurs again when a user adds names to the People Picker, left the computer inactive for a while, and when he comes back to add more names, he encounters the error message.

Does the network connection have anything to do with the People Picker extracting names from AD? Is it normal for the people picker to time out if it is not used for a long time? How can users prevent this error from occurring again?

WordPress FTP Error: "Unable to connect to FTP server"

I have a problem that I want to fix for two days. I searched the internet and tried to apply several suggestions from other posters.

So I have a selfhosting webserver: CentOS7, Apache, PHP, MariaDB, OpenSSH and Pure-FTPd.

I found a nice guide that combines MariaDB and Pure-FTPd. I've used vsftp before, but later I found using the database to store valid FTP users more robust and convenient.

So I successfully set up the FTP server and logged in to FileZilla from a remote client. I also managed to copy files and create a folder in the "wp-content" folder of WordPress. However, when I try to use the internal FTP solution from WordPress, I get the error message "Unable to connect to FTP server". I was able to upload plugins with: define (& # 39; FSMETHOD & # 39 ;, & # 39; directly & # 39;); Option in file wp-config.php. That worked and the plugin was successfully installed. However, I have read that this is not a safe option. I'm aware that airplane FTP is not the safe way, but I want it to work before you switch to the FTPS variant.

I also tried to paste this block into wp-config.php (essentially prefilled FTP data):
define (& # 39; FS_METHOD & # 39 ;, & text; & # 39;);
define (& # 39; FTP_BASE & # 39 ;, & # 39; / path / to / wordpress / & # 39;);
define (& # 39; FTP_CONTENT_DIR & # 39 ;, & # 39; / path / to / wordpress / wp-content / & # 39;);
define (& # 39; FTP_PLUGIN_DIR & # 39 ;, path / to / wordpress / wp-content / plugins / & # 39;);
define (& # 39; FTP_USER & # 39 ;, & # 39; username & # 39;);
define (& # 39; FTP_PASS & # 39 ;, & # 39; password & # 39;);
define (& # 39; FTP_HOST & # 39 ;, & # 39; ftp.example.org & # 39;);
define (& # 39; FTP_SSL & # 39 ;, wrong);

That did not work either.

Tl.: DR.: FTP works well with FileZilla (can connect to the server and see the wp folder), but using the WP-internal FTP solution will display an error.

I've tried all the folders that define ownership of "Apache: Apache" and myUser: myGroup (Apache, which belongs to my group).
WordPress permissions:
find / var / www / -type d -exec chmod 755 {} ;
find / var / www / -type f -exec chmod 644 {} ;

as well as
find / var / www / -type d -exec chmod 775 {} ;
find / var / www / -type f -exec chmod 664 {} ;

Nothing worked. I'm really out of ideas here.

Enter the image description here

"Keyword not supported: server" error when using the ADO.NET connection string to connect to Azure DB

I have an ASP.Net project that I executed. I've added a database to Azure, and Azure has generated a connection string for the database. However, when I run the application, I get an error message saying that the server Keyword within the string is not supported. Here is my connection string:

/ ** /

/ ** /

I analyzed the answer here, but could not figure out what my possible string should look like.

How should I structure my string?