Posts by admin.

Bumping the feed…

To make good on a new year’s resolution, Mr. DNS recently put on his system administrator hat and upgraded his creaky WordPress installation. (Why does Mr. DNS insist on running his own WordPress installation rather than putting it in the new-fangled cloud that’s so popular these days? Well, Mr. DNS is a creature of habit and stuck in his ways. He will not discuss this topic further.) The upgrade appeared to go without incident, but alas, it was not so. Mr. DNS is grateful to eagled-eyed listener Lyle Tagawa, who noticed that Mr. DNS’s beloved podcast logo no longer appeared in the feed. Mr. DNS dived back into the depths of WordPress and emerged victorious, or so he thought. The default logo remained in some obstinate podcast clients. His many seconds of Internet research leads him to believe that publishing a post will cause podcast clients of the world to fetch and once again display the beloved logo. Thus he writes this post and its accompanying sound file with…one second of silence. He hopes you are not terribly disappointed to find the written rather than spoken word in the feed. He promises another episode will arrive at some future date, but he has learned never to commit to a particular time: one cannot rush the process.


Episode 62

In this episode, Matt and Cricket are joined by Graeme Bunton, director of the newly formed DNS Abuse Institute.  Graeme describes his background and explains the mission of the institute and what they’re working on.  And we finally (sort of) answer a long-suffering listener’s question about producing a kind of “Compleat DNS Specifications RFC” and ramble on for a bit about two great new sci-fi books, Andy Weir’s Project Hail Mary (which Matt mistakenly called the “Hail Mary Project”…) and Martha Wells’s Fugitive Telemetry.

Oh, and the lengthy hiatus? We shan’t speak of it.


Episode 61

In this episode, Matt and Cricket are joined by Kim Davies of ICANN and PTI (you’ll have to tune in to find out what that stands for).  Kim edifies us on key ceremonies and the Herculean efforts required to keep a key ceremony secure and transparent during what Matt referred to as a “global pandemic,” immediately regretting his use of the redundant phrase.  Later, Cricket is embarrassed to learn that Matt has already read both of the new books he’s reading (John Scalzi’s “The Last Emperox” and Martha Wells’s latest in the Murderbot series, “Network Effect“), and Kim laments that the end of business travel leaves him with no time to watch anything.  Oh, and the guys (or Matt, really) answer a really good question from Swapneel Patnekar about an ICANN paper on the effects of COVID-19 on the root name servers.

If you’ve already listened to the episode and are interested in the resources Kim referred to, here are the links:

Episode 59

In this episode, Matt and Cricket are joined by Cricket’s recent co-author, John Belamaric, to discuss CoreDNS, a DNS server built to act as a service discovery engine in containerized environments, particularly those managed by the ubiquitous Kubernetes.  They also answer a question from Shane Kerr about why certain RR types insist on using canonical names in RDATA, and Cricket expresses his displeasure at the mispronunciation of “bailiwick.” Finally, they discuss “The Mandalorian,” and Cricket once again strongly recommends Taika Waititi’s movies, especially “What We Do in the Shadows” and “Jojo Rabbit.”

Episode 57

…in which Matt and Cricket, in a cunning bit of Tom Sawyering, take Rob Fleischman’s question about how recursive DNS servers handle TTLs of zero, and induce Rob to both a) join the podcast as a guest and 2) paint their fence by doing all the legwork to find the answer.  In the inevitable light banter segment at the end of the episode, Cricket highly recommends Taika Waititi’s What We Do in the Shadows, likely the funniest vampire mockumentary ever made.

Episode 54?

Was it Cricket Liu Live or Ask Mr. DNS Live?  And does it really matter?

Shortly after the first anniversary of the massive DDoS attack on Dyn, Matt and Cricket broadcast a session on DDoS attacks and their relationship to DNS from the National Press Club in Washington, D.C.  They talked about how DDoS attacks target DNS infrastructure, how those attacks can exploit name servers, and recapped last year’s attack.  And they even examined some mechanisms that will help protect your DNS infrastructure from DDoS attacks:

Episode 53

This isn’t exactly an episode, but Matt and Cricket recently recorded a short promo for Infoblox’s DNS Awareness Day campaign, and they decided to keep recording because Cricket wanted to hear about the recent DNSSEC Key Ceremony, in which Matt had served as the Ceremony Administrator.  So if you’re curious about how new root keys are generated and the sort of security that’s involved, tune in!

Oh, and there’s video, for the first time!

Episode 51

In this episode, number 51, Matt and Cricket are joined by Kyle York and Joe Abley, respectively the Chief Strategy Officer and we-don’t-know-what of Dyn.  Kyle and Joe ably (ha!) fill in some of the details on the DDoS attack against Dyn on October 21 of last year.  And Kyle brags about the Patriots “dynasty,” which for three quarters sure looked like the pride that cometh before a fall, but holy cow!  Oh, and the guys jointly answer a question from Grant Taylor about a clever-but-frankly-awful way of adding a CNAME record to the apex of your zone and read a correction from Håkan Lindqvist about using underscores in certain fields of a cert.

Episode 50

In this episode, the 50th–their golden episode!–Matt and Cricket are joined by Dan York of the Internet Society, who brings them up to date on DNSSEC adoption.  Then the trio answer questions from Matt’s former colleague Rick Andrews about the use of underscores in domain names and from Ben Dash about how some companies get around the prohibition against adding CNAME records to zone apexes.  Apices.  Whatever.

Episode 47

In this episode, our 47th, we realize the mailbag is actually fuller than we thought, and work diligently to answer questions from a “long-term” Swedish listener about IPv6 reverse mapping, from Jeremy Laidman about BIND 9.11’s new catalog zones feature, and from (the also likely Swedish) Håkan Lindqvist about the credibility of DNS data, particularly NS records.  We also digress into ruminating over the possible deleterious effects of The Disney Channel on the attitudes of tween daughters, why the first four minutes of the forthcoming “Sully” are likely the highlight of the film, and what we’ve been watching on TV lately.  Don’t miss it!