Dynamic DNS fails

Ken D'Ambrosio ken at jots.org
Mon Mar 22 12:21:30 UTC 2021 

On 2021-03-22 07:42, Volker Wysk wrote:
> Am Montag, den 22.03.2021, 08:15 +0100 schrieb Bo Berglund:
>> Does your ddns service update the DNS servers around the world?

Respectfully, that's not a thing, and not the way DNS works.  DNS 
doesn't update *anything* with its hostname entries (except its own 
domain's servers).  It certainly doesn't "update the DNS servers around 
the world."  What it *does* do is accept queries.  The way things 
usually work:

* Client host makes a request of (say) bar.foo.com to its DNS server 
(often the home router)

* The home router forwards the request to *its* DNS server, e.g., 
Google's 8.8.8.8, your ISP's DNS server, etc.  This is usually what's 
termed a "caching server," for reasons that will be obvious in a moment.

* 8.8.8.8 or the ISP's server, a caching server, maintains caches of 
entries so that it doesn't have to do a full query each time.  (Windows 
clients also do this by default; Linux doesn't, but can with "nscd" -- 
Name Services Caching Daemon -- installed.)  If it has an unexpired 
cache entry for the host query, it responds with that, and you're done.  
There's one caveat, here, though -- which is why I'm bothering to type 
all this up: the failed lookup.  If, for some reason, a caching server 
attempts a lookup and fails, it'll cache *that*, too, and respond with a 
failed lookup until the cache entry hits its expiration time, which can 
vary from caching server to caching server.  I suspect that this is what 
happened.

* What if the caching server *doesn't* have an entry?  It then does a 
query against the DNS root servers to find out where the DNS server for 
the domain "foo.com" resides, and then queries the foo.com's server 
directly for host "bar", the server responds with the appropriate DNS 
entry, which is then cached by the caching server, and pushed down the 
chain to the client.

So, my guess: Volker's intermediate caching server tried to do a resolve 
against his dynamic DNS provider's server, and it failed for some reason 
-- perhaps maintenance, a routing glitch, whatever.  That failure then 
got cached by the caching server, and was there, repeatedly failing for 
him, until the entry expired.

-Ken

> 
>> If not then the ddns is pointless.
>> If it does but provides sketchy service you should change ddns 
>> provider.
> 
> I've already found me a new (non-commercial) one. But the automatic 
> updates
> (as to be done by ddclient) don't work yet.
> 
> Goodbye,
> Volker

More information about the ubuntu-users mailing list