Using dnscap to debug DNS problems on Linux hosts

DNS can often make a SysAdmins life difficult, since a misconfigured entry or a broken authoritative DNS server will cause things to fail in odd ways. If you are fortunate enough to use Linux on your servers and desktops, you have a slew of utilities available to look at problems. I’ve discussed a few of my favourite DNS debugging utilities in past posts, and recently added the dnscap utility to this list.

Dnscap is a command line utility that allows you to view ALL of the DNS requests sent over an interface in a dig-like or binary format. While tcpdump and company display traffic to UDP and TCP port 53, dnscap will actually decode the entries and give you everything you need to debug an issue in one place.

To use this super useful tool you can run it with the “-i” option, the interface to monitor along with the -g (dump the output in dig format) or “-b” (dump the output in binary) options:

$ dnscap -i eth0 -g

;@ 2011-01-26 16:33:21.892326 - 56 octets via eth0 (msg #0)
;: [192.168.144.91]:56239 -> [192.168.86.2]:53
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62131
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;	google.com, type = A, class = IN
--
;@ 2011-01-26 16:33:21.896426 - 240 octets via eth0 (msg #1)
;: [192.168.86.2]:53 -> [192.168.144.91]:56239
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62131
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4
;;	google.com, type = A, class = IN
google.com.		1m31s IN A	74.125.157.99
google.com.		1m31s IN A	74.125.157.104
google.com.		1m31s IN A	74.125.157.147
google.com.		1d6h57m32s IN NS  ns2.google.com.
google.com.		1d6h57m32s IN NS  ns3.google.com.
google.com.		1d6h57m32s IN NS  ns4.google.com.
google.com.		1d6h57m32s IN NS  ns1.google.com.
ns1.google.com.		1d6h51m10s IN A  216.239.32.10
ns2.google.com.		1d6h51m10s IN A  216.239.34.10

The utility will then display all of the DNS requests on your console, and you can review the detailed request / SOA data along with the record information. This is extremely handy for debugging problems, and I'm glad I came across this awesome little utility!

Thoughts on building your own NAS device

In a previous post I shared the research I did on the various NAS solutions that are available. I’ve been experimenting with the software solutions I described in that post, and have decided to forego a pre-built solution in favor of a DIY project. There were a couple of reasons for this:

1. The hardware costs were significantly less than the pre built solutions.

2. I have quite a bit more flexibility rolling my own box.

3. The commercial solutions come with a ton of bells and whistles that I don’t really need.

4. There are functional streaming solutions that run on top of Linux and FreeBSD.

5. I don’t have to worry about my NAS being EOL’ed or the company that sells it going under.

I’m not sure if I’m going to run FreeNSD or openfiler, but I have settled on my hardware. Based on a recommendation from a reader named Dave, I ordered a HP micro server along with 4 2TB Samsung disk drives. The server cost me $300, and I got the disk drives on sale for $80 each. That puts the total price tag for a NAS device with 8TB of RAW disk at just over $600. Not bad! I’m planning to do a thorough evaluation of freenas and openfiler, and will post my thoughts on the two as I start digging into them further. Also planning to do some serious performance benchmarks to see which performs better. Viva la NAS!!

*** UPDATE ***

Part two of this series is available here.

Making sense of the various NAS hardware and software solutions

This past weekend I realized I had a sufficient need at home for some type of centralized storage solution. Ideally this solution would allow me access my data from all of my machines via NFS, CIFS and iSCSI, and have some capabilities to stream music and videos across my wireless network. The number of NAS solutions I found astounded me, and I have been digging through reviews to see what is good.

During my research, I came across a slew of hardware and software solutions. The hardware solutions I added to my list came from various vendors, though I decided to scratch one large vendor (Drobo) after reading Curtis Preson’s blog post about his drobo support experience. Here are the hardware vendors that made it into my possibility list:

Buffalo Technology
Intel
Netgear
Synology
UnRAID

In addition to pre-built hardware, I also debated buying a low power system and running one of the following software NAS solutions on it:

EON OpenSolaris-based NAS distribution
FreeNAS FreeBSD-based NAS distribution
NexentaStor Community edition
OpenFiler Linux-based NSA distribution

Once I had a better feel for what was out there, I decided to pull out my notebook and write down the things that I wanted vs. needed in a NAS device. Here are the items I really wanted to have out of the box:

– Support RAID and drive auto expansion
– Support for NFS, CIFS and iSCSI
– Ability to run a DLNA/UPnP server to stream audio and video
– Easy to use and manage
– Low power consumption
– Extremely quiet
– Built-in hardware fault monitoring
– Well supported organization or community

The synology devices seem to provide everything I’m after and then some, but the FreeNAS and openfiler projects provide a lot of flexibility that can’t be matched by the Synology (e.g., all the source is available). I’m currently leaning towards the Synology DS411J, but I may end up nixing that idea and build a small quiet machine that runs openfiler/freenas. If you have a centralized NAS device at home that meets the checklist above, please let me know in the comments.

A walk down DOS memory lane

This past weekend I started cleaning out a ton of old stuff. Like most geeks, I hate to get rid of things that may *one day* be useful. While reviewing the contents of one of my tech tubs, I came across some nostalgic DOS software and books from the early 90s. The first item was a stack of old software, which included Turbo Pascal, Turbo Assembler, Turbo C++, System Commander and DOS 6.22 on 1.44″ floppy disks:

null

I also uncovered my good old DOS beyond 640K book:

null

Ahhhhh — this led me down memory lane. DOS was the first OS I used, and was were I originally learned assembly language. I recall vividly the nights of staying up until 5am writing my first TSR program and debugging assembly code. Back in those days there was no google, only IRC and a debugger. :) Looking back on it, DOS and the Borland editors were a blast to use!

Come one come all for cheap technical books! Book sale!

I did some spring cleaning this weekend, and have a bunch of technical books I would like to sell. Each book listed below can be had for $5, or three books for $10. I’m planning to ship with flat rate shipping, and will charge just the amount the USPS needs to get the book to you. If you are interested in one or more books shoot me an e-mail with the books you want and the zip code you are in. I’ll send you a reply with the total cost and you can then pay me via paypal. Once I receive your payment I will ship your books. You can contact me by sending an e-mail to e-mail, and here is the list of books for your viewing pleasure:

Advanced IP routing in Cisco networks
Code making and code breaking
Configuring and tuning databases on the Solaris platform
Configuration and capacity planning for Solaris servers
Core servlets and Java server pages
Effective C++
Expert Oracle database architecture
GNU autoconf, automake and libtool
Hackproofing your network 2nd edition
Hacking Linux exposed
HP-UX 11.X
Implementing ADSL
Linux Samba server administration
LISP 3rd edition
Lex and Yacc
Mastering Enterprise java beans and the java 2 platform Enterprise edition
Mastering Turbo Assembler 2nd edition
Oracle 8 and UNIX performance tuning
Optimizing Oracle performance
Professional Apache 2.0
Programming with UNIX threads
Practical programming in TCL/TK
Sun certified programmer (SCJP) for Java 5 study guide
Sun blueprints guide to high availability
The C++ programming language second edition
The revolutionary guide to assembly language
The SPARC architecture manual
Understanding the Oracle server
UNIX System V release 4
X windows systems administration guide for X11R5

All good things (opensolaris) must come to an end

This past weekend I unsubscribed from my last opensolaris mailing list. While reflecting on where technology is heading, I had to take a few minutes to reflect on where things were just a few years back. I remember vividly the day that the opensolaris.org website came online. After the announcement came out, I spent 24 straight hours signing up for mailing lists, reading documentation and reviewing the source code for a number of utilities. This had been all too easy with Linux, since all of the code and documentation was available in the public domain. But when the Solaris source came online, I felt like a 4-year old in a HUGE candy store.

Over the next few months I saw the community start to grow at a decent pace. The first opensolaris books (OpenSolaris Bible and Pro Opensolaris) were published, Solaris internals was updated to take Solaris 10 and opensolaris into account and every major trade magazine was writing something about opensolaris. Additionally, our local OpenSolaris users group was starting to grow in size, and I was beginning to make a number of good friends in the community. All of these things got me crazy excited about the opensolaris community, and I wanted to jump in and start helping out any way I could.

After pondering all of the things I wanted in opensolaris, I came up with a simple change that would allow me to get familiar with the development model. The change I proposed and coded up would allow dd to print the status of the copy operation if a SIGUSR1 signal was received. This feature was available on my FreeBSD and Linux boxes, so I wanted to see it on my Solaris hosts as well. I went through the hassle of filling out a form to submit code and then I sent my changes over to my sponsor. He replied stating that he would look things over and get back to me. That was the last time I heard from him and my follow up e-mail didn’t receive a response either.

I am not the type of person to pester someone to do something, so I didn’t sent another e-mail to request status. This of course let to my proposal dying a silent death. :( This was the first thing that led me to wonder if opensolaris would truly flourish, since all of the source code enhancements I had made to other projects were added back within days (and usually the authors were grateful). Since I knew contributing code was most likely not going to work, I decided to be active on the forums and propose changes that would better Solaris. This is when I started to get the impression that most of the design and development was happening behind closed doors, and not out in the open. Linux has prided itself on openness when it comes to design and development, so once again I started to question whether opensolaris would flourish.

So fast forward to the recent announcement by Oracle that opensolaris design and development would not be happening out in the open. In my opinion this never really occurred in the past, so I wasn’t one bit surprised by this announcement. They want to capitalize on the product (Solaris) they bought, and I can’t really fault them for that. Some people appear to have been caught off guard by this announcement, but the second Oracle bought Sun I figured open development would most likely stop. My only remaining question was what would happen to Solaris? Will Oracle eventually scrap it in favor of Linux? The cost to support two operating systems has to be relatively large, and I have to assume that there are some folks at Oracle who are evaluating this.

The Oracle announcement appears to have stirred some things up, and a number of new things came about as a result of it. The Illumos project was erected with it’s goal of making opensolaris development open. While this is a great idea in theory, I’m skeptical that the project can truly succeed without Sun/Oracle engineering. The amount of code in Opensolaris is rather large, and I have to assume that you would need an army of engineers to design, develop and QA everything to make it battle ready. I truly wish this project the best, and hope it gets the momentum it needs to succeed (Garrett D’Amore is a sharp dude, so the source is definitely in good hands!).

About a year ago I ditched Solaris in favor of Redhat Linux, which appears to be a growing trend amongst my SysAdmin friends. I like that Linux development is truly open, and the distributions I use (RHEL, CentOS and Fedora) provide the source code to the entire Operating System. The Linux distributions I use also have a large number of users, so getting answers to support or configuration issues is typically pretty easy to do. There is also the fact that the source is available, so I can support myself if no one happens to know why something is behaving a specific way.

This post wasn’t meant to diss Solaris, OpenSolaris or Illuminos. I was purely reflecting on the road I’ve traveled prior to embracing Linux and giving up hope in the opensolaris community. Hopefully one day Oracle will make all of the awesome Solaris features (DTrace, ZFS, Zones, Crossbow, FMA) available to the Linux community by slapping a GPLv2 license on the source code. I would love nothing more that to have all of the things I love about Linux merged with the things I love about Solaris. This would be a true panacea as far as Operating Systems go! :)