The Ask Mr. DNS Podcast

In this podcast, Matt and Cricket answer Leen Besselink’s question about the viability of Dan Kaminsky’s proposed use of a clever DNSCurve concept in DNSSEC, and Matt offers his high opinion of the Dutch people (surely risking retribution by his Swedish countrymen).  Then they turn to Josh Baverstock’s question about why the LOC record failed to catch on, despite its obvious utility to cruise missiles with stub resolvers.  Finally, in yet another of their “Why, back in my day…” sessions, they lament the loss of summer vacations that lasted through Labor Day.

Download MP3 of this episode

In this episode, Matt and Cricket reveal the first R-rated movies they saw and the circumstances in which they saw them. Oh, and they answer Rob Szarka’s question about the maximum number of NS records a zone can contain and Matt’s unnamed colleague’s question about why we need intrazone NS records at all. Then Matt gives us an insider’s look at the Root Zone’s Key Ceremony.

Download MP3 of this episode

In this episode, for the first time ever, Matt and Cricket are joined by a dozen DNS dignitaries to answer a question from Alejandro Acosta about when to plug trust anchors into his name servers’ configurations and begin validating, and Bob Lee’s question about which tools to use to check his zone data and his name server’s configuration.  Then they discuss DENIC’s recent Worst Day Ever after they published a truncated zone data file for .DE.  And Mr. DNS is amazed to learn how many dynamic zone hosting services are blocked from China.

Mr. DNS sends special thanks to Dyn Inc. for their support of this Ask Mr. DNS episode.  Dyn provided the venue, the equipment and their famous New England hospitality.  Thanks also to all of the panelists for their good humor and participation.

Download MP3 of this episode

In this episode, Matt and Cricket reminisce about G jobs and the Good Old Days at pre-Carly HP, and answer Noe Nevarez’s question about apparent timeouts in nslookup and Alan Shackelford’s question about the effect of signing a parent zone on its subzones.  Then Matt plugs DNS-OARC in an act of contrition and proceeds to throw Cisco under the bus for offering an option in CNR that’s less than infrastructure-friendly.  And finally – and somewhat predictably – the conversation veers off into movies featuring people who can’t form long-term memories (though, incredibly, they forget Dory in “Finding Nemo”!) and upcoming business travel.

Download MP3 of this episode

In this episode – returning after an unintentional hiatus – Matt and Cricket touch the third rail of DNS security, the DNSSEC versus DNScurve debate, by answering Yiorgos Adamopoulos’s question.  They also answer Shane Wegner’s question about minimal responses, Matt brings Cricket up to date on progress in the effort to sign the root zone (including a reference to slides by Duane Wessels from NANOG 48), and Matt describes a recent “brush with greatness.”

Download MP3 of this episode

In this episode, Matt and Cricket answer listener Paul Petersen’s question about how to register subdomains in country-code top-level domains around the world, and Ismael’s question about whether an RRSIG record’s signature validity can extend how long the signed RRset is cached.  (And if you understood that last part, you probably don’t need this podcast.)

In addition, Matt and Cricket talk about the latest news in DNS, including the signing of the root zone, which Matt knows all about, and the introduction of (and uproar over) Google’s Public DNS service.

Though Matt contributes most of the technical answers, Cricket does score a small coup by remembering that the late Frank Gorshin played the half-blackfaced/half-whitefaced Bele in the original Star Trek episode “Let This Be Your Last Battlefield.”

Download MP3 of this episode

In Episode 11, Matt and Cricket manage to answer four (count ‘em, four!) questions – except that they don’t really know the answer to Paul Roberts’s question about forwarding and delegation.  However, in their own, inimitable style, they answer Yong Tak Ming’s question about forwarding, Samar’s question about how to configure his resolver so that he isn’t forced to type fully qualified domain names all the time, and Dirck Copeland’s questions about the Kaminsky vulnerability.  And if you stay till the bitter end, you’ll learn where Matt and Cricket got their starts in DNS and why Cricket’s never seen a World Series game.

Download MP3 of this episode

In this episode, their triumphant Labor Day return to podcasting, Matt and Cricket answer Alfredo Colón’s question on hypothetical restrictions on the IP address that a domain name may map to, and then slap Austin Ekwebelam’s wrist for asking how to disable a useful extension like EDNS0.  In the process, Cricket reveals how the host hp.com got its name and why he never made it further in HP’s IT organization.

Download MP3 of this episode

In our ninth episode, Matt and Cricket answer listener Scott McClanahan’s excellent question about the “zone apex” and tell Duncan Hart what gear they use to produce the podcast and why it’s better than their old gear.  Except that Matt fails to mention the name of the mic he uses.  (It’s a Shure BG 4.1.)

As per usual, the discussion deteriorates into a windy exposition of how DNSSEC works, but you’ve come to expect that by now.

Download MP3 of this episode

In this episode, Matt and Cricket congratulate an administrator at a community-spirited ISP for wanting to lock down recursion on his name servers and offer their opinions on when you should sign your zones using DNSSEC.  Cricket also invites all podcast listeners to an upcoming webinar on DNSSEC with Dan Kaminsky and Scott Rose, which is – gasp! – on Wednesday of this week.

You’ll especially want to stay tuned until the end, when you’ll hear Cricket sing (poorly) part of the revised version of the “Itchy and Scratchy” theme song.  Plus Matt thinks he sounds funny throughout.

Download MP3 of this episode