Subj : Joining the Echo
To   : Michiel van der Vlist
From : Tommi Koivula
Date : Fri May 26 2023 19:18:16

On 26 May 2023 17.50, Michiel van der Vlist wrote:

>   MV>> Odd. It is my understanding that when an IBN flag and an
>   MV>> associated host name are in the nodelist, all binkp.net does is
>   MV>> create a CNAME. A proces that is IP version agnostic...
>
>   TK> Only IF binkp gets the information from the nodelist, it creates
>   TK> CNAME.
>
> I see...
>
>   TK>  There are other ways. See https://binkp.net/faq.html
>
> Hmm, too hard to read for me...

I'm sure you know how to use google translate. :)

=google=
Answers to frequently asked questions about the binkp.net zone
Brief information
binkp.net - a domain that is designed to specify the IP addresses of fidosh nodes that support the binkp protocol. Any sysop can go to http://binkp.net , enter their fidosh address, and a code word will be sent to him in netmail. Using this code word, i.e. after confirming the receipt of netmail at the specified address, you can register, i.e. enter a password, and specify the Internet address or addresses of your site. Subsequently, you can change them through the same web interface. You can also specify that the IP is dynamic, then when polling the service address 2:463/68.168 with a password from the site, the IP of the calling party will be registered in binkp.net as the host address (if the mailer really answers via binkp on this IP).

It is convenient to use the binkp.net domain as the root-domain for binkd (any DDN is also suitable for this role).
There are subdomains:
ddn.binkp.net - information from the nodelist (and only it);
node.binkp.net - addresses of nodes explicitly specified via http://binkp.net;
dyn.binkp.net - dynamic IPs.
The main binkp.net zone contains a collection of information from these three sources.

Q: Is it possible to use an address from the binkp.net domain in the nodelist? After all, the data is taken from the nodelist to the binkp.net domain, won't unzip.zip work?
A: Of course, if someone has registered an address from binkp.net for their node without specifying it in the binkp.net zone, such a node will not be available. Exactly the same situation will be with any other domain. Before you enter your Internet address in the nodelist, you need to make sure that this address exists and is accessible, regardless of the domain. binkp.net is not original in this respect.

Q: Isn't binkp.net a single point of failure (SPOF) for fidonet?
A: First, binkp.net is less commonly used in the nodelist than, for example, dyndns.org, but no one is saying that dyndns.org is a single point of failure.
Secondly, binkp.net is nothing more than a convenient service for many sysops. Yes, it is currently unique (any fidoshnik can register the address of his node there, plus there is a dynamic IP service adapted specifically for fidosh needs), but no one bothers those who fear that binkp.net is SPOF because of this raise your like. The binkp.net domain is not SPOF by design.
You can draw an analogy. Let's say I made a good site (convenient, reliable, with auto-registration of links via the web, all sorts of statistics, with mahjong and geishas), and sysops threw downlinks to me. Is it appropriate to say "this node should be banned and closed because it is a single point of failure!"? Thirdly, if something happens to me or my node (for example, I suddenly decide to leave fido), the binkp.net domain will not stop working immediately, and even after it stops working, information about the contents of the zone will not be lost (in unlike fidonet.net), because fresh copies are available from other fidoshniks. The binkp.net domain itself now has four authoritative independent name servers (two in Russia and two in Ukraine).

Q: binkp.net is not a DDN, can it be used as root-domain in binkd?
A: Yes, binkp.net is not DDN, it is somewhat more convenient than DDN. In addition to information from the nodelist, it contains information explicitly provided by sysops and information about dynamic IPs, which makes its use more preferable. In other words, if the node address is in the nodelist (and, accordingly, in the DDN), then it is also in binkp.net, but the reverse is not true in the general case - there may be nodes, information about which is present in binkp.net and not in the nodelist although this situation is not normal.

Q: Why do we need a special domain for binkp? Why is it bad to specify addresses directly in the nodelist, using the INA or IBN flags?
A: No one is forcing you to use binkp.net. Those who find it more convenient to register their own domain or directly IP address in INA do so. But many people use binkp.net, which means they are comfortable with it, and it's strange to want to ban its use as unnecessary. If it is not needed, it will die itself, it is pointless to forbid the unnecessary. And it can be convenient for several reasons:
- faster update of information than in the nodelist;
- there is no need to interact with people (NC) to update information, everything happens automatically;
- for nodes with dynamic IP, it is enough to specify that the IP is dynamic and set up regular polling of the address 2:463/68.168 [129.159.205.15], after which its IP in the binkp.net zone will be updated automatically;
- not everyone has their own domain, and explicitly registering an IP address in the nodelist is not always good (in particular, because this IP address can change from time to time, even if it is "static").

Q: Is binkp.net secure enough? After all, one sysop can enter arbitrary information into the zone, on the basis of which mail can be intercepted.
A: Similarly, any third-party DDN, and in general any domain, is "non-secure". Moreover, the nodelist is even less secure, because (almost) any sysop can send a fake nodelist to the fileecho, and this nodelist will be accepted and applied by the rest of the nodes (few people have configured access parameters for the fileecho nodelist). Or not send it to a file echo, but send the regional segment to Ward (if there is a password link with it). So to say that the nodelist is more secure than binkp.net is strange.

Q: How reliable is binkp.net? If the binkp.net zone is cleaned due to a failure or malicious intent, there will be no old information, incl. and on secondary. And if the nodelist fails, you can use the previous version.
A: Nodlist build failures (region dropouts, etc.) happen regularly, rolling back to a previous version is a manual job that not many people do. DNS is much more reliable in this respect. In addition, not everyone has the previous version of the nodelist, usually the new nodelist overlaps the previous one. If, for security reasons, the sysop saved the previous nodelist, nothing would stop him from saving the previous version of the information from binkp.net (available at http://binkp.net/binkp-db ) in the same way.
=google=

>
>   TK> host f5858.n460.z2.binkp.net
>   TK> f5858.n460.z2.binkp.net is an alias for burrow.g0x.ru.
>   TK> burrow.G0X.ru has IPv6 address 2001:470:dcd0:0:f1d0:2:460:5858
>
>   TK> host f58.n460.z2.binkp.net
>   TK> f58.n460.z2.binkp.net has address 46.173.80.50
>
> So better not use those "other ways" ?

It depends what you want.

'Tommi

--- 
 * Origin: nntp://news.fidonet.fi (2:221/6.0)

.