CloudFlare a déployé #EncryptedClientHello fin septembre. Pour voir une config ECH, c'est notamment dans le #DNS (forcément :) ) dans l'enregistrement #HTTPS. Exemple sur un site chez CF
Są tu spece od Dockera? Próbuję uruchomić kontener Dockera używają Podmana (https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md), ale utknąłem. Po wielu próbach, kombinowaniu, aktualizacji setek programów, utknąłem na niemożności uruchomienia kontenera, bo twierdzi, że port 53/tcp jest w użyciu. Zrobiłęm już chyba wszystko, co mi wpadło do głowy, czyli wyłączenie systemd, wyłączenie nasłuchiwania przez systemd na porcie 53 i nic to nie daje. Co ciekawe, netstat nie pokazuje portu 53 jakoby był w użyciu, więc nie wiem nawet, jaki program może tego używać. Co ciekawe, jak wziąłem nmapa z innego hosta, to pokazuje, ze port 53 jest zamkniety, wiec cos tam nasluchuje, ale nie wiem co.
Podobno podman używa jakiegoś własnego serwera DNS do zarządzania siecią między kontenerami, ale nie ogarniam tego, a i nie wiem, czy tu może być problem. Poza tym serwerem podmana, nie przychodzi mi juz nic do glowy.
DNS mystery. No DNS is able to resolve journa.host (one of the Mastodon instances here). Shows up okay on whois, but fails on nslookup. #NSLOOKUP#DNS (Last update: they had a DNS issue and it took awhile for them to figure it out, fixed now)
Dis #masto, est-ce que tu as déjà constaté ceci sur un #FP5 sous #Murena /e/ à jour (1.21) : point d'accès wifi activé sur le téléphone, depuis un autre téléphone, la connexion apparait comme "limitée", et pas de navigation web possible. Pareil depuis un ordinateur connecté à l'AP. Comme s'il n'y avait pas de #DNS. Pourtant, depuis l'ordi, un ping vers une IP passe, un ping vers un tld passe aussi. Testé en DNS "auto", Quad9 ou ceux de @franciliens. Une piste ? @Khrys@thouand_e@gael@parinux
My #DNS hosting provider is having a major issue with #DNSSEC, so all of my domains are down. :blobcateyes:
Sigh. Removed DS records. All should be back up and running in 24h or so. Some are already back up and running.
Yes, I will re-enable DNSSEC as soon as stuff is back up.
Yes, this is a serious consideration for anyone thinking about to enabling DNSSEC.
Yes, I do hope one day this will get solved better and DNSSEC will not be so brittle.
Vous vous en fichez mais je découvre qu'il y a un résolveur #DNS public en Inde (apparemment géré par le registre du .in) et il a une bonne adresse #IPv6 (et elle répond aux ICMP echo).
Comme quoi les adresses IPv6 ne sont pas forcément plus longues et plus dures à mémoriser que les adresses IPv4.
Tipp Nr.18: Eine einfache Möglichkeit, Werbung und Tracker auf Android bzw. iOS systemweit (in allen Apps) auf Eis zu legen, ist die Blockierung über einen DNS-Anbieter. Das geht ganz einfach und ist gerade für Anfänger/Einsteiger super geeignet. In 5 Minuten ist alles erledigt (inkl. Lesen).
Random #DNS fact of the day : 129 out of the 1465 domains in the root zone (roughly 8.8%) have a TXT record. Most of them (52, 40.6% of the records) are just : "Generation Time: <UNIX timestamp>" (eg. as. TXT)"
Some of them are more explicit (see cg. TXT or tm. TXT)
@afnic puts a crytpic message in its zone, surely the number of changes since last update (see fr. TXT, eg. "296 RRs processed [25/09/2023 13H10:42" please note the ugly date format "H" :P )
Vous voyez la différence ?
keepass.info
ķeepass.info
Présenté comme ça c'est facile à voir, mais dans une utilisation quotidienne on peut facilement passer à côté.
Surtout quand c'est le premier lien renvoyé par Google quand vous recherchez Keepass (merci Google ! :blobglare: )
Dear #Pythonistas, in the spirit of "it's always #DNS", are you aware of something that might break this?
On an #IPv4/v6 dual-stack client, you make a requests.Session.get() call. The target host name is a CNAME record that points to several round-robin A records but no AAAA records. The endpoints all listen on IPv4 only.
Have you come across any situation in which requests may be misbehaving in such a way that #IPv6-to-v4 fallback doesn't work, and the call would result in a ConnectionError?
ugh i don't even know how to search for this properly
there's a domain that lists two DNS servers, one is fine, the second is a non-resolving hostname. it's not just not answering: it doesn't even resolve to an IP address.
(no, it's not just me, google DNS can't resolve the broken one either.)
if my instance of bind9 on my domain's DNS server tries the broken nameserver first, it obviously fails to resolve in any form.
the problem is that it does not proceed to try the server that I know is working, and it should.
i've told the domain's owner that their DNS is fucked up and how, but really, I shouldn't've ever noticed.
anybody got any ideas why bind9 isn't trying the second server? because this is dumb.
Für Anfänger/Bequeme: Werbung und Tracker unter iOS/Android systemweit verbannen. Eine niederschwellige Anleitung, um endlich Ruhe zu haben - ohne viel tun zu müssen. Unbedingt empfehlenswert! 👇
Okay, my current problem: I have a domain at a webhoster of which I want to use a subdomain at Hetzner in a Cloud VPS. But it seems I am either too dump to do that or something went horribly wrong... Does someone have a tip or even a tutorial on how to do that?
Edit: The domain now resolves to the IP, but I can't ping the server.
So, does anyone know how to contact #Cloudflare when for some reason their #DNS simply... doesn't list my domain anymore? Others do and my authoritative DNS does as well.