26 minutes ago

Xubuntu 22.04: no DNS after PXE/overlay boot #2204 #networkmanager #dns #pxe

PhantaNews ✅
1 hour ago

Halleluja! OLG Dresden verneint #Störerhaftung für #DNS-Anbieter

NLnet Labs
2 hours ago

We're excited to release NSD 4.8.0. Our authoritative #DNS server now features the PROXY protocol, which was graciously sponsored by the Swedish NREN, Sunet. 🙌🇸🇪

4 hours ago
Hello Lagos!
We are very happy to announce that we are now active and ready for #peering at AMS-IX Lagos!
Thank you MainOne @MDX_i Lagos and @AMS-IX Lagos for helping us to make this happened!
#dns #peering #Quad9
Thomas Rigby
5 hours ago

Sharing an interesting message from our QA Manager about a site deployment erroneously flagged as malicious and how to fix it
#devops #deployment #dns #webdev

bend your own rules
6 hours ago

after spending a good week moving my #freebsd cloud install over to a more modern #linux cloud install, with all my services and web hosting, naturally today I decided my cloud host sucks and moved over to #hetzner

because I haven't fucked with #DNS enough in the last two weeks, obviously

at least I'm saving some money

What is #crowdsourced #dns filter lists by the people, for the people , of the people ?
i mean - politically

11 hours ago

Netplan DNS configuration is overridden UBUNTU 22.04 #dns #netplan #systemdresolved

Michał Górny
18 hours ago

Goodbye, CloudFlare #DNS. Welcome,!

systemd-resolved config:


#Gentoo #privacy

18 hours ago

I've successfully set up [Mox]( by Mechiel Lukkien as my new mail server. It handles SMTP, IMAP, SPF, DKIM, and DMARC. It has a built-in spam filter, a web interface, webmail, autoconfiguration and it can show a checklist whether your DNS is set up correctly or not. All in a single binary! Pretty cool stuff. I'm planning to test various other solutions and document it on my blog soon.

#admin #sysadmin #mail #email #smtp #imap #dkim #spf #dmarc #dns #web #webmail #mox

18 hours ago

This is the wildest thing I've ever seen.
#root #dns #tech #ksk #kskceremony

#Unbound supports DNS-over-TLS and DNS-over-HTTPS which allows clients to encrypt their communication. In addition, it supports various modern standards that limit the amount of data exchanged with authoritative servers. These standards do not only improve privacy but also help making the DNS more robust. The most important are Query Name Minimisation, the Aggressive Use of DNSSEC-Validated Cache and support for authority zones, which can be used to load a copy of the root zone.

If you'd like to use #redis with my @nlnetlabs #unbound #docker image using rather a #socket than #tcp connection, this should get you covered:

#dns #dnssec

20 hours ago

J'en avais marre du #DNS de #Free qui bloquait @YggTorrent
Et là.. j'ai découvert le site qui est super claaaaair !!


22 hours ago
Hello Delhi!

We are very happy to announce that we are now active and ready for #peering at NIXI Delhi!
Thank you @CtrlSDC and @inregistry team for helping us to make this happened!
#dns #peering #Quad9
22 hours ago

Automation is key!

There's a saying that IT professionals tend to be lazier than others - any maybe there's some truth to it. But is it really a bad character trait? Not necessarily.

Lazy developers and admins automate. They don't repeat the same set of tasks over and over again, but instead come up with an idea to make their lifes easier and more convenient ;-)

As even ZERO GmbH is not safe from lazy developers, we have automated some processes in our IT - including the setup of various software components for our #AMPS nodes and the associated IT infrastructure, such as #VPN and #DNS setup.

This saves us a huge amount of time. A quarter of an hour of manual labour can become a few seconds of waiting time and we have time for more interesting tasks :-)

We mainly use the Ansible configuration tool, which we like because it works without an additional daemon on the target and via a simple SSH interface.

#ansible #it #devops #infrastructure #automation

22 hours ago

At ZERO GmbH, we're managing a lot of #AMPS Nodes (see: Most of them are connected to our management VPN. Each of the nodes has a unique identifier (serial no.).

We've set up an internal DNS server that resolves their serial bumber-based FQDN and returns the corresponding VPN IP address. Thus it's easy to find the correct VPN and IP address to start maintenance or troubleshooting :-)

Our requirements on a DNS Server are quite low. We could have picked THE ONE, the only, the allmighty Bind DNS server - but instead we tried something different:

Yadifa is a less-known DNS server implementation by EURid - the nonprofit organization that powers the .eu top level domain!

We were surprised of the simplicity of Yadifa and had our DNS Server up and running in minutes! If you're looking for an easy to configure DNS server, check it out.

#dns #bind #sysadmin #yadifa #eurid #domains #vpn

Jan Schaumann
23 hours ago

The .ing and .meme #domains have their sunrise registration phase ending in about 90 minutes and enter general availability. Get 'em while they're hot!

See more #DNS #TLD stats here:

Zone stats: # of domains in .ing

Timeline graph showing significant increase in registrations over the last few days from 150 to 900.
Zone stats: # of domains in .meme

Timeline graph showing significant increase in registrations over the last few days from 28 to 250.
1 day ago

Configuring CoreDNS is easy, but managing more than one or two zones quickly becomes cumbersome 😓. DNSimple’s CoreDNS integration makes managing zones simple 💪. Once the CoreDNS plugin is installed and connected 🔌 to DNSimple, zone managers can use the DNSimple UI or API to add, edit, and remove #DNS records, including custom DNS records and functionalities, like regional, #ALIAS, #POOL, and #URL records from their #CoreDNS zones. Learn more 👉 👉


OpenCage 👉🌍
1 day ago

9. 🇸🇮 Slovenia's ISO 3166-1 alpha-2 code is "SI" and its internet top level domain (TLD) is .si

Because "sí" is also the word for "yes" in Spanish, .si domains are occasionally seen as a form of domain hack in the Spanish speaking world.

#geoweirdness #dns

1 day ago

@forumstandaardisatie @minbzk @nora @internet_nl @ministerieezk sjongejonge
#dns #dhcp van lijst standaarden af.
Spijkers op laag water mensen

1 day ago

Router changing default gateway when creating a DNS #dns

1 day ago

How to add multiple domains to my dns server? #dns #domainserver

Petr Menšík :fedora:
2 days ago

Just posted #dnsconfd talk proposal to #fosdem #dns room. Well, a lot work needs to be done first.

2 days ago

New little test service for fans of #RFC 9460 (#DNS SVCB and HTTPS RRs): Go to to see whether your browser uses the ports indicated in DNS.
So far it seems like Firefox only uses it when DoH is enabled (no matter whether the network.dns.force_use_https_rr flag is set in about:config or not); I didn't get Chromium to use it yet.

2 days ago

How to manually create your own nameservers and manage multiple domains(without the help of control web panels) #networking #apache2 #dns #domainserver

Dan York
2 days ago

For those of us in the admittedly obscure world of #DNS security and #DNSSEC, this is very important as it marks a transition to elliptic curve algorithms…

… but for probably 99.9% of Internet users, this is serious “eyes glaze over” territory. 😃

From: @rr

2 days ago
Hello Chennai!
We are happy to announce that we are now active and ready for #peering at NIXI Chennai!
Thank you @NIXI team for helping us to make this happened!
#dns #peering #Quad9
Renée Burton
2 days ago

Some of our folks are giving a technical webinar December 13th on SMS Cybercrime -- a DNS perspective. They will cover the malicious link shortener Prolific Puma and how we discovered it, what we see from an MFA phishing perspective, and look at what DNS actors doing all that USPS phishing look like. #dns #cybersecurity #infosec #phishing #prolificpuma #sms #malware #cybercrime #infoblox

3 days ago

Changing dns to OpenDns works only in the current session, not for my child and not after reboot #networking #dns #opendns

Alsace Réseau Neutre
4 days ago

Chez ARN, on aime @lacontrevoie qui a produit plein de belles choses:

- un résolveur #DNS ouvert compatible #DoH
- des #conferences
- de la doc technique pour les autres @ChatonsOrg

Aujourd'hui, cette asso vient de publier sa feuille de route et n'attends plus que vos dons pour les aider à garder le cap.

Je fais un don et je pose mon étoile dans la constellation:

4 days ago

I've been a #gandi user for around 20 years I think ... But, the acquisition and some pricing make me want to move away from them ...

What do you use ?


Weiß jemand, wie man es bei #firefox hinbekommt, schneller zu merken, das eine per #pihole geblockte domain, wieder entblockt wurde?

Ich vermute mal firefox hat einen eigenen #DNS cache? Wie kann man den leeren? Oder deaktivieren?

Patrick Mevzek
4 days ago

Thanks to @feistyduck Bulletproof TLS Newsletter I learned the `.et` #ccTLD publishes #CAA records in the #DNS, alone among all TLDs. With at least an error (using `wildcard` property for one instead of `issuewild`) and 0 TTL values. Because of "climb to the root", it impacts transitively any domains under `.et`. I kept this for posterity at as it should be a fluke that will disappear (seems APNIC in May searched and found 0 TLDs doing that:

Rob Ricci
5 days ago

Analyzing what appears to be a large #DNS #DDOS attack

Why Memorize IP's When You Can Self-Host #DNS Instead?

ϺΛDИVTTΛH :fosstodon:
5 days ago

I've updated my @nlnetlabs #unbound #docker image and build environments to #alpine #linux 3.18.5 and optimized the #openssl and image #dockerfiles a bit. The size got reduced, too. The version is 1.19.0-2 now.

It's almost the image's second anniversary, btw! 🥳

#dns #dnssec #homelab #selfhosting #privacy #security

Ang Black
5 days ago

Google wants you to bring the laughs with its new .meme domain | TechRadar

> The new top-level #Google .meme domain is here to support lol-worthy content.


5 days ago

Managing multiple AWS accounts? Experiencing DNS or domain sprawl? 😓 Get a clean, simple overview of all your domains and DNS in one place 😉. Manage your Route53 zones in DNSimple with our Domain Control Plane 👉 #aws #route53 #domains #dns

John Shaft
1 week ago

Je pars en retard du boulot, mais j'ai vu passer un mail où les gens se grattaient la tête car il y avait un nom de domaine bizarre commençant par "xn--" dans une de nos applis.

J'étais contractuellement obligé d'expliquer (sans citer de RFC pour ne pas achever les interlocuteur·trice·s) :) #DNS #IDN

Thomas Cannon
1 week ago

Today, I FINALLY got fed up with the subtle bugs that come with `` being such a short domain name; such as Rails' `domains: :all` not working by default (it's documented behavior! This sucks!

So I registered ``. No matter what you throw, it always resolves to ``. So you can test against subdomains without TLD hacks. Your testing environment matches production; as it should be.

#Rails #testing #DNS #IndieHackers

Shawn M. Jones, PhD
1 week ago

Thanks to those who helped with my #DomainRegistrar search. I wanted to act before #GoogleDomains transferred my #Domains to #Squarespace.

After a review of suggested companies’ histories, websites, and pricing, I’ve started transferring my domains to #Porkbun. #Google has made it fast to transfer domains out of Google Domains. The transfer was done in an hour, unlike the 7+ days that put me through in 2021.

#GoogleGraveyard #TechHelp #Recommendation #DNS #Domain #Websites

A screenshot of a user interface showing registered at Porkbun.
Shawn M. Jones, PhD
1 week ago
1 week ago

If you have #domains hosted with #Gandi, you need to check your mail from them. They are eliminating the mailbox service at the end of this month; any domains where you were hosting email at Gandi, you need to get an email account elsewhere. #DNS

Artikel10 e.V.
1 week ago

🚚 Hinweis 🚚

Unser DNS-Resolver ist auf einen anderen Server umgezogen. Wer ihn direkt über die IP-Adressen verwendet, sollte diese ändern! Mehr Infos (und die aktuellen IP-Adressen):

#DNS #Privacy

Shawn M. Jones, PhD
1 week ago

Great responses! This is what I love about #Mastodon.

@shuLhan — Thanks for a vote against #Squarespace.

On the positive side, thanks for #recommendations of:
* #CloudFlare from @aohorodnyk
* from @Lesley
* from @ipstenu

Does anyone else have a #recommendation for a #DomainRegistrar whose UI lets me make changes to my #DNS #domain without being bombarded by #ads (or outright failures) in the process?

#TechHelp #Websites #Domain #DomainRegistration #Advertisements #Google

Shawn M. Jones, PhD
1 week ago

Years ago I switched my #DomainRegistrar from to #Google #Domains. I liked the Google Domains UI. It let me get in, make changes, and get out without being bombarded by #ads.

I should’ve known Google would kill a decent product.

They're selling each #domain to #Squarespace. Does anyone have experience with Squarespace? Is their #DNS interface as clutter/ad free? Should I transfer to #WordPress instead?

#TechHelp #Websites #Recommendation #DomainRegistration #Advertisements

Text from Google Domains that reads:

Squarespace is the registrar of record for your domain. However, Google will manage your domain during a transition period, and Google's Privacy Policy and Terms of Service will apply during that period. Your customer and billing information, if applicable, will subsequently be transferred to Squarespace. Upon transfer, your data will be governed by Squarespace's Privacy Policy and Squarespace's Terms of Service will apply. More information can be found here.

To learn more about Squarespace Domains and Squarespace's plans, visit the Squarespace Domains page.
Text from the Squarespace Help Center reading:


The migration hasn't started yet. If you’re a Google Domains customer, continue to go to and click Manage Domains in the top-right corner to manage your domains. We'll email you when your domain(s) move to Squarespace. No action is needed yet.
Airikr :endeavourOS:
2 weeks ago

I installed Portmaster[1] on Windows 10 (VM) and blocked Adobe Lightroom Classic. That made the whole software to freeze and become non-responsive.

319 connections so far, 0% blocked. The software talks to some subdomains for (photos, lcs-cops, ic, lcs-robs, and a few more) and

Oh how I wish darktable were just like Lightroom: automated and easy to use.


#privacy #firewall #dns #OpenSource #darktable #lightroom #adobe

Gavin Brown
2 weeks ago

There's now a mailing list for those interested in the new Registry System Testing system that #ICANN is building for the next round of gTLDs:

I'll be talking about the new system (fully automated, API driven, machine readable test plans and open source code) on an upcoming call of the SubPro[1] IRT[2]:

We need subject matter experts on #DNS, #DNSSEC, #EPP, #RDAP and #IDNs to review our work and make it better!


🙃 ɐıunp zsɐɯoʇ :idle:
2 weeks ago

Dzisiaj na #blog o tym jak przeniosłem instancję #WriteFreelyPolska ( z #VPS od #Oracle do @ftdl oraz o tym jak zmieniłem providera #DNS z #Cloudflare na #FreeDNS42 ( W sumie to bardziej o tym drugim 😉 Taki wpis o tym, że Cloudflare jest złe i pokazanie fajnej alternatywy 😉


Oracle -> FTdL
Cloudflare -> FreeDNS::42
Trevor Flowers
2 weeks ago

I'm not enough of a protocol or encryption wonk to have a firm opinion on the newly published RFC for this alternative to #DNS named #GNS but I sparkleheart the design goals. From a cursory reading, it seems like it isn't a boil-the-ocean solution (unlike so many other GNU initiatives) so perhaps it can gain momentum in niches and work its way out from there.

2 weeks ago

So my recommended #DNS setup for #privacy aware individuals is: always use a public resolver that is operated by a third party you trust. Maybe that is @quad9dns or @mullvad or @digitalcourage. This way your DNS requests are hidden behind their IP 9/n

2 weeks ago

I am a little surprised that a lot of people use their own #DNS resolver for #privacy reasons. I think this is counter productive and putting their privacy at risk. Let me explain why in a thread and offer a better alternative 1/n

2 weeks ago

The three most popular DNS protocols with transit encryption are DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNS-over-QUIC (DoQ). This should help you choose what to use:

  1. Do you actually need to override OS DNS support? If not, or if you’re unsure, go to 6.
  2. Are you ready to implement DNS protocols correctly, or add a dependency that does so? If you’re not, go to 5.
  3. Does the network filter DNS traffic? If it does, go to 5.
  4. Do you already have QUIC support? If not, use DoT. If you do, use DoQ.
  5. Do you have an HTTPS stack? If you do, use DoH.
  6. Give up and delegate to the OS.

Let your HTTPS stack handle HTTP/1.1 vs. HTTP/2 vs. HTTP/3 support; don’t treat DNS-over-HTTP/3 as a separate protocol. I don’t know enough about DNSCrypt to make an informed recommendation about it, but DoQ and DoH meet my needs well enough.

Originally posted on (POSSE).

#DNS #DoQ #DoH

3 weeks ago

What is everyones favorite DNS service and why? Or do you just use the one of your provider? Bonusquestion: do you use DoT or DoH?
#DNS #privacy #cybersecurity

Ubuntu Peronista
3 weeks ago

An Anycast DNS server of the .ar domain was installed today in the Argentine Antartic Sector, improving IPv6 and legacy IPv4 data network availability. #Anctartica #DNS

Aral Balkan
3 weeks ago

Anyone else seeing random DNS lookup failures from systemd-resolved in #fedora39?

e.g., if you run:


(Random SERVFAIL errors.)


resolvectl --no-pager status; resolvectl query

(Random “'' does not have any RR of the requested type” and SERVFAIL errors. Calls reportedly routed from stub at → my router. DNS on router set to &

It’s always DNS… :neko_roling_eyes:

CC @fedora

#linux #fedora #dns

Pieter Lexis
3 weeks ago

DNS DevRoom at FOSDEM2024 - Call for Participation

Come join @habbie, me and other DNS nerds!


#DNSSEC: bringing together the legendary robustness and lack of obscure failure modes of the #DNS and a #PKI

3 weeks ago

Erste Empfehlungen des Nachhaltigkeitsrats zur Fortschreibung der #DNS angesichts aktueller Krisen: u.a. mehr parlamentarische Diskussion, ein klares politisches Leitbild, Nachhaltigkeit als Staatsziel im GG und ein nachhaltiger Bundeshaushalt. Hier lesen:

Links zu sehen ist das SDG-Rad mit dem N-Logo des Nachhaltigkeitsrats - rechts der Text "Presse" Wege aus den aktuellen Krisen: Erste Empfehlungen des Nachhaltigkeitsrats zur Fortschreibung der Deutschen Nachhaltigkeitsstrategie.
Jan Schaumann
3 weeks ago

Oh, and lastly, this whole Mastodon thread as a much more convenient blog post 😜:

#dns #svcb #https #rfc9460 ✌️

Jan Schaumann
3 weeks ago

Still, despite being a just recently finalized RFC, the use of#RFC9460 HTTPS #DNS records has already grown beyond just sporadic.

I do expect CDNs to lead further adoption efforts here. The adoption of #ECH, effectively tied to the HTTPS record, will then hopefully also increase.

I know I'll be keeping an eye on that.

Jan Schaumann
3 weeks ago

Hey, so #RFC9460 HTTPS/SVCB records are neat, right?

- speed up your time-to-first-packet (by basically stuffing the Alt-Svc HTTP header / ALPN TLS extension into the #DNS);
- let you do redirection on the zone apex without using CNAMEs;
- allow for simple DNS load distribution and failover;
- obviate HSTS and the cumbersone preloading process;
- enable stronger privacy protections via Encrypted Client Hello aka #ECH

Periodic reminder that AdGuard DNS is probably the easiest way to keep ads out of your entire home, and all your devices.

No need to install anything, no account, it's free. Just point your router to AdGuard's servers.

#AdBlocking #ads #security #privacy #dns

Seems like Soulseek is having some DNS troubles today.

I had to hardcode the IP addresses in my hosts file for it to work.

Other folks have reported that switching to OpenDNS worked for them.

#Soulseek #DNS #filesharing

Jan Schaumann
4 weeks ago

If you liked my past #dns research on centralization of the internet with respect to NS, MX, CAA, A/AAA records, you'll probably also enjoy this #apnic blog post by Johannes Zirngibl on parked domains:

NLnet Labs
1 month ago

The #PROXY protocol in our authoritative #DNS nameserver NSD is coming up next!

NLnet Labs
1 month ago

Unbound 1.19.0 is now available. This release of our recursive #DNS resolver fixes a number of bugs, and adds some smaller features. The redis-logical-db option and cachedb-no-store option can be used for cachedb configuration. The disable-edns-do option can be used for working around broken network parts. For DNS64 there is fallback to plain AAAA when no A record exists.

I finally got around to repurposing my little Raspberry pwn box into a Pi-hole. And in the first few minutes it's blocked almost 500 requests (mostly to Netflix ichnaea & customerevents). So far I'm pleased with the results 💜

Image is of the Pi-hole web interface on my phone.


#PiHole #AdBlock #RaspberryPi #Data #Routers #DNS

Pi-hole admin web interface showing almost 3k queries and about 500 blocked.
1 month ago

Our authoritative DNS nameservers now support DNS-over-TLS (DoT) with authentication via DANE TLSA and/or WebPKI. This allows DNS resolvers to make queries via securely encrypted connections. We're already seeing lots of DoT encrypted connections from multiple DNS providers.

#GrapheneOS #privacy #security #dns #dot #dnsovertls

Jérémy -Jeey- ⏚
1 month ago

Dites, j'ai une question pour les maître·esse·s es #DNS.
J'ai migré mes mails (adieu #GandiMail 😥 ) vers #Infomaniak. J'ai mis à jour mes DNS (mon NdD restant chez #Gandi tout de même).
Je reçois bien des mails chez Infomaniak, mais en me connectant au webmail gandi, je viens de m'apercevoir que j'en reçois encore chez Gandi !!

Et le nom de domaine en question :

Une explication ? (une solution ?)