#itsalwaysdns — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #itsalwaysdns, aggregated by home.social.
-
-
Heute war #DENIC an der Reihe, uns daran zu erinnern, was passiert, wenn auch nur ein Baustein unserer modernen, vernetzten Welt ausfällt.
-
Heute war #DENIC an der Reihe, uns daran zu erinnern, was passiert, wenn auch nur ein Baustein unserer modernen, vernetzten Welt ausfällt.
-
Heute war #DENIC an der Reihe, uns daran zu erinnern, was passiert, wenn auch nur ein Baustein unserer modernen, vernetzten Welt ausfällt.
-
Heute war #DENIC an der Reihe, uns daran zu erinnern, was passiert, wenn auch nur ein Baustein unserer modernen, vernetzten Welt ausfällt.
-
Heute war #DENIC an der Reihe, uns daran zu erinnern, was passiert, wenn auch nur ein Baustein unserer modernen, vernetzten Welt ausfällt.
-
Kommste nach'm Plenum nach Hause und musst dich erstmal erklären, warum denn das Internet nicht geht, warum und was man denn da wieder unbedingt selber machen muss, auf dem Handy geht es aber doch!!1
#itsalwaysDNS -
Ah, the first details emerge. TL;DR: Denic experts are looking for the root cause.
"Frankfurt am Main, 5 May 2026 - DENIC eG is currently experiencing a disruption in its DNS service for .de domains. As a result, all DNSSEC-signed .de domains are currently affected in their reachability."
-
Jemand bei der DeNic hat DNS kaputt gespielt ^^
Das halbe deutsche Internet ist nicht erreichbar.
-
UPDATE: Seems to be fixed, all back to normal.
Oops. Seems that #Denic has b0rked DNSSEC for the .de TLD. They list an ongoing issue but no details are (yet) available. https://status.denic.de
UPDATE: Now upgraded to a service disruption, still no details.
-
CW: Rant - Denic / .de Domain registry outage
GG. The .de Domain registry (Denic) just landed the biggest "win" of the Year:
They successfully taken offline the ENTIRE .de Zone, just because someone was to stupid to get the DNSSEC key right. Or how I like to call it: someone ha so small pp energey they just NEEDED to fuck up something big again to feel more important than they are....
#dns #itsalwaysdns #dnssec #fuckdns #denic #outage #aibrowsareatitagain #justletcloudehandlealldnsanditwillbefine
-.-
-
context the root servers for .de have currently issues with DNSSEC
-
Good thing the internet runs on .io and .social.
-
Was debugging on and off for literally days why collabora wasn’t working on one Nextcloud and of course just now it struck me: it was #DNS
-
Oh. Huh. Imagine that….
The .org root DNSSEC is gerbusterficated or in transition or something.
-
dnsviz is being cranky for me. Everyone else stop using it for the day, OK?
-
So I've just set up a new domain for a client to receive emails and forward them on using various rules, and sent a test email to make sure it's working.
Test email did not arrive.
So I dive into email server logs, double check SPF and DMARC settings, examine the forwarding and other configs.
5 minutes later I realise I've utterly forgotten to add an MX record in DNS for the domain 🤦🏻♂️
-
My gateway is down. Trying to think how that is DNS's fault.
-
When setting up a new DNS server at home, don’t forget the `systemctl enable named` to avoid a barrage of error messages and notifications after you reboot the machine running said new DNS server :)
-
-
After setting up DNS over HTTPS, got curious how DNS leak test tools, which discover your DNS resolver, such as Browser Leaks, work :blobcatthinking:
Turns out, it's quite clever setup: while you are visiting
browserleaks.comwebsite, in the background it queries a number of hostnames generated especially for you, such as9d0pafrc5tnu.dns4.browserleaks.net,0zfannouveb4.dns4.browserleaks.organd so on.Because the website generates those hostnames specifically for your session, it is able to associate your external IP to the hostnames you attempt to resolve.
Now because site operators controls authoritative name servers behind those generated hostnames - specifically
ns2.browserleaks.netandns1.browserleaks.net(also with.org), from logs they can check what exact DNS resolver asked for those unique hostnames.Simply matching a resolver DNS that attempted to resolve those unique hostnames is enough to link it to your visit of a website session - it is often going to be the resolver of your internet service or virtual private network provider, unless you've explicitly changed your resolver to something else. Still, easily visible to authoritative DNS server.
Voila! No magic, just simple, nice setup :blobcatcheer:
Just think of how many fingerprinting schemes can big techs carry out to track you across the internet with vast compute resources available to them... :blobcatheadinitshands:
#itsalwaysdns #dns #resolver #dnsleak #survelliance #tracking #privacy
-
Setting up DNS over HTTPS (DoH) is so much more complicated than DNS over TLS (DoT) :blobcatthinking:
Funny enough Mozilla Firefox :firefox: supports DoH and sets it up on application level, while Android :android: uses DoT on operating system level :blobcatnerd:
-
It's always DNS.
I can not check in to my flight tomorrow because Lufthansa's DNS responds with NXDOMAIN due to denial of existance responses. -
#TIL that *.example.com doesn't include example.com
-
Current status
#DNS #ItsNotDNS #ItsAlwaysDNS -
Today in #ItsAlwaysDNS: FT identifies a network of Russian oil sanctions evasion fronts by their MX records
https://www.ft.com/content/4310f010-2b3c-493e-ba0a-26dc6d156b2e
-
My mailserver is very German. When your mailserver tries to send a message, it does a reverse lookup on the IP address. If that doesn't deliver a valid hostname, you're out. But we are not done yet. If it gets a valid hostname, it does an A (IPv4) or AAAA (IPv6&) lookup on that hostname. And if it doesn't deliver back the same IP address, you are still out. It is fascinating to observe how often that uncovers that even big names get their DNS wrong. Hello, Spamcop ;)
-
-
I swear the Linux version of “it's always DNS” is “it's always SELinux” 🤦🏻♂️
-
#Note2Self: Always. Update. The. Version. Number. In. Bind. Zone. Files. After. Any. Change.
(written after removing dozens of tmp-* files in /var/named that suddenly showed up, together with weird permission denied entries in the log files ;)
-
So I was pretty enthusiastic about #DNS4EU at first.
Then I've discovered it blocklisted some random pastebin. Well, it happens. I mean, pastebins frequently get into trouble because of people pasting random shit. So I've filed an unblock request. I've suddenly got a mail to confirm registration in some random company's system — I suspect it was related to DNS4EU, but no clear indication. I've ignored it.
Then they've blocklisted my mail provider, for no apparent reason. It's still blocked. I've switched to the "unfiltered" version to be able to access my mail again.
Today I've gotten a mail via my backup MX. My main MX is up. My educated guess is that sysadmins using DNS4EU now get my mail redirected to their "site blocked" server. Isn't that great?
PS. Maybe if more people filed unblock requests for "poczta.ftdl.pl", it would help. It's a non-profit e-mail provider.
-
The important question is: How was it DNS this time?
-
It is really nice to see a level of transparency that is offered by Cloudflare after it cripples the internet. I find their writing style technical and pleasing.
I didn't get the same feeling after AWS or Azure. This may be because of inherent bias or that I don't know where to find their direct RCA Blog like I do Cloudflare.
#itsalwaysdns #cloudflare #azure #aws #internetoutage #itwasntdns #RCA #has htag
-
It is really nice to see a level of transparency that is offered by Cloudflare after it cripples the internet. I find their writing style technical and pleasing.
I didn't get the same feeling after AWS or Azure. This may be because of inherent bias or that I don't know where to find their direct RCA Blog like I do Cloudflare.
#itsalwaysdns #cloudflare #azure #aws #internetoutage #itwasntdns #RCA #has htag
-
It is really nice to see a level of transparency that is offered by Cloudflare after it cripples the internet. I find their writing style technical and pleasing.
I didn't get the same feeling after AWS or Azure. This may be because of inherent bias or that I don't know where to find their direct RCA Blog like I do Cloudflare.
#itsalwaysdns #cloudflare #azure #aws #internetoutage #itwasntdns #RCA #has htag
-
It is really nice to see a level of transparency that is offered by Cloudflare after it cripples the internet. I find their writing style technical and pleasing.
I didn't get the same feeling after AWS or Azure. This may be because of inherent bias or that I don't know where to find their direct RCA Blog like I do Cloudflare.
#itsalwaysdns #cloudflare #azure #aws #internetoutage #itwasntdns #RCA #has htag
-
It is really nice to see a level of transparency that is offered by Cloudflare after it cripples the internet. I find their writing style technical and pleasing.
I didn't get the same feeling after AWS or Azure. This may be because of inherent bias or that I don't know where to find their direct RCA Blog like I do Cloudflare.
#itsalwaysdns #cloudflare #azure #aws #internetoutage #itwasntdns #RCA #has htag
-
(sigh) Migrated a site to another host, thought everything was working for a while, then started to see bizarre issues, old data, errors, etc. Can you guess my knuckleheaded screw-up?
#itwasdns #itsalwaysdns -
(sigh) Migrated a site to another host, thought everything was working for a while, then started to see bizarre issues, old data, errors, etc. Can you guess my knuckleheaded screw-up?
#itwasdns #itsalwaysdns -
I have successfully not borked my clients DNS and will now slowly back away crossing my fingers …
-
I have successfully not borked my clients DNS and will now slowly back away crossing my fingers …
-
I have successfully not borked my clients DNS and will now slowly back away crossing my fingers …
-
It's a Friday afternoon and I'm fiddling around with DNS …
-
It's a Friday afternoon and I'm fiddling around with DNS …
-
It's a Friday afternoon and I'm fiddling around with DNS …
-
It's a Friday afternoon and I'm fiddling around with DNS …
-
It's a Friday afternoon and I'm fiddling around with DNS …
-
There is a reason this sticker is in the center of my laptop #DNS #Azure #AWS #itsalwaysdns #dnsfailure
-
There is a reason this sticker is in the center of my laptop #DNS #Azure #AWS #itsalwaysdns #dnsfailure