#knotdns — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #knotdns, aggregated by home.social.
-
Last week was another stakeholder meeting on #DNS4EU. #Whalebone provided a short overview of the project including a timeline. Public launch is scheduled for June this year. The talk elaborates on various considerations of the new #DNS project. I was mostly interested in the deployment aspect, the #DDoS slides and the #privacy and #anonymization mechanisms.
My personal main concern with the project is the absence of resolver technology. The project plainly uses the #KnotDNS resolver. Not a bad choice, but University taught me that diversity in the backend software introduces even more resiliency. Yet, as Whalebone is a #Czech company, it is apparent why they chose #KnotDNS exclusively.
The slides are public.
-
My colleagues are putting together a new DoS protection mechanism in the upcoming Knot Resolver 6. Together we have written a blog post outlining how it works. Enjoy!
https://en.blog.nic.cz/2024/07/15/knot-resolver-6-news-dos-protection-operators-overview/
#KnotResolver #KnotDNS #DNS #DDoS #DoS #security #ratelimiting
-
During my lunch break, I watched the #DNS4EU update of DNS-OARC 41 earlier this year. Since the company responsible for operating the DNS4EU project is Czech, it comes at no surprise that they consider #KnotDNS as part of their infrastructure. Yet, in the talk it does not sound like they settle on software diversity, and predominantly consider the (pretty reliable) Czech resolver.
From other folks, I heard that software diversity is just one of the resiliency features among ASN diversity, geographical diversity, etc. Why is this not highlighted in the "scope, timeline and challenges" talk on DNS4EU?
-
I wrote another #blogpost about managing your #DNS via #KnotDNS and #SaltStack, this time about how to #automate / #orchestrate your #TLSA records. http://michal.hrusecky.net/2024/02/salt-dns-web/
-
I wrote another #blogpost about managing your #DNS via #KnotDNS and #SaltStack, this time about how to #automate / #orchestrate your #TLSA records. http://michal.hrusecky.net/2024/02/salt-dns-web/
-
I wrote another #blogpost about managing your #DNS via #KnotDNS and #SaltStack, this time about how to #automate / #orchestrate your #TLSA records. http://michal.hrusecky.net/2024/02/salt-dns-web/
-
@tolstoevsky Не обязательно #BIND9 aka #BIND, его много критикуют. Есть ещё #KnotDNS, #YADIFA и другие; а если не нужен #AXFR (все вторичные сервера свои, синхронизируются #rsync'ом), то #gdnsd (#NSD, по-моему, только для больших нагрузок, а на малых не уменьшает потребление памяти). Есть ещё маленький и экономичный #MaraDNS, но там надо изучать другой синтаксис файла зоны.
-
@tolstoevsky Не обязательно #BIND9 aka #BIND, его много критикуют. Есть ещё #KnotDNS, #YADIFA и другие; а если не нужен #AXFR (все вторичные сервера свои, синхронизируются #rsync'ом), то #gdnsd (#NSD, по-моему, только для больших нагрузок, а на малых не уменьшает потребление памяти). Есть ещё маленький и экономичный #MaraDNS, но там надо изучать другой синтаксис файла зоны.
-
@tolstoevsky Не обязательно #BIND9 aka #BIND, его много критикуют. Есть ещё #KnotDNS, #YADIFA и другие; а если не нужен #AXFR (все вторичные сервера свои, синхронизируются #rsync'ом), то #gdnsd (#NSD, по-моему, только для больших нагрузок, а на малых не уменьшает потребление памяти). Есть ещё маленький и экономичный #MaraDNS, но там надо изучать другой синтаксис файла зоны.