#nameservers — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #nameservers, aggregated by home.social.
-
Interesting, Netnod's (AS8674) 194.146.107.0/24 seems to be (also) a downstream of AS142502 which is "Bharat Public DNS" run by NIXI. https://bgp.he.net/super-lg/#194.146.107.0/24?tob=none&mt=include&ma=142502&els=exact
194.146.107.6 hosts n.de.net, one of the authoritative name servers for .de ccTLD.
Bharat Public DNS by NIXI/Government of India runs recursive resolver on 1.10.10.10. Some details at https://blog.gauravkansal.in/2025/06/one-ten-ten-ten-dnsIndia.html
-
I run my own #nameservers or #DNS if you will, and have done so for over 25 years. Initially based on #BIND (aka named) but I later moved to #PowerDNS, There are numerous frontends of varying quality available for PowerDNS. I have opinions on those, but this isn't about them.
For the secondary name servers (in the old and less enlightened days known as slaves) I've always run the same software as the primary. First BIND, then PowerDNS. Recently though, I've been testing out what appears to be a much simpler alternative: #NSD by #Amsterdam based NLnet Labs.
Using #CatalogZones - a new concept to me - I'm able to run secondaries with TSIG notifies and zone transfers as well as fully supported primary signed DNSSEC with a configuration of only 40 lines. No updates needed when adding or removing zones.
For this to work well though, some configuration is required for each zone on the primary. With a little trigger and function magic, this can be automized by the database.
Wheee!
-
I run my own #nameservers or #DNS if you will, and have done so for over 25 years. Initially based on #BIND (aka named) but I later moved to #PowerDNS, There are numerous frontends of varying quality available for PowerDNS. I have opinions on those, but this isn't about them.
For the secondary name servers (in the old and less enlightened days known as slaves) I've always run the same software as the primary. First BIND, then PowerDNS. Recently though, I've been testing out what appears to be a much simpler alternative: #NSD by #Amsterdam based NLnet Labs.
Using #CatalogZones - a new concept to me - I'm able to run secondaries with TSIG notifies and zone transfers as well as fully supported primary signed DNSSEC with a configuration of only 40 lines. No updates needed when adding or removing zones.
For this to work well though, some configuration is required for each zone on the primary. With a little trigger and function magic, this can be automized by the database.
Wheee!
-
I run my own #nameservers or #DNS if you will, and have done so for over 25 years. Initially based on #BIND (aka named) but I later moved to #PowerDNS, There are numerous frontends of varying quality available for PowerDNS. I have opinions on those, but this isn't about them.
For the secondary name servers (in the old and less enlightened days known as slaves) I've always run the same software as the primary. First BIND, then PowerDNS. Recently though, I've been testing out what appears to be a much simpler alternative: #NSD by #Amsterdam based NLnet Labs.
Using #CatalogZones - a new concept to me - I'm able to run secondaries with TSIG notifies and zone transfers as well as fully supported primary signed DNSSEC with a configuration of only 40 lines. No updates needed when adding or removing zones.
For this to work well though, some configuration is required for each zone on the primary. With a little trigger and function magic, this can be automized by the database.
Wheee!
-
I run my own #nameservers or #DNS if you will, and have done so for over 25 years. Initially based on #BIND (aka named) but I later moved to #PowerDNS, There are numerous frontends of varying quality available for PowerDNS. I have opinions on those, but this isn't about them.
For the secondary name servers (in the old and less enlightened days known as slaves) I've always run the same software as the primary. First BIND, then PowerDNS. Recently though, I've been testing out what appears to be a much simpler alternative: #NSD by #Amsterdam based NLnet Labs.
Using #CatalogZones - a new concept to me - I'm able to run secondaries with TSIG notifies and zone transfers as well as fully supported primary signed DNSSEC with a configuration of only 40 lines. No updates needed when adding or removing zones.
For this to work well though, some configuration is required for each zone on the primary. With a little trigger and function magic, this can be automized by the database.
Wheee!
-
I run my own #nameservers or #DNS if you will, and have done so for over 25 years. Initially based on #BIND (aka named) but I later moved to #PowerDNS, There are numerous frontends of varying quality available for PowerDNS. I have opinions on those, but this isn't about them.
For the secondary name servers (in the old and less enlightened days known as slaves) I've always run the same software as the primary. First BIND, then PowerDNS. Recently though, I've been testing out what appears to be a much simpler alternative: #NSD by #Amsterdam based NLnet Labs.
Using #CatalogZones - a new concept to me - I'm able to run secondaries with TSIG notifies and zone transfers as well as fully supported primary signed DNSSEC with a configuration of only 40 lines. No updates needed when adding or removing zones.
For this to work well though, some configuration is required for each zone on the primary. With a little trigger and function magic, this can be automized by the database.
Wheee!
-
Fancy, the authoritative nameservers for the
xyz.TLD are as follows:x.nic.xyz
y.nic.xyz
z.nic.xyz
generationxyz.nic.xyzHow fun. I never thought of the #TLD as being a pun to demographic cohorts.
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
bgp.tools being served via 13 authoritative name servers (via 3 different providers + in house NS):
```
$ dig +short ns bgp.tools
ns1.exoscale.ch.
ns-721.awsdns-26.net.
ns-1329.awsdns-38.org.
ns4-35.azure-dns.info.
ns3-35.azure-dns.org.
ns1.exoscale.io.
ns-302.awsdns-37.com.
ns-1799.awsdns-32.co.uk.
ns1.exoscale.net.
ns1-35.azure-dns.com.
ns2-35.azure-dns.net.
ns1.exoscale.com.
backup-ns.bgp.tools.
``` -
Qua Europese (anycast) nameserver hosters:
- https://cloudns.net/ (Bulgaarse partij levert o.a. aan overheid)
- https://desec.io/ (innovatieve Duitse non-profit)
- https://www.netnod.se/dns (Zweedse operator van een van de root name servers)
- https://www.rcodezero.at (verbonden aan Oostenrijkse TLD operator)Zie verder nog: https://european-alternatives.eu/category/managed-dns-providers (@european_alternatives).
-
In January 2023, #Cloudflare replaced #Verisign in providing #DNS #registry services for the
.gov#TLD. Besides the registry, they also run the authoritative #nameservers.Verisign ran it for 12 years, and cost the #US #government apparently just half as much as Cloudflare charges ($7.2M).
-
In January 2023, #Cloudflare replaced #Verisign in providing #DNS #registry services for the
.gov#TLD. Besides the registry, they also run the authoritative #nameservers.Verisign ran it for 12 years, and cost the #US #government apparently just half as much as Cloudflare charges ($7.2M).
-
In January 2023, #Cloudflare replaced #Verisign in providing #DNS #registry services for the
.gov#TLD. Besides the registry, they also run the authoritative #nameservers.Verisign ran it for 12 years, and cost the #US #government apparently just half as much as Cloudflare charges ($7.2M).
-
In January 2023, #Cloudflare replaced #Verisign in providing #DNS #registry services for the
.gov#TLD. Besides the registry, they also run the authoritative #nameservers.Verisign ran it for 12 years, and cost the #US #government apparently just half as much as Cloudflare charges ($7.2M).
-
In January 2023, #Cloudflare replaced #Verisign in providing #DNS #registry services for the
.gov#TLD. Besides the registry, they also run the authoritative #nameservers.Verisign ran it for 12 years, and cost the #US #government apparently just half as much as Cloudflare charges ($7.2M).
-
Recently made the transition to self hosting authoritative name servers. Wrote a bit of secondary options available for it and the experience itself https://blog.sahilister.in/2025/07/secondary-authoritative-name-server-options-for-self-hosted-domains/
Didn't found the process too hard TBF, worth a try.
-
Case of (broken) maharashtra.gov.in Authoritative Name Servers https://blog.sahilister.in/2025/06/case-of-broken-maharashtra.gov.in-authoritative-name-servers/
TLDR they're broken on multiple levels. Sync broken, RFC 1918 address, each NS giving different response - there's too much going on.
-
Good enough amount of name servers :P
```
$ dig ns sahil.rocks +short
ns2.afraid.org.
marvin.sahilister.net.
ns1.1984.is.
ns0.1984.is.
ns3.jing.rocks.
colin.sahilister.net.
puck.nether.net.
ns2.albony.in.
ns-global.kjsl.com.
ns4.he.net.
ns5.he.net.
``` -
I found the case of .UA ccTLD secondaries interesting so did a deep dive on it https://blog.sahilister.in/2025/06/a-look-at-.ua-cctld-authoritative-name-servers/
-
Observing .ic TLD against authoritative nameservers serving samsung.com. No information of them anywhere.
$ dig ns samsung.com +short
auth04.sam.ic.
auth02.nhn.ic.
auth01.nhn.ic.
dns-gi2.samsung.com.
auth02.sam.ic.
dnssm.samsung.com.
dns-awskr1.samsung.com.
dnssm2.samsung.com.
dnsst.samsung.com.
dnsst2.samsung.com.
auth03.nhn.ic.
auth04.nhn.ic.
auth01.sam.ic.
auth03.sam.ic.
dns-gi1.samsung.com.Maybe some internal thingy? Thoughts?
-
How good (or a bad) idea is to run ones own authoritative nameservers?
Any tips/tricks/suggestions or gotyas to remember?
-
Not combining #DNS and domain registration makes moving registrars a pretty pleasant experience: Throw in the #nameservers and #DNSSEC key and you're done.
I really hate manually moving a bunch of records from one crappy zone editor to the another.
-
I should've moved my #nameservers to #cloudflare sooner. The additional proxy setting is a nice feature to have.
-
🤬 Why does #Linux (or rather #glibc) have a limit on 3 (in words: three) #DNS #nameservers‽ 🤌
I want to have two IPv4 and two #IPv6 DNS servers listed as #nameserver in my /etc/resolv.conf. That's four DNS servers.
Should I throw dices which one I list last and hence will get ignored and never used? (Yeah, the probably best workaround is to use #anycast. Cracking a nut with a sledgehammer…)
-
For some research, I am setting up some authoritative #nameservers. My server-software of choice is #KnotDNS. My domain is registered at Namecheap. Now, I am struggling with setting up the glue records for #ipv6. By any chance, is it not yet implemented?!
Whenever, I add my IPv6 into the "IP" field, it asks to "provide a valid IP address".
-
For some research, I am setting up some authoritative #nameservers. My server-software of choice is #KnotDNS. My domain is registered at Namecheap. Now, I am struggling with setting up the glue records for #ipv6. By any chance, is it not yet implemented?!
Whenever, I add my IPv6 into the "IP" field, it asks to "provide a valid IP address".
-
For some research, I am setting up some authoritative #nameservers. My server-software of choice is #KnotDNS. My domain is registered at Namecheap. Now, I am struggling with setting up the glue records for #ipv6. By any chance, is it not yet implemented?!
Whenever, I add my IPv6 into the "IP" field, it asks to "provide a valid IP address".
-
For some research, I am setting up some authoritative #nameservers. My server-software of choice is #KnotDNS. My domain is registered at Namecheap. Now, I am struggling with setting up the glue records for #ipv6. By any chance, is it not yet implemented?!
Whenever, I add my IPv6 into the "IP" field, it asks to "provide a valid IP address".
-
For some research, I am setting up some authoritative #nameservers. My server-software of choice is #KnotDNS. My domain is registered at Namecheap. Now, I am struggling with setting up the glue records for #ipv6. By any chance, is it not yet implemented?!
Whenever, I add my IPv6 into the "IP" field, it asks to "provide a valid IP address".
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell
https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/
#AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell
https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/
#AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell
https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/
#AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell https://krebsonsecurity.com/2024/01/meet-ika-sal-the-bulletproof-hosting-duo-from-hell/ #AlexanderValerievichGrichishkin #duanesburgcentralschooldistrict #ConstellaIntelligence #grichishkin@gmail.com #tech@safe-mail.net #ad1@safe-mail.net #icamis@4host.info #ALittleSunshine #AndreySkvortsov #nameservers.ru #Breadcrumbs #Cherepovets #JabberZeuS #rescator #Salomon #Spamdot #Icami$ #Icamis #Spamit #Ika #Sal
-
After a lot of messing around, I found out that the problem was with my #DNS provider, despite changing the #NAMESERVERS, it was picking up the #CNAME for one of the subdomains from the original #DNS provider.
I had to #delete the CNAME record from the original provider to make it work.
I wonder why this happened. -
Well. The domain registrar I've used for years, gandi, has gone through a series of ownership changes and has drastically raised rates on #domains. Looking for a new home that is privacy-respecting.
Several of them seem to not let you run your own nameservers anymore (ugh). #gandi offered to let them run the #nameservers, let me run the primary and they run the secondary, or run it all myself. I always had them as secondary and that worked quite well. Anyone else still do this? #askfedi
-
The post on LinkedIn already announced two blog posts to expect in shortly. One of them covers #ddos on #authoritative #nameservers of #TLDs. I'll keep an eye on it, cause I am really curious what will be covered by that blog post
-
If you find your #web pages are loading slowly, you may be using bad #DNS #nameservers. You can remedy that with a great freeware tool, #SteveGibson's #DNSBench.
-
If you find your #web pages are loading slowly, you may be using bad #DNS #nameservers. You can remedy that with a great freeware tool, #SteveGibson's #DNSBench.
-
Had some strange charges in GCP so had to deal with that. Also setting up a role to manage NS records for static website and thoughts on a Cloud Center of Excellence.
~~
#gcp #cloud #security #aws #route53 #domains #nameservers #centerofexcellence
~~
https://medium.com/cloud-security -
Though TBH it bugs me that we have to "business model paradigm for publishers, creates a way for users to own their experiences" about it... I suspect (not having yet looked at the codebase) that these addons are entirely a matter of worldview and perception; and that they don't *have* to be built into notions of unique name ownership.
#NamingThings #Nameservers #Decentralization #DistributedTech