Michael,
thank You very much for this message! it came at the right time
and it is truly inspiring! I missed that.
On Fri, Mar 28, 2025 at 01:59:02AM +0100, Michael De Roover wrote:
! > So, while I am not strictly against regulation, the bottomline question
! > appears to be: how do we manage
On Sun, Feb 02, 2025 at 02:45:08PM -0500, Paul Kosinski via bind-users wrote:
! On Sat, 1 Feb 2025 14:47:35 +
! Marc wrote:
!
! "You have to get the bigger picture. Everything requires regulation otherwise
big tech is going to fuck you. There are enough examples out there."
!
! The even big
Thanks a lot, folks!
The problem is solved - I put a "checksum" module between the
firewall and the "nat" module (I have netgraph[1] modules), and that
works now as expected.
Apparently, when NAT-rewriting the address of a /locally created/
packet, at the time of rewriting the checksum has not
On Mon, Feb 24, 2025 at 10:01:49PM +0100, Peter 'PMc' Much wrote:
! Packets do arrive, but are ignored.
! The local firewall is switched to pass-thru.
!
! I don't know what else could selectively swallow packets without
! notice.
Okay, I figured it out.
tcpdump was friendly enou
Hi,
I started to get these messages, when some secondary tries to fetch
a zonefile from a primary. So I looked into it -
The primary is running:
# ps ax | grep named
13667 - IsJ 0:00.39 /usr/local/sbin/named -n 1 -u bind -c
/usr/local/etc/namedb/named.conf
It has ports configured:
On Tue, Feb 18, 2025 at 07:20:26PM -0500, Michael Richardson wrote:
! There is also https://www.rfc-editor.org/info/rfc9632.
!
! This document specifies how to augment the Routing Policy Specification
! Language (RPSL) inetnum: class to refer specifically to geofeed
! comma-separated values
On Tue, Feb 18, 2025 at 09:48:02PM +, Andrew Pavlin wrote:
! Think about it. Who _has_ to know your physical/geographical address
and its associated Internet address block to provide you with Internet
service? Your ISP!
Question: is an ISP legally oblidged to divulge their customer's
locations
On Tue, Feb 18, 2025 at 08:48:15PM +0100, Michael De Roover wrote:
! Hi all,
!
! > It may be inside DNS, or it may be elsewhere, I do not know. There
! > is a DNS "LOC" record, but that doesn't seem to be used anymore. It
! > seems to be something else. But what, and where?
! I find it a shame tha
On Tue, Feb 18, 2025 at 09:51:51PM +0100, Michael De Roover wrote:
! On Tuesday, February 18, 2025 9:38:58 PM CET Peter 'PMc' Much wrote:
! > Then they make a business of selling my own information back to me -
! > and I would like to know how they do that.
!
! Hehe.. about that.
On Tue, Feb 18, 2025 at 08:04:28PM +0100, Marco Moock wrote:
! Am 18.02.2025 um 18:50:31 Uhr schrieb Peter 'PMc' Much:
!
! > Consideration:
! >Since every /64 in IPv6 carries it's own distinct geolocation info,
! >there must be somewhere a database
Consideration:
Since every /64 in IPv6 carries it's own distinct geolocation info,
there must be somewhere a database of -quick average- 2^64 =
18446744073709551616 records.
I'm currently trying to figure out where that database is located.
It may be inside DNS, or it may be elsewhere, I
On Wed, Jan 29, 2025 at 03:43:23PM +, Marcus Kool wrote:
! I participated in the survey and think it is good to also have a
! public discussion.
I tried to, but got the impression that the target audience is
rather commercial providers of infrastructure services, like
domain registrars and dns
On Tue, Jan 14, 2025 at 10:47:35PM +0100, Emmanuel Fusté wrote:
! localhost is defined as a (local) hostname of the loopback interface, not a
! domain name.
Where would that be defined? Because, what You state is a
contradiction in itself: a hostname is a designation of the metal
(or virtual, now
On Thu, Dec 26, 2024 at 04:53:51AM -0500, Darren Ankney wrote:
! Hi,
!
! It seems to me that the HTTPS/SVCB records describe where and how a
! service is available (could be several IPv4 and IPv6 addresses as well
! as several ports). It does nothing to select how a client might
! connect to the
Folks,
recent messages here mentioned some HTTPS and SVCB RRs.
This is completely news to me, so I gave it some read.
Then I found that these new tools are supposed to provide (IPv4 and
IPv6) addresses, which seems to me as rather strange from a
logical viewpoint.
Normally, the addresses to be
maintained manually
(I didn't find anybody listening to CDNSKEY yet) and I have
two KSK for high-availability, and the third is currently introduced
or retiring (the rollover scheme works for RFC 5011 also).
cheerio,
PMc
!
! > On 29 Nov 2024, at 13:54, Peter 'PMc' Much
Hi,
I just noticed my dns-signer recently started to create some
invalid signings - the two red arrows in here:
https://dnsviz.net/d/daemon.contact/Z0ka0A/dnssec/
There is a history, one can go back and see these weren't present
in March '24 and earlier.
The problem is, I didn't change an
17 matches
Mail list logo
