Ayca Taskin (Garanti Teknoloji) wrote:
Well, that's zone transfers, so of course it will still work!
You can even have your master server running BIND, and transferring
to other DNS servers (NSD, MS, ...) or the other way around.
Yes we’re using BIND for primary and secondary DNS servers
Jason,
On 12/14/2012 01:01 PM, Sebastian Castro wrote:
On 14/12/12 11:54, Jason Castonguay wrote:
Advisory — D-root is changing its IPv4 address on the 3rd of
January. The new IPv4 address for this authority is 199.7.91.13
Also, do you have plans to capture traffic on a regular basis to
On 04/18/2013 11:23 AM, Kaio Rafael wrote:
Hi,
I am looking for a DNS dataset for academic research. I have been
studying .BR DNS dataset (DITL 2008 on DNS-OARC servers), however, I
would like to investigate more recent traffic.
More recent DITL datasets are available from OARC, please
Our Dublin workshop is proving to be packed, from both a content and
attendance point of view.
Our main themed session for the workshop is on the ever-topical subject
of open resolver-based attacks, with 4 speakers, chaired by Merike Kaeo
on Sunday afternoon. Much of Monday morning is devoted to
On 06/14/2013 08:11 AM, Stephane Bortzmeyer wrote:
On Fri, Jun 14, 2013 at 12:55:27PM +0100, Billy Glynn
billy.gl...@iedr.ie wrote a message of 52 lines which said:
The DNS-OARC website appears to be down...
Down from 1150 UTC to 1205 UTC for maintenance.
Apologies for this - we're making
DNS-OARC is pleased to announce that its 2013 Fall Workshop and Member
AGM will take place in Phoenix, Arizona, USA on the 5th and 6th October.
This will be held in co-operation with the subsequent NANOG59 meeting,
and we're grateful to NANOG and ICANN for their support of our workshop.
OARC
From: Doug Barton do...@dougbarton.us
As stated before, the problem is that after the early adopter period
is over we'll be stuck with NTAs forever. This is one of those
fundamental disagreements between those who believe that DNS should
always be forgiving of operator error, and those
On 09/09/2013 06:07 AM, Haya Shulman wrote:
For instance, DNS-OARC does not detect port prediction attacks, and
reports clients as secure, while they are vulnerable to attacks.
OARC does many things, I assume here you are referring to our port
entropy tester:
Here's final information for the our AGM and Fall workshop for this
weekend in Phoenix.
Saturday morning will be OARC's Annual General Meeting, with formal
business and content targeted at OARC Members. The webcast for this is
closed, if you represent a member and did not get credentials and
On 10/22/2013 10:52 AM, Haya Shulman wrote:
Disclosing such potential vulnerabilities remains valuable work,
but I think careful consideration needs to be applied to the
engineering economics of the best operational-world mitigation
approaches.
@/Keith Mitchell/
(My head is *really
On 10/22/2013 02:41 PM, Haya Shulman wrote:
Yes, but as I explained privately previously, there is no record
of this correspondence through official OARC channels - I did
request you re-send, but I don't have a copy of it.
I am not sure what you mean by `official OARC channels`, I forwarded
On 01/29/2014 01:27 PM, Stefan wrote:
I know this may sound a little odd, but have been struggling with
trying to identify a good candidate for a DNS ( DHCP) migration of
a large infrastructure, from Windows based environment, to a vendor
based appliance (and keeping such as a full time
On 02/07/2014 12:17 PM, Tony Finch wrote:
$ host clboh-dns-cac-307.ohiordc.rr.com
clboh-dns-cac-307.ohiordc.rr.com has address 65.24.26.42
clboh-dns-cac-307.ohiordc.rr.com has IPv6 address 2605:a000:200:16::a
(rrcs-70-61-238-78.central.biz.rr.com, only 20ms away, wonders how he
too can get an
This is a quick note to confirm that OARC's next DNS Operations Workshop
will be taking place in Warsaw, Poland, on the 10th and 11th May, at the
same location as the subsequent RIPE68 meeting.
At this point I'd refer you to our conference server,
https://indico.dns-oarc.net for further details.
remain welcome - please contact spon...@dns-oarc.net if interested.
For accommodation, travel and venue information, please see the RIPE68
meeting site at:
https://ripe68.ripe.net/venue/meeting-venue/
though note that discounted room rates end on Monday April 21st.
See you in Warsaw !
Keith
On 05/01/2014 01:00 PM, Stephane Bortzmeyer wrote:
On Fri, May 02, 2014 at 01:48:59AM +0900,
T.Suzuki t...@reflection.co.jp wrote
Opened Pandora's box of Cache Poisoning
http://www.e-ontap.com/dns/endofdns-e.html
Conclusions of this report:
I'm confused. I expected a
Here's final information for OARC's Spring workshop and EGM this
weekend in Warsaw.
Saturday morning will be an OARC Extraordinary General Meeting starting
at 10:00AM, with formal business and content for OARC Members only. Note
that this session will *not* be webcast.
The full workshop
Couple of quick updates:
On 05/09/2014 10:34 AM, Keith Mitchell wrote:
jabber remote participation at:
xmpp:dns-operati...@conference.jabber.dns-oarc.net
Note this should be:
xmpp:dns-operati...@conference..dns-oarc.net
apologies for my typo.
For remote attendance, we plan
On 07/04/2014 07:44 AM, Stephane Bortzmeyer wrote:
On Fri, Jul 04, 2014 at 06:00:48PM +0700, Roland Dobbins
rdobb...@arbor.net wrote a message of 23 lines which said:
and/or logging queries/responses out-of-band via packet-capture
taps, databases, etc.?
Following OARC workshops, it seems
Unfortunately one of our (new) servers, ix2.dns-oarc.net, has suffered a
major hardware failure, and is currently out of service. This means that
number of OARC public-facing tools are not currently available:
- DODVR, Porttest, Reply Size Test, DLVtest, Don't Probe
Production services based on
if we do.
Keith
On 07/18/2014 09:17 AM, Keith Mitchell wrote:
Unfortunately one of our (new) servers, ix2.dns-oarc.net, has suffered a
major hardware failure, and is currently out of service. This means that
number of OARC public-facing tools are not currently available:
- DODVR, Porttest
For those of you not already aware, many of OARC's services are being
impacted by a significant DDoS attack against ISC who host most of our
infrastructure. Please see below for a statement from them on this.
We've been seeing major packet loss to our systems hosted in Redwood
City, currently
On 07/21/2014 01:57 PM, Keith Mitchell wrote:
For those of you not already aware, many of OARC's services are
being impacted by a significant DDoS attack against ISC who host most
of our infrastructure. Please see below for a statement from them on
this.
We've been seeing major packet loss
It's list policy that subscriptions from which a natural person is not
identifiable are auto-moderated. Apologies that this one slipped through.
Please can the poster identify themselves.
P Vixie p...@redbarn.org wrote:
Who is we?
Why are we allowing role accounts to subscribe here?
Who is
On 09/13/2014 10:45 AM, David Conrad wrote:
On Sep 13, 2014, at 2:19 AM, Franck Martin fmar...@linkedin.com
wrote:
I’m not sure why the dot prod was not first set up to return
NXDOMAIN, queries logged, and then source IP contacted to warn
them
May be this is an insight now, may be this
.
Keith Mitchell
OARC President
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-10
Finally, a big Thank You to our sponsors:
* Microsoft (Platinum and Social)
* Nominet (Silver, T-shirts)
* Dyn (Bronze)
and ICANN as our meeting host, for making this event possible :-)
Keith Mitchell
OARC President
___
dns-operations mailing list
On 10/09/2014 07:32 AM, Yasuhiro Orange Morishita wrote:
Now DNS-OARC's Web-based DNS Randomness Test site doesn't work properly...
Is this service closed?
No, this service is still supported, though note that there have been a
number of exploits published since this test was derived which
On 10/11/2014 01:43 AM, han feng wrote:
We are working on organizing a DNS BoF at DNS OARC 2014 Fall in LA, and we
wanted to
share the test report regarding to DNS dynamic update and xfr (please refer
to the
attachment), and ask your opinions on the topics that we should cover on this
If you didn't already check it out, you may find this presentation at
our last workshop adds some background:
https://indico.dns-oarc.net//contributionDisplay.py?contribId=37sessionId=3confId=20
Keith
On 11/02/2014 08:52 AM, Lyle Giese wrote:
Just to flush out the details here, in case anyone
On 12/15/2014 02:40 PM, Roland Dobbins wrote:
On 16 Dec 2014, at 1:42, Mike Hoskins (michoski) wrote:
You can acknowledge things aren't a panacea, while still deriving some
benefits from them.
My point is that the negatives far outweigh the benefits in most
organizations.
It's
On 12/14/2014 11:45 AM, Keith Mitchell wrote:
On 12/13/2014 04:30 PM, Mark Andrews wrote:
OARC's DNS Reply Size Test Server is not EDNS compliant. It does
not return a OPT record to EDNS requests. This causes named from
BIND 9.10.0 and later to classify the servers as not EDNS
compliant
On 12/31/2014 05:07 PM, Roland Dobbins wrote:
On 31 Dec 2014, at 20:05, Alexander Neilson wrote:
Particularly looking at performance tuning and resilient architecture
however any good resources that provide a good understanding of the
deeper details of the operation of DNS.
In addition
On 01/17/2015 09:35 AM, Eli Heady wrote:
Is there a better place for such requests? Honestly curious ... as
an operator of dns for a large-ish network, I'd like to know when our
caches have been polluted. To that point, and to the OP and others
making flush requests, it would be helpful to
On 01/19/2015 07:57 AM, Tim Wicinski wrote:
On 1/17/15 12:12 PM, Paul Hoffman wrote:
Would it be helpful if OARC maintained a page containing links to
the cache flushing interfaces and/or PoCs of interested resolver
operators that support such things ?
If OARC could define such
On 02/27/2015 05:09 AM, Reed Loden wrote
I notified Mozilla's release management team, and they are tracking
this.
They believe this is
https://bugzilla.mozilla.org/show_bug.cgi?id=1093983
FWIW, I also reached out to a contact within Mozilla, who added to the
internal escalation on this,
On 05/04/2015 04:51 AM, Peter Koch wrote:
On Mon, May 04, 2015 at 09:11:28AM +0200, Stephane Bortzmeyer wrote:
http://www.ssi.gouv.fr/entreprise/guide/bonnes-pratiques-pour-lacquisition-et-lexploitation-de-noms-de-domaine/
(in french only)
Getting these recommendations straight is not an
Thank you all for the many kind words and postings about our Amsterdam
workshop. Running successful events is very much a team effort, and on
behalf of OARC I'd like to express our gratitude to all our speakers,
sponsors, PC and other volunteers for making this one happen.
There's always room for
welcome
- please contact spon...@dns-oarc.net if interested.
Look forward to seeing everyone in Amsterdam !
Keith Mitchell
OARC President
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns
On 07/15/2015 08:49 PM, Mauricio Vergara wrote:
There is an operational reason to have the TTLs low, the good thing is
that it is completely temporary, and by the time you get this those TTLs
will be back to normal everyday values.
We are actually thinking, if there is interest, of sharing
On 07/21/2015 07:48 AM, Edward Lewis wrote:
Come to think of it, does DNS-OARC have a set of such zones? I have a
vague memory that this may have been set up once. If not, might this be a
good idea to provide? (Alongside other test services like reply size as
described here:
On 12/14/19 5:43 PM, Tony Finch wrote:
> I have been playing around with the old update journal in the saveroot
> repository, to see if I can reconstruct root zones between July 2005 and
> March 2014.
> I think reconstruction is mostly feasible, but it would be super helpful
> if anyone can give
On 11/26/19 7:40 PM, Mark Allman wrote:
> I wonder if we're ever allowed to just decide this sort of thing is
> ridiculous old shit and for lots of reasons we can and should just
> garbage collect it away.
To some extent, "get rid of ridiculous old sh*t" is kind of what the DNS
Flag Days are
On 11/29/19 8:32 PM, Rubens Kuhl wrote:
> including making studies that other parties can't reproduce due to
> being limited to DITL data.
DITL data is available to any party who signs an OARC Data Sharing
agreement.
Keith
___
dns-operations mailing
On 10/11/19 6:30 PM, Shumon Huque wrote:
> It might be much more important for diagnostic and measurement services
> like DNSviz though. At the moment, if you run IPv6 DNS servers on
> networks that are singly connected to Cogent, it will probably
> incorrectly flag those servers as unavailable.
As per the statement at:
https://indico.dns-oarc.net/event/34/page/93-covid-19-situation
OARC has been tracking the Covid-19 situation, and exploring
contingencies should we not be able to proceed as planned with OARC33.
At this point in time, we are still working to our plans to have the
On 4/17/20 1:52 AM, Mark Andrews wrote:
> Subject: Re: [dns-operations] Anyone from Google here?
A reminder to OARC Members that they can use the "Contact Directory"
feature of the OARC Member Portal to find DNS Operations contacts at
other Members.
Keith
On 9/14/20 1:54 PM, Fernando Gont wrote:
> On 14/9/20 10:14, Stephane Bortzmeyer wrote:
>> On 1 and 2 September 2020, several French IAPs (Internet Access
>> Providers), including SFR and Bouygues, were "down". Their DNS
>> resolvers were offline, and it does indeed seem that this was the
>>
On 8/31/20 12:40 PM, Puneet Sood via dns-operations wrote:
> Is there an online tool that does mark up on RFCs to show which other
> RFCs are referring to specific sections in it?
I suspect you may find:
https://powerdns.org/dns-camel/
helpful here.
Keith
On 8/25/20 4:26 AM, Ondřej Surý wrote:
> The details has been provided on OARC members list, so I’ll let
> Keith and Matt to decide the level of detail to provide, but the
> service is being hosted by a professional organization and is subject
> to confidentiality agreement. OARC Mattermost (the
ral we're fine with announcements on this list of nonprofit
activities, events, projects that are DNS operations-relevant. Promotion
of commercial activities is discouraged and unlikely to be well-received.
Keith
> On Wed, Jun 24, 2020 at 13:03 Keith Mitchell
> wrote:
> On 6/23/20 4:4
Mehmet,
On 6/23/20 4:47 PM, Mehmet Akcin wrote:
> hey there, sorry for cross-posting in few lists.
>
> A few weeks ago I've started hosting a youtube/twitch/twitter live video
> show
With regard to posting this here, please could you clarify whether the
entity publishing this show is doing so
On 12/13/20 2:58 PM, Randy Bush wrote:
> tangent, but you started it
>
>> [1] IANAL, but this rather looks like a gross over-reaction to GDPR,
>> with some registries and registrars continuing to provide usable
>> contact details with no ill consequence. The practice even among
>> European
On 10/12/21 11:14 AM, Stephane Bortzmeyer wrote:
DNSviz currently always flags the root with a warning "./DNSKEY (alg
8, id 14748): No response was received until the UDP payload size was
decreased, indicating that the server might be attempting to send a
payload that exceeds the path maximum
On 9/4/23 08:27, Christoph wrote:
https://dnsviz.net/d/cmdns.dev.dns-oarc.net/dnssec/
since cmdns.dev.dns-oarc.net appears to be down,
Please report issues with OARC services to , rather
than to this entire mailing list of 1800+ people.
We have most of our team traveling and out of
On 10/7/23 04:11, Noel Butler wrote:
Hrmmm you used to be able to use rs.dns-oarc.net to test edns but it's
either gone MIA or I'm thinking of the wrong hostname, in which case I'm
sure someone will chime in with the correct one :)
Just to confirm, OARC's test servers, including reply-size
On 7/13/22 13:36, Alarig Le Lay wrote:
Vodafone is sending 3k req/s (~10Mbps) of DNS garbage to my AS112 node
from 88.82.0.0/19
If someone knows somebody there, could you please tell them to fix their
resolvers?
Noting this prefix is AS5378 Vodafone UK, UKNOF has a mailman list and a
Now seems like a good time to remind everyone of the OARC Conduct Policy:
https://www.dns-oarc.net/oarc/policies/conduct
which applies to all interactions on OARC fora, online and in-person,
and including this mailing list.
By all means respectfully debate the subject matter, please
On 11/12/23 13:07, Randy Bush wrote:
it occurred to me that it migh tme wise to have a rancid like
(https://shrubbery.net/rancid/) equivalent for critical domains.
i.e. to git record changes and warn of radical diffs.
is there any foss tooling in this space?
It's not exactly what you are
On 3/2/24 11:34, John Levine wrote:
I’d be very surprised if this were the case. I’d have thought the vast
majority of what end users would use (at least on the recursive
side) would be whatever their ISP was providing, which I strongly suspect is
not pi-hole.
I'd also expect it's whatever
60 matches
Mail list logo
