Author: Skylar.W

Name Servers

We added stats to our website for the two name servers. You can now view incoming request, RTT and VM stats for the last 48 hours.

Also, While we have started dropping request for a handful of ‘.pirate’ and ‘.libre’ domains, as well as dropping request for ‘isc.org’, the request flood is still ongoing but has backed off to about half of the volume it was earlier this week. Two of the volunteers on our team are keeping an eye on things.

Name servers seeing an attack 🫠

I just fixed these guys…why must y’all make a mess of the sandbox?

For the time being, we are not answering queries to isc.org cause someone is trying to use us as part of an attack.

Fixed some name server issues…

I apologize for the off and on interruptions in name server services today. I have been working away at figuring out why DoH has not be working right and why portions of dns2.marbledfennec.net have not been working right.

Turns out that some of my tooling/scripts which I use to make configuring things easier also allow me to forget to go back and edit those config files once they are in place. For dns2, this meant that the config called for IP addresses that were not present on that system, meaning the name server couldn’t bind port 443, 5353 or 9001. Due to me working on the servers in tandem usually, I did not catch the error for about a week of trying to figure out what was going on. It finally stuck out to me when I did a netstat and saw missing entries. This has been fixed and dns2 should be full service now.

The other issue that was at hand was that our DoH, or DNS over HTTPS, setup was not done correctly and the certs were invalid for these servers. The certs have been updated and also include support for “multi.dns.marbledfennec.net” for allowing clients to hop between servers to spread the load a little bit. DoH appears to be working properly now.

We won’t be doing away with the dns or dns2 names because they are used for telling which server is which, but we do prefer that our end users start using “multi.dns.marbledfennec.net” in their networks to help make use of both of our name servers.