How Many RIPE Atlas Probes Can Resolve IPv6-only Domain Names?
• 6 min read
Each RIPE Atlas probe has at least one DNS resolver, indicated by a DHCP reply on the local network of the probe. Irrespective of the IP address of the resolver, this server may have IPv4 and IPv6 connectivity or only IPv4 connectivity. What is the percentage among RIPE Atlas probes?
"They may also receive more spam and phishing e-mails, since modern e-mail security protocols rely on DNSSEC as well." I would like to see email servers use SPF, DKIM and DMARC records only if they have been validated with DNSSEC but I strongly doubt it is the case today.
Developping something new (no installed base) and mission-critical in C, today, is a bit strange. Why not using a safer language?
Nice and useful article. For OpenDNSSEC, the important parameter is named Jitter and is enabled by default. Check that you have something like "<Policy name="default">...<Signatures>... <Jitter>PT12H</Jitter>" It would be nice to document here how it is done for other signing programs.
Great survey, thanks for this work. Indeed, the variations in EDE are funny. For bogus.bortzmeyer.fr, Unbound (and 1.1.1.1) say "9 (DNSKEY Missing)", 9.9.9.9 say "10 (RRSIGs Missing)" and Knot-Resolver say "12 (NSEC Missing)"
"The IP to CO2 Intensity API allows you to query an IP address" The second link actually goes to a service that takes a host name, not an IP address.
A good thing about the IETF is that it is open and discussions are public so here is the link to the discussion inside the IETF about this article: https://mailarchive.ietf.org/arch/msg/ietf/M2vDMHuj063n5jvcUydcr0oRWy0/
I was at the same side meeting and had a different impression. My article in French: https://www.bortzmeyer.org/filtrage-vie-privee.html
Interesting and timely since, in the last two weeks, at least five domains of important public services in France have been down. At least four of them had poor DNS hosting (only two unicast authoritative name servers, sometimes in the same physical location). My report (in French): https://www.bortzmeyer.org/service-public-impots-dns.html
You do not mention the use of RIPE Atlas probes. Is the user tag "iwantbcp38compliancetesting" still useful/used?
You do not say if all the talks at the meeting were in croatian? (I ask because Vesna's one has a title in english.) I'm wondering if people are used to talk about things like QUIC in croatian.
Showing 60 comment(s)