XMPP Service Operators - 2024-10-29


  1. nuegia.net

    test

  2. nuegia.net

    ok that's so strange. Jool completely disregards Linux routing tables

  3. nuegia.net

    it must hook into the kernel to proccess packets before nftables does

  4. nuegia.net

    anybody have experience with this?

  5. nuegia.net

    Does tayga still respect Linux routing tables?

  6. TheCoffeMaker

    nuegia.net, looks like it's more an ip command thing than a iptable/nftables thing... actually from documentation looks like u should be using nftables only for filtering not routing (routing is made by ip and jool commands)

  7. nuegia.net

    i think jool handles packets before iproute2 can

  8. nuegia.net

    which is why i'm switching from linux to openbsd

  9. syn.rip admin

    nice

  10. TheCoffeMaker

    From Jool's FAQ > At present, Netfilter Jool only hooks itself to PRE_ROUTING. It does not attach itself to LOCAL_OUT. > Because iptables provides matching functionality, it makes more sense to attach iptables Jool instances to LOCAL_OUT. And AFAIK, there’s nothing stopping you from doing so. But don’t quote me; I haven’t tested it.

  11. nuegia.net

    thankyou

  12. TheCoffeMaker

    looks like it needs a little more development yet ... seems to need further development, at least that is what we can infer after the `But don’t quote me; I haven’t tested it.` commentary

  13. nuegia.net

    openbsd includes nat64 in pf

  14. nuegia.net

    there's no need for third party software. it's all in base

    ❤ 1
  15. Menel

    Since over a week I've got problems with a server that is hosted at home, (my primary is on a vps with stable ip and unaffected) The issue is: it is on a network with a daily changing ip, and since about a week the dns record just doesn't propagate in any normal time. Many dns servers deliver the ip address from days ago, if I use a tool like dnschecker.org/ I see at least three different ips, there are some sever showing the current one, but they are far away Tand not generally used by my clients. If I do a trace from the root servers, I'll see the current ip in my computer, otherwise an outdated one. Has anyone ever had such a problem? Is my domain hosters DNS server to blame, or is there another explaination? Before records were propagating about as fast as the TTL (5 min)

  16. Menel

    Since over a week I've got problems with a server that is hosted at home, (my primary is on a vps with stable ip and unaffected) The issue is: it is on a network with a daily changing ip, and since about a week the dns record just doesn't propagate in any normal time. Many dns servers deliver the ip address from days ago, if I use a tool like dnschecker.org/ I see at least three different ips, there are some sever showing the current one, but they are far away and not generally used by my clients. If I do a trace from the root servers, `drill -T`, I'll see the current ip in my computer, otherwise an outdated one. Has anyone ever had such a problem? Is my domain hosters DNS server to blame, or is there another explaination? Before records were propagating about as fast as the TTL (5 min)

  17. Kris

    sometimes DNS mirrors just fail. I saw similar issues before depending on the ISP, but it was always some temporary issue on the ISP dns mirror side

  18. nuegia.net

    Menel, send a domain notify to the incorrect resolvers

  19. nuegia.net

    Menel, send a domain notify to the incorrect dns servers

  20. nuegia.net

    Menel, send a domain notify to the incorrect dns servers from your master

  21. Menel

    I don't selfhost my dns yet. It is where I bought the addresses

  22. nuegia.net

    you should at least consider a hidden master

  23. moparisthebest

    Menel: you can check your individual DNS servers to see who is serving stale records, roughly: `dig ns your-root-domain.com` then for each nameserver returned by the above: `dig a your-a-record @nameserverhere` hopefully that helps you track it down, otherwise message me and I can help

  24. Menel

    That helped, thank you. Seems ns.inwx.de and ns2.inwx.de serve still the old record, only ns3.inwx.de the new one. I'll contact them. Since it's going on for some time already

  25. Guus

    Menel, have you checked if your IP can assign you a static IP if you push a bit more money their way? May be worth it to prevent issues that are out of your control.

  26. Guus

    I _think_ my home router can integrate with DynDNS-like services, which may offer another alternative to get a semi-static address. I've never tried that though.

  27. Menel

    It works Guus, until *this* happens and it just won't propagate on the dns servers. But even for static ips that's a problem the moment one wants a new record.

  28. alfred

    Did you try lowering the TTL?

  29. moparisthebest

    Menel: yep what you described sounds like inwx.de has a problem they need to fix, surely affecting other customers, hopefully they will :)

  30. nuegia.net

    one of the great things about not outsourcing is that if you have a problem you don't have to wait on anybody else to fix it

  31. nuegia.net

    the downside of that is that if you have a problem, it's not going to fix itself