-
nuegia.net
test
-
nuegia.net
ok that's so strange. Jool completely disregards Linux routing tables
-
nuegia.net
it must hook into the kernel to proccess packets before nftables does
-
nuegia.net
anybody have experience with this?
-
nuegia.net
Does tayga still respect Linux routing tables?
-
TheCoffeMaker
nuegia.net, looks like it's more an ip command thing than a iptable/nftables thing... actually from documentation looks like u should be using nftables only for filtering not routing (routing is made by ip and jool commands)
-
nuegia.net
i think jool handles packets before iproute2 can
-
nuegia.net
which is why i'm switching from linux to openbsd
-
syn.rip admin
nice
-
TheCoffeMaker
From Jool's FAQ > At present, Netfilter Jool only hooks itself to PRE_ROUTING. It does not attach itself to LOCAL_OUT. > Because iptables provides matching functionality, it makes more sense to attach iptables Jool instances to LOCAL_OUT. And AFAIK, there’s nothing stopping you from doing so. But don’t quote me; I haven’t tested it.
-
nuegia.net
thankyou
-
TheCoffeMaker
looks like it needs a little more development yet ... seems to need further development, at least that is what we can infer after the `But don’t quote me; I haven’t tested it.` commentary
-
nuegia.net
openbsd includes nat64 in pf
-
nuegia.net
there's no need for third party software. it's all in base
❤ 1 -
Menel
Since over a week I've got problems with a server that is hosted at home, (my primary is on a vps with stable ip and unaffected) The issue is: it is on a network with a daily changing ip, and since about a week the dns record just doesn't propagate in any normal time. Many dns servers deliver the ip address from days ago, if I use a tool like dnschecker.org/ I see at least three different ips, there are some sever showing the current one, but they are far away Tand not generally used by my clients. If I do a trace from the root servers, I'll see the current ip in my computer, otherwise an outdated one. Has anyone ever had such a problem? Is my domain hosters DNS server to blame, or is there another explaination? Before records were propagating about as fast as the TTL (5 min)✎ -
Menel
Since over a week I've got problems with a server that is hosted at home, (my primary is on a vps with stable ip and unaffected) The issue is: it is on a network with a daily changing ip, and since about a week the dns record just doesn't propagate in any normal time. Many dns servers deliver the ip address from days ago, if I use a tool like dnschecker.org/ I see at least three different ips, there are some sever showing the current one, but they are far away and not generally used by my clients. If I do a trace from the root servers, `drill -T`, I'll see the current ip in my computer, otherwise an outdated one. Has anyone ever had such a problem? Is my domain hosters DNS server to blame, or is there another explaination? Before records were propagating about as fast as the TTL (5 min) ✏
-
Kris
sometimes DNS mirrors just fail. I saw similar issues before depending on the ISP, but it was always some temporary issue on the ISP dns mirror side
-
nuegia.net
Menel, send a domain notify to the incorrect resolvers✎ -
nuegia.net
Menel, send a domain notify to the incorrect dns servers ✏
-
nuegia.net
Menel, send a domain notify to the incorrect dns servers from your master ✏
-
Menel
I don't selfhost my dns yet. It is where I bought the addresses
-
nuegia.net
you should at least consider a hidden master
-
moparisthebest
Menel: you can check your individual DNS servers to see who is serving stale records, roughly: `dig ns your-root-domain.com` then for each nameserver returned by the above: `dig a your-a-record @nameserverhere` hopefully that helps you track it down, otherwise message me and I can help
-
Menel
That helped, thank you. Seems ns.inwx.de and ns2.inwx.de serve still the old record, only ns3.inwx.de the new one. I'll contact them. Since it's going on for some time already
-
Guus
Menel, have you checked if your IP can assign you a static IP if you push a bit more money their way? May be worth it to prevent issues that are out of your control.
-
Guus
I _think_ my home router can integrate with DynDNS-like services, which may offer another alternative to get a semi-static address. I've never tried that though.
-
Menel
It works Guus, until *this* happens and it just won't propagate on the dns servers. But even for static ips that's a problem the moment one wants a new record.
-
alfred
Did you try lowering the TTL?
-
moparisthebest
Menel: yep what you described sounds like inwx.de has a problem they need to fix, surely affecting other customers, hopefully they will :)
-
nuegia.net
one of the great things about not outsourcing is that if you have a problem you don't have to wait on anybody else to fix it
-
nuegia.net
the downside of that is that if you have a problem, it's not going to fix itself