Hacker News with Generative AI: DNS

Preventing conflicts in authoritative DNS config using formal verification (cloudflare.com)
Over the last year, Cloudflare has begun formally verifying the correctness of our internal DNS addressing behavior — the logic that determines which IP address a DNS query receives when it hits our authoritative nameserver.

DNS, Formal Verification, Security, Networking, Cloud Computing

64 points by rscho 10 days ago | 3 comments

DNS Nameservers (potaroo.net)
It's common folklore in the Domain Name System that a delegated domain name must be served by 2 or more nameservers.

DNS, Internet

26 points by belter 23 days ago | 5 comments

Breaking down OpenAI's outage: a hidden DNS dependency in Kubernetes (render.com)
OpenAI recently experienced an hours-long, platform-wide outage after a newly-deployed telemetry service overloaded their Kubernetes (K8s) control planes.

OpenAI, Kubernetes, Cloud Computing, DNS, Software

21 points by skywardavocado 31 days ago | 3 comments

The secret life of DNS packets (2019) (stripe.com)

Networking, Security, Internet, DNS

95 points by ohjeez 36 days ago | 15 comments

French Piracy Blocking Order Goes Global, DNS Service Quad9 Vows to Fight (torrentfreak.com)
In an ongoing escalation of its fight against online sports piracy, media giant Canal+ secured court orders compelling DNS providers Quad9 and Vercara to block access to pirate streaming sites in France. Quad9 says that it's determined to appeal what it sees as an absurd application of copyright law. For now, however, it will block the targeted domain names globally.

Copyright Law, Piracy, DNS, France, Internet

36 points by latexr 37 days ago | 22 comments

Reachability Analysis of DNS (arxiv.org)
The high complexity of DNS poses unique challenges for ensuring its security and reliability.

DNS, Security, Network Analysis

12 points by agnishom 37 days ago | 0 comments

Parsing Millions of DNS Records Per Second (github.com/NLnetLabs)
Fast and standards compliant DNS zone parser.

DNS, Networking, Performance, Software, Open Source

42 points by oco101 39 days ago | 1 comments

Who controls the Internet? A survey of authoritative DNS server diversity (netmeister.org)
Why yes, the internet is resting on a foundation of duct tape and WD40 - it is known. And the DNS is the mother of all corner stones that, if knocked out, would quickly lead to the fall of western civilization. (And yes, it is a hard requirement to use this XKCD cartoon to illustrate this.) But at least it's not quite as fragile as, say, whois, so yay!

Internet, DNS, Security, Technology, Infrastructure

4 points by fanf2 43 days ago | 0 comments

cli53 – Command line tool for Amazon Route 53 (github.com/barnybug)
cli53 provides import and export from BIND format and simple command line management of Route 53 domains.

DNS

53 points by indigodaddy 44 days ago | 5 comments

All of Google Offline? (ycombinator.com)
Noticed no domains were resolving. Turned out Google's DNS server (8.8.8.8) is down.

Internet, DNS, Google, Downtime, Network Issues

28 points by gadtfly 44 days ago | 22 comments

DNS records and a Cloudflare security violation (coryd.dev)
This site (was) hosted on Cloudflare Pages. In an effort to make scheduling more convenient for my mentee from Underdog Devs, I set up SavvyCal. Without giving it any thought, I added an easy to remember CNAME and pointed it at SavvyCal.

DNS, Security, Cloud Services

6 points by cdme 49 days ago | 0 comments

Bluesky seems to be caching the DNS TXT result indefinitely (github.com/bluesky-social)
I previously had an account with the handle @vagasprajr.com.br, but I deleted it. Now, I'm trying to use the same domain for a new account's custom handle, but Bluesky keeps using the old TXT record settings.

Social Media, DNS, Bluesky

6 points by ismaildonmez 55 days ago | 0 comments

Migrating billions of records: moving Cloudflare DNS database while it's in use (cloudflare.com)
According to a survey done by W3Techs, as of October 2024, Cloudflare is used as an authoritative DNS provider by 14.5% of all websites.

Cloud Computing, DNS, Database Management, Operations, Technology

5 points by programd 64 days ago | 0 comments

Another simple online DNS query tool (nstoolbox.com)
Lookup DNS records for any domain.

Tools, DNS, Networking

48 points by sckn 68 days ago | 16 comments

Upcoming changes to the DNSSEC root trust anchor (dns-oarc.net)
We are reaching out to inform you of important changes to the DNSSEC trust anchor in the root zone. If you manage a validating DNS resolver or a tool that interacts with the DNS root zone you might need to change your software to handle the changes. This letter provides a summary of the upcoming changes and gives pointers to resources that describe them in detail.

DNSSEC, Security, Internet, Root Zone, DNS

111 points by todsacerdoti 73 days ago | 23 comments

Archive of wiki.bash-hackers.org (github.com/flokoe)
The popular wiki.bash-hackers.org (original IP address: 83.243.40.67) site had its DNS expire in April 2023.

Web Development, Software, Archives, DNS

5 points by sipofwater 76 days ago | 1 comments

Pkdns: DNS server resolving via mainline DHT (github.com/pubky)
A DNS server providing self-sovereign and censorship-resistant domain names. It resolves records hosted on the Mainline DHT, the biggest DHT on the planet with ~15M nodes that services torrents since 15 years.

DNS, Decentralized Systems, P2P, Security, Censorship Resistance

52 points by janandonly 77 days ago | 10 comments

Migrating billions of records: moving our active DNS database while it's in use (cloudflare.com)
According to a survey done by W3Techs, as of October 2024, Cloudflare is used as an authoritative DNS provider by 14.5% of all websites.

DNS, Cloud Computing, Database Management, Engineering, Networking

16 points by mikece 81 days ago | 0 comments

The trailing dot in domain names matter (lacot.org)
While inspecting traffic logs for my website in redirection.io recently, I noticed several requests logged on the lacot.org. domain name. Did you see the final trailing dot in the hostname? I first thought it was a bug in the logging platform, but I was surprised to learn that it is perfectly possible to add a dot at the end of a domain name.

Domain Names, DNS, Web Development

68 points by Damin0u 81 days ago | 18 comments

Using less memory to look up IP addresses in Mess With DNS (jvns.ca)
I’ve been having problems for the last 3 years or so where Mess With DNS periodically runs out of memory and gets OOM killed.

DNS, Memory Management, Optimization

137 points by todsacerdoti 83 days ago | 41 comments

Understanding Round Robin DNS (hyperknot.com)
For OpenFreeMap, I'm using servers behind Round Robin DNS. In this article, I'm trying to understand how browsers and CDNs select which one to use.

DNS, Networking, Web Development

394 points by hyperknot 84 days ago | 123 comments

The Alarming Prevalence of Zone Transfers (reconwave.com)
We found that 8% of all nameservers still have zone transfers enabled for all authorized zones, potentially exposing sensitive information to malicious actors.

Security, DNS, Internet Security

11 points by olamoskae 88 days ago | 6 comments

Show HN: Dynamic IPv4/6 records for Cloudflare (github.com/ddries)
Update Cloudflare DNS 'A' and 'AAAA' records for your dynamic IP.

Networking, DNS, CloudFlare, Software

13 points by kurokawad 89 days ago | 9 comments

Can't trust any VPN these days (orhun.dev)
After Turkey banned Discord, I had to jump through some hoops, fix my VPN, and learn a bit about how DNS works.

Privacy, VPNs, Turkey, DNS

89 points by orhunp_ 94 days ago | 78 comments

Show HN: 4B+ DNS Records Dataset (merklemap.com)
Introducing the world's most comprehensive and extensive DNS (Domain Name System) records database with more than 4 billion records.

DNS, Data Sets, Databases, Internet, Networking

90 points by Eikon 94 days ago | 28 comments

uBlock Origin CNAME uncloaking now supports filtering by IP address (github.com/gorhill)
This commit makes the DNS resolution code better suited for both filtering on cname and ip address. The change allows early availability of ip address so that `ipaddress=` option can be matched at onBeforeRequest time.

Security, Privacy, Web Browsing, Software, DNS

292 points by gslin 102 days ago | 128 comments

Show HN: Using Cloudflare 1.1.1.1 DNS over HTTPS API to bulk search domain TLDs (supersaas.dev)
Check if a domain is available for your brand.

DNS, Cloudflare, Domain Registration, Programming, Tools

11 points by fayazara 108 days ago | 4 comments

Show HN: Privacy DNS – free, encrypted, no-logs, DoH, DoT, DoQ, DNSProxy (privacy-dns.pw)
A free, encrypted, no-logs and privacy-oriented DNS that blocks tracking, ads and phishing, with support for DoH, DoT, DoQ and DNSCrypt & Anonymized DNSCrypt proxy.

Privacy, DNS, Security, Networking

14 points by dIsK 112 days ago | 10 comments

Insecurity Through Censorship: Vulnerabilities Caused by the Great Firewall (assetnote.io)
At Assetnote, we are contstantly resolving millions of DNS as part of the operation of our Attack Surface Management platform. When performing DNS resolutions at the scale that we do across the number of diverse customer attack surfaces that we are monitoring we start to notice some really interesting behavior in the wild.

Cybersecurity, China, DNS, Censorship

8 points by breakingcups 112 days ago | 0 comments

Cloudflare Zero Trust DNS is down (cloudflarestatus.com)
We are currently investigating an issue where users on Cloudflare WARP may intermittently have issues resolving DNS addresses.

Internet, DNS, Cloudflare, Security, Networking

9 points by zhoutong 114 days ago | 0 comments