DNS & network news

Non classé

Very slow DNS lookup unless using Google/Cloudflare

I’m setting up WiFi for a new Win 10 laptop and the DNS lookup is abysmally slow, on the order of seconds when it doesn’t time out. However if I manually change the DNS provider to either 1.1.1.1 or 8.8.8.8 everything loads lightning fast. Likewise punching in the IP directly for a website loads it quickly too.

Is this a symptom of any particular problem? Other devices (phones, game consoles) on the same network don’t have this issue at all, just the laptop.

submitted by /u/xXx_THYME_LOOPER_xXx
[link] [comments]

Powered by WPeMatico

Layman Needs Help Understanding (privacy) Implications of Self-Hosted DNS server

Hi everyone.

tl;dr What are the pros and cons of hosting your own DNS server via unbound (for the purposes of privacy)?

*****

I am concerned that there may be misinformation being spread about self-hosting (not for a website) your own DNS sever. Please help me to clear up my own confusion/point me to what I need to learn to begin to understand and discern for myself.

I frequent subreddits such as r/pihole, r/privacytoolsIO, r/privacy, and r/theprivacymachine. Occasionally people recommend self-hosting your own DNS server on your LAN for the purpose of not giving your internet history to recursive DNS servers (think CloudFlare, Google, Quad9, NextDNS, etc.) and minimizing the requests that you’re sending out by having a local cache.

Here is the usual recommended setup: Unbound with DNSSEC and a cache. They recommend not forwarding requests to recursive DNS servers, however, wouldn’t this make my network traffic stand out more than if I had discerningly picked a handful of privacy-respecting recursive DNS servers in my Unbound configuration? Additionally, the only guide I have found that has included properly setting up TLS certificates has been this one: https://www.ctrl.blog/entry/unbound-tls-forwarding.html

I am currently using the following setup: https://docs.pi-hole.net/guides/unbound/

*****

Based on my reading so far I think I should be using:

****

Please help an ignorant layman learn to understand this for himself, so I can take my own threat model and understand fully what I’m doing here.

submitted by /u/DavidJAntifacebook
[link] [comments]

Powered by WPeMatico

Should I have the same DNS entries with my domain registrar and on the hosting server?

I’m migrating away from shared hosting and had a question about configuring my new set-up.

I’ve transferred the domain to Google Domains. I’m using their name servers. And, I’ve moved the DNS records over as well.

And, I’ve transferred the site to a VPS at Upcloud. I have an option to add some DNS entries (A and CNAME–but not TXT) to the server as well.

Do I want to create the same A and CNAME on the Upcloud server that I use at Google Domains? Or do I leave them blank at the Upcloud server since they’re already included at Google Domains?

Any insight or context would be appreciated.

Thanks!

submitted by /u/chriscasemart
[link] [comments]

Powered by WPeMatico

Best way to audit/validate addresses are still valid?

Hi, IT manager here. We have hundreds of domains on bulk register and enom, at an annual cost right around $5-6k. Some are purchased and used, others simply purchased for potential future use.
Most don’t have a business contact/requester, only my Engineer contact info when they set it up. Clearly not all of them resolve to an active site.

What is the best way to audit our list of DNS to see if they are active? IS there a way to audit the list with confidence of accuracy?

Likely a basic question, I appreciate any help as DNS isn’t my area of knowledge.

submitted by /u/DukePooler
[link] [comments]

Powered by WPeMatico

Homelab question… What DNS entries do I need to make at the registrar level for computers to see my AD server?

I have a Win 2019 Eval running on my home network.

When I take a laptop and try to join it to the domain, it won’t find the domain controller unless I change its DNS server from that of my router to that of the ADS Server.

What I’d LIKE to have happen is that the computer asks the router, the router asks my DNS Registrar, and they point back to the AD Server on the network. It’s using a 192 address, but I have other devices with A names and C names in the registrar that are pointing to those address blocks, so this should work, I just don’t know what the top level entries need to be.

Can anyone help?

Thanks.

submitted by /u/duplicateBadger
[link] [comments]

Powered by WPeMatico