JP Mens @jpmens@mastodon.social
- https://twitter.com/jpmens
- Blog
- https://jpmens.net
Small-scale fiddler, enjoys doing & teaching. Wrote a thick book on FLOSS DNS servers. Dreamed up @OwnTracks over MQTT. Ansible with NOCOWS=1. Loves plain text. I (re-)toot in several languages. https://jpmens.net
Joined Apr 2017
Ansible users, I need inspiration please for a new training I'm creating. I'd like a slide or two with users' favorite cool/superuseful/interesting/neat Ansible modules.
Which is your favorite one (or three)?
For example: I like set_stats and I use it for ..
JP Mens
boosted
For you e-ink phone minimalists, this looks cool - https://mudita.com/products/pure/
@DNSresolver
bortzmeyer.org NS
@DNSresolver
sub.jpmens.org. A
@DNSresolver
sub.jpmens.org. NS
@DNSresolver
corp.ds.fedex.com NS
;; Truncated, retrying in TCP mode.
https://gist.github.com/jpmens/d50ee39432baaeb3bcd78057115124b8
JP Mens
boosted
Oh neat, RFC 1035 as PDF & print for only $71.40, you save 30%! 
So, what type of punishment do you propose imposing on registrars who don't support DNSSEC (neither DS nor DNSKEY submission) beginning January 1st 2022?
I think we shouldn't be too strict, I mean DNSSEC has only existed for 22 years, hence the rest of this year for them to get their shit together.
JP Mens
boosted
ICYMI: If you do not want a domain to receive any mail, there is a way to be at last somewhat civil about it. There's a different DNS trick for that.
RFC7505 and a few notes https://bsdly.blogspot.com/2021/02/rfc7505-means-yes-your-domain-can.html
JP Mens
boosted
Aaah Twitter, les traitements automatisés et la détection de l'humour S15E3738338
JP Mens
boosted
resolvd(8) - daemon to handle nameserver configuration
https://undeadly.org/cgi?action=article;sid=20210225084959 #openbsd
JP Mens
boosted
"It remains a work in progress."
Everything we do is a work in progress, until the day it's deleted from the tree.
APNIC puts DNSSEC signers to the test: Knot-2.9 vs BIND-9.16 https://blog.apnic.net/2021/02/25/putting-dnssec-signers-to-the-test-knot-vs-bind/
JP Mens
boosted
Ah tiens, la dernière version d'Unbound (1.13.1) permet d'ajouter un NSID (RFC 5001) à son résolveur.
Avec le paramètre "nsid" soit suivi d'une chaîne hexadécimale (le format de NSID), soit en préfixant "ascii_" le nom voulu
Spoiler : ça marche.
Par contre, j'étais persuadé que c'était implémenté depuis longtemps 🤔
ISC history timeline. (DNS and DHCP)
JP Mens
boosted
That grumpy BSD guy: RFC7505 Means Yes, Your Domain Can Refuse to Handle Mail. Please Leave Us a TXT If You Do. https://bsdly.blogspot.com/2021/02/rfc7505-means-yes-your-domain-can.html (with thanks to @thorsheim for reminding me of that actually useful RFC)
A love letter to ISC BIND
XSLT now supports JSON. I thought you should know. https://www.w3.org/TR/xslt-30/#json
- https://twitter.com/jpmens
- Blog
- https://jpmens.net
Small-scale fiddler, enjoys doing & teaching. Wrote a thick book on FLOSS DNS servers. Dreamed up @OwnTracks over MQTT. Ansible with NOCOWS=1. Loves plain text. I (re-)toot in several languages. https://jpmens.net
Joined Apr 2017
Server run by the main developers of the project 
It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!