Here’s a new edition of our newsletter! Topics include the EU Cyber Resilience Act, changes at ARIN making Routinator easier to use, speed improvements in Krill and the PROXY protocol in Unbound.

Rotonda, our modular programmable engine in , will have a dynamic, interpreted language for data modelling (programmable RIBs), querying and filtering routes.

A vulnerability named Non-Responsive Delegation (NRDelegation) Attack has been discovered in various resolving software. We have assigned CVE-2022-3204 and categorise this a MEDIUM severity for Unbound. A fix is available in version 1.16.3.

Did you read our latest newsletter? Catch up and subscribe to stay up-to-date on software developments, our research and community activities.

Over 2000 networks are now running Routinator for Route Origin Validation. Thank you all for the trust and support! 💚🚀

A massive thank you goes out to QIX Montréal Internet Exchange for becoming a Silver Sponsor of NLnet Labs. 💚💙

Krill 0.10.0 is now available, featuring support for Router Certificate Signing and the use of Hardware Security Modules (HSMs) for key operations.

Please enjoy the latest edition of our newsletter, featuring BGPsec and HSM support in our CA Krill, the EDNS Proxy Control option, new zone file parsers in and , as well as the octseq crate, offering generics for variable-length octet sequences.

NLnet Labs boosted

Unbound 1.16.2 has been released. This release fixes the new ghost domain issues CVE-2022-30698 and CVE-2022-30699. Apart from that, there are some bug fixes and an option to configure the max retransmit timeout.

See for full list of changes:

Prep the Philly cheesesteak cos the crew I ready to meet you at . You can catch up with your very own DNSOP co-chair (and our fearless leader) Benno Overeinder, seasoned Unbound developer Yorgos Thessalonikefs and veteran Tim Bruijnzeels.

NLnet Labs boosted
NLnet Labs boosted

In our excitement to get Zone Verification released in NSD, we forgot to include this functionality in the man page. All better now! 😅

In a collaboration between University of Twente, RIPE NCC and NLnet Labs, an ROV impact study was performed by Koen van Hove. tl;dr: doing ROV and dropping invalid routes does not guarantee that your traffic ends up where you intended.

🥵 Heat wave or not, the team have released a huge update to our , liberally licensed @rustlang library for . Too much to fit in a tweet, so check out GitHub for the juicy details. 🍹

In the latest instalment of our series, Luuk dives into plotting metrics without altering the packets or touching the DNS software itself.

We’re happy to offer RC1 of ldns 1.8.2. SVCB and HTTPS RR types are now compiled by default and it provides functionality for parsing and printing of EDNS0 options.

Show older

The original server operated by the Mastodon gGmbH non-profit