swinog January 2023

swinog@lists.swinog.ch

5 participants
6 discussions

Switzerlandwide Internet problem
by Michele Capobianco 16 Jul '23

16 Jul '23

Hey all A friend just told me that Cybernet told him there is a Switzerlandwide Internet Problem. Does anybody know something? Cheers Michele -------- Online Consulting AG, Michele Capobianco, System Administrator, Weststrasse 38, CH-9500 Wil Phone +41 (0)71 913 31 31, Fax +41 (0)71 913 31 32 http://www.online.ch, michele.capobianco(a)online.ch<mailto:michele.capobianco@online.ch> --------

8 7

IPv6, Gateway settings in datacenter/server
by Mueller Urs SBB CFF FFS 14 Jul '23

14 Jul '23

Hello Curious about the «best practice» you use for IPv6 gateways in server config / datacenter. Votes for static gateway settings on servers? Or do you use IPv6 nd/ra? Or perhaps DHCPv6? Regards, Urs SBB AG Cyber Security Cyber Defense Center Poststrasse 6, 3072 Ostermundigen Mobil +41 79 433 21 67 urs.bf.mueller(a)sbb.ch<mailto:urs.bf.mueller@sbb.ch> / www.sbb.ch<http://www.sbb.ch>

3 2

Service Provider Network Topologies
by Urs Baumann 18 Jan '23

18 Jan '23

Good day, We want to analyse different network graphs from service providers in a Bachelor Thesis. Would anyone be willing to share the topology? Of course, the data can be anonymised. The students will need to find typical characteristics of service provider networks, and the thesis aims to create new topologies with these characteristics. Attached you can find the own-developed prototype helping to analyse the graph characteristics. Kindes regards, Urs Baumann Network and Research Engineer P central +41 58 257 44 99 P direct +41 58 257 44 84 urs.baumann(a)ost.ch OST – Eastern Switzerland University of Applied Sciences INS – Institute for Network and Security | Oberseestrasse 10 | 8640 Rapperswil | Switzerland | http://www.ost.ch

2 1

Reminder Invitation for Domain Pulse in Winterthur Feb 6./7. 2023
by Michael Hausding 16 Jan '23

16 Jan '23

Dear Swinog list Allow me to remind you for the Domainpulse 2023 on February 6. & 7. In Witherthur. The event is organised by the 3 registries SWITCH (.ch/li), Denic (.at) and nic.at <http://nic.at/> (.at) and focuses on Domain Names. Most of the talks are also interesting for network operators, like the talk from Geoff Houston on measurements or the discussion about fiber ins Switzerland and Liechtenstein. Participation is free and you can register here: https://www.domainpulse.ch/#rsvp <https://www.domainpulse.ch/#rsvp> Hope to see you in Winterthur Michael ------------------------------------ Michael Hausding, Competence Lead DNS & Domain Abuse SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 77, incident phone +41 44 268 15 40 michael.hausding(a)switch.ch <mailto:michael.hausding@switch.ch> http://securityblog.switch.ch <http://securityblog.switch.ch/>

1 0

DNSSEC issue with swizzonic DNS servers?
by Benoit Panizzon 06 Jan '23

06 Jan '23

Hi List Fancy another DNS issue hunt? We have DNSSEC validation enabled on our BIND DNS Servers. We started seeing: no valid RRSIG resolving 'www.numberportability.ch/DS/IN': 2a01:8100:2901::1:183:202#53 no valid RRSIG resolving 'www.numberportability.ch/DS/IN': 2a01:8100:2901::1:183:201#53 no valid RRSIG resolving 'www.numberportability.ch/DS/IN': 81.88.58.219#53 no valid RRSIG resolving 'www.numberportability.ch/DS/IN': 195.110.124.196#53 broken trust chain resolving 'www.numberportability.ch/HTTPS/IN': 2a01:8100:2901::1:183:202#53 broken trust chain resolving 'www.numberportability.ch/AAAA/IN': 2a01:8100:2901::1:183:202#53 client @0x803541d60 X.X.X.X#27325 (www.numberportability.ch): query failed (broken trust chain) for www.numberportability.ch/IN/AAAA at query.c:7724 And of course the query fails, disrupting access some some quite important API. numberportability.ch. 900 IN SOA dns1.swizzonic.ch. hostmaster.swizzonic.ch. 2022121601 10800 3600 604800 86400 $ dig +dnssec RRSIG www.numberportability.ch @dns1.swizzonic.ch ; <<>> DiG 9.16.33-Debian <<>> +dnssec RRSIG www.numberportability.ch @dns1.swizzonic.ch ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 39132 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available So, from my point of view, the authoritative DNS server thinks, this is a recursive query and refuses to answer with the RRSIG, breaking validation of that record. Do you get to the same conclusion? Can you resolve this host via any other DNSSEC validating nameserver? I had no success contacting any technical inclined staff willing to look at the issue since the issue started on 16. December via hostmaster(a)swizzonic.ch by phone or via support(a)register.it. So if anyone from Swizzonic is reading here, it would be nice to get a direct contact to further investigate that issue. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

8 9

Reach Swizzonic Support outside of working hours
by lizzy＠hennig.ch 05 Jan '23

05 Jan '23

Does someone know a way to reach Swizzonic outside their working hours? A Domain of us got deactivated in the evening outside their working hours, event though the bill is paid and wouldn't be due yet. Said domain is used for our dns servers we use for customer...

4 3

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog January 2023