swinog April 2023

swinog@lists.swinog.ch

9 participants
8 discussions

DNSSEC auto-disabled by SWITCH on some .ch domains?

by Franco Hug

Hey SWINOGgers, I noticed that DNSSEC was somehow auto-disabled at registry level for some .ch domains I am responsible for. For these domains, no DS records are published anymore in the .ch zone, dnsviz shows a broken chain of trust. However, registrar data still shows that DNSSEC is enabled, but the registry (SWITCH) says it is not... Is this a known problem? Seems not all DNSSEC protected .ch domains are affected, which leads me to the suspicion that it might have to do with the algorithm being used. Did SWITCH turn off older algorithms, e.g. algo 7 (RSASHA1-NSEC3-SHA1)? Did I miss an announcement? Random example, e.g. gkb.ch (notably a bank...) > dig +short @dns1.inventx.ch gkb.ch dnskey > 256 3 7 AwEAAdYydDZyd5M3UGS5b4Yv6qlIO5eOSwskJ/DQjiRO0as59ZG6hMDJ VseqslJMTwghdiCrd/sicWvDOszK6Cuqye0+ZEm9tfG6gxgWWmzpSmXQ KDHRG1iV8UF0KSOciFAPp4qRe083KPXu2ChXkTUSAa/iRCcZdFJK2M6l c7Gjjj55 > 257 3 7 AwEAAbQv5Whc+cna1IbtESB+Pwx+8eP5jfbjhuqiFuU/18qUckR9NxT7 KUCT8GDlRTsGYmuKxcMITvH510CgGOA/6TORaB4iIXRnACmfiiku25/B NHmNJd58ymZ/ED17smVJ4ou77/rhxW+/0Q1iVIAOcY8EblWq3EabepYz E6CY9Vh/RTh2mvSl80h8nZyFotsEwN0LIlc/Pi0qGmy7iTOBqtVsbFVm gssn/2c7IMCA8N2aaP1it8Qi+3DDGDh3N8HSEIVk+nrgQtsqQaLOFPGQ Q0ezahQO6oVGKG4XAHw+2XaZQ3UT0sTcFj3ZVKCcGE4Ddoa3J/gqLQh7 aA44cVIQx+s= > > dig +short @a.nic.ch gkb.ch ds > > -> no DS record Working example with algorithm 13 (ECDSA Curve P-256 with SHA-256): > dig +short @ns2.switch.ch switch.ch dnskey > 257 3 13 keJOWxnKOCymNa0sPpwp/ioeyvgrXjY9hu8KxWdaxlMFukxquKVLdt2J 5KxGOpmIZZbOXRALfG78FnDsE/k8EQ== > 256 3 13 YOf+TLHGeDBL0q6DSpE4vE2ub8RUvniew7xYkZJHocU6je7Ww/MfUeHf B1LEDpFNFloYHFBvWD92gu5MT2ZJ1A== > 256 3 13 twHlL7CfhxPadzuRi3wRxEDs+3i/oe9W3heRKiP8CALwpexBZYCjMJ2w Z403h9dJ/iA7CzCTSmvePLGdJ4cIzQ== > > dig +short @a.nic.ch switch.ch ds > 32265 13 2 8A865736961D246F99D6111BCA060E69908380FD5545D799F21E4652 DA60A17C Could anybody shed some light on this? Thx & Gruass, Franco

1 month

DNSSEC auto-disabled by SWITCH on some .ch domains?

by Franco Hug

1 month

Re: Datacenter switches

by Philipp Tobler

Hi Matthias, at the University of Bern, we are replacing our current Enterasys/Extreme/Brocade/Ruckus gear by Extreme Network models. For core/distribution/ToR, we opted for the 7400 and 5520 series with VOSS (Fabric engine) and so far, we are quite happy with the choice. The 5520-24x could fit your requirements - 10G copper is feasible with copper plugins. (max. 50% of copper plugins supported due to heat discipation) BTW, we use a mix of „original“ and Fexoptix plugins. Hope this helps - otherwise feel free to give me a call. Cheers, Philipp > Am 27.04.2023 um 12:00 schrieb swinog-request(a)lists.swinog.ch: > > Send swinog mailing list submissions to > swinog(a)lists.swinog.ch > > To subscribe or unsubscribe via email, send a message with subject or > body 'help' to > swinog-request(a)lists.swinog.ch > > You can reach the person managing the list at > swinog-owner(a)lists.swinog.ch > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of swinog digest..." > > Today's Topics: > > 1. Datacenter switches (Matthias Hertzog) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 27 Apr 2023 04:04:06 +0200 > From: Matthias Hertzog <matthias(a)hertzog.ch> > Subject: [swinog] Datacenter switches > To: swinog(a)swinog.ch > Message-ID: <9B113594-1951-46A4-A6D1-B0ED90C92131(a)hertzog.ch> > Content-Type: text/plain; charset=utf-8 > > Dear colleagues > > As some of you already figured, i‘m about to dive into the ISP scene again. „What a surprise“ ;-) > > I‘m currently evaluating datacenter switches. Current need is at least 12 10gig SFP ports and some 10gig copper ports. > > What brands and models are you guys using these days? I‘ve used cisco and Foundry/Brocade in the past, but i‘m open for recommendations. > > Thanks & have a nice day, > Matthias > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > swinog mailing list -- swinog(a)lists.swinog.ch > To unsubscribe send an email to swinog-leave(a)lists.swinog.ch > > > ------------------------------ > > End of swinog Digest, Vol 218, Issue 5 > **************************************

1 month, 1 week

Datacenter switches

by Matthias Hertzog

Dear colleagues As some of you already figured, i‘m about to dive into the ISP scene again. „What a surprise“ ;-) I‘m currently evaluating datacenter switches. Current need is at least 12 10gig SFP ports and some 10gig copper ports. What brands and models are you guys using these days? I‘ve used cisco and Foundry/Brocade in the past, but i‘m open for recommendations. Thanks & have a nice day, Matthias

1 month, 1 week

Looking for a /24. (or /23 or /22)

by Matthias Hertzog

Hi there! I’m looking for a /24 to buy. I have my own LIR and know how the transfer works. If you have something for sale, please let me know before i dive into the RIPE listing service and grow more grey hair due to non-responding people in there. Immediate and hassle-free payment guaranteed. Thanks & best wishes, Matthias

1 month, 1 week

Call for Presentations EPF 2023, Prage, Czech Republic // SwiNOG

by Arnold Nipper

Dear all, this is the Call for Presentations for the European Peering Forum 2023. AMS-IX, DE-CIX, LINX, NETNOD and guest IXP NIX.CZ, are happy to host the European Peering Forum (EPF) 2023 from Sunday the 10th to Wednesday 13th September 2023 in Prague, Czech Republic. The event will welcome peering managers and coordinators from networks connected to the host and guest Internet exchanges. Besides some interesting topical agenda, the three-day event accommodates room for attendees to meet on a one-to-one basis to discuss bilateral peering business opportunities. The programme committee will be looking for presentations and related to peering and technical topics of interconnection. Your presentation should address: * Interconnection Automation * Regional Peering * Interconnection / Peering Internet Governance and Regulatory Topics * Economic and Product Trends * Peering / Interconnection strategies * Interesting findings about Peering / Interconnection * 400GE and beyond * Any other hot topic related to Interconnection / Peering Submissions =========== Presentations must be of a non-commercial nature. Product or marketing heavy talks are strongly discouraged. Submissions of presentations should be made to the programme committee <epf-pc(a)peering-forum.eu>. Please include: * Author's name and e-mail address * Presentation title * Abstract * Slides (if available) * Time requested (max. 30 minutes incl. Q&A) Deadlines ========= Please send in your presentation asap. We decide on a first come first serve basis. The latest date for submission is July 30th, 2023. More information about the event and other activities around EPF16 may be found at * https://peering-forum.eu/2023/ * https://www.facebook.com/groups/1486607564933665/ On behalf of EPF, Best regards, AMS-IX, DE-CIX, LINX and NETNOD -- Keep calm, keep distance, keep connected! Arnold Nipper email: arnold(a)nipper.de mobile: +49 172 2650958

1 month, 1 week

DNS lookup failed from Bluewin client with bluewin DNS

by r.duchet＠csti.ch

Hello, We have a complaint from a customer, with unreachable website (stepcom.ch hosted on cloudflare). No DNS answer for domain for multiple DNS server of Bluewin (195.186.4.107 - 109 and 195.186.1.110 - 111 ) All working fine with an open DNS server. (Quad, Google etc). Could someone at Bluewin could check that ? Thanks. Rémy

1 month, 2 weeks

Anyone IT/Email/Marketing contact at United Nations or Geneva Forum or Objectif Sciences International

by Benoît Panizzon

Hi all Does anyone have a contact to the IT or more precisely Email / Marketing Department of the UN Geneva Forum aka Objectif Sciences International? https://www.osi-ngo.org/ They most probably have acquired an email list containing SWINOG Spamtraps and using this to advertised their science activities, getting shared Office365 IP addresses, used by the UN and other Swiss Office365 customers, blacklisted. I was in contact with the OSI Geneva Forum CEO, but he was not successful in finding anyone in charge. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 month, 3 weeks

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog April 2023