logoalt Hacker News

kuerbelyesterday at 8:52 PM4 repliesview on HN

I just spent the better half of an hour to debug unbound and the pihole because I thought it's a me problem...

Good news though, if you add domain-insecure: "de" to your unbound config everything works fine

Replies

V__yesterday at 10:04 PM

Just before the outage happened I updated multiple client servers. That was a very stressfull hour trying to figure out why nothing works.

Benderyesterday at 9:05 PM

I don't even enable DNSSEC in Unbound. There just isn't enough adoption yet for me to feel like I am missing out on something, yet.

"Cloudflare Radar data shows 8.11% of domains are signed with DNSSEC, but only 0.47% of queries are validated end-to-end." [1]

Zones I may care about:

- Amazon.com: unsigned

- My banks: unsigned

- Hacker News: unsigned

- Email that I do not host: unsigned

- My power companies billing: unsigned

- I found some! id.me and irs.gov are signed.

[1] - https://technologychecker.io/blog/dnssec-adoption

show 1 reply
victorbjorklundyesterday at 8:54 PM

Same haha

chromeheartsyesterday at 8:57 PM

SAMEEEEE !!!