Category: Network

While this should not affect routing at all, various services of ours might go offline and return later. We are still playing around with DNS and have made the move into serving our domain using “dns.marbledfennec.net” as the primary and DeSec.io as our secondary name servers. As we learn more about the services we rely on and how to host them ourselves, we will be working on moving them in house.

Update at 2pm:
At this time, our domain is using only our name servers to check and see if DNSSEC is working correctly on our end. Once verified, there will be another update.

Update at 10am:
Eventually this configuration will be duplicated on “dns2.marbledfennec.net” and then kept in sync with any zone changes automagically. For those who are curious, “dns.marbledfennec.net” and “dns2.marbledfennec.net” are really the servers “dns.fenfox.run” and “dns2.fenfox.run”.

The thing to remember about our project is that it is and always will be a grounds to learn on. Meaning a lot of our hosted machines and configurations are moving targets as our team learns from doing and managing.

Since we had some resources to spare, we have setup a second public DNS
resolver that anyone may use if they wish. Both of our resolvers are compatible
with ICANN and OpenNIC domains.

Our team has moved all but our v6 edge router over to using one of our DNS servers at
dns.fenfox.run and as far as we can tell, everything is running as it should and the move was
transparent without any hiccups. The means all of our project members and end users will
now have access to both ICANN and OpenNIC domains.

Marbled Fennec Networks is currently working on testing out our own pair of DNS servers
for servicing the network. So far things look like they are running well and response times are fair.
If the testing continues to work as expected, we are considering switching all routers over to using
the servers “dns.fenfox.run” and “dns2.fenfox.run” as their upstream DNS.

These changes, if they happen (won’t know for another few hours), should be completely transparent
to our project members and end users.

Our “Network Management Policy” has been updated to reflect some changes
that had to be put in place regarding the operation of our two public DNS
servers. Project members and end users who make use of the public DNS servers
should take a quick glance over the policy and make note of the changes.

In short, Marbled Fennec Networks will react to sudden increases in DNS traffic
and, where warranted, will block the resolution of queries headed for what is
known as “Command and Control” servers when it comes to suspected malware.
Our team will do their best to research the domains behind the traffic spikes
before applying any network rules.