I am in the process of moving our two name servers from using IPtables for malicious domain blocking to using RPZs within BIND. If this works as I intend, it should cut back on the amount of upkeep involved in blocking known, high volume C&C lookups; making us quicker to update and add new domains to the list. Also, domains on this list will return NXDOMAIN.
Category: Network
Post dealing with changes to how we route packets and configure our network.
I finally got a moment to check on what was going on with the secondary physical server and it appears something triggered some kind of bug in which the network interface started resetting randomly and would come back up at 100Mbps before dying again.
I don’t see an actual reason for this in the system logs, which is very puzzling…but after a system reboot and sending a tech to look at the server’s networking cable just to be sure- it appears the box is running okay again.
This means that we will need to keep an eye on this box and make sure we catch on to future possible errors before they take the system out.
We are aware that our secondary physical server is experiencing network issues. Accounting, DNS and NMS keep going down and flooding our discord with service alerts. Our schedule has us on the road and unable to diagnose what is causing this issue right now, I will get the smol raptor to check over things when we get a break and able to catch up later tonight after our flight to Calgary.
We have been working in the background today to slowly roll out updates across our routing gear without causing too much noticeable down time for our end users. Our Core and Catos routers are now on the latest firmware and both have monitoring setup.
Hoping to get a throughput page put on the website tomorrow for all of our routing gear, if time permits such. Still have to update the other routers first, however.