home tags events about login
one honk maybe more

benjojo posted 09 May 2025 16:35 +0000

Today's fun debug adventure, on one of the bgp.tools remote IX collector boxes in Iraq, all DNS packets appear to be ACL'd now. See the difference in mtr's for port 53 vs 54

Not too much of a problem, as just flipping the switch on systemd-resolved to use DNS Over TLS "fixed" the problem. I guess systemd-resolved is good for something then!

Outputs of mtr side by side, the side using UDP port 54 is getting deeper into the network