Conversation

Notices

1. Embed this notice
   Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 02:53:54 JST Ryan Castellucci (they/them) :nonbinary_flag:

   Rebooting my router did not fix my DNS problems. I have discovered the cause of the problem, however.

   Please write in your guesses. First correct answer wins a prize.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:13:00 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • marco_m_aus_f

     @marco_m_aus_f no

   • Embed this notice
     marco_m_aus_f (marco_m_aus_f@freiburg.social)'s status on Sunday, 26-Apr-2026 03:13:02 JST marco_m_aus_f

     in reply to

     @ryanc Broken cable?

   • Embed this notice
     ../kajer/. (kajer@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:26:43 JST ../kajer/.

     in reply to

     @ryanc cloudflare

   • Embed this notice
     ../kajer/. (kajer@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:28:49 JST ../kajer/.

     in reply to

     @ryanc my second guess is, upstream dns tampering, which you would detect and thus ignore, so no queries were valid, resulting on no host records.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:29:08 JST Ryan Castellucci (they/them) :nonbinary_flag:

     • taskschd.msc

     @schtaks no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:29:25 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • ../kajer/.

     @kajer no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:29:38 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • ../kajer/.

     @kajer no

   • Embed this notice
     Fritz Adalis (fritzadalis@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:44:39 JST Fritz Adalis

     in reply to

     • ../kajer/.

     @ryanc @kajer
     Was it DNS?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:45:54 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Fritz Adalis
     • ../kajer/.

     @FritzAdalis @kajer i mean, that depends on semantics, but i would say no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:46:45 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • aschmitz

     @aschmitz no

   • Embed this notice
     aschmitz (aschmitz@ostatus.lardbucket.org)'s status on Sunday, 26-Apr-2026 03:46:46 JST aschmitz

     in reply to

     @ryanc BGP.

   • Embed this notice
     Third spruce tree on the left (tezoatlipoca@mas.to)'s status on Sunday, 26-Apr-2026 03:52:31 JST Third spruce tree on the left

     in reply to

     @ryanc VPN or some other routing tunnel accidentally left on?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:52:31 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Third spruce tree on the left

     @tezoatlipoca no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 03:59:59 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Rusty Shackleford

     @rusty__shackleford no

   • Embed this notice
     Rusty Shackleford (rusty__shackleford@mastodon.social)'s status on Sunday, 26-Apr-2026 04:00:00 JST Rusty Shackleford

     in reply to

     @ryanc

     I'll go the simple route and guess a corrupt DNS cache...?

   • Embed this notice
     nyanbinary (nyanbinary@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:25:48 JST nyanbinary

     in reply to

     @ryanc idk how but MTU would be very funny

   • Embed this notice
     Fi 🏳️‍⚧️ (munin@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:27:43 JST Fi 🏳️‍⚧️

     in reply to

     @ryanc

     prior service config change was committed but the service had not been restarted

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:31:48 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • antsu

     @antsu no

   • Embed this notice
     antsu (antsu@p.antsu.net)'s status on Sunday, 26-Apr-2026 04:31:50 JST antsu

     in reply to

     @ryanc systemd-resolved

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:31:56 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • DistroWatch

     @distrowatch no, no

   • Embed this notice
     DistroWatch (distrowatch@mastodon.social)'s status on Sunday, 26-Apr-2026 04:31:57 JST DistroWatch

     in reply to

     @ryanc I'd probably go with loose/unplugged cable.

     Other common issues include Internet/DNS bill not paid, and typo in a settings field.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:32:03 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • nyanbinary

     @nyanbinary no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:32:09 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Fi 🏳️‍⚧️

     @munin no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:32:12 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • overflo

     @overflo no

   • Embed this notice
     overflo (overflo@23.social)'s status on Sunday, 26-Apr-2026 04:32:14 JST overflo

     in reply to

     @ryanc resolv.conf fubar?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:32:38 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • UserName Aged Badly

     @dontreportme no, but that's extremely cursed

   • Embed this notice
     UserName Aged Badly (dontreportme@mastodon.online)'s status on Sunday, 26-Apr-2026 04:32:39 JST UserName Aged Badly

     in reply to

     @ryanc
     NIC power save

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:32:45 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Human after all

     @humanhorseshoes no

   • Embed this notice
     Human after all (humanhorseshoes@mastodon.world)'s status on Sunday, 26-Apr-2026 04:32:46 JST Human after all

     in reply to

     @ryanc You didn't plug the fibre into the router

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:33:03 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Michael Cook

     @foobarsoft no

   • Embed this notice
     Michael Cook (foobarsoft@mastodon.social)'s status on Sunday, 26-Apr-2026 04:33:04 JST Michael Cook

     in reply to

     @ryanc ISP DNS was broken?

   • Embed this notice
     Paul_IPv6 (paul_ipv6@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:33:17 JST Paul_IPv6

     in reply to

     @ryanc

     - systemd-resolvd
     - your router gets default resolver from upstream and that was missing/wrong/pointing to broken resolver, borking DNS for local network getting DNS to use from DHCP lease
     - something in /etc/hosts
     - not putting something in /etc/hosts

   • Embed this notice
     mx alex tax1a - 2020 (6) (atax1a@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:34:53 JST mx alex tax1a - 2020 (6)

     in reply to

     @ryanc iptables

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:35:30 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Paul_IPv6

     @paul_ipv6 none of the above

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:36:08 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • sean watters

     @swatters no

   • Embed this notice
     sean watters (swatters@mastodon.social)'s status on Sunday, 26-Apr-2026 04:36:09 JST sean watters

     in reply to

     @ryanc client was doing DNS over HTTPS?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:36:31 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • mx alex tax1a - 2020 (6)

     @atax1a no, and I've migrated to nftables anyway

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:36:39 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Jan Wildeboer 😷:krulorange:

     @jwildeboer no

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Sunday, 26-Apr-2026 04:36:41 JST Jan Wildeboer 😷:krulorange:

     in reply to

     @ryanc Firewall.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:36:45 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • mik

     @1mik no

   • Embed this notice
     mik (1mik@mastodon.social)'s status on Sunday, 26-Apr-2026 04:36:46 JST mik

     in reply to

     @ryanc ISP gives back a DNS Server that is not working.

   • Embed this notice
     Bitslingers-R-Us (anachronistjohn@zia.io)'s status on Sunday, 26-Apr-2026 04:36:47 JST Bitslingers-R-Us

     in reply to

     @ryanc My guess is Google’s nameservers caching incorrect DNS for much, much longer than the published TTL. That, at least, is what I’ve been dealing with.

     Thanks, Google :P

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:36:48 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Andrew Deacon

     @aadeacon no

   • Embed this notice
     Andrew Deacon (aadeacon@mastodon.social)'s status on Sunday, 26-Apr-2026 04:36:49 JST Andrew Deacon

     in reply to

     @ryanc Not an IT person so I will go with A CAT.

   • Embed this notice
     Paul_IPv6 (paul_ipv6@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:37:11 JST Paul_IPv6

     in reply to

     @ryanc

     and this is why DNS is such a solid source of employment. :D

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:48:37 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Wolkensteine

     @Wolkensteine no; it's a supermicro running debian

   • Embed this notice
     Wolkensteine (wolkensteine@mastodon.wolkenheim.eu)'s status on Sunday, 26-Apr-2026 04:48:39 JST Wolkensteine

     in reply to

     @ryanc
     Maybe the DHCP server of your router was configured incorrectly, so clients got bad stuff, which would have been discovered when rebooting probably since a device trying to reconnect probably would then throw errors? Or wait — no, that can't be right? That wouldn't have caused you DNS problems instantly … Mhhhhh

     What kinda router are you using?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:49:36 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • jack

     @jackeric arguably not

   • Embed this notice
     jack (jackeric@beige.party)'s status on Sunday, 26-Apr-2026 04:49:37 JST jack

     in reply to

     @ryanc is it DNS

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:49:40 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Ariel Millennium Thornton

     @arielmt no

   • Embed this notice
     Ariel Millennium Thornton (arielmt@computerfairi.es)'s status on Sunday, 26-Apr-2026 04:49:44 JST Ariel Millennium Thornton

     in reply to

     @ryanc Assigned IPv6-only DNS servers on an IPv4-only WAN?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:49:46 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Bob K Mertz :distressedUS:

     @bobkmertz no

   • Embed this notice
     Bob K Mertz :distressedUS: (bobkmertz@techhub.social)'s status on Sunday, 26-Apr-2026 04:49:47 JST Bob K Mertz :distressedUS:

     in reply to

     @ryanc
     Cable plugged in to LAN vs WAN?

   • Embed this notice
     poleguy looking for lost tools (poleguy@mastodon.social)'s status on Sunday, 26-Apr-2026 04:49:57 JST poleguy looking for lost tools

     in reply to

     @ryanc your machine was not connected to that router at all but using a different one you forgot about.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:49:57 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • poleguy looking for lost tools

     @poleguy no

   • Embed this notice
     UserName Aged Badly (dontreportme@mastodon.online)'s status on Sunday, 26-Apr-2026 04:49:58 JST UserName Aged Badly

     in reply to

     @ryanc
     Modem related: unpowered or "release of magic smoke"

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:49:58 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • UserName Aged Badly

     @dontreportme no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:51:54 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Michael Cook

     @foobarsoft no, but what the actual fuck

   • Embed this notice
     Michael Cook (foobarsoft@mastodon.social)'s status on Sunday, 26-Apr-2026 04:51:55 JST Michael Cook

     in reply to

     @ryanc Dang. I’ve seen the other guests, it seems like this is likely to be something incredibly stupid.

     I’ll give it one last insane try.

     DNS server set to EBCDIC not ASCII?

     I assume that’s impossible but oh well.

   • Embed this notice
     mik (1mik@mastodon.social)'s status on Sunday, 26-Apr-2026 04:54:38 JST mik

     in reply to

     @ryanc dnsmasq cache/connection limit exhausted

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:54:38 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • mik

     @1mik no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:55:31 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • eyes4abbot

     @eyes4abbot will post the answer tomorrow

   • Embed this notice
     eyes4abbot (eyes4abbot@mastodon.social)'s status on Sunday, 26-Apr-2026 04:55:32 JST eyes4abbot

     in reply to

     @ryanc I've no guesses but am SO curious for the answer...👀

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:56:09 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • tb1402

     @tb1402 no

   • Embed this notice
     tb1402 (tb1402@social.anoxinon.de)'s status on Sunday, 26-Apr-2026 04:56:11 JST tb1402

     in reply to

     @ryanc Some UDP only related problem. Detected after the reboot, as DHCP now also didn't work.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 04:56:37 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Marcos Dione
     • UserName Aged Badly

     @mdione @dontreportme this was affecting all computers on my network at once

   • Embed this notice
     Marcos Dione (mdione@en.osm.town)'s status on Sunday, 26-Apr-2026 04:56:38 JST Marcos Dione

     in reply to

     • UserName Aged Badly

     @ryanc @dontreportme well, my funputer starts to get disconnections from the WiFi every night and it seems it's related to this.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:03:25 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • 🚲 murph

     @murph no

   • Embed this notice
     🚲 murph (murph@gardenstate.social)'s status on Sunday, 26-Apr-2026 05:03:26 JST 🚲 murph

     in reply to

     @ryanc Wrong subnet?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:03:56 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Gantua

     @gantua none of the above, probably lennart's fault somehow anyway

   • Embed this notice
     Gantua (gantua@pleroma.marchera-pas.fr)'s status on Sunday, 26-Apr-2026 05:03:58 JST Gantua

     in reply to
     @ryanc
     
     * unwanted RA (RAscal) on the network announcing RDNSS or rogue DHCPv6.
     * DNS filtering by evil ISP
     * systemd
   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:18:41 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Gantua

     @gantua none of the above, see previous toot about blaming lennart for things completely unrelated to systemd

   • Embed this notice
     Gantua (gantua@pleroma.marchera-pas.fr)'s status on Sunday, 26-Apr-2026 05:18:43 JST Gantua

     in reply to
     @ryanc That's a useful hint!
     
     * NetworkManager
     * netplan.io
     * Bad interaction with policy routing, done by wireguard or someone else.
     * Network card corrupts byte 45 on half the packets because systemd enables weird ethtool settings
     * firewalld or similar installed without notice during an upgrade
     * two DHCP clients fighting each other
     * /etc/resolv.conf is missing or configured to use localhost and two local DNS resolvers are fighting each other
   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:20:42 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • kaoudis

     @kaoudis no

   • Embed this notice
     kaoudis (kaoudis@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:20:43 JST kaoudis

     in reply to

     @ryanc ISP-level issues?

   • Embed this notice
     Bill (sempf@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:21:17 JST Bill

     in reply to

     • kaoudis

     @ryanc @kaoudis Has NO ONE guessed right?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:36:45 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Bill
     • kaoudis

     @Sempf @kaoudis nobody has guessed it yet

   • Embed this notice
     kaoudis (kaoudis@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:36:46 JST kaoudis

     in reply to

     • Bill

     @Sempf @ryanc I guess… no 😅

   • Embed this notice
     Bill (sempf@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:36:46 JST Bill

     in reply to

     • kaoudis

     @kaoudis @ryanc Fair nuff.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:36:55 JST Ryan Castellucci (they/them) :nonbinary_flag:

     • PhreakByte the Octopus

     @nieldk no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:38:04 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Gantua

     @gantua none of those

   • Embed this notice
     Gantua (gantua@pleroma.marchera-pas.fr)'s status on Sunday, 26-Apr-2026 05:38:06 JST Gantua

     in reply to
     @ryanc The one that says "probably lennart's fault somehow anyway" ?
     
     * problems with TCP fallback (firewall, or bug in dnsmasq)
     * Some random program (chrome?) is hammering DNS resolver
     * authoritative DNS resolver used as recursive
     * outdated DNSSEC root of trust or algorithm support
   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:42:19 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • MetalMartijn [NL]

     @metalmartijn no

   • Embed this notice
     MetalMartijn [NL] (metalmartijn@mastodon.social)'s status on Sunday, 26-Apr-2026 05:42:20 JST MetalMartijn [NL]

     in reply to

     @ryanc IP conflict

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:42:22 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • make

     @make no

   • Embed this notice
     make (make@mastodontti.fi)'s status on Sunday, 26-Apr-2026 05:42:24 JST make

     in reply to

     @ryanc
     The thing you did just before it Broke?

   • Embed this notice
     Wouter 🛰️ (pa3weg@mastodon.social)'s status on Sunday, 26-Apr-2026 05:42:46 JST Wouter 🛰️

     in reply to

     @ryanc Your DNS config is not working because some container process keeps overwriting the file?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:42:46 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Wouter 🛰️

     @pa3weg no

   • Embed this notice
     Wayne Dixon (waynedixon@mastodon.social)'s status on Sunday, 26-Apr-2026 05:43:00 JST Wayne Dixon

     in reply to

     @ryanc incorrect MTU size?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 05:43:00 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Wayne Dixon

     @waynedixon no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 06:02:46 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Gantua

     @gantua no

   • Embed this notice
     Gantua (gantua@pleroma.marchera-pas.fr)'s status on Sunday, 26-Apr-2026 06:02:48 JST Gantua

     in reply to
     @ryanc
     
     * Rogue DNS search/domain issued by ISP
     * Too many resolvers configured
     * DNS Response not routed correctly (ICMP redirects)
     
     I'll stop there.
   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 06:17:18 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Bård H. (lvl 49 🇳🇴)

     @baardhaveland none of these

   • Embed this notice
     Bård H. (lvl 49 🇳🇴) (baardhaveland@snabelen.no)'s status on Sunday, 26-Apr-2026 06:17:20 JST Bård H. (lvl 49 🇳🇴)

     in reply to

     @ryanc

     Some "it's too stupid to check" issues I've experienced:

     - Someone plugged a loose ethernet cable back into one of the switches, but the other end of said cable was already connected to the network

     - Someone decided to make their own WiFi (with hookers and blackjack), but it started handing out new IPs to everyone

     - Someone visited the switch room, and turned off the lights when they left, despite huge warning signs

     - Logging all traffic caused router to overheat after 2-3 days

   • Embed this notice
     kaoudis (kaoudis@infosec.exchange)'s status on Sunday, 26-Apr-2026 06:27:09 JST kaoudis

     in reply to

     • Bill

     @ryanc @Sempf I still feel like some variety of ground squirrel *should* be the answer (but how that would only affect DNS idk) 😆

   • Embed this notice
     Fritz Adalis (fritzadalis@infosec.exchange)'s status on Sunday, 26-Apr-2026 07:00:43 JST Fritz Adalis

     in reply to

     • ../kajer/.

     @ryanc @kajer
     Hmm, that probably rules out EDNS0 or forgetting to roll the zone timestamp.

   • Embed this notice
     mx alex tax1a - 2020 (6) (atax1a@infosec.exchange)'s status on Sunday, 26-Apr-2026 07:32:16 JST mx alex tax1a - 2020 (6)

     in reply to

     @ryanc lunar disturbances

   • Embed this notice
     SpaceLifeForm (spacelifeform@infosec.exchange)'s status on Sunday, 26-Apr-2026 08:13:26 JST SpaceLifeForm

     in reply to

     @ryanc

     The list is long.

     I'll go with resetting a cicuit breaker.

   • Embed this notice
     Aris Adamantiadis :verified:💲Paid (aris@infosec.exchange)'s status on Sunday, 26-Apr-2026 08:26:25 JST Aris Adamantiadis :verified:💲Paid

     in reply to

     @ryanc duplex mismatch

   • Embed this notice
     ../kajer/. (kajer@infosec.exchange)'s status on Sunday, 26-Apr-2026 09:33:38 JST ../kajer/.

     in reply to

     @ryanc ntp

   • Embed this notice
     morb (morb@mastodon.social)'s status on Sunday, 26-Apr-2026 15:02:05 JST morb

     in reply to

     @ryanc after scanning the thread; filesystem quotas?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:02:05 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • morb

     @morb no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:03:01 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • mx alex tax1a - 2020 (6)

     @atax1a not that I can tell

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:03:27 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Bert Koorengevel

     @bertkoor no

   • Embed this notice
     Bert Koorengevel (bertkoor@mastodon.social)'s status on Sunday, 26-Apr-2026 15:03:28 JST Bert Koorengevel

     in reply to

     @ryanc
     An unrelated service / cron job on the same machine taking 100% cpu

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:05:14 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • SpaceLifeForm

     @SpaceLifeForm no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:05:49 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • ../kajer/.

     @kajer no

   • Embed this notice
     Tony Finch (fanf@mendeddrum.org)'s status on Sunday, 26-Apr-2026 15:05:59 JST Tony Finch

     in reply to

     @ryanc something causing intermittent broadcast storms? something stealing the MAC addr or IP addr of your DNS resolver? something making dnsmasq hang, maybe it was trying to write to something very slow, eg. logs on a broken disk?

     Ryan Castellucci (they/them) :nonbinary_flag: repeated this.
   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:06:00 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • ggdupont

     @gdupont no, but A+ for creativity

   • Embed this notice
     ggdupont (gdupont@framapiaf.org)'s status on Sunday, 26-Apr-2026 15:06:02 JST ggdupont

     in reply to

     @ryanc
     This thread is soooo good. I need to make my attempts (as most, based on past experiences):
     - power fluctuation that lower just enough to make some device unreliable but not enough to trigger any shutdown or power fallback
     - if this is related to outdoor devices: rabbit partially ate cable or ant nest into a box that makes it just too hot to work well (but again not enough to shut it down)

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:06:14 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • liquidlight

     @liquidlight no, but lol

   • Embed this notice
     liquidlight (liquidlight@beige.party)'s status on Sunday, 26-Apr-2026 15:06:15 JST liquidlight

     in reply to

     @ryanc ghost ate mac address and replaced it with B00:B00:B00 to scare people

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:06:55 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • b3lt3r

     @b3lt3r no

   • Embed this notice
     b3lt3r (b3lt3r@mastodon.b3lt3r.com)'s status on Sunday, 26-Apr-2026 15:06:57 JST b3lt3r

     in reply to

     @ryanc zero trust mesh with local DNS overriding

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:09:04 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • GeneralX ⏳

     @generalx no, but I have been screwed by checksum offloading before

   • Embed this notice
     GeneralX ⏳ (generalx@freeradical.zone)'s status on Sunday, 26-Apr-2026 15:09:05 JST GeneralX ⏳

     in reply to

     @ryanc
     My guesses:

     1. TCP
     2. Checksum offloading
     3. Ignored transaction ID

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:11:07 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Tony Finch

     @fanf I'm going to give it to you for this, it was dnsmasq calling fsync(2) on the dhcp leases file, which happens fairly frequently because I've got about 80 DHCP clients on my home network.

     I have resolved it by LD_PRELOADing libeatmydata.

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:11:18 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Tony Finch

     @fanf no

   • Embed this notice
     Tony Finch (fanf@mendeddrum.org)'s status on Sunday, 26-Apr-2026 15:11:21 JST Tony Finch

     in reply to

     @ryanc something else on the dnsmasq server causing the whole machine to choke, eg by eating all its ram? disk full causing indigestion? something killing dnsmasq and dns works again after it autorestarts?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:13:48 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Aris Adamantiadis :verified:💲Paid

     @aris no

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:15:15 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Prizmo

     @unsafelyhotboots no

   • Embed this notice
     Prizmo (unsafelyhotboots@sharkey.world)'s status on Sunday, 26-Apr-2026 15:15:16 JST Prizmo

     in reply to

     @ryanc@infosec.exchange DHCP configuration?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 15:20:32 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • oheso

     @oheso arguably no

   • Embed this notice
     oheso (oheso@ieji.de)'s status on Sunday, 26-Apr-2026 15:20:34 JST oheso

     in reply to

     @ryanc Cause of DNS problem: DNS

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 16:26:06 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Tony Finch
     • Marcos Dione

     @mdione @fanf I didn't dig into the code, but I believe it is single threaded, and fsync is always blocking by design even on an otherwise non-blocking file descriptor.

     But. In common configurations, fsync also has to wait on any other writes that were pending on the same filesystem.

   • Embed this notice
     Marcos Dione (mdione@en.osm.town)'s status on Sunday, 26-Apr-2026 16:26:08 JST Marcos Dione

     in reply to

     • Tony Finch

     @ryanc @fanf so, dnsmasq has a single thread (async?) for dns and dhcp requests, and if dhcp are lagging, they block dns?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 18:54:03 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Edvin Malinovskis

     @nCrazed all DNS lookups were failing on every device, so no.

   • Embed this notice
     Edvin Malinovskis (ncrazed@fd00.space)'s status on Sunday, 26-Apr-2026 18:54:05 JST Edvin Malinovskis

     in reply to

     @ryanc Were you checking the wrong domain?

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 20:17:32 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • morb

     @morb not rats, answer has been posted

   • Embed this notice
     morb (morb@mastodon.social)'s status on Sunday, 26-Apr-2026 20:17:33 JST morb

     in reply to

     @ryanc rats

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 26-Apr-2026 22:03:35 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     @toadjaune @fanf strace

   • Embed this notice
     toadjaune (toadjaune@hostux.social)'s status on Sunday, 26-Apr-2026 22:03:37 JST toadjaune

     in reply to

     • Tony Finch

     @ryanc @fanf cursed indeed.

     How did you end up diagnosing this ? :O

   • Embed this notice
     Paul_IPv6 (paul_ipv6@infosec.exchange)'s status on Monday, 27-Apr-2026 03:15:28 JST Paul_IPv6

     in reply to

     • Tony Finch

     @ryanc @fanf

     ah, dnsmasq... the "gift" that keeps on giving. the project hasn't been given consistent love from maintainers for reasons and router vendors are infamous for shipping really bad versions and not updating...

   • Embed this notice
     Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Monday, 27-Apr-2026 05:07:38 JST Ryan Castellucci (they/them) :nonbinary_flag:

     in reply to

     • Tony Finch
     • Simon Hewison

     @zymurgic @fanf It would only make the problem less frequent, and even with a 24 hour lease time, that would be 160 renewals per day.

   • Embed this notice
     Simon Hewison (zymurgic@mastodon.online)'s status on Monday, 27-Apr-2026 05:07:39 JST Simon Hewison

     in reply to

     • Tony Finch

     @ryanc @fanf how about just extending the lease duration? Less frequent DHCP queries, hence less load on dnsmasq.

   • Embed this notice
     SpaceLifeForm (spacelifeform@infosec.exchange)'s status on Monday, 27-Apr-2026 07:37:52 JST SpaceLifeForm

     in reply to

     @ryanc

     It was a trick answer.

     For various definitions of circuit.