Encrypted DNS Query Transports and Their Trust Models

Recently there have been a couple bits of new on the DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) front. Comcast and Mozilla have struck a deal to provide a privacy oriented DoH service for Comcast users in the USA. Apple announced at WWDC 2020 that they are implementing both DoH and DoT on their iOS/iPadOS platforms with iOS/iPadOS 14.

So I feel that it is a good time to talk about the trust models inherent to the DNS query system for residential internet users and where DoH/DoT come in.

Continue reading “Encrypted DNS Query Transports and Their Trust Models”

An overview of OS support for IPv6 resolver distribution methods

In this post I will be going over the various levels of support for IPv6 resolver distribution for popular operating systems. Focus on desktop and mobile versions of OSes as those are the ones where we are usually automatically distributing resolver information. Dual stack is implied but IPv6 only functionality can be gleaned from said information as well.

Continue reading “An overview of OS support for IPv6 resolver distribution methods”

CCIE Lab Diary – EIGRP Lab

Overview/Goals

Implement EIGRP in a 9 router network with frame relay as the underlying L2 encapsulation to demonstrate protocol behaviours in a NBMA environment. Also involves tweaking of various parameters using summarization, redistribution, various stub types, distribute lists etc.

Technologies involved:

  • Serial interfaces
  • Ethernet interfaces
  • Frame Relay
  • EIGRP

Logical topology

eigrplab

Pitfalls/Things to watch out for

  • Frame Relay PVC issues
  • EIGRP timers on “slow” links, might want to tune them