its almost as if they forked off the same base code or something

perhaps even decades ago

take it to #conspiracy

Yeah, the forks never happened, man!

FlatearthBSD

lol

That was forked from DragonFly

what th-

btx loder lopcks up when i try to boot an old freebsd install on a new motherboard

?_?

when local_unbound shits out, domains stop resolving, and i lose connection to irc and other shit, the only log item is "local-unbound[10502:0] info: generate keytag query _ta-4f66. NULL IN" that enough to figure out wtf is going wrong?

it's like 2-3 times a day i gotta service local_unbound restart

polyex: You can use BIND instead, for anything/everything unbound does.

i can also switch to linux.. (not that helpful)

That'd be a bit more work to swap out a resolver.

I stopped using unbound when I found a bug, looked at the code, and what I found turned into a CVE. Moved back to BIND for the purpose, been happy ever since.

k now im listening. i had time issues with ntpd switched to chrony now i'm gucci. local_unbound is the last flakey thing i have in my whole fbsd stack so i'm open to dropping it. but bind is a big pig last i remember so is there a "chrony of dns"?

I've got BIND service up a couple zones, under 10MB resident. Secondary for the same, roughly the same memory used. CPU use negligible.

length of config?

Not a ton added to the base config. More config than unbound? Sure.

Hm, memory usage seems to scale with zone size. Just looked at an internal server with a decent number of entries, and it was using a bunch more RAM.

im trying to remember a 3rd dns server option that ppl told me about... it's what i could use to blacklist domains, like "*.google.com", so dns for anything in that domain never resolved. you know what that is? maybe it's time to try that 1

powerdns?

powerdns and bind are the big ones, and there's other stuff, like dnsmasq, unbound, other stuff.

polyex: en.wikipedia.org/wiki/Comparison_of_DNS_server_software

Title: Comparison of DNS server software - Wikipedia

i think it was dnsmasq

is there any command-line search like locate (i.e., with database) that can search certain paths (so like find but faster?)

MelMalik: can i install a new version of btx bootloader on an old freebsd install, say version freebsd 9.0

cve.mitre.org/cgi-bin/cvekey.cgi?keyword=dnsmasq isnt too bad right?

Title: CVE - Search Results

CCFL_Man, idk

have you had that problem before?

No

polyex: bind can be used for your purpose. i think the standard approach is to use a 'response policy', indicating a zone that contains the domains you want to block. it will use more memory with large zones, but i think usually most of it will end up paged out if necessary- maybe only if usage is low enough

i wanna block any domain from resolving, then just whitelist those that i do want resolved

i'm not sure how to do such a default block, but if it can be specified in a zone file, it can be blocked with response policy

to block, it's something like: zone "badlist" {type master; file "/usr/local/etc/namedb/BLOCKED"; allow-query {none;}; }; response-policy { zone "badlist"; }; -- this is mostly just something i found on the internet. your BLOCKED zone should associate each domain to be blocked with something like 127.0.0.1

i think you can find some more info on the internet, and there is also a bind support channel

then whitelist is just, you specify the zones manually and set forward only etc.

my consolidated local-unbound config is termbin.com/0dx7j there anything that would cause unbound to stop resolving domains a couple times a day till i service local_unbound restart?

Anyone keep getting the message "ld-elf.so.1: /lib/libc.so.7: version FBSD_1.7 required by /usr/local/bin/alacritty not found" or something similiar?

happens when you didn't update your system

llua: I did pkg update and then pkg upgrade.

What step am I missing?

updating the base system

llua: Looking through the docs now.

I should be able to just do "freebsd-update fetch" and then "freebsd-update install".

polyex: for home use dnsmasq is decent

I mean, openwrt is on millions of devices and it just works

does unbound fail for you with no external changes like interfaces coming down or up?

ya doesnt seem like anything else fails. gonna test tho next time dns is failing i'll try pinging an IP to see if i still have network

local-unbound is like 6 months behind so maybe i'll switch to pkgs unbound

any risks with that?

I am not sure what you mean when you say risks

k, any downside to using local-unbound instead of from pkgs

?

I use unbound from ports because I run it as a resolver for my entire LAN which the local-unbound set-up is not designed for

local-unbound is a turn-key solution, essentially

it is supposed to just work out of the box

does my local-unbound config termbin.com/0dx7j have any obvious probs?

there is not much there

so probably not

polyex: next time you have issues, try looking at tcpdump

what for?

havent used it a lot

just see what it is doing

just something like `tcpdump -vvvni <interface> port 53`

lo0 for seeing what is happening when stuff on your FreeBSD host queries DNS

and your external for when you want to see if it sends out anything

use host or drill to generate requests while tcpdump is running

i. e. `host ibm.com 127.0.0.1`

ok tyvm

polyex: when everything is working you should see something like this: paste.ee/p/GkuZO

Title: Paste.ee - View paste GkuZO

1st section is host asking local_unbound, 2nd is local_unbound asking full-blown unbound

full-blown unbound is on another box right?

on my router

you can see IP addresses there

10.10.0.1 is the router

in any case, if during those outages your unbound is sending queries on the external interface but does not get any replies, it is not its fault

you may want to add a host filter for the external interface though, so `port 53 and host <your external interface IP>`

got it, ty!!

Where is scopeid documented? it's not documented in ifconfig

I sort of understand that the different numbers should mean link, host, etc… but I don't know which number means what

hrm… so far, it's different on different OSes…

It's either link-local, in which case it's the index of the interface (if_nametoindex(3)), or site-local, in which case it's… the scope-id…

meena, grep -i scope /usr/include/netinet6/in6.h

V_PauAmma_V: I found out that when i fed the address to Python's IPv6Interface it told me me what scope the IP has

Python is sadness

so you have not lost must

much*

it's not my choice which language the project is written in

what's wrong with Python?

mage: many things, cathode.church/@meena/109025856128979615

Title: Mina: "programming vs inuitivity" - Cathode Church

Hi, I just installed FreeBSD 13.1 and my wired network throughput is only about 5Mbps, whereas my windows machines on the same network get 100Mbps (were on a 100/100Mbps plan with Metronet). How can I fix the slow throughput? Is there a reliable guide someone can point me to that deals specifically with slow throughput?

MillerBOSS: Depends on the driver, but try disabling the checksum offloading

Is it bare metal or a virtual machine?

how is your network configured, it should not require any tuning. Unless you are using a bridge or something to VMs, then it gets more complex

python39 updated! It truely is an amazing day.

Title: QDB: Quote #400459

haha

Title: Signal on Twitter: "A request to our community: Signal is blocked in Iran. You can help people in Iran reconnect to Signal by hosting a proxy server. If you’re willing and able, please follow the instructions here: t.co/hznCI9EwCa 1/2 #IRanASignalProxy" / Twitter