In the newly released Turris OS 5.2 version, you can find Overview after logging in to web interface reForis. It provides you easily recognized status about the activated services for automatic updates, data collection, dynamic firewall, test for Internet connectivity, speed test using Netmetr.cz, and added list of OpenVPN clients to any OpenVPN servers. Based on the community feedback, we prepared for you the requested missing features in reForis. Since this release, you can see the Storage tab, the possibility of doing a factory reset from the UI and adding a registration token to use Honeypot as a Service. Some of these features were missing from an old web interface or from the previous major version of Turris OS.
.CZ zone generation and signing underwent technical inspection, original components were replaced with Knot DNS
I try to describe the basic building blocks of our national domain registry administration to people around me quite often. Yet (or maybe for that very reason), the .cz is still perceived as something that simply works. Just like when you get in your car to take your children to school every morning. You expect the journey to take the usual 10 minutes (or 15 if you need to refuel) and that you won’t have to deal with any trouble. Even though you know that you need to change the oil regularly, check and change worn parts, or repair defects caused by operation, most of you leave these “out of order” cases to service professionals or at least a handy neighbor and avoid having to wash your hands from automotive grease or to remember the required type of brake pads. Modern cars are able to inform you of any necessary maintenance and all you have to do is dial the correct phone number. Although you don’t fully understand the person at the other end of the line, they manage to get through to you because you have a basic idea of how a car works.
BIRD Journey to Threads. Chapter 1: The Route and its Attributes
Data structures used by BIRD have to be changed in order to allow multithreading safely. This chapter covers necessary changes of them. BIRD is a fast, robust and memory-efficient routing daemon designed and implemented at the end of 20th century. We’re doing a significant amount of BIRD’s internal structure changes to make it possible to run in multiple threads in parallel.
BIRD Journey to Threads. Chapter 0: The Reason Why
BIRD is a fast, robust and memory-efficient routing daemon designed and implemented at the end of 20th century. Its concept of multiple routing tables with pipes between them, as well as a procedural filtering language, has been unique for a long time and is still one of main reasons why people use BIRD for big loads of routing data.
Python CLI libraries analysis
An analysis of several Python CLI libraries to detect their usability in various cases.
Usecase
We want to design a command with following usage based on compilation of several existing commands:
Usage: testcli [options] [--choices=VALUE]... [--params=...] create <label>
testcli [options] [--choices=VALUE]... [--params=...] drop <label>
testcli -h | --help
testcli --version
Options:
-h, --help Show this help message and exit.
--version Show program's version number and exit.
--config=FILE Set config file.
--string=STRING Set custom string.
--number=NUMBER Set custom number.
--params=KEY=VALUE Set custom parameters.
--today=DATE Set custom today [default: today].
--choices=VALUE Set custom choices [default: all]. Available options: 'all', 'foo', 'bar', 'baz'.
-n, --dry-run Don't actually do anything.
-v,--verbosity=LEVEL Set verbosity level in range 0 to 3 [default: 1].
Introducing DNS Shotgun
DNS Shotgun is a bechmarking tool specifically developed for realistic performance testing of DNS resolvers. Its goal is to simulate real clients and their behaviour, including timing of queries and realistic connection management, which are areas where traditional tools are lacking.
Improving DNS Server Telemetry
Since the end of January 2021, the data from all authoritative DNS servers operated by CZ.NIC about DNS transactions (queries and responses) is being collected exclusively using the new standard Compacted-DNS (C-DNS) format defined in RFC 8618. For data acquisition on the servers we use the DNS Probe software, developed by CZ.NIC Labs in cooperation with Brno Technical University. This milestone marks the end of a six-month transition period in which we migrated all servers from the traditional PCAP format that we used previously. During that period we heavily tested and improved the performance and stability of DNS Probe, and also compared the results obtained in both the old and new format.
Changes in the FRED system architecture
Since its first release, FRED has come a long way and has changed significantly. From a relatively small original project, over time it has grown to include modules related to the registry and the time has come for it to get a more significant reconstruction. There have also been shifts in the way the interface is designed, in the project management, as well as technological changes. The original method with a distinctive interface for each client gave way to more general and smaller interfaces, which each client can combine according to their needs. Similarly, we are moving towards modular source code architecture and last but not least, we are replacing Corba technology with gRPC. Another significant disadvantage for the large system is the narrow and poorly defined interdependence of individual parts, which slows down its response to new queries.
Merry Christmas and Happy New Year 2021
Dear readers of our blog, thank you for your support and we wish you a Merry Christmas and a Happy New Year. We look forward to seeing you in 2021.
The CZ.NIC team
Follow the DNS
It is no longer “trending”, but at the dawn of the millennium, the increasing globalization together with the rise of modern technology and especially the Internet gave birth to the term “Follow the Sun”. For the young or old and forgetful, here is what it was all about. For example, while online services that usually require continuous operation and worldwide accessibility at any given time, a service may stop working or become inaccessible to some users. Anytime. How to provide technical support for such service without forcing employees to be awake at night in a certain time zone? Spread the workers around the world so that you always have someone who has daytime (the Sun over their head) and can provide support for the online service. And if the worker can’t solve the issue, they would pass it to the next one in the direction of the moving sun, who would finish the job. The fact that the time needed to solve the request was not measured in hours, but in the number of revolutions of the request around the Earth, is not so important.