Welcome to the PowerDNS Blog
Goodbye DNS, Goodbye PowerDNS!
After over 20 years of DNS and PowerDNS, I am moving on. Separate from this page, I am releasing a series of three huge posts on the history of PowerDNS, so I won’t dwell too much on that here. This is not an eas...
DoH: (Anti-)Competitive and Network Neutrality aspects
Much has already been written on how moving to centralised DNS is bad for our privacy in 2019, and on that basis alone centralizing our DNS on a few large cloud providers seems like a bad idea. In this post, I wa...
Centralised DoH is bad for privacy, in 2019 and beyond
Recently, Mozilla announced it would be moving Firefox DNS lookups to Cloudflare by default, for its American audience. There will be a notification about this for existing users, at which point they could choose...
How PowerDNS is Open Source & a successful business, or, why are we tal...
What does PowerDNS actually do? This is a good question, one we can ask about any company. How do they stay alive, what services do they deliver, who do they sell them to? For Open Source companies, the question ...
The big DNS Privacy Debate at FOSDEM
This weekend at the excellent FOSDEM gathering there were no less than three presentations on DNS over HTTPs. Daniel Stenberg presented a keynote session “DNS over HTTPS – the good, the bad and the ugly” (video),...
Domain security outside of DNS: Getting hacked administratively
This is a brief blogpost on the news that has been sent to us by many people, namely that there is a suspected Iranian group that is “hijacking DNS”. I was about to be interviewed on this subject but sadly that f...
Spoofing DNS with fragments
With some care, it turns out to be possible to spoof fake DNS responses using fragmented datagrams. While preparing a presentation for XS4ALL back in 2009, I found out how this could be done, but I never got roun...
On Firefox moving DNS to a third party
DNS lookups occur for every website visited. The processor of DNS requests gets a complete picture of what a household or phone is doing on the internet. In addition, DNS can be used to block sites or to discover...
“The DNS Camel”, or, the rise in DNS complexity
This week was my first IETF visit. Although I’ve been active in several IETF WGs for nearly twenty years, I had never bothered to show up in person. I now realize this was a very big mistake – I thoroughly enjoye...