Jul. 31, 2025
There are many, many reasons, methods, and orders of operation when starting out in IPv6. In this episode of IPv6 Buzz, Tom and I continue our IPv6 Basics series discussing deployment. We’ll help you sort out why you should deploy IPv6, things to consider before starting a deployment, and what approach you should take such as “inside out” vs. “outside in” and when you should deploy IPv6. Lastly we explain why you should seek out some training for deploying IPv6.
Jul. 17, 2025
In this episode of the IPv6 Buzz podcast, we dive straight in and talk about common misconceptions regarding DNS and IPv6. We’ve heard these often enough that we felt we should talk through each one. We cover issues including what kind of DNS record types can be returned via IPv6 (and IPv4, too), more details on what really goes on with Happy Eyeballs, and combining A/AAAA records types and security protocols like DoT/DoH/DoQ.
Dec. 21, 2024
This contains the syntax for running a DNS over HTTPS and a DNS over DOT for Bind9 and Unbound. It does not contain the processes for installing the software or obtaining the SSL certificate. That information can be found elsewhere. These were tested on Ubuntu 22.04 running the latest versions of bind9 available in the repo, but for Unbound the DoH only works with a compiled build (1.22) since the Ubuntu repo version is very, very, very old.
May. 4, 2020
One of the most common questions I hear from small and even medium sized ISPs is “why should I run my own DNS resolver(s)?” The perception that DNS is hard, complicated, or even unnecessary is often cited as a reason to just farm it out to one of the “free” anycast resolver services available across the internet. Now, there are many reasons to be wary of DNS, both from the professional and the consumer side - it is a huge treasure trove of personal information about behavior, and is easily monitized by entities large enough to consume and process it.
Dec. 10, 2018
In recent years, the nature of privacy on the internet has become a very important topic amongst those concerned with the now lack of net neutrality. The de-facto mechanism for dealing with privacy has been to "SSL all the things", which I am very much in favor of. What many do not realize, though, is that simply using SSL for the traffic that transits a given ISP still leaves a wealth of thick, rich, delicious personal data still easily available to your ISP to harvest, sell, and do with as they please.