PowerDNS in Russia

powerdns-ru.md

Seen by RIPE Atlas probes:

% blaeu-cert -c RU -r 100 www.powerdns.com
81 probes reported
[FAILED TO GET A CERT: connect: No route to host] : 1 occurrences
[FAILED TO GET A CERT: connect: timeout] : 2 occurrences
[<X509Name object '/CN=*.powerdns.com'>] : 78 occurrences 
Test #19431704 done at 2019-02-07T10:47:59Z

Ooops, IPv6 by default (we are in 2019). With the last century protocol:

% blaeu-cert -c RU -r 100 -4 www.powerdns.com
100 probes reported
[FAILED TO GET A CERT: connect: No route to host] : 1 occurrences 
[FAILED TO GET A CERT: timeout reading hello] : 3 occurrences 
[FAILED TO GET A CERT: connect: Connection refused] : 10 occurrences 
[FAILED TO GET A CERT: connect: timeout] : 32 occurrences 
[<X509Name object '/CN=*.powerdns.com'>] : 54 occurrences 
Test #19437734 done at 2019-02-07T12:42:47Z

Without the SNI, no difference:

% blaeu-cert -c RU -r 100 -4 --no-sni -g 19437734 www.powerdns.com
Warning: --requested=100 ignored since a list of probes was requested
Warning: --country ignored since we use probes from a previous measurement
100 probes reported
[FAILED TO GET A CERT: connect: No route to host] : 2 occurrences 
[FAILED TO GET A CERT: timeout reading hello] : 3 occurrences 
[FAILED TO GET A CERT: connect: Connection refused] : 11 occurrences 
[FAILED TO GET A CERT: connect: timeout] : 31 occurrences 
[<X509Name object '/OU=Domain Control Validated/OU=PositiveSSL/CN=dnsdist.org'>] : 53 occurrences 
Test #19437760 done at 2019-02-07T12:48:25Z