169

In conclusion: Magic DNS (thelemmy.club)

submitted 1 day ago by ptz@dubvee.org to c/programmer_humor@programming.dev

14 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] WhyJiffie@sh.itjust.works 2 points 1 day ago

but I don't run a recursive resolver, I use quad9 as upstream. Shouldn't they return a response even if I was blocked?

dig confirms with EDNS extensions that the response is coming from quad9. the error says "no reachable authority" so it must be at least partly what you say, but I think you ended up blocking a DNS provider.

[-] ptz@dubvee.org 1 points 7 hours ago

FYI: I moved the allow rule for DNS to the top of the chain, so that should fix problems with DNS providers not being able to reach the authoritative name servers.

[-] WhyJiffie@sh.itjust.works 2 points 5 hours ago

thanks, it seems it worked! the post image now loads fine

[-] ptz@dubvee.org 3 points 1 day ago* (last edited 1 day ago)

Ugh. Thanks. It's quite possible, though maybe just a regional one? I did inadvertently block one of the IPs Let's Encrypt uses for secondary validation, so this may be another case of that.

I get a shitload of bad traffic from the southeast Asia area (mostly Philippines/Singapore AWS) and have taken to blanket blocking their whole routes rather than constantly playing whack-a-mole. Fail2ban only goes so far for case-by-case.

Here's the image from the meme from an alternate source:

this post was submitted on 10 Feb 2026

169 points (98.3% liked)

Programmer Humor

29648 readers

1379 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev