13.02.2024

The public DNS resolver to reconfigure

.LU

As part of a server replacement, the public DoT/DoH resolution service will be temporarily down on 15 February 2024 between 7 a.m. and 4 p.m. This service interruption only concerns people who have manually configured the public DNS resolver offered by Restena (institutions using Restena DNS resolvers by default are not impacted). Those will also have to reconfigure the server after that date.

On 15 February 2024, the Restena Foundation will replace the server on which is configured its recursive resolver open to the general public. This resolver, that focuses on data security and protection, is offered within the ‘Public DNS resolver’ service that provides anyone with data security, confidentiality, and protection for DNS requests by means of neutral and recursive resolvers that validate the responses obtained by using DNSSEC technology.

This replacement is part of the project to renew servers initiated by Restena, but not only. In the future, it will allow the integration of the recursive resolver open to the general public inside a bright new dedicated infrastructure, developed within the LuCySe4RE - Enhancing Cybersecurity Services for the Luxembourgish Research and Education community project, a project whose aim is to improve protection against the cybersecurity risks faced by the Luxembourg research and education community.

New server, new configuration

The public DNS resolver offered by Restena is accessible by using DNS-over-TLS and DNS-over-HTTPS, two technologies that encipher DNS communications between client and server. This server will be replaced on Thursday 15 February 2024: kaitan.restena.lu leaves room to dnspub.restena.lu

Any person using kaitan.restena.lu must therefore reconfigure server used by the public DNS resolver. Either at system level (for DNS-over-TLS) or at browser level (for DNS-over-HTTPS), the name server, the SPKI pin and the query URL requires update. If not, users run the risk of not being able to access the systems configured on the resolver.

I configure my server for the public DNS resolver

Scheduled unavailability on 15 February 2024

The intervention scheduled on 15 February 2024 will lead to a service interruption between 7.00 a.m. and 4 p.m. Neither the current nor the new public recursive resolver will work for all or part of the day.

Consequently, the DoT/DoH public resolution service will be temporarily unavailable. Users of Restena’s public resolver – who have only configured this resolver - will temporarily be unable to access their systems, such as websites. To avoid this problem, we recommend adding another server - temporarily or otherwise.

Info! DNS resolvers set up for users from research and education community in Luxembourg are not concerned by the renewal..

Further information

‘Public DNS resolver’ service webpage
Documentation ‘Configure your server for the public DNS resolver’