On 22 August 2024, the Restena Foundation will finalize the replacement of the servers on which the two recursive resolvers benefiting institutions connected to the national research and education network (RESTENA network) are configured. With its DNS servers focusing on data security and protection, Restena provides institutions using the ‘Public DNS resolver’ with data security, confidentiality, and protection for DNS requests through a neutral DNS resolution that validates the responses obtained using DNSSEC technology.
After replacing the server arakis.restena.lu with dns2.restena.lu in March 2024, it's now the turn of ns.restena.lu to be replaced with dns1.restena.lu. Thanks to these two new servers integrated into the RESTENA network infrastructure, research and education institutions access the community DNS resolver by using DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH), two technologies that encipher DNS communications between client and server.
The DoT and DoH services, already available via the server replaced in March 2024, require server authentication. To achieve this, it is essential to implement the X.509 certificate signature (SPKI pin) for resolvers.
A new infrastructure benefitting the LuCySe4RE project
Commissioning the servers dns1.restena.lu and dns2.restena.lu is the final step within the project to renew servers initiated by Restena to integrate the DNS resolvers inside a bright new dedicated infrastructure, developed within the LuCySe4RE - Enhancing Cybersecurity Services for the Luxembourgish Research and Education community project, a project whose aim is to improve protection against the cybersecurity risks faced by the Luxembourg research and education community.