Wednesday, April 22, 2026
[Transparency Report #002][OPERATIONS] Name and mail server changes!
What are Transparency Reports?
As a community operated and governed virtual internet exchange, FurrIX has
to maintain and foster open and honest communication with our exchange
members. This means that from time to time, there will be items that come
up during our operations that could or do affect the exchange and our team
will publish notices in order to keep everyone in the know. As a community
internet exchange, FurrIX aims to have fully open communication standards
as best as possible.
What Happened?
As part of FurrIX going forward and rebuilding itself in a better documented and
run exchange, there have been parts of the network that we have kept from
Marbled Fennec Networks. The biggest things we have kept are the web, mail
and name servers. But all of these have been needed some reconfiguration to
fully move into our name space and management plane.
We are currently working on making some of the needed changes.
What this means for members of the exchange:
- NS1 and NS2 are in a hybrid state, answer DoH and DoT
on both the marbledfennec.net and furrix.zone domains to
maintain network operations and compatibility - FurrIX can now be emailed without going through Marbled Fennec
Networks. The email server has been reconfigured to service both
domains going forward, as MFN will retain email service
Are exchange operations affected?
This should not have any visible affect on our exchange members. The
network should just keep humming right along all peachy.
Monday, April 20, 2026
[Transparency Report #001][UPSTREAM CONTACT][EXT CONTACT] SSL based abuse complaint?
What are Transparency Reports?
As a community operated and governed virtual internet exchange, FurrIX has
to maintain and foster open and honest communication with our exchange
members. This means that from time to time, there will be items that come
up during our operations that could or do affect the exchange and our team
will publish notices in order to keep everyone in the know. As a community
internet exchange, FurrIX aims to have fully open communication standards
as best as possible.
What Happened?
Today at 1610EST, we received notification of an abuse complain from the data
center that FurrIX’s network is hosted within. Upon logging in to their customer
portal, we were greeted with an email to their abuse department specifying a
notice about SSL certs expiring on our primary web host. Oddly enough, this
email list a phone number from another state and a link to the KCPD website.
We are also verifying whether the external contact was legitimate through a bit
of research and external guidance, as we have been told that fusion centers
typically do not issue SSL‑expiry notices and we have not seen this interaction
before.
Honestly, this seems off and like a bogus report, but the FurrIX vIX did respond
with the following information:
- Our SSL certs are manually updated by hand and not automated
- The domain in question has been renewed before the email arrived
because of DoH and DoT requirements
What this means for members of the exchange:
- FurrIX RX’d a fishy looking abuse complaint
- FurrIX is reaching out to our datacenter for assistance
Are exchange operations affected?
At this time, we do not expect our exchange operations to be affected in
any meaningful way and will be keeping an eye on the situation. We will post
updates to this page as we gain more information. Something to keep in the
back of our member’s mind, for clarity, is that SSL certificate expiration is not
considered an abuse category under our network‑operations practice and that
we do run into SSL issues here and there due to the human operator stance
of the vIX. Members do not need to worry about this, we will get certs renewed
ASAP and we have internal alerting just for this.
Report Status: Worked with data center to mark issue as resolved.
[Incident Report #033][DNS] Suspended lookups for ‘look.com’
What Happened?
NS2 has been seeing a low-volume, but constant stream of lookups for
‘look.com’ for the past few days. These lookups are for ANY and are spread
across a handful of IPv4 addresses. Seeing as most lookups only make a
handful of request before the requesting machine has the info it needs,
we are dropping these lookups for a little while because our NOC is treating
it as internet background radiation.
We were seeing the following issues:
- Steady, low rate, constant lookups for ANY against ‘look.com’
What did we do to fix this?
- Temporarily dropping lookup request for ‘look.com’
Saturday, April 18, 2026
[Incident Report #032][DNS] SSL Expiry on NS1 and NS2
What Happened?
Our SSL certs for NS1 and NS2 expired earlier today. Currently our process
for handling the updating of SSL certs is not automated and requires our
team to manually install new certs and then reload the servers one after
the other. Usually this is on our internal calendar and is handled three to
four days before EOL. That didn’t happen this time.
We were seeing the following issues:
- Loss of DNS over HTTPS support
- Loss of DNS over TLS support
What did we do to fix this?
- We pulled new certs and updated the cert store
- We reloaded both name servers to restore service
Everything should be operational and peachy again!
Saturday, March 28, 2026
Ongoing Name Server Attacks
FurrIX is seeing attacks on our name servers that have not let
up for a few hours now and as a result we have had to tighten
our rate limits and start dropping excessive traffic.
The way things are going, we will not be letting up on our rate
limits any time soon.
If you are being affected by these changes, you can send an
email off to ‘nameservers at marbledfennec dot net’ and request
a whitelisting that will bypass the limits. We will require knowing
you use case, however.