Month: February 2025

Quad9 has several different service offerings for recursive DNS features. Each is represented by a different IP address (or, in some cases, hostname), which you use to configure your systems.

Recursive DNS Server Addresses and Features – Service based configuration:
Recommended: Malware Blocking, DNSSEC Validation (this is the most typical configuration)

IPv4
9.9.9.9
149.112.112.112

IPv6
2620:fe::fe
2620:fe::9

HTTPS
https://dns.quad9.net/dns-query

TLS
tls://dns.quad9.net

In your favorite OS (Ex.: Windows 11 Pro) Make sure that you use DNS over HTTPS to use the dns encryption.

You are now using dns encryption for a better privacy!

Source: https://quad9.net/service/service-addresses-and-features

Enabling IPv6 on Your Linux Distro

Good day! To fully enable IPv6 on your Linux distribution, you need to modify the following files to ensure IPv6 is enabled. Also make sure that IPv6 is enable in nmtui.

If you cannot activate IPv6, you must completely disable both IPv4 and IPv6 before reconfiguring your IPv4 settings. Ensure that IPv6 is set to automatic, then deactivate and reactivate your connection.

1. Edit /etc/sysctl.conf

Verify that the following lines exist and are set to 0:

net.ipv6.conf.all.disable_ipv6 = 0  
net.ipv6.conf.default.disable_ipv6 = 0  

2. Edit /etc/default/grub

Locate the following line:

ipv6.disable=1  

Change it to:

ipv6.disable=0  

3. Apply the Changes

After making these modifications, reboot your system for the changes to take effect.

Today, I was troubleshooting a CentOS server for a customer experiencing issues with their Postfix mail server. The problem was that Gmail’s mail server was refusing the connection. After verifying that the Postfix configuration was correct, I was still unable to relay emails to Gmail. Upon further investigation, I discovered that the server was using CSF (ConfigServer Security & Firewall), which could be affecting the connection.

Here is a temporary fix…

In CSF make sure that those option a correctly setup

Allow gmail server IP in your ConfigServer Security & Firewall Allow List

As per today February 6th 2025, here is the official CIDR/IP list

64.233.160.0/19 # Google Gmail
66.102.0.0/20 # Google Gmail
66.249.80.0/20 # Google Gmail
72.14.192.0/18 # Google Gmail
74.125.0.0/16 # Google Gmail
108.177.8.0/21 # Google Gmail
108.177.96.0/19 # Google Gmail
172.217.0.0/19 # Google Gmail
173.194.0.0/16 # Google Gmail
207.126.144.0/20 # Google Gmail
209.85.128.0/17 # Google Gmail
216.58.192.0/19 # Google Gmail
216.239.32.0/19 # Google Gmail
108.177.16.0/24 # Google Gmail
108.177.17.0/24 # Google Gmail
142.250.220.0/24 # Google Gmail
142.250.221.0/24 # Google Gmail

Allow those IP and restart ConfigServer Security & Firewall

You should now be able to send and receive emails from a Gmail account. However, this is only a temporary solution until I resolve the IPv6 issue in ConfigServer Security & Firewall. If IPv6 is enabled, Gmail will prioritize it for email delivery. Make sure to open the necessary IPv6 ports used for sending and receiving emails to ensure proper functionality.

Ex.: TCP6_IN = 993,995 TCP6_OUT = 993,995