Is there anything we can do to fix .eth.link?

The .eth.link service has been extremely broken for years. It was always bad at updating, and lately it’s been down for days on end.

As I understand it the history of this is that the ENS team originally built the service, then handed the domain over to Cloudflare, who either lack the technical skills required to run a website serving static HTML or just don’t really care about .eth.link.

As an alternative we have .eth.limo, which is brilliantly run but is just a really weird domain name, whereas .eth.link makes total sense.

I assume that at this point asking Cloudflare to get their act together would be flogging a dead horse, so is there anything we can do to bribe or shame them into giving up and transferring .eth.link to the .eth.limo people?

Afaik .eth.link still belongs to TNL who gave Cloudflare the right to use it.

To make a second functional gateway, we don’t necessarily need to transfer ownership of .eth.link, but any “eth” DNS domain will be ok. However, I’m not sure if any are available.

OK great, so if we pass a governance proposal to ask TNL to transfer it to the .eth.limo people that’ll work?

There are of course other domains - I mean, .eth.limo is already another domain - but I don’t think there’s anything good. .link kind of uniquely makes sense for this purpose.

I support such a proposal. The reaction I have seen is consistently “that is weird” to the .limo variant. Whereas .link perfectly describes what it does. The best solution is of course all popular browsers implementing simply using the .eth instead.

Could you provide more details on the issues you are experiencing? This should help defining metrics to monitor and improve against, for all gateways operators.

I’m here to listen. For issues related with Cloudflare operation of eth.link, they are referenced in the public statuspage. Regarding the last one, a public report is being drafted.

I mean for instance right now:

wget https://vitalik.eth.link
–2022-06-09 03:33:36-- https://vitalik.eth.link/
Resolving vitalik.eth.link (vitalik.eth.link)… failed: Temporary failure in name resolution.
wget: unable to resolve host address ‘vitalik.eth.link’

The same using .eth.limo:

wget https://vitalik.eth.limo
–2022-06-09 03:33:33-- https://vitalik.eth.limo/
Resolving vitalik.eth.limo (vitalik.eth.limo)… 174.138.125.8
Connecting to vitalik.eth.limo (vitalik.eth.limo)|174.138.125.8|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 19841 (19K) [text/html]
Saving to: ‘index.html.1’

index.html.1 100%[==============================================================================>] 19.38K 106KB/s in 0.2s

2022-06-09 03:33:34 (106 KB/s) - ‘index.html.1’ saved [19841/19841]

I’d also note that there is nothing about this current outage on the status page you linked.

*.eth.link A record should be a static DNS entry. The fact that wget is unable to resolve it is not expected.
Could you run the following and provide the response?

dig +trace A vitalik.eth.link

Output here, and the output from some other quick tests

Thanks for the trace and additional commands.

For what I can see, the main issue is the DNS server of your ISP returns a SERVFAIL when requesting vitalik.eth.link. This does not happen when using Google recursive DNS server 8.8.8.8.

About ns2.ethdns.xyz returning a REFUSED, this is expected. ns2.ethdns.xyz holds an NS to Google Cloud DNS nameservers ns-cloud-e1.googledomains.com, which is not a recursive DNS server, and returns REFUSED for domains it does not manage, resolver.cloudflare-eth.com.

I’m still trying to understand the reason for the SERVFAIL, and would update this post if I figure out something.

If it helps I tried the nameservers on this list:

…and the “Alternate DNS” nameserver 76.76.19.19 fails in the same way as my ISP’s nameserver and my mobile carrier’s nameserver.

Edit to add: I wonder if this is a malware blacklist or something, Alternate DNS says it does ad blocking.

The malware list could explain it. I am not aware of a list that would include *.eth.link though.

Glad switching DNS server helped. That’s still an important accessibility issue for most, and the issue is still opened on Cloudflare’s side.

I don’t suppose you guys could try just setting the A records directly instead of having this extra step with the CNAME to resolver.cloudflare-eth.com?

@edmundedgar this is feasible, but makes maintenance harder. I’ll check if this can be added to vitalik.eth.link first to confirm it solves the issue you are facing.

If that works, then we would make a broader assessment on how this affect *.eth.link. Mainly, the CNAME helps for certificate provisioning internally.

If I may ask, does the SERVFAIL on your DNS resolver affect all *.eth.link domains?

Makes sense.

It’s the same with every .eth.link I’ve tried, nothing special about vitalik.eth.link. The site I’ve been trying to get to work is reality.eth.link. If you want to try with some other .eth.link I’m happy to test whatever you try.

Um, it appears this domain has expired???

Screenshot from 2022-08-01 18-49-061920×1080 159 KB

Just to add to this now we have an additional data point: Although .eth.link domains are normally unreachable from the DNS servers both my ISP and mobile providers, they work fine when the domain is redirected to a “this domain has expired” page. So if there’s a blacklist involved, it’s somewhere further down like the IP address. Or it could be related to the CNAME setup or something.

There is a similar setup at eth.domains. Does it resolve on your ISP?

For instance, vitalik.eth.domains.

Yes, vitalik.eth.domains is resolving fine (and so are other .eth domains I tried).

Is .eth.link works again? It seems that esteroids.eth.link is working.

Does anyone know if Clourflare operates it now again? I admit I got a bit lost in the latest news of the .eth.link affair

vitalik.eth.link’s page said “Services will be restored shortly to eth.link in the upcoming week”