Actions
Task #5940
closedUpdate ungleich DNS infrastructure v3
Start date:
11/02/2018
Due date:
11/16/2018
% Done:
0%
Estimated time:
PM Check date:
Description
Current setup:
- Authorative
- 1x server in place4 (bind) (dns5)
- 2x VMs in place5 (nsd) (dns3,dns4)
- 2x router in place5 (bind) (dns1,dns2)
- Caching
- 2x router in place5 (bind)
- 2x router in place6 (bind)
New setup:
- Authorative
- 1x server in place4 (bind) (dns5)
- 1x VM in place5 (bind) (new)
- 1x VM in place6 (bind) (new)
- 1x router in place5 (bind)
- use the VRRP IPv4 and IPv6
- 1x router in place6 (bind)
- use the VRRP IPv4 and IPv6
- Caching
- 2x router in place5 (bind)
- 2x router in place6 (bind)
- Documentation
- As both routers (router1 && router2) will function as the authorative server, both need to be reconfigured every time
- Likely cdist config dns-auth{1..7}.ungleich.ch
- In the nameserver sets it will be only dns{1..5}.ungleich.ch
- Documentation on how to update our DNS servers should be in the wiki
- As both routers (router1 && router2) will function as the authorative server, both need to be reconfigured every time
Updated by Nico Schottelius about 6 years ago
- Status changed from New to In Progress
- Assignee changed from Jin-Guk Kwon to Nico Schottelius
Taking to me as some servers don't respond correctly && we should update this
Updated by Nico Schottelius about 6 years ago
- Introducing d1-5.ungleich.ch as internal names to be used
; DNS names internally / for cdist d1 CNAME router1.place5 d2 CNAME router2.place5 d3 CNAME router1.place6 d4 CNAME router2.place6 d5 CNAME server1.place4
Using cdist:
[17:51] line:~% echo __ungleich_dns_server --server-variant bind9 | cdist config -p5 -bj5 -vvc ~/vcs/ungleich-dot-cdist/ dns{1..5}.ungleich.ch
Updated by Nico Schottelius about 6 years ago
- Updated glue records for dns{1..3}
Updated by Nico Schottelius about 6 years ago
- Status changed from In Progress to Closed
Done including documentation.
[19:41] line:~% dig ungleich.ch ns ; <<>> DiG 9.10.3-P4-Debian <<>> ungleich.ch ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48955 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ungleich.ch. IN NS ;; ANSWER SECTION: ungleich.ch. 60 IN NS dns3.ungleich.ch. ungleich.ch. 60 IN NS dns2.ungleich.ch. ungleich.ch. 60 IN NS dns1.ungleich.ch. ;; ADDITIONAL SECTION: dns1.ungleich.ch. 60 IN A 176.9.50.202 dns1.ungleich.ch. 60 IN AAAA 2a01:4f8:150:7092::2 dns2.ungleich.ch. 60 IN A 185.203.112.1 dns2.ungleich.ch. 60 IN AAAA 2a0a:e5c0::1 dns3.ungleich.ch. 60 IN A 185.203.114.1 dns3.ungleich.ch. 60 IN AAAA 2a0a:e5c0:2:1::7 ;; Query time: 0 msec ;; SERVER: 10.3.8.5#53(10.3.8.5) ;; WHEN: Tue Nov 06 19:41:30 CET 2018 ;; MSG SIZE rcvd: 229 [19:41] line:~% dig ungleich.ch ns @8.8.8.8 ; <<>> DiG 9.10.3-P4-Debian <<>> ungleich.ch ns @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43630 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ungleich.ch. IN NS ;; ANSWER SECTION: ungleich.ch. 59 IN NS dns2.ungleich.ch. ungleich.ch. 59 IN NS dns1.ungleich.ch. ungleich.ch. 59 IN NS dns3.ungleich.ch. ;; Query time: 45 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Nov 06 19:41:33 CET 2018 ;; MSG SIZE rcvd: 97 [19:41] line:~%
Actions