Project

General

Profile

Actions

Common network and DNS operations

This page documents common operations by ungleich staff. See The ungleich DNS infrastructure and The ungleich network infrastructure pages for details on our infrastructure.

Add reverse DNS entries for IPv4 and IPv6

When a customer request a reverse DNS setup, we add a PTR record to the relevant zone in dot-cdist/files/dns/zones. Examples:

  • If the IPv4 address belongs to 185.203.144.0/24 (i.e. 185.203.114.???), the related zone file will be 114.203.185.in-addr.arpa and the PTR record will look like ??? IN PTR target.domain.tld. (do not forget the dot at the end of the domain name).
  • If the IPv6 address belongs to 2a0a:e5c0:2:2::7/64 (i.e. 2a0a:e5c0:2:2:0:0:0:0 to
    2a0a:e5c0:2:2:ffff:ffff:ffff:ffff), the related zone file will be 0.c.5.e.a.0.a.2.ip6.arpa and the PTR record will look like ?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.0.c.5.e.a.0.a.2.ip6.arpa. IN PTR target.domain.tld. (do not forget the dot at the end of the domain name).

Do not forget to update the zone's serial number and be careful and check that the IP addresses are allocated to a VM controlled by the customer.

The changes can be deployed to production via cdist using:

cdist config -v -c dot-cdist -i manifest/ungleich d1.ungleich.ch d2.ungleich.ch d3.ungleich.ch d4.ungleich.ch d5.ungleich.ch d6.ungleich.ch d7.ungleich.ch

The changes will likely take a few minutes to be propagated. The nslookup tool should eventually report the correct reverses:

I ~ » nslookup 185.203.112.16
16.112.203.185.in-addr.arpa    name = mx.ungleich.ch.

Route a /48 network to a customer's vm

the question is what are the state of the routers, which can or cannot be reconfigured with cdist? Nico Schottelius feedback needed

Configure a new VLAN

  • Add on netbox (netbox.ungleich.ch)
  • Add to arista switches (switch{1..6}.place6.ungleich.ch):

    enable
    config
    vlan VLANID
    name VLANNAME
    write

Updated by Timothée Floure about 1 month ago · 3 revisions