Project

General

Profile

The ungleich DNS infrastructure » History » Version 5

Nico Schottelius, 11/06/2018 06:16 PM

1 1 Nico Schottelius
h1. The ungleich DNS infrastructure
2
3 2 Nico Schottelius
h2. Status
4
5
This document is *IN PROGRESS*.
6
7 1 Nico Schottelius
h2. Overview
8
9
* Every place has 2 redundant caching nameservers.
10
* All zones have 3 authorative nameservers, located in 3 different places
11
* Important zones (like ungleich.ch) need to be resolvable, even if a place goes offline
12
** For this reason some authorative data needs to be on the caching name servers
13
** For this reason we stay with a bind9 based setup for the moment (might change in the future)
14 3 Nico Schottelius
15
h2. Architecture
16
17
In total we are running 5 servers that are responsible for caching and authorative answers:
18
19
* Authorative
20
** 1x server in place4 (bind)
21
** 1x VRRP IP of routers in place5 (bind)
22
** 1x VRRP IP of routers in place6 (bind)
23
* Caching
24
** 2x server ip of router in place5 (bind)
25
** 2x server ip of router in place6 (bind)
26
27
28
h2. How to update the ungleich DNS servers
29
30
To update all 5 servers, use:
31
32
<pre>
33
cdist config d{1..5}.ungleich.ch
34
</pre>
35
36 4 Nico Schottelius
h2. How to use the authorative DNS servers in zone files
37 3 Nico Schottelius
38
Add the following to your zone file:
39
40
<pre>
41 5 Nico Schottelius
    ; server1.place4
42
    IN NS dns1.ungleich.ch.
43
44
    ; vrrp active router @ place5
45
    IN NS dns2.ungleich.ch.
46
    
47
    ; vrrp active router @ place6
48
    IN NS dns3.ungleich.ch.
49 3 Nico Schottelius
</pre>