Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
doc:dns:core [2015/09/13 13:59] – [Anycast DNS Architecture] rboissatdoc:dns:core [2023/08/25 16:38] (current) – external edit 127.0.0.1
Line 9: Line 9:
 ^  Usage                      Prefix                     ^ ^  Usage                      Prefix                     ^
 | Anycast DNS IPv4           | 192.168.248.53/32           | | Anycast DNS IPv4           | 192.168.248.53/32           |
-| Anycast DNS IPv6           | ''fd00:6b64:f3b0:53::/64''  |+| Anycast DNS IPv6           | ''fd00:6b64:f3b0::53/128''  |
 | Anycast recursive DNS IPv4 | 192.168.248.153/32          | | Anycast recursive DNS IPv4 | 192.168.248.153/32          |
-| Anycast recursive DNS IPv6 | ''fd00:6b64:f3b0:153::/64'' |+| Anycast recursive DNS IPv6 | ''fd00:6b64:f3b0::153/128'' |
  
 <note warning> <note warning>
Line 25: Line 25:
 ===== List of anycast DNS servers ===== ===== List of anycast DNS servers =====
  
-^  Host                      IPv4                IPv6                       ^  Authoritative  ^  Recursive  ^  ASN           +^  Host                      IPv4                IPv6         ^  Function((Authoritative/Recursive/Both))   ASN   
-| ns1.ois.tf                | ''212.83.149.187''  | ''2001:bc8:3283:2000::15''  |  Yes        |  No         ^ [[as:64542|64542]] | +| ns1.alt.tf                | ''212.83.149.187''  | ''2a06:e881:1101:2000::15''  |  Authoritative  ^ [[as:202945|202945]] | 
-vss-rdns.ois.tf           | ''192.168.42.10''   | ''2001:bc8:3283:2000::10''  |  No          Yes        ^ :::                +ams-rdns.alt.tf           | ''192.168.42.10''   | ''2a06:e881:1101:2000::10''  |  Recursive      ^ :::                 
-sbg-services.ois.tf       | ''192.168.40.196''  | ''2001:bc8:3283:e003::196'' |  No          Yes        ^ :::                +tvl-services.alt.tf       | ''192.168.40.196''  | ''2a06:e881:1102:2000::196'' |  Recursive      ^ :::                 
-lv0-anycast.lv0.in        | ''192.168.144.245'' | ''2001:470:c8be:1f::f''     |  No          Yes        ^ [[as:64544|64544]] +| anycast.lv0.in            | ''192.168.144.34''  | ''2a01:e35:2430:9492::2''    |  Recursive      ^ [[as:64544|64544]]  |
-| lv0-glanet-anycast.lv0.in | ''192.168.144.246'' | ''2001:470:c8be:1f::6''      Yes         No         ^ :::                | +
-| vss-anycast.lv0.in        | ''192.168.144.34''  | ''2001:470:c8be:e::2''      |  No          Yes        ^ :::                | +
-| vss-glanet-anycast.lv0.in | ''192.168.144.38''  | ''2001:470:c8be:e::6''      |  Yes        |  No         ^ :::                | +
-===== BIND9 configuration examples ===== +
- +
-==== Common options ==== +
-<file text named.options> +
-masters "glanet"+
-  212.83.149.187; +
-  2001:bc8:3283:2000::15; +
-}; +
- +
-options { +
-  directory "/var/cache/bind"; +
- +
-  auth-nxdomain no;    # conform to RFC1035 +
- +
-  listen-on { +
-    127.0.0.1; +
-    <SERVER REAL IP>; +
-    192.168.248.53; +
-    192.168.248.153; +
-  }; +
- +
-  listen-on-v6 { any; }; +
- +
-  notify-source <SERVER REAL IP>; +
-  transfer-source <SERVER REAL IP>; +
-  notify-source-v6 <SERVER REAL IPv6>; +
-  transfer-source-v6 <SERVER REAL IPv6>; +
- +
-  version "0"; +
- +
-  notify yes; +
-  recursion no; +
- +
-  allow-query-cache { any; }; +
-  allow-transfer { none; }; +
-}; +
-</file> +
- +
-==== Core GLaNET domain name-server (without recursion) ==== +
- +
-<note important> +
-When adding a master server, don't forget that your DNS server must listen on 192.168.248.53 and/or ''fd00:6b64:f3b0:53::1'', that your BGP router must advertise it and your firewall must not bock it. +
-</note> +
- +
-<file text named.conf> +
-include named.options; +
- +
-view "glanet"+
-  match-destinations { 192.168.248.53; fd00:6b64:f3b0:53::1; }; +
-  allow-transfer { any; }; +
- +
-  # GLaNET address space PTR +
-  zone "168.192.in-addr.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.192.168"; +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.fd00:6b64:f3b0"; +
-  }; +
-}; +
- +
-view "default"+
-  # GLaNET address space PTR +
-  zone "168.192.in-addr.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.192.168"; +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/slave/db.fd00:6b64:f3b0"; +
-  }; +
- +
-  # Your own zones follow +
-  # ... +
-}; +
-</file> +
- +
-==== Core GLaNET domain name-server (with recursion) ==== +
-<note warning>Anycast recursive DNS server **must** resolve GLaNET internal zones (either locally or by forwarding the request to the anycast DNS service).</note> +
- +
-<file text named.conf> +
-include named.options; +
- +
-view "glanet_recursor"+
-  match-destinations { 192.168.248.153; fd00:6b64:f3b0:153::1; }; +
-  match-recursive-only yes; +
-  recursion yes; +
-  include "/etc/bind/named.dummy"; +
-  zone "168.192.in-addr.arpa" { type slave; masters { glanet; }; file "/etc/bind/zones-slave/db.192.168"; }; +
-  zone "d.f.ip6.arpa"         { type master; file "/etc/bind/zones-dummy/db.fd"; }; +
-}; +
- +
-view "glanet_recursor_sup"+
-  match-clients { 192.168.42.5/32; 2001:bc8:3283:2000::5/128; }; +
-  match-recursive-only yes; +
-  recursion yes; +
-  include "/etc/bind/named.dummy"; +
-  zone "168.192.in-addr.arpa" { type slave; masters { glanet; }; file "/etc/bind/zones-slave/db.192.168"; }; +
-  zone "d.f.ip6.arpa"         { type master; file "/etc/bind/zones-dummy/db.fd"; }; +
-}; +
- +
-view "glanet"+
-  match-destinations { 192.168.248.53; fd00:6b64:f3b0:53::1; }; +
-  allow-transfer { any; }; +
- +
-  # GLaNET address space PTR +
-  zone "168.192.in-addr.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.192.168"; +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.fd00:6b64:f3b0"; +
-  }; +
-}; +
- +
-view "default"+
-  # GLaNET address space PTR +
-  zone "168.192.in-addr.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/zones-slave/db.192.168"; +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"+
-    type slave; +
-    masters { glanet; }; +
-    file "/etc/bind/slave/db.fd00:6b64:f3b0"; +
-  }; +
- +
-  # Your own zones follow +
-  # ... +
-}; +
-</file> +
- +
-<file text db.fd> +
-$TTL 604800 +
-@ IN SOA localhost. root.localhost. ( +
-       2 ; Serial +
- 604800 ; Refresh +
-   86400 ; Retry +
- 2419200 ; Expire +
- 604800 ) ; Negative Cache TTL +
-+
-@ IN NS localhost. +
- +
-0.b.3.f.4.6.b.6.0.0 IN NS anycast-dns.glanet.org. +
-</file>+