Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:dns:core [2016/02/09 23:19]
Benjamin Collet [List of anycast DNS servers]
doc:dns:core [2018/05/28 00:52] (current)
Romain Boissat [List of anycast DNS servers]
Line 9: Line 9:
 ^  Usage                     ​^ ​ Prefix ​                    ^ ^  Usage                     ​^ ​ Prefix ​                    ^
 | Anycast DNS IPv4           | 192.168.248.53/​32 ​          | | Anycast DNS IPv4           | 192.168.248.53/​32 ​          |
-| Anycast DNS IPv6           | ''​fd00:​6b64:​f3b0:​53::/64'' ​ |+| Anycast DNS IPv6           | ''​fd00:​6b64:​f3b0::53/128'' ​ |
 | Anycast recursive DNS IPv4 | 192.168.248.153/​32 ​         | | Anycast recursive DNS IPv4 | 192.168.248.153/​32 ​         |
-| Anycast recursive DNS IPv6 | ''​fd00:​6b64:​f3b0:​153::/64''​ |+| Anycast recursive DNS IPv6 | ''​fd00:​6b64:​f3b0::153/128''​ |
  
 <note warning> <note warning>
Line 25: Line 25:
 ===== List of anycast DNS servers ===== ===== List of anycast DNS servers =====
  
-^  Host                     ​^ ​ IPv4               ​^ ​ IPv6                       ​^  Authoritative ​ ​^  ​Recursive ​ ^  ASN           ​+^  Host                     ​^ ​ IPv4               ​^ ​ IPv6         ​^  ​Function((Authoritative/Recursive/​Both)) ​ ​^ ​ ASN   ​
-| ns1.alt.tf ​               | ''​212.83.149.187'' ​ | ''​2001:bc8:3283:​2000::​15'' ​ |  ​Yes        |  No         ^ [[as:64542|64542]] | +| ns1.alt.tf ​               | ''​212.83.149.187'' ​ | ''​2a06:e881:1101:​2000::​15'' ​ |  ​Authoritative ​ ^ [[as:202945|202945]] | 
-vss-rdns.alt.tf ​          | ''​192.168.42.10'' ​  | ''​2001:bc8:3283:​2000::​10'' ​ |  ​No         ​| ​ Yes        ​^ :::                +ams-rdns.alt.tf ​          | ''​192.168.42.10'' ​  | ''​2a06:e881:1101:​2000::​10'' ​ |  ​Recursive ​     ​^ :::                 ​
-sbg-services.alt.tf ​      | ''​192.168.40.196'' ​ | ''​2001:bc8:3283:e003::​196''​ |  ​No         ​| ​ Yes        ​^ :::                +tvl-services.alt.tf ​      | ''​192.168.40.196'' ​ | ''​2a06:e881:1102:2000::​196''​ |  ​Recursive ​     ​^ :::                 ​
-lv0-anycast.lv0.in ​       | ''​192.168.144.245''​ | ''​2001:​470:c8be:1f::f'' ​    ​|  ​No         ​| ​ Yes        ​^ [[as:​64544|64544]] ​+| anycast.lv0.in ​           | ''​192.168.144.34'' ​ | ''​2001:​bc8:3ec5:2::2'' ​      ​|  ​Recursive ​     ​^ [[as:​64544|64544]] ​ |
-| lv0-glanet-anycast.lv0.in | ''​192.168.144.246''​ | ''​2001:​470:​c8be:​1f::​6'' ​    ​| ​ Yes        ​ ​No ​        ^ :::                | +
-| vss-anycast.lv0.in ​       | ''​192.168.144.34'' ​ | ''​2001:​470:​c8be:​e::​2'' ​     |  No         ​| ​ Yes        ^ :::                | +
-| vss-glanet-anycast.lv0.in | ''​192.168.144.38'' ​ | ''​2001:​470:​c8be:​e::​6'' ​     |  Yes        |  No         ^ :::                | +
- +
----- +
- +
-====== Obsolete section! ====== +
- +
- +
- +
-===== BIND9 configuration examples ===== +
- +
-==== Common options ==== +
-<file text named.options>​ +
-masters "​glanet"​ { +
-  212.83.149.187;​ +
-  2001:​bc8:​3283:​2000::​15;​ +
-}; +
- +
-options { +
-  directory "/​var/​cache/​bind";​ +
- +
-  auth-nxdomain no;    # conform to RFC1035 +
- +
-  listen-on { +
-    127.0.0.1;​ +
-    <SERVER REAL IP>; +
-    192.168.248.53;​ +
-    192.168.248.153;​ +
-  }; +
- +
-  listen-on-v6 { any; }; +
- +
-  notify-source <SERVER REAL IP>; +
-  transfer-source <SERVER REAL IP>; +
-  notify-source-v6 <SERVER REAL IPv6>; +
-  transfer-source-v6 <SERVER REAL IPv6>; +
- +
-  version "​0";​ +
- +
-  notify yes; +
-  recursion no; +
- +
-  allow-query-cache { any; }; +
-  allow-transfer { none; }; +
-}; +
-</​file>​ +
- +
-==== Core GLaNET domain name-server (without recursion) ==== +
- +
-<note important>​ +
-When adding a master server, don't forget that your DNS server must listen on 192.168.248.53 and/or ''​fd00:​6b64:​f3b0:​53::​1'',​ that your BGP router must advertise it and your firewall must not bock it. +
-</​note>​ +
- +
-<file text named.conf>​ +
-include named.options;​ +
- +
-view "​glanet"​ { +
-  match-destinations { 192.168.248.53;​ fd00:​6b64:​f3b0:​53::​1;​ }; +
-  allow-transfer { any; }; +
- +
-  # GLaNET address space PTR +
-  zone "​168.192.in-addr.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.192.168";​ +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "​0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.fd00:​6b64:​f3b0";​ +
-  }; +
-}; +
- +
-view "​default"​ { +
-  # GLaNET address space PTR +
-  zone "​168.192.in-addr.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.192.168";​ +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "​0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​slave/​db.fd00:​6b64:​f3b0";​ +
-  }; +
- +
-  # Your own zones follow +
-  # ... +
-}; +
-</​file>​ +
- +
-==== Core GLaNET domain name-server (with recursion) ==== +
-<note warning>​Anycast recursive DNS server **must** resolve GLaNET internal zones (either locally or by forwarding the request to the anycast DNS service).</​note>​ +
- +
-<file text named.conf>​ +
-include named.options;​ +
- +
-view "​glanet_recursor"​ { +
-  match-destinations { 192.168.248.153;​ fd00:​6b64:​f3b0:​153::​1;​ }; +
-  match-recursive-only yes; +
-  recursion yes; +
-  include "/​etc/​bind/​named.dummy";​ +
-  zone "​168.192.in-addr.arpa"​ { type slave; masters { glanet; }; file "/​etc/​bind/​zones-slave/​db.192.168";​ }; +
-  zone "​d.f.ip6.arpa" ​        { type master; file "/​etc/​bind/​zones-dummy/​db.fd";​ }; +
-}; +
- +
-view "​glanet_recursor_sup"​ { +
-  match-clients { 192.168.42.5/​32;​ 2001:​bc8:​3283:​2000::​5/​128;​ }; +
-  match-recursive-only yes; +
-  recursion yes; +
-  include "/​etc/​bind/​named.dummy";​ +
-  zone "​168.192.in-addr.arpa"​ { type slave; masters { glanet; }; file "/​etc/​bind/​zones-slave/​db.192.168";​ }; +
-  zone "​d.f.ip6.arpa" ​        { type master; file "/​etc/​bind/​zones-dummy/​db.fd";​ }; +
-}; +
- +
-view "​glanet"​ { +
-  match-destinations { 192.168.248.53;​ fd00:​6b64:​f3b0:​53::​1;​ }; +
-  allow-transfer { any; }; +
- +
-  # GLaNET address space PTR +
-  zone "​168.192.in-addr.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.192.168";​ +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "​0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.fd00:​6b64:​f3b0";​ +
-  }; +
-}; +
- +
-view "​default"​ { +
-  # GLaNET address space PTR +
-  zone "​168.192.in-addr.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​zones-slave/​db.192.168";​ +
-  }; +
- +
-  # GLaNET IPv6 services address space PTR +
-  zone "​0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"​ { +
-    type slave; +
-    masters { glanet; }; +
-    file "/​etc/​bind/​slave/​db.fd00:​6b64:​f3b0";​ +
-  }; +
- +
-  # Your own zones follow +
-  # ... +
-}; +
-</​file>​ +
- +
-<file text db.fd> +
-$TTL 604800 +
-@ IN SOA localhost. root.localhost. ( +
-       2 ; Serial +
- 604800 ; Refresh +
-   86400 ; Retry +
- 2419200 ;​ Expire +
- 604800 ) ; Negative Cache TTL +
-+
-@ IN NS localhost. +
- +
-0.b.3.f.4.6.b.6.0.0 IN NS anycast-dns.glanet.org. +
-</​file>​+