Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
doc:dns [2012/03/08 23:52] – [List of anycast DNS servers] Benjamin Colletdoc:dns [2023/08/25 16:38] (current) – external edit 127.0.0.1
Line 4: Line 4:
 ===== Description of service ===== ===== Description of service =====
  
-This service provides an efficient and fault tolerant way of resolving ''168.192.in-addr.arpa''''0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa'' and ''glanet.org'' zones across GLaNET.+This service provides an efficient and fault tolerant way of resolving ''168.192.in-addr.arpa'' and ''0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa'' zones across GLaNET.
  
-Three levels of participation exist: +  To use it, simply add forwarding zonespointing to the following servers:
-  running a master DNS server: this server will be part of the DNS system ‘core’, thus it must be reachablehave a good connectivity and reliability (within GLaNET); +
-  * running a slave DNS server: if you have a large number of hosts in you networkyou may want to run a slave DNS server to increase performances; +
-  * using your DNS server as a forwarderthis is a simplest way of using the service.+
  
-<note tip>+<note important>
   * Anycast DNS IPv4: **192.168.248.53**.   * Anycast DNS IPv4: **192.168.248.53**.
-  * Anycast DNS IPv6: **''fd00:6b64:f3b0:53::1''** (advertise ''fd00:6b64:f3b0:53::/64'' over BGP).+  * Anycast DNS IPv6: **''fd00:6b64:f3b0::53''**.
 </note> </note>
  
-===== Adding your NS records =====+<note tip>**BIND9 configuration example (forwarder)** 
 +<code> 
 +zone "168.192.in-addr.arpa"
 +  type forward; 
 +  forwarders { 192.168.248.53; fd00:6b64:f3b0::53; }; 
 +};
  
-Send an email to [[dnsmaster@glanet.org]] with your IP subnet and the name servers authoritative for it.+zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"
 +  type forward; 
 +  forwarders { 192.168.248.53; fd00:6b64:f3b0::53; }; 
 +}; 
 +</code></note>
  
-===== List of anycast DNS servers =====+<note tip>**Unbound configuration example (forwarder)** 
 +<code> 
 +server: 
 +(...) 
 +    local-zone:         "168.192.in-addr.arpa." nodefault 
 +    local-zone:         "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa." transparent
  
-^  Host  ^  IPv4  ^  IPv6  ^  ASN  ^ +    domain-insecure:    "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa." 
-| ns.fa0.org  | ''87.98.182.144'' | ''2001:470:c8bc:2000::100'' | [[as:64542|64542]] | +(...)
-| ns0.lv0.in  | ''91.121.93.194'' | ''2001:470:c8be::1''        | [[as:64544|64544]] |+
  
-If you want to run a master anycast DNS server, please contact us at [[dnsmaster@glanet.org]].+stub-zone: 
 +  name:         168.192.in-addr.arpa. 
 +  stub-addr:    fd00:6b64:f3b0::53 
 +  stub-addr:    192.168.248.53
  
-===== Files ===== +stub-zone: 
-FIXME +  name        0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa. 
-  * [[https://svn.oxynux.org/wsvn/glanet/dns/db.192.168|Zone file for 168.192.in-addr.arpa]]+  stub-addr:    fd00:6b64:f3b0::53 
 +  stub-addr:    192.168.248.53
  
-===== Master configuration example ===== +</code></note>
-<note important> +
-When adding a master server, don't forget that your DNS server must listen on 192.168.248.53, that your BGP router must advertise it and your firewall must not bock it. +
-</note> +
-<note tip> +
-Initial checkout: +
-<code> +
-svn checkout https://svn.oxynux.org/glanet/dns/ /etc/bind/zones-glanet/ +
-</code> +
-</note>+
  
-==== named.conf ====+<note tip>**Knot Resolver configuration example (forwarder)**
 <code> <code>
-zone "glanet.org" { +(...) 
-  type master; +-- Forward all requests for 168.192.in-addr.arpa. to fd00:6b64:f3b0::53 and 192.168.248.53 
-  allow-transfer { any; }; +policy.add(policy.suffix(policy.STUB({'fd00:6b64:f3b0::53', '192.168.248.53'}), {todname('168.192.in-addr.arpa')}))
-  file "/etc/bind/zones-glanet/db.glanet.org"; +
-};+
  
-zone "168.192.in-addr.arpa" { +-- Forward all requests for 0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa to fd00:6b64:f3b0::53 and 192.168.248.53 
-  type master; +policy.add(policy.suffix(policy.STUB({'fd00:6b64:f3b0::53', '192.168.248.53'}), {todname('0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa')})) 
-  allow-transfer any; }; +(...) 
-  file "/etc/bind/zones-glanet/db.192.168"; +</code></note> 
-};+===== Recursive DNS =====
  
-zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa"+We also aim to provide a recursive anycast DNS service within GLaNETTo use it, just configure the following addresses as your resolver:
-  type master; +
-  allow-transfer { any; }; +
-  file "/etc/bind/zones-glanet/db.fd00:6b64:f3b0"; +
-}; +
-</code>+
  
-==== crontab ==== +<note important
-<code+  * Anycast recursive DNS IPv4: **192.168.248.153**
-*/5   * * * root  svn up /etc/bind/zones-glanet >> /dev/null && rndc reload >> /dev/null +  * Anycast recursive DNS IPv6: **''fd00:6b64:f3b0::153''**
-</code> +</note>
-FIXME Some zone checking should be done. +
- +
-===== Slave configuration example ===== +
-FIXME +
-==== named.conf ==== +
-<code> +
-zone "168.192.in-addr.arpa"+
-  type slave; +
-  masters { 192.168.248.53; };                                                       +
-  file "/etc/bind/zones/db.192.168"; +
-}; +
-</code> +
- +
-===== Forwarder configuration example ===== +
-FIXME +
-==== named.conf ==== +
-<code> +
-zone "168.192.in-addr.arpa" { +
-  type forward; +
-  forwarders { 192.168.248.53; }; +
-}; +
-</code>+