This is an old revision of the document!

Anycast DNS

Description of service

This service provides an efficient and fault tolerant way of resolving 168.192.in-addr.arpa, 0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa and glanet.org zones across GLaNET.

Three levels of participation exist:

  • running a master DNS server: this server will be part of the DNS system ‘core’, thus it must be reachable, have a good connectivity and reliability (within GLaNET);
  • running a slave DNS server: if you have a large number of hosts in you network, you may want to run a slave DNS server to increase performances;
  • using your DNS server as a forwarder: this is a simplest way of using the service.
  • Anycast DNS IPv4: 192.168.248.53.
  • Anycast DNS IPv6: fd00:6b64:f3b0:53::1 (advertise fd00:6b64:f3b0:53::/64 over BGP).

Recursive DNS

We also aim to provide a recursive anycast DNS service within GLaNET. To use it, just configure the following addresses as your resover:

  • Anycast recursive DNS IPv4: 192.168.248.153.
  • Anycast recursive DNS IPv6: fd00:6b64:f3b0:153::1 (advertise fd00:6b64:f3b0:153::/64 over BGP).

If you want to participate and provide an anycast recursive DNS server, don't hesitate to contact us.

List of anycast DNS servers

Host IPv4 IPv6 Recursive ASN
rdns.fa0.org 192.168.42.12 2001:470:c8bc:2000::12 Yes 64542
ns0.lv0.in 91.121.93.194 2001:470:c8be::1 No 64544

Master configuration example

When adding a master server, don't forget that your DNS server must listen on 192.168.248.53 and/or fd00:6b64:f3b0:53::1, that your BGP router must advertise it and your firewall must not bock it.
Initial checkout: 
svn checkout https://svn.oxynux.org/glanet/dns/ /etc/bind/zones-glanet/

named.conf

zone "glanet.org" {
  type master;
  allow-transfer { any; };
  file "/etc/bind/zones-glanet/db.glanet.org";
};

zone "168.192.in-addr.arpa" {
  type master;
  allow-transfer { any; };
  file "/etc/bind/zones-glanet/db.192.168";
};

zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa" {
  type master;
  allow-transfer { any; };
  file "/etc/bind/zones-glanet/db.fd00:6b64:f3b0";
};

crontab

*/5  *  * * * root  svn up /etc/bind/zones-glanet >> /dev/null && rndc reload >> /dev/null

FIXME Some zone checking should be done → SVN pre-commit

Slave configuration example

FIXME IPv6

named.conf

zone "glanet.org" {
  type slave;
  masters { 192.168.248.53; };
  file "/etc/bind/zones/db.glanet.org";
};

zone "168.192.in-addr.arpa" {
  type slave;
  masters { 192.168.248.53; };
  file "/etc/bind/zones/db.192.168";
};

zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa" {
  type master;
  masters { 192.168.248.53; };
  file "/etc/bind/zones/db.fd00:6b64:f3b0";
};

Forwarder configuration example

FIXME IPv6

named.conf

zone "glanet.org" {
  type forward;
  forwarders { 192.168.248.53; };
};

zone "168.192.in-addr.arpa" {
  type forward;
  forwarders { 192.168.248.53; };
};

zone "0.b.3.f.4.6.b.6.0.0.d.f.ip6.arpa" {
  type forward;
  forwarders { 192.168.248.53; };
};