Difference between revisions of "SKSP DNS"

From SkullSpace Wiki
Jump to navigation Jump to search
m (Reverse Zones)
(Application Level)
Line 38: Line 38:
 
: Reload Configuration
 
: Reload Configuration
 
:: sudo nsd-control reconfig
 
:: sudo nsd-control reconfig
 +
: Reload Changed Zones
 +
:: sudo nsd-control reload
 +
:: sudo nsd-control reload <zonename>
 
: Force Notify To Configured Slaves
 
: Force Notify To Configured Slaves
 
:: sudo nsd-control notify
 
:: sudo nsd-control notify

Revision as of 03:29, 31 October 2014

Skullspace DNS

Domain registered with GoDaddy and owned/controlled by Ron Bowes.

System Details

  • Soekris NET4501
  • Running OpenBSD (5.5 as of initial deploy, subject to change with maintenance).
  • Initially setup and maintained by Sean Cody
  • IPv4: 206.220.196.51
  • IPv6: 2604:4280:1:c0de::53
  • SSH: ECDSA key fingerprint is 3f:33:d3:9e:7f:ac:7b:a0:d1:c5:1f:eb:98:3d:61:02.
  • SSH (known_hosts format): 206.220.196.51 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOpHXeGEVR6AoqXK/1/rgQpE6/aQl5OXQ80NGalSjn+n00XOTjWHaPjmOsKRDiMSHUX/zpo6s+ydMIXpFBfchNw=

System is setup to only allow SSH with key based authentication. Elevated access is given by means of using sudo(8) with allowance for those in the wheel group.

DNS Service Configuration

Using OpenBSD 5.5 base DNS server service named nsd(8).

Stop/Start Procedures

System/Service Level

Start
sudo /etc/rc.d/nsd start
Stop
sudo /etc/rc.d/nsd stop
Restart
sudo /etc/rc.d/nsd restart

Application Level

Stop
sudo nsd-control start
Stop
sudo nsd-control stop
Reload Configuration
sudo nsd-control reconfig
Reload Changed Zones
sudo nsd-control reload
sudo nsd-control reload <zonename>
Force Notify To Configured Slaves
sudo nsd-control notify
sudo nsd-control notify <zonename>

Configuration

Configuration file is in /var/nsd/etc/nsd.conf
Zone locations: /var/nsd/zones

When editing the configuration it is RECOMMENDED to check the configuration syntax before restarting (via sudo nsd-checkconf /var/nsd/etc/nsd.conf) and RECOMMENDED to use the nsd-control reconfig instead of service restart restart.

Configured Zones

Forward Zones

  • skullspace.ca
    • /var/nsd/zones/skullspace.ca

Reverse Zones

  • ipv4
    • 196.220.206.in-addr.arpa
      • /var/nsd/zones/reverse-sksp-ipv4-a.sksp
  • ipv4
    • 193.220.206.in-addr.arpa
      • /var/nsd/zones/reverse-sksp-ipv4-b.sksp
  • ipv4
    • 2.202.199.in-addr.arpa
      • /var/nsd/zones/reverse-sksp-ipv4-c.sksp
  • ipv6
    • e.d.0.c.1.0.0.0.0.8.2.4.4.0.6.2.ip6.arpa
      • /var/nsd/zones/reverse-sksp-ipv6-a.sksp
  • ipv6
    • e.d.0.c.0.8.2.4.4.0.6.2.ip6.arpa
      • /var/nsd/zones/reverse-sksp-ipv6-b.sksp

Slave Delegation

NS2

ns2.skullspace.ca A     104.131.53.85
ns2.skullspace.ca AAAA  2604:a880:800:10::8:7001

Run By: Theo Baschak

NS3

ns3.skullspace.ca A    198.98.120.171
ns3.skullspace.ca AAAA 2605:f700:c0:1::3782:2f74

Run By: Mark Jenkins

Relevant Man Pages

System Access

Email it AT skullspace.ca with your request, the more detail the better and the higher the probability of getting said access. Note requires also sending an SSH public key.