DNS: Difference between revisions
No edit summary |
m (→CSC DNS) |
||
Line 46: | Line 46: | ||
The CSC DNS servers will update within 10 minutes with the new information. |
The CSC DNS servers will update within 10 minutes with the new information. |
||
=== Updating records === |
|||
If you manually update a record in the dns1 container (somewhere in /etc/bind), make sure you also update the serial number for the SOA record for the corresponding zone. Then, run <code>rndc reload</code>. |
|||
== Miscellaneous == |
== Miscellaneous == |
Revision as of 15:01, 14 May 2021
IST DNS
The University of Waterloo's DNS is managed through Infoblox.
People who have access to Infoblox:
- ztseguin
- jxpryde
- mtrberzi
- API account located in the standard syscom place
CSC DNS
CSC hosts some authoritative dns services on ext-dns1.csclub.uwaterloo.ca (129.97.134.4/2620:101:f000:4901:c5c::4) and ext-dns2.csclub.uwaterloo.ca (129.97.18.20/2620:101:f000:7300:c5c::20).
Current authoritative domains:
- csclub.cloud
- uwaterloo.club
- csclub.uwaterloo.ca: A script (/opt/bindify/update-dns on dns1) runs every 10 minutes to populate this zone from the Infoblox records.
- Any zone added to Designate DNS service on CSC Cloud
Those DNS servers are also recursive for machines located on the University network.
Infoblox
The main DNS zone for the club (csclub.uwaterloo.ca) is managed using the University's Infoblox system.
To add a new record:
- Visit Infoblox
- Locate the desired network
- Find a free IP address (ping and reverse DNS it to make sure it's unused)
- Click add host (+)
- Set the zone to csclub.uwaterloo.ca
- Set the name
- Add the IPv4 address, if it is not set
- Add the IPv6 address, typically in the format of (2620:101:f000:$SUBNET:c5c::$LAST_OCTET_OF_V4_ADDRESS)
- Click "Next"
- Set Pol8 Classification to "Public"
- Set Primary OU to "CS"
- Set Technical Contact to "syscom@csclub.uwaterloo.ca"
- Click "Save & Close"
The CSC DNS servers will update within 10 minutes with the new information.
Updating records
If you manually update a record in the dns1 container (somewhere in /etc/bind), make sure you also update the serial number for the SOA record for the corresponding zone. Then, run rndc reload
.
Miscellaneous
LOC Records
If we really cared, we might add a LOC record for csclub.uwaterloo.ca.
SSHFP
We could look into SSHFP records. Apparently OpenSSH supports these. (Discussion moved to Talk:DNS.)