Update for standalone (not zeke) operation

This commit is contained in:
David Blacka 2024-05-15 21:35:52 -04:00
parent d622e75aa5
commit b175813e96
18 changed files with 29 additions and 715 deletions

View File

@ -1,11 +1,13 @@
# `zeke.ecotroph.net` DNS service # `blacka.com` DNS service
This repo and directory consists of the revamped DNS service for `zeke.ecotroph.net`. The goals of this service are: This repo and directory consists of the DNS service for `blacka.com`. The goals of this service are:
1. Host the primary zones we want. 1. Host the primary zones we want.
2. DNSSEC-sign those primary zones, if desired. 2. DNSSEC-sign those primary zones, if desired.
3. Provide local recursive service for the host itself. 3. Provide local recursive service for the host itself.
It *was* the revamped DNS service for `zeke.ecotroph.net`, and thus served zones by the collection of owners of `zeke`. However, `zeke` has reached End-of-Life. In the future, the `zeke` operators will operate their own (virtual) environments independently.
## Overview ## Overview
In the past, we just ran the version of BIND that came with our distribution (at this moment, that is CentOS 7, which translates to bind 9.11.) This new configuration runs a very recent version of BIND 9 via a docker image produced by ISC themselves. We started with 9.18.12 and now are up to 9.18.20. In the past, we just ran the version of BIND that came with our distribution (at this moment, that is CentOS 7, which translates to bind 9.11.) This new configuration runs a very recent version of BIND 9 via a docker image produced by ISC themselves. We started with 9.18.12 and now are up to 9.18.20.
@ -15,31 +17,35 @@ This docker image imposes a few requirements:
* Internally, the image runs `named` as the `bind` user (104:105). Since we bind-mount directories, we do need those directories owned by whatever internal UID it is using. * Internally, the image runs `named` as the `bind` user (104:105). Since we bind-mount directories, we do need those directories owned by whatever internal UID it is using.
* We need some way to ensure that our container is run on system reboots, etc. Here we chose to use `systemd` to do this, although that is not ideal. * We need some way to ensure that our container is run on system reboots, etc. Here we chose to use `systemd` to do this, although that is not ideal.
* Presumably the normal way to do logging for a docker container is to use the standard journal service, although this image is set up to bind-mount `/var/log`. On the other hand, the standard command uses the `-g` flag, which is "debug" mode, and causes all of the logs to go to stderr. * Presumably the normal way to do logging for a docker container is to use the standard journal service, although this image is set up to bind-mount `/var/log`. On the other hand, the standard command uses the `-g` flag, which is "debug" mode, and causes all of the logs to go to stderr.
* We do want named to stay in the foreground here. Fortunately, there have always been command line options that do this (`-g` and `-f`). Thus, in order to log to `/var/log`, we supply a different command: `/usr/sbin/named -f -4 -u bind`. This will run in the foreground, only do IPv4 (`zeke` does not yet have IPv6 connectivity), and run as the internal `bind` user. * We do want named to stay in the foreground here. Fortunately, there have always been command line options that do this (`-g` and `-f`). Thus, in order to log to `/var/log`, we supply a different command: `/usr/sbin/named -f -u bind`. This will run in the foreground, and run as the internal `bind` user.
## Source ## Source
I have this in a local git repository on `zeke`, however we can see it here: <https://blacka.com/git/docker_bind.git>. We can see it here: <https://blacka.com/git/docker_bind.git>.
## Design ## Design
We have in this repo: We have in this repo:
* named configurations. I've broken this up into sections (options, keys, logging, primary, secondary, etc.), which all just get included in the primary named.conf. It isn't tricky. * named configurations. I've broken this up into sections (options, keys, logging, primary, secondary, etc.), which all just get included in the primary named.conf. It isn't tricky.
* "keys". Well, mostly TSIG keys. Those are encrypted with `git-crypt`. With a key that is ... somewhere. I've saved it in my password manager, but it can be extracted from the current checkout in `/etc/bind` with `cd /etc/bind; git-crypt export-key /tmp/docker_bind_crypto.key`. `git-crypt` doesn't seem to come via RPM and yum, but I built it and installed it into `/usr/local/bin` on `zeke`. * "keys". Well, mostly TSIG keys. Those are encrypted with [`git-crypt`](https://github.com/AGWA/git-crypt). With a key that is ... somewhere. I've saved it in my password manager, but it can be extracted from the current checkout in `/etc/bind` with `cd /etc/bind; git-crypt export-key /tmp/docker_bind_crypto.key`. `git-crypt` doesn't seem to come via RPM and yum, but I built it and installed it into `/usr/local/bin` on my virtual host (and `zeke` when this was first set up.)
* zone files. I have all of the zone files we started with, although currently the configuration does not load all of them. * zone files. This is now just the `blacka.com` domains, which is currently just `blacka.com` itself.
* A script to launch the container (`run_bind_container.sh`). * A script to launch the container (`run_bind_container.sh`).
* A script to use as the internal "command" (`cfg/run.sh`) -- it isn't config, but we need to bind-mount it. It could possibly be moved to `cache`. * A script to use as the internal "command" (`cfg/run.sh`) -- it isn't config, but we need to bind-mount it. It could possibly be moved to `cache`.
* A helper script to run `rndc` that just runs that inside the container itself (via a docker exec). You would need to be in the `docker` group to run it. Another few helper scripts to run other command line tools: `named-checkconf`, `named-compilezone`. * A helper script to run `rndc` that just runs that inside the container itself (via a docker exec). You would need to be in the `docker` group to run it. Another few helper scripts to run other command line tools: `named-checkconf`, `named-compilezone`.
* A helper script to prepare `zeke` to run this container and properly work, in case we want to do this install again (`setup.sh`). * A helper script to prepare your host to run this container and properly work, in case we want to do this install again (`setup.sh`).
## Installation ## Installation
Working with `github.com` or <https://blacka.com/git> (`gitea` currently) is tricky as a different user, as git will want to use your own SSH keys. Thus some of this advice doesn't really work as stated. Instead of cloning the repo as the `bind` user, we clone it as ourselves and copy it to the expected location.
1. Clone this repo to `/etc/bind` (clone in `/etc` -- we want the working copy to *be* `/etc/bind`.) 1. Clone this repo to `/etc/bind` (clone in `/etc` -- we want the working copy to *be* `/etc/bind`.)
2. Create a user to match the internal user (`uid 104`): `useradd -u 104 -g 105 -M --no-log-init bind` 2. Create a user to match the internal user (`uid 104`): `useradd -u 104 -g 105 -M --no-log-init bind`. The `setup.sh` will do this.
3. Change the ownership of everything under `/etc/bind` to the `bind` user and group: `chown -R 104:105 /etc/bind`. 3. Change the ownership of everything under `/etc/bind` to the `bind` user and group: `chown -R 104:105 /etc/bind`.
4. Copy the supplied `systemd` unit file to `/etc/systemd/system`, and `systemctl enable docker.bind.service`, then `systemctl start docker.bind.service`. 4. Copy the supplied `systemd` unit file to `/etc/systemd/system`, and `systemctl enable docker.bind.service`, then `systemctl start docker.bind.service`.
Note that in the future, we will attempt to adjust this to use `podman` natively instead of `docker`.
## Zone Changes ## Zone Changes
All of our zone files are now in this git repo, so we can just make changes and commit them, assuming you have write access to the local repo, that is. The `bind` user should be able to do it, though. Once you've changed your zone, you *could* bounce the service via `systemctl`, or we could use `rndc`. I've made a little script that will do this with `docker exec`, `/etc/bind/run_rndc.sh`. Thus: All of our zone files are now in this git repo, so we can just make changes and commit them, assuming you have write access to the local repo, that is. The `bind` user should be able to do it, though. Once you've changed your zone, you *could* bounce the service via `systemctl`, or we could use `rndc`. I've made a little script that will do this with `docker exec`, `/etc/bind/run_rndc.sh`. Thus:
@ -54,20 +60,24 @@ cd ..
./run_rndc.sh reload <zone> ./run_rndc.sh reload <zone>
``` ```
Which would work, if and only if as `bind` the `git push` actually works.
Instead, we need to develop a sustainable way to update the zone. Currently we update in the repo *somewhere*, git pull the changes to a local working copy, and copy the zone file into place. This is not ideal.
## DNSSEC ## DNSSEC
More modern BIND releases have changed the configuration for this. Note *how* your zone is signed is based on a `dnssec-policy` block (I've put those in `cfg/named.dnssec.conf`). Then, in your zone, you add: More modern BIND releases have changed the configuration for this. Note *how* your zone is signed is based on a `dnssec-policy` block (I've put those in `cfg/named.dnssec.conf`). Then, in your BIND configuration, you add:
```conf ```conf
dnssec-policy "default_alg13"; dnssec-policy "default_alg13";
inline-signing yes; inline-signing yes;
``` ```
in your zone block. After restarting/reconfiguring BIND, it will create a `<zonefile>.signed` and `<zonefile>.signed.jnl` file, and start serving a DNSSEC signed version of the zone. It will then take care of resigning activities, key rollovers etc. in your zone block. After restarting/reconfiguring BIND, it will create a `<zonefile>.signed` and `<zonefile>.signed.jnl` file, and start serving a DNSSEC signed version of the zone. It will then take care of resigning activities, key rollovers etc.
### Zone Files ### Zone Files
We can find the zone files on `zeke` in `/etc/bind/zones`, although note that your zone may be in BIND's *raw* format. If you want to see the contents, you can use `named-compilezone` for that (either using a version inside the container or not): We can find the zone files in `/etc/bind/zones`, although note that your zone may be in BIND's *raw* format. If you want to see the contents, you can use `named-compilezone` for that (either using a version inside the container or not):
```bash ```bash
named-compilezone -f raw -F text -o - blacka.com /etc/bind/zones/blacka.com.signed named-compilezone -f raw -F text -o - blacka.com /etc/bind/zones/blacka.com.signed

View File

@ -20,232 +20,3 @@ zone "blacka.com" {
key zeke-ogud3; key zeke-ogud3;
}; };
}; };
zone "ecotroph.net" {
type primary;
file "/var/lib/bind/ecotroph.net";
# dnssec-policy "default_alg13";
# inline-signing yes;
notify yes;
allow-transfer {
127.0.0.1;
45.79.181.51; // typhoon.kahlerlarson.lorg
104.225.12.28; // keilir.ogud.com
key zeke-tornado.;
key zeke-ogud2.;
key zeke-ogud3;
};
};
# Note: No longer registered
# zone "nortonbertram.com" {
# type primary;
# file "/var/lib/bind/nortonbertram.com";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 202.157.185.115;
# 202.157.182.142;
# 64.151.105.12;
# };
# };
# Note: hosted by directnic.com
# zone "hxr.us" {
# type primary;
# file "/var/lib/bind/hxr.us";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 66.92.146.115;
# 204.109.61.194;
# 66.92.146.160;
# 64.151.105.12;
# };
# };
# Note: no longer registered
# zone "fcdissident.us" {
# type primary;
# file "/var/lib/bind/fcdissident.us";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 66.92.146.115;
# 204.109.61.194;
# 66.92.146.160;
# 64.151.105.12;
# };
# };
# Note: no longer registered
# zone "fallschurchdissident.us" {
# type primary;
# file "/var/lib/bind/fallschurchdissident.us";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 66.92.146.115;
# 204.109.61.194;
# 66.92.146.160;
# 64.151.105.12;
# };
# };
# Note: no longer registered
# zone "fallschurchdissident.com" {
# type primary;
# file "/var/lib/bind/fallschurchdissident.com";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 66.92.146.115;
# 204.109.61.194;
# 66.92.146.160;
# 64.151.105.12;
# };
# };
# Note: not registered
# zone "t.hxr.us" {
# type primary;
# file "/var/lib/bind/t.hxr.us";
# allow-transfer {
# 127.0.0.1;
# 64.151.105.12;
# };
# };
# Note: not registered
# zone "dyn.hxr.us" {
# type primary;
# file "/var/lib/bind/dyn/dyn.hxr.us";
# allow-transfer {
# 127.0.0.1;
# 64.151.105.12;
# };
# update-policy { grant * self * A; };
# };
zone "kosters.net" {
type primary;
file "/var/lib/bind/kosters.net";
notify yes;
also-notify {
65.201.175.12;
66.92.146.115;
204.109.61.194;
};
allow-transfer {
127.0.0.1;
65.201.175.11;
65.201.175.12;
64.151.105.12;
64.22.125.99;
70.164.18.40;
70.164.18.41;
70.164.18.42;
207.234.133.162;
key zeke-ogud2.;
key zeke-ogud3;
};
};
zone "bjmk.com" {
type primary;
file "/var/lib/bind/bjmk.com";
notify yes;
also-notify {
65.201.175.12;
66.92.146.115;
204.109.61.194;
};
allow-transfer {
127.0.0.1;
65.201.175.11;
65.201.175.12;
64.151.105.12;
64.22.125.99;
70.164.18.40;
70.164.18.41;
70.164.18.42;
207.234.133.162;
key zeke-ogud2.;
key zeke-ogud3;
};
};
# Note: hosted elsewhere
# zone "gracecrc.org" {
# type primary;
# file "/var/lib/bind/gracecrc.org";
# notify yes;
# also-notify {
# 65.201.175.12;
# 66.92.146.115;
# 204.109.61.194;
# };
# allow-transfer {
# 127.0.0.1;
# 65.201.175.11;
# 65.201.175.12;
# 64.151.105.12;
# 64.22.125.99;
# 70.164.18.40;
# 70.164.18.41;
# 70.164.18.42;
# 207.234.133.162;
# key zeke-ogud2.;
# key zeke-ogud3.;
# };
# };
# Note: hosted by gkg.net
# zone "toscano.org" {
# type primary;
# file "/var/lib/bind/toscano.org";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 202.157.185.115;
# 202.157.182.142;
# };
# };
# Note: hosted by gkg.net
# zone "prevelige.org" {
# type primary;
# file "/var/lib/bind/prevelige.org";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 202.157.185.115;
# 202.157.182.142;
# };
# };
# Note: expired/directnic.com
# zone "duffyfamily.me" {
# type primary;
# file "/var/lib/bind/duffyfamily.me";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 202.157.185.115;
# 202.157.182.142;
# };
# };
# Note: hosted by worldnic(!).com
# zone "littlebit.us" {
# type primary;
# file "/var/lib/bind/littlebit.us";
# notify yes;
# allow-transfer {
# 127.0.0.1;
# 202.157.185.115;
# 202.157.182.142;
# };
# };

View File

@ -1,19 +0,0 @@
;; $Id: bjmk.com,v 1.4 2003/04/15 15:05:00 named Exp $
$TTL 1D
@ IN SOA ns.kosters.net. mark.kosters.net. (
2017080700 ; serial Number
32400 ; Refresh after 12 hours
3600 ; Retry after 1 hour
86400 ; Expire after 1 day
86400 ; Minimum time-to-live of 1 day
)
; IP Address
IN NS ns.kosters.net.
IN NS ns.nova.org.
IN NS ns2.nova.org.
IN NS ns3.nova.org.
IN MX 10 MAIL.BJMK.COM.
NS IN A 70.164.19.155
MAIL IN A 70.164.19.156
WWW IN A 70.164.19.155
oldmail IN A 70.164.19.155

View File

@ -1,7 +1,7 @@
$ORIGIN . $ORIGIN .
$TTL 3600 ; 1 hour $TTL 3600 ; 1 hour
blacka.com IN SOA ns1.blacka.com. david.blacka.com. ( blacka.com IN SOA ns1.blacka.com. david.blacka.com. (
100055 ; serial 101000 ; serial
43200 ; refresh (12 hours) 43200 ; refresh (12 hours)
3600 ; retry (1 hour) 3600 ; retry (1 hour)
2592000 ; expire (30 days) 2592000 ; expire (30 days)
@ -26,29 +26,21 @@ $ORIGIN blacka.com.
mail CNAME ghs.google.com. mail CNAME ghs.google.com.
calendar CNAME ghs.google.com. calendar CNAME ghs.google.com.
ns1 A 70.164.19.155 ns1 A 45.79.170.188
AAAA 2600:3c03::f03c:94ff:fe52:8c02
; new blacka.com linode instance ; new blacka.com linode instance
diagonal A 45.79.170.188 diagonal A 45.79.170.188
AAAA 2600:3c03::f03c:94ff:fe52:8c02 AAAA 2600:3c03::f03c:94ff:fe52:8c02
; zeke at NOVA.org ; zeke at NOVA.org
zeke A 70.164.19.155 zeke A 70.164.19.155
; zoidberg at NOVA.org
zoidberg A 70.164.19.156
; zelda at NOVA.org
zelda A 70.164.19.157
; mail controls ; mail controls
nomail A 70.164.19.157 nomail A 70.164.19.157
nomail2 A 70.164.19.157 nomail2 A 70.164.19.157
blase CNAME blase.dyn
fury CNAME blase.dyn
www CNAME blacka.com. www CNAME blacka.com.
; old mail system, handled by zoidberg (postfix)
old MX 10 mail.old.blacka.com.
mail.old A 70.164.19.156
; test area for google apps for business (standard) ; test area for google apps for business (standard)
g A 70.164.19.155 g A 70.164.19.155
g 86400 MX 10 aspmx.l.google.com. g 86400 MX 10 aspmx.l.google.com.
@ -60,4 +52,3 @@ g 86400 MX 10 aspmx.l.google.com.
86400 MX 30 aspmx5.googlemail.com. 86400 MX 30 aspmx5.googlemail.com.
mail.g CNAME ghs.google.com. mail.g CNAME ghs.google.com.
calendar.g CNAME ghs.google.com. calendar.g CNAME ghs.google.com.

View File

@ -1,23 +0,0 @@
$TTL 8h
@ IN SOA zeke.ecotroph.net. pete-dns.toscano.org. (
2012031600 ; serial Number
8h ; Refresh after 8 hours
2h ; Retry after 2 hours
2w ; Expire after 1 week
1d ; Minimum time-to-live of 1 day
)
IN NS ns.toscano.org.
IN NS ns1.twisted4life.com.
IN MX 10 ASPMX.L.GOOGLE.COM.
IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
IN MX 30 ASPMX2.GOOGLEMAIL.COM.
IN MX 30 ASPMX3.GOOGLEMAIL.COM.
IN MX 30 ASPMX4.GOOGLEMAIL.COM.
IN MX 30 ASPMX5.GOOGLEMAIL.COM.
www IN CNAME ghs.google.com.
mail IN CNAME ghs.google.com.
calendar IN CNAME ghs.google.com.
start IN CNAME ghs.google.com.
docs IN CNAME ghs.google.com.
wave IN CNAME ghs.google.com.

View File

@ -1,20 +0,0 @@
$ORIGIN .
$TTL 86400 ; 1 day
dyn.hxr.us IN SOA zeke.hxr.us. andy.hxr.us. (
200611263 ; serial
43200 ; refresh (12 hours)
3600 ; retry (1 hour)
86400 ; expire (1 day)
86400 ; minimum (1 day)
)
NS zeke.hxr.us.
$ORIGIN _dns-sd._udp.dyn.hxr.us.
$TTL 600 ; 10 minutes
b PTR dyn.hxr.us.
lb PTR dyn.hxr.us.
r PTR dyn.hxr.us.
$ORIGIN dyn.hxr.us.
zilogprime A 67.187.56.200
zoloft A 70.179.98.221
zoltar A 72.196.237.170
zonna A 12.205.226.149

View File

@ -1,64 +0,0 @@
$TTL 1D
@ IN SOA zeke.ecotroph.net. anewton.ecotroph.net. (
202302270; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
TXT "v=spf1 a mx ip4:64.151.105.12 a:cliffie.verisignlabs.com -all"
NS zeke
NS ns.ogud.com.
NS typhoon.kahlerlarson.org.
MX 10 zoidberg
A 70.164.19.155
www CNAME zeke
jabber CNAME @
conference CNAME @
aim CNAME @
icq CNAME @
msn CNAME @
yahoo CNAME @
pubsub CNAME @
;users CNAME @
;zakold A 216.93.167.200
zak CNAME zeke
;zak2 A 216.93.167.201
;zak3 A 216.93.167.202
;zak4 A 216.93.167.203
zeke A 70.164.19.155
TXT "v=spf1 a mx ip4:64.151.105.12 a:cliffie.verisignlabs.com -all"
idisk A 70.164.19.156
zoidberg A 70.164.19.156
zelda A 70.164.19.157
zilch A 64.83.8.178
;;_xmpp-client._tcp SRV 5 0 5222 @
;;_jabber-client._tcp SRV 5 0 5222 @
;;_jabber-ssl-client._tcp SRV 5 0 5223 @
;;_xmpp-server._tcp SRV 5 0 5269 @
;;_jabber._tcp SRV 5 0 5269 @
;;_xmpp-server._tcp.yahoo SRV 5 0 5235 @
; reverse DNS entries from ZUBR
; note: these are still active even though theses addresses aren't.
124-8-31-69.ptr PTR zeke
124-8-31-69.ptr PTR zeke.blacka.com.
124-8-31-69.ptr PTR zeke.hxr.us.
124-8-31-69.ptr PTR zeke.toscano.org.
125-8-31-69.ptr PTR zoidberg
125-8-31-69.ptr PTR zoidberg.blacka.com.
125-8-31-69.ptr PTR zoidberg.hxr.us.
126-8-31-69.ptr PTR zeke
126-8-31-69.ptr PTR zeke.blacka.com.
126-8-31-69.ptr PTR zeke.hxr.us.
; hxr-specific entries
hxr-imaps CNAME zak
hxr-mailout CNAME zak

View File

@ -1,21 +0,0 @@
$TTL 1D
@ IN SOA zak.fallschurchdissident.com. anewton.ecotroph.net. (
200803011; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
TXT "v=spf1 a mx -all"
NS zeke.ecotroph.net.
NS ns.ogud.com.
MX 10 zeke
A 70.164.19.155
www CNAME zak
zak CNAME zeke
zakold A 216.93.167.200
zeke A 70.164.19.155
TXT "v=spf1 a -all"

View File

@ -1,21 +0,0 @@
$TTL 1D
@ IN SOA zak.fallschurchdissident.us. anewton.ecotroph.net. (
200803011; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
TXT "v=spf1 a mx -all"
NS zeke.ecotroph.net.
NS ns.ogud.com.
MX 10 zeke
A 70.164.19.155
www CNAME zak
zak CNAME zeke
zakold A 216.93.167.200
zeke A 70.164.19.155
TXT "v=spf1 a -all"

View File

@ -1,21 +0,0 @@
$TTL 1D
@ IN SOA zak.fcdissident.us. anewton.ecotroph.net. (
200803011; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
TXT "v=spf1 a mx -all"
NS zeke.ecotroph.net.
NS ns.ogud.com.
MX 10 zeke
A 70.164.19.155
www CNAME zak
zak CNAME zeke
zakold A 216.93.167.200
zeke A 70.164.19.155
TXT "v=spf1 a -all"

View File

@ -1,16 +0,0 @@
;; $Id: gracecrc.org ,v 1.4 2003/04/15 15:05:00 named Exp $
$TTL 1D
@ IN SOA ns.kosters.net. mark.kosters.net. (
2018060150 ; serial Number
32400 ; Refresh after 12 hours
3600 ; Retry after 1 hour
86400 ; Expire after 1 day
86400 ; Minimum time-to-live of 1 day
)
; IP Address
IN NS ns.kosters.net.
IN NS ns.nova.org.
IN NS ns2.nova.org.
IN NS ns3.nova.org.
WWW IN A 146.66.97.184
;; WWW IN A 70.164.19.155

View File

@ -1,39 +0,0 @@
$TTL 2H
@ IN SOA zak.hxr.us. anewton.ecotroph.net. (
201605081; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
NS zeke.ecotroph.net.
NS ns.ogud.com.
MX 1 ASPMX.L.GOOGLE.COM.
MX 5 ALT1.ASPMX.L.GOOGLE.COM.
MX 5 ALT2.ASPMX.L.GOOGLE.COM.
MX 10 ASPMX2.GOOGLEMAIL.COM.
MX 10 ASPMX3.GOOGLEMAIL.COM.
A 216.239.32.21
A 216.239.34.21
A 216.239.36.21
A 216.239.38.21
www CNAME zeke
zeke A 216.239.32.21
A 216.239.34.21
A 216.239.36.21
A 216.239.38.21
blog CNAME anewton1998.github.io.
t NS zeke.ecotroph.net.
dyn NS zeke
gmail CNAME ghs.google.com.
buserror CNAME ghs.google.com.
sea CNAME ghs.google.com.
laserjet.home A 10.0.1.201

View File

@ -1,20 +0,0 @@
$TTL 1D
@ IN SOA ns.kosters.net. mark.kosters.net. (
2017080703 ; serial Number
12H ; Refresh after 12 hours
1H ; Retry after 1 hour
1D ; Expire after 1 day
1D ; Minimum time-to-live of 1 day
)
IN NS ns.kosters.net.
IN NS ns.nova.org.
IN NS ns2.nova.org.
IN NS ns3.nova.org.
IN MX 10 mail.kosters.net.
IN A 70.164.19.156
oldmail IN A 70.164.19.155
www IN CNAME kosters.net.
ns IN A 70.164.19.155
ns IN A 70.164.19.156
mail IN A 70.164.19.156

View File

@ -1,30 +0,0 @@
$TTL 8h
@ IN SOA zeke.ecotroph.net. pete-dns.toscano.org. (
2011061300 ; serial Number
8h ; Refresh after 8 hours
2h ; Retry after 2 hours
2w ; Expire after 1 week
1d ; Minimum time-to-live of 1 day
)
IN NS ns.toscano.org.
IN NS ns1.twisted4life.com.
; IN MX 10 zoidberg
; IN MX 100 mail.kahlerlarson.org.
IN MX 10 ASPMX.L.GOOGLE.COM.
IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
IN MX 30 ASPMX2.GOOGLEMAIL.COM.
IN MX 30 ASPMX3.GOOGLEMAIL.COM.
IN MX 30 ASPMX4.GOOGLEMAIL.COM.
IN MX 30 ASPMX5.GOOGLEMAIL.COM.
IN A 70.164.19.155
zeke IN A 70.164.19.155
zoidberg IN A 70.164.19.156
www IN CNAME ghs.google.com.
mail IN CNAME ghs.google.com.
calendar IN CNAME ghs.google.com.
start IN CNAME ghs.google.com.
docs IN CNAME ghs.google.com.
wave IN CNAME ghs.google.com.
miniox AAAA 2001:470:1d:be::2
fred AAAA 2001:470:1d:be:226:8ff:fee2:eb31

View File

@ -1,21 +0,0 @@
$TTL 1D
@ IN SOA zak.ecotroph.net. anewton.ecotroph.net. (
200310291; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
TXT "NortonBertram.com"
NS zak
NS ns1.twisted4life.com.
MX 10 zak
A 216.93.164.123
www CNAME zak
zak A 216.93.164.123
fake-test TXT "fake-test @ NORTONBERTRAM.COM"
mx-test MX 10 zak

View File

@ -1,24 +0,0 @@
$TTL 8h
@ IN SOA zeke.ecotroph.net. pete-dns.toscano.org. (
2012031601 ; serial Number
8h ; Refresh after 8 hours
2h ; Retry after 2 hours
2w ; Expire after 1 week
1d ; Minimum time-to-live of 1 day
)
IN NS ns.toscano.org.
IN NS ns1.twisted4life.com.
IN MX 10 ASPMX.L.GOOGLE.COM.
IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
IN MX 30 ASPMX2.GOOGLEMAIL.COM.
IN MX 30 ASPMX3.GOOGLEMAIL.COM.
IN MX 30 ASPMX4.GOOGLEMAIL.COM.
IN MX 30 ASPMX5.GOOGLEMAIL.COM.
IN TXT google-site-verification=2sBar1STQs2Vssjp60boRA_-u0JHnxa3exahKpAtCNM
www IN CNAME ghs.google.com.
mail IN CNAME ghs.google.com.
calendar IN CNAME ghs.google.com.
start IN CNAME ghs.google.com.
docs IN CNAME ghs.google.com.
wave IN CNAME ghs.google.com.

View File

@ -1,66 +0,0 @@
$TTL 10
@ IN SOA zeke.hxr.us. anewton.ecotroph.net. (
200605180; Serial
8H; Refresh
2H; Retry
1W; Expire
1D ) ; Minimum
;
NS zeke.ecotroph.net.
NAPTR 100 20 "" "IM:ProtA:ProtB" "" im.t.hxr.us.
NAPTR 200 10 "" "CREDREG:ldap:iris-beep" "" credreg.t.hxr.us.
* TXT "v=marid record goes here"
im NAPTR 100 20 "s" "IM:ProtA" "" prota.t.hxr.us.
NAPTR 100 20 "s" "IM:ProtB" "" protb.t.hxr.us.
credreg NAPTR 100 20 "s" "CREDREG:ldap" "" ldap.t.hxr.us.
NAPTR 100 20 "s" "CREDREG:iris-lwz:iris-beep" "" iris.t.hxr.us.
prota SRV 10 0 5222 hosta.t.hxr.us.
SRV 20 0 5222 hostb.t.hxr.us.
protb SRV 10 0 5223 hostc.t.hxr.us.
SRV 20 0 5223 hostd.t.hxr.us.
ldap SRV 10 0 389 hoste.t.hxr.us.
SRV 20 0 389 hostf.t.hxr.us.
iris SRV 10 0 34034 hostg.t.hxr.us.
SRV 20 0 34034 hosth.t.hxr.us.
hosta A 10.0.0.1
A 10.0.0.2
hostb A 10.0.1.1
A 10.0.1.2
hostc A 10.0.2.1
A 10.0.2.2
hostd A 10.0.3.1
A 10.0.3.2
hoste A 10.0.4.1
A 10.0.4.2
hostf A 10.0.5.1
A 10.0.5.2
hostg A 10.0.6.1
A 10.0.6.2
hosth A 10.0.7.1
A 10.0.7.2
s2048 TXT "k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xCyQVeC3kljo91RQF1GhkcaN7MLUlQWVdVFD/WA2T6O9iq/ucWMAOf3cL/kj0PKXKiA8EX8jo" "7OXV4YuEuPg+i/hk5Iq1dx34SF+IlKs+sotoWPTLgpu8L2Jyw76D5Oyzq/iqo1gBxF4+avhdCZd13wuIlt9SygbzD6fcM37qm1FSNY0SDAQBV2vxrkLoXVAG6DtI7mL" "gdjvIbBxmYsypA5pDLpWEr3zwh2NXufc9JsfTZ3k2/vnVLB+CgPRGMYbkfbgriYq5H8dtmryxJHDT06Ib4Gr4HQIB06OR2c0XVO5/r22xvTJui8nmoUbQJIAYBrYRJq" "0rKt5rGBm9Lh0wIDAP//"
ptr-t PTR zeke.ecotroph.net.
PTR zeke.hxr.us.
PTR zeke.blacka.com.
1.9.9.3.9.9.3.9.9.3.1 NAPTR 10 100 "u" "E2U+sip" "!^.*$!sip:13993993991@ecotroph.net!" .

View File

@ -1,53 +0,0 @@
$TTL 8h
@ IN SOA zeke.ecotroph.net. pete-dns.toscano.org. (
2012121300 ; serial Number
8h ; Refresh after 8 hours
2h ; Retry after 2 hours
1w ; Expire after 1 week
1d ; Minimum time-to-live of 1 day
)
NS ns
NS ns1.twisted4life.com.
; IN MX 5 zoidberg
MX 10 ASPMX.L.GOOGLE.COM.
MX 20 ALT1.ASPMX.L.GOOGLE.COM.
MX 20 ALT2.ASPMX.L.GOOGLE.COM.
MX 30 ASPMX2.GOOGLEMAIL.COM.
MX 30 ASPMX3.GOOGLEMAIL.COM.
MX 30 ASPMX4.GOOGLEMAIL.COM.
MX 30 ASPMX5.GOOGLEMAIL.COM.
A 70.164.19.155
;; IN TXT "v=spf1 mx ptr:cox.net a:cliffie.verisignlabs.com include:cox.net -all"
;;home IN A 70.179.67.5
;home IN A 68.100.187.113
;home IN A 72.196.229.138
;home IN A 68.106.101.1
;home IN A 68.106.101.48
;home IN A 173.66.178.226
home A 96.255.164.157
AAAA 2001:470:7:102::2
www CNAME @
ns A 70.164.19.155
zeke A 70.164.19.155
zoidberg A 70.164.19.156
tumblr A 72.32.231.8
mail CNAME ghs.google.com.
start CNAME ghs.google.com.
calendar CNAME ghs.google.com.
wave CNAME ghs.google.com.
docs CNAME ghs.google.com.
sites CNAME ghs.google.com.
miniox AAAA 2001:470:1d:be::2
_xmpp-client._tcp.toscano.org. SRV 5 0 5269 xmpp-server.l.google.com.
_xmpp-server._tcp.toscano.org. SRV 5 0 5269 xmpp-server.l.google.com.
_xmpp-server._tcp.toscano.org. SRV 20 0 5269 xmpp-server1.l.google.com.
_xmpp-server._tcp.toscano.org. SRV 20 0 5269 xmpp-server2.l.google.com.
_xmpp-server._tcp.toscano.org. SRV 20 0 5269 xmpp-server3.l.google.com.
_xmpp-server._tcp.toscano.org. SRV 20 0 5269 xmpp-server4.l.google.com.
_jabber._tcp.toscano.org. SRV 5 0 5269 xmpp-server.l.google.com.
_jabber._tcp.toscano.org. SRV 20 0 5269 xmpp-server1.l.google.com.
_jabber._tcp.toscano.org. SRV 20 0 5269 xmpp-server2.l.google.com.
_jabber._tcp.toscano.org. SRV 20 0 5269 xmpp-server3.l.google.com.
_jabber._tcp.toscano.org. SRV 20 0 5269 xmpp-server4.l.google.com.