From f2132cc28baadbe9df8865331d7a405aa7a4d035 Mon Sep 17 00:00:00 2001 From: Stephen Smoogen Date: Jun 18 2020 17:32:07 +0000 Subject: update DNS to remove zones no longer in existance to RDU view and to add in 10.16.0 to IAD2 where it should have been in the first place. This should fix the unused DNS --- diff --git a/roles/dns/files/named.conf b/roles/dns/files/named.conf index 9e01922..a3ee3bf 100644 --- a/roles/dns/files/named.conf +++ b/roles/dns/files/named.conf @@ -105,20 +105,20 @@ view "IAD2" { zone "projectatomic.io" { type forward; forward only; - forwarders { 10.39.144.11; 10.5.19.1; 10.11.191.1; }; + forwarders { 8.8.8.8; 8.8.4.4; }; }; zone "beaker-project.org" { type forward; forward only; - forwarders { 10.39.144.11; 10.5.19.1; 10.11.191.1; }; + forwarders { 8.8.8.8; 8.8.4.4; }; }; # also, we need to forward some jboss.org for fuse-fabric/bugzilla2fedmsg zone "jboss.org" { type forward; forward only; - forwarders { 10.39.144.11; 10.5.19.1; 10.11.191.1; }; + forwarders { 8.8.8.8; 8.8.4.4; }; }; # We can't access the internal Zanata servers. Just use external @@ -132,14 +132,7 @@ view "IAD2" { zone "softwarefactory-project.io" { type forward; forward only; - forwarders { 10.39.144.11; 10.5.19.1; 10.11.191.1; }; - }; - - - zone "88.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; + forwarders { 8.8.8.8; 8.8.4.4; }; }; zone "3.10.in-addr.arpa" { @@ -200,6 +193,16 @@ view "IAD2" { file "/var/named/master/built/s390.fedoraproject.org"; }; + zone "0.16.10.in-addr.arpa" { + type master; + file "/var/named/master/built/0.16.10.in-addr.arpa"; + }; + + zone "2.31.172.in-addr.arpa" { + type master; + file "/var/named/master/built/2.31.172.in-addr.arpa"; + }; + zone "160.3.10.in-addr.arpa" { type master; file "/var/named/master/built/160.3.10.in-addr.arpa"; @@ -277,6 +280,16 @@ view "IAD2" { file "/var/named/master/built/178.3.10.in-addr.arpa"; }; + zone "0.16.10.in-addr.arpa" { + type master; + file "/var/named/master/built/0.16.10.in-addr.arpa"; + }; + + zone "2.31.172.in-addr.arpa" { + type master; + file "/var/named/master/built/2.31.172.in-addr.arpa"; + }; + zone "fedoraproject.org" { type master; file "/var/named/master/built/IAD2/fedoraproject.org.signed"; @@ -297,42 +310,89 @@ view "IAD2" { include "/etc/named/zones.conf"; }; - view "RDU2" { - match-clients { rdu2net; 192.168.0.0/16; }; - allow-recursion { localhost; rdu2net; }; + match-clients { rdu2net; rh-slaves; 192.168.0.0/16; rh; localhost; }; + allow-recursion { localhost; rdu2net; rh-slaves; rh; }; recursion yes; // no rate-limit on internal requests rate-limit { - exempt-clients { rdu2net; }; + exempt-clients { rdu2net; rh-slaves; }; }; + # make sure we forward only for redhat.com lookups - zone "access.redhat.com" { + zone "redhat.com" { + type forward; + forward only; + forwarders { 10.5.26.20; 10.5.26.21; }; + }; + + zone "projectatomic.io" { type forward; forward only; - forwarders { 152.19.134.150; 140.211.169.201; 66.35.62.163; }; + forwarders { 8.8.8.8; 8.8.4.4; }; }; - zone "qa.fedoraproject.org" { - type master; - file "/var/named/master/built/qa.fedoraproject.org"; + zone "beaker-project.org" { + type forward; + forward only; + forwarders { 8.8.8.8; 8.8.4.4; }; }; - zone "phx2.fedoraproject.org" { - type master; - file "/var/named/master/built/phx2.fedoraproject.org.signed"; + # also, we need to forward some jboss.org for fuse-fabric/bugzilla2fedmsg + zone "jboss.org" { + type forward; + forward only; + forwarders { 8.8.8.8; 8.8.4.4; }; }; - zone "stg.phx2.fedoraproject.org" { - type master; - file "/var/named/master/built/stg.phx2.fedoraproject.org"; + # We can't access the internal Zanata servers. Just use external + zone "zanata.org" { + type forward; + forward only; + forwarders { 8.8.8.8; 8.8.4.4; }; }; - zone "mgmt.fedoraproject.org" { - type master; - file "/var/named/master/built/mgmt.fedoraproject.org"; + # We can't access the softwarefactory-project.io. because ns1/ns2 give unroutable ips. Need to use external + zone "softwarefactory-project.io" { + type forward; + forward only; + forwarders { 8.8.8.8; 8.8.4.4; }; }; + zone "3.10.in-addr.arpa" { + type forward; + forward only; + forwarders { 10.5.26.20; 10.5.26.21; }; + }; + + zone "4.10.in-addr.arpa" { + type forward; + forward only; + forwarders { 10.5.26.20; 10.5.26.21; }; + }; + + zone "5.10.in-addr.arpa" { + type forward; + forward only; + forwarders { 10.5.26.20; 10.5.26.21; }; + }; + + zone "10.in-addr.arpa" { + type forward; + forward only; + forwarders { 10.5.26.20; 10.5.26.21; }; + }; + + zone "186.132.209.in-addr.arpa." { + type forward; + forward only; + forwarders { 10.39.144.11; 10.5.19.1; 10.11.191.1; }; + }; + + zone "phx2.fedoraproject.org" { + type master; + file "/var/named/master/built/phx2.fedoraproject.org.signed"; + }; zone "iad2.fedoraproject.org" { type master; file "/var/named/master/built/iad2.fedoraproject.org"; @@ -341,6 +401,7 @@ view "RDU2" { type master; file "/var/named/master/built/mgmt.iad2.fedoraproject.org"; }; + zone "stg.iad2.fedoraproject.org" { type master; file "/var/named/master/built/stg.iad2.fedoraproject.org"; @@ -351,81 +412,21 @@ view "RDU2" { file "/var/named/master/built/rdu2.fedoraproject.org"; }; - zone "arm.fedoraproject.org" { - type master; - file "/var/named/master/built/arm.fedoraproject.org"; - }; - - zone "ppc.fedoraproject.org" { - type master; - file "/var/named/master/built/ppc.fedoraproject.org"; - }; - zone "s390.fedoraproject.org" { type master; file "/var/named/master/built/s390.fedoraproject.org"; }; - zone "78.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/78.5.10.in-addr.arpa"; - }; - - zone "79.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/79.5.10.in-addr.arpa"; - }; - zone "0.16.10.in-addr.arpa" { type master; file "/var/named/master/built/0.16.10.in-addr.arpa"; }; - zone "124.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/124.5.10.in-addr.arpa"; - }; - zone "2.31.172.in-addr.arpa" { type master; file "/var/named/master/built/2.31.172.in-addr.arpa"; }; - zone "125.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/125.5.10.in-addr.arpa"; - }; - - zone "126.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/126.5.10.in-addr.arpa"; - }; - - zone "127.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/127.5.10.in-addr.arpa"; - }; - - zone "128.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/128.5.10.in-addr.arpa"; - }; - - zone "129.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/129.5.10.in-addr.arpa"; - }; - - zone "130.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/130.5.10.in-addr.arpa"; - }; - - zone "131.5.10.in-addr.arpa" { - type master; - file "/var/named/master/built/131.5.10.in-addr.arpa"; - }; - zone "160.3.10.in-addr.arpa" { type master; file "/var/named/master/built/160.3.10.in-addr.arpa"; @@ -503,6 +504,16 @@ view "RDU2" { file "/var/named/master/built/178.3.10.in-addr.arpa"; }; + zone "0.16.10.in-addr.arpa" { + type master; + file "/var/named/master/built/0.16.10.in-addr.arpa"; + }; + + zone "2.31.172.in-addr.arpa" { + type master; + file "/var/named/master/built/2.31.172.in-addr.arpa"; + }; + zone "fedoraproject.org" { type master; file "/var/named/master/built/NA/fedoraproject.org.signed"; @@ -523,7 +534,6 @@ view "RDU2" { include "/etc/named/zones.conf"; }; - // The zones view "NA" { match-clients { US; CA; MX; BM; GL; };