X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fnamed%2Ftemplates%2Fnamed.conf.options.erb;h=31f9dfd6014b7c04ea8abab3cfef7b051e479b92;hb=de111aab71629ae8a4a4658366c777997639afbd;hp=5c649bb89d5eeecc7def86b9314ff10e922fbe65;hpb=9262b789ae47161d50dd2b44c6159756f9763f88;p=mirror%2Fdsa-puppet.git

diff --git a/modules/named/templates/named.conf.options.erb b/modules/named/templates/named.conf.options.erb
index 5c649bb89..31f9dfd60 100644
--- a/modules/named/templates/named.conf.options.erb
+++ b/modules/named/templates/named.conf.options.erb
@@ -42,15 +42,6 @@ options {
 	dnssec-validation yes;
 <% end -%>
 
-<% if scope.function_has_role(['dns_secondary']) -%>
-	rate-limit {
-		responses-per-second 25;
-		window 5;
-		slip 5;
-		qps-scale 250;
-	};
-<% end -%>
-
 	// Defaults are 100 and 10, causing lots and lots of tiny updates.
 	// This way, I hope, we'll get fewer (and thus bigger) updates. -- weasel
 	sig-signing-nodes 5000;
@@ -83,4 +74,36 @@ logging {
 
 };
 
+<% if scope.function_has_role(['dns_primary']) -%>
+masters "easydns-masters" {
+	// https://cp.easydns.com/manage/domains/secondary/edit.php
+	64.68.200.91;
+	205.210.42.80;
+};
+acl "easydns-ACL" {
+	// https://cp.easydns.com/manage/domains/secondary/edit.php
+	64.68.200.91/32;
+	205.210.42.80/32;
+	key 82.195.75.91-key ;
+};
+
+masters "rcode0-masters" {
+	83.136.34.7;   // rcode0.net ipv4 ntfy
+	2A02:850:8::6; // rcode0.net ipv6 ntfy
+};
+acl "rcode0-ACL" {
+	83.136.34.0/27;  // rcode0.net ipv4 axfr
+	2A02:850:8::/47; // rcode0.net ipv6 axfr
+};
+
+masters "dnsnode-masters" {
+	192.36.144.222; // zork-b.sth.dnsnode.net
+	192.36.144.218; // zork-c.sth.dnsnode.net
+};
+acl "dnsnode-ACL" {
+	192.36.144.222; // zork-b.sth.dnsnode.net
+	192.36.144.218; // zork-c.sth.dnsnode.net
+};
+<% end -%>
+
 include "/etc/bind/named.conf.puppet-shared-keys";