X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=input%2Fdsablog%2F2014%2FThe_Debian_DNS_universe.mdwn;h=d29c6792905b90ca0190e26c5aaa7b4581e9f93f;hb=59268ee8934093023fb296d7690ce07dbca36d7e;hp=c35f6594caec77811706dd72d632195605191fe7;hpb=6e779daeedd472b38ce9f1fa9878486c507bff18;p=mirror%2Fdsa-wiki.git diff --git a/input/dsablog/2014/The_Debian_DNS_universe.mdwn b/input/dsablog/2014/The_Debian_DNS_universe.mdwn index c35f659..d29c679 100644 --- a/input/dsablog/2014/The_Debian_DNS_universe.mdwn +++ b/input/dsablog/2014/The_Debian_DNS_universe.mdwn @@ -3,18 +3,18 @@ # Abstract I recently moved our primary nameserver from `orff.debian.org`, which is -an aging blade in Greeze, to a VM on one of our ganeti clusters. In the -process I rediscovered a lot about our DNS infrastructure. In this post -I will describe the many sources of information and how it all comes +an aging blade in Greece, to a VM on one of our ganeti clusters. In the +process, I rediscovered a lot about our DNS infrastructure. In this post, +I will describe the many sources of information and how they all come together. # Introduction The [Domain Name System][DNS] is the hierarchical database and query protocol that is in use on the Internet today to map hostnames to IP -addresses, the reverse thereof, lookup relevant servers for certain -services such as mail, and a gazillion other things. Management and -authority in the DNS is split into different zones, subtrees of the +addresses, to map the reverse thereof, to lookup relevant servers for +certain services such as mail, and a gazillion other things. Management +and authority in the DNS is split into different zones, subtrees of the global tree of domain names. Debian currently has a bit over a score of zones. The two most @@ -42,7 +42,7 @@ The data we put into DNS comes from a wide range of different systems: mail in LDAP (`mXRecord` LDAP attribute, DNS `MX` record type). * LDAP also has some specs on computers, which we put into each host's `HINFO` record, mainly because we can and we are old-school. - * Last not least, LDAP also has each host's public ssh key, which we + * Last but not least, LDAP also has each host's public ssh key, which we extract into [SSHFP][rfc4255] records for DNS. * LDAP also has per-user information. Users of debian infrastructure can attach limited DNS elements as `dnsZoneEntry` attributes to their @@ -55,8 +55,8 @@ The data we put into DNS comes from a wide range of different systems: # Debian's auto-dns and geo setup -We try to provide the best service we can. As such, our goal is that -for instance user access to [`www`][www] or [`bugs`][bugs] should always +We try to provide the best service we can. As such, our goal is that, +for instance, user access to [`www`][www] or [`bugs`][bugs] should always work. These services are, thus, provided by more than one machine on the Internet. @@ -94,7 +94,7 @@ The auto-dns system produces two kinds of output: # Tying it all together -![The Debian DNS Rube Goldberg Machine.](../debian-dns.png) +![The Debian DNS Rube Goldberg Machine.](/Pics/blog/2014/debian-dns.png) Figure 1: The Debian DNS Rube Goldberg Machine.