Bug 853 - Name server config for lists.libre-riscv.org. is bad
Summary: Name server config for lists.libre-riscv.org. is bad
Status: IN_PROGRESS
Alias: None
Product: Libre-SOC Website
Classification: Unclassified
Component: website (show other bugs)
Version: unspecified
Hardware: All Linux
: Normal normal
Assignee: Alain D D Williams
URL:
Depends on:
Blocks:
 
Reported: 2022-06-14 19:25 BST by Alain D D Williams
Modified: 2022-06-30 15:48 BST (History)
3 users (show)

See Also:
NLnet milestone: ---
total budget (EUR) for completion of task and all subtasks: 0
budget (EUR) for this task, excluding subtasks' budget: 0
parent task for budget allocation:
child tasks for budget allocation:
The table of payments (in EUR) for this task; TOML format:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alain D D Williams 2022-06-14 19:25:13 BST 
There are several issues.

This has 4 NS records but there is only one working name server. There is no redundancy and are failures.

Two of the NS are ns1.hands.com. and ns6.hands.com. Both resolve to the same IP address and the machine refuses to answer queries for this domain.

The master server is libre-soc.org, this is listed as NS lkcl.ns.lists.libre-riscv.org. and ns.lists.libre-riscv.org. These 2 names are the same machine (libre-soc.org) - they should/could also be libre-soc rather than libre-riscv.

I am pointing Phil at this bug to see if he wants to provide a NS for this domain. If not I can do so.

The zone config has "notify no;" - which means that changes will not be sent to slave servers. Is there a good reason for this ?

We need to check what other domains also have this problem - there are some.

I noticed this as I have had problems receiving email from lists.libre-riscv.org.

To fix:
Zone file in /etc/bind/lists.libre-riscv.org.db
Zone file in /etc/bind/lists.libre-soc.org.db
Zone config in /etc/bind/named.conf.local for libre-riscv.org and libre-soc.org
Name server info at .org for libre-riscv.org. and libre-soc.org.
Comment 1 Toshaan Bharvani 2022-06-14 19:59:17 BST 
I confirm, however best dns practice states having 3 name servers, with minimum 2 different IP providers (AS'es).

As Alain already offered, I can also host a NS in our DC, if wanted/required.
Maybe we should think about 6 name servers.
3 main and 3 backup
We use git as a dns config, so we disable IAXR and zone transfer/notify and let git do all the updates.
Comment 2 Alain D D Williams 2022-06-15 15:23:47 BST 
Fixes (some of which are rationalisations) that I have done to DNS for:
libre-soc.org
lists.libre-soc.org
libre-riscv.org
lists.libre-riscv.org

* remove NS ns[16].hands.com
* added NS ns.phcomp.co.uk. + config there
* remove NS ns1.libre-riscv.org.
* changed ns.lists.libre-soc.org. to ns.libre-soc.org.
* Added as MX secondary mx.phcomp.co.uk + config there

Sorted the named.conf.local alphabetically.

libre-riscv.org was not in named.conf.local but was still being served (???). Added in.

Still to be done:
* Toshaan has offered to be another NS secondary. Please configure & let me know the IP address, assuming bind the config looks like:
        zone "libre-soc.org" IN {
                type slave;
          	file "slaves/libre-soc.org";
        	masters { 46.235.227.77; 2a00:1098:82:f::1; };
	};

* The name servers need to updated at the DNS tag holder... Luke
Comment 3 Luke Kenneth Casson Leighton 2022-06-15 16:48:41 BST 
i've sorted libre-riscv.org but libre-soc.org whois will not update.
i need to contact the registrar.
Comment 5 Alain D D Williams 2022-06-30 14:53:20 BST 
Phil Hands' NS servers now answer questions about libre-soc.org and lists.libre-soc.org

These servers are: ns1.hands.com. and ns6.hands.com.

Please can Luke add these to what WHOIS says.
Comment 6 Luke Kenneth Casson Leighton 2022-06-30 15:48:04 BST 
have to raise a ticket with the domain register, done