Subject: [44net] hu.ampr.org DNS From: Norbert Varga nonoo@nonoo.hu Date: 05/25/2015 11:37 AM
To: 44net@hamradio.ucsd.edu
Dear 44net,
First of all, hello to everybody on the list, I've just subscribed. We're currently building the hamnet network in Hungary, now we have some working links, tunnels and hosts which I've already added to the hamnetdb.
I saw that some host names can be resolved using "regular" internet DNS servers, like router.db0ajw.ampr.org can be resolved to 44.225.36.129 using Google's 8.8.8.8 DNS server.
My question is that how can this be accomplished? If we have a DNS server which can resolve our hosts to IPs and backwards, can one of the AMPR DNS servers be set up to transfer our zones?
I saw that the portal has a DNS section but it's not live yet.
Thanks for the help and 73s de HA2NON
Do you have a reason to use a subdomain .hu.ampr.org instead of putting the Hungarian callsigns directly under .ampr.org as almost everyone else is doing?
You can easily submit your DNS records to the ampr.org DNS service. This is accomplished using a mail robot where you can mail your zone changes and that will put them in the flat .ampr.org zone.
You can also arrange that NS records for hu.ampr.org are put in the ampr.org DNS. Then all requests for callsign.hu.ampr.org will be referred to your servers. Of course your servers have to be available both on amprnet and on internet. This is now done by Germany, Spain and Sweden. (but I do not see a compelling reason to do that)
Rob
Brian told me that I should use the email robot, but we would like to use the hamnetdb.net portal to manage our sites, hosts and links, so maybe it would be convenient to export DNS data from there automatically and periodically. hamnetdb.net has a DNS data exporter tool, so we can easily load the exported data to our DNS server instead of writing a script which periodically does the data conversion and mailing to the AMPR robot. Maybe the use of hamnetdb.net is the reason why Germany and others use own DNS servers.
-- Varga Norbert http://www.nonoo.hu/
Hello,
Brian told me that I should use the email robot, but we would like to use the hamnetdb.net portal to manage our sites, hosts and links, so maybe it would be convenient to export DNS data from there automatically and periodically. hamnetdb.net has a DNS data exporter tool, so we can easily load the exported data to our DNS server instead of writing a script which periodically does the data conversion and mailing to the AMPR robot.
That’s partly true.
Yes, the changes in the DNS set are quite fast visible.
We have two hosts which are good connected to the internet and are part of the internet. Thus we started the delegation concept as a test, and it works well.
That delegation works with forward-resolving (i.e. db0xxx.subregion.de.ampr.org). For backward-resolving, the PTR requests should have also to be delegated. We don’t do that (see below, complete state at ucsd.edu).
Since I’ve seen so many projects in the years that startet with good ideas and sooner or later, they lingered around and the person who was responsible was not reachable anymore. Ok, we in germany have built up a team and do our job for long years now. Nevertheless, imagine if you have one DNS server, the server goes down, nobody has a copy - then your complete pr/hamnet resolving is offline until you get fixed it.
Here comes our (heavy!) scripting into play. In germany we had, since the old packet-radio time, a concept, where our regions have the absolute control over their subnet (subregion.de.ampr.org). We have a few masters (called Hub West, South, East, ..) which get notifications (-> zone transfer) from the regions nearby; they notified each other, and on one of these systems our script checks for the changes for ucsd.edu. [xxx.]<callsign>.<region>.de.ampr.org is mapped to [xxx.]callsign.ampr.org.
This concept was also transferred for our asXXX.de.ampr.org notation for the HAMNET.
The script does many consistency checks. DNS entries have to contain callsigns. We disallow things like pmr.ampr.org, pn.ampr.org, yogi-gate.ampr.org, etc..). If a forward-resolving for a [xxx.]call.ampr.org entry exists in the ucsd.edu database AND [xxx.]call.<region>.de.ampr.org has disappeared, and delete it. If a new entry appears, then add it (but only if it is consistent, that means, [xxx.]call does not exist (that means: does not point to another address). => Every call points to _one_ IN A address. And every PTR backpoints to exactly one forward-address (=> no flapping names on traceroute). The PTR points back to [xxx.]callsign.ampr.org.
Looking at the hamnetdb project: it made things easier for the SysOPs. They plan and document their network, and the result is a complete dns-set for the region. It’s exported to one of our three DNS hubs (or a regional DNS server) and is almost suddenly visible (=> resolving of [xxx.]<callsign>.<region>.de.ampr.org - from both, hamnet AND the internet). [One limitation: if a region has decided to have a NS delegation to ns.db0xxx.subregion.de.ampr.org, and this host is HAMNET-only, then from the internet that addresses could not be resolved]. On another DNS hub, where our script runs, we regulary (on a daily basis) look for changes and do the mapping to [xxx.]<callsign>.ampr.org.
Imagine if our team would break (we sit in the same train on accident, earthquake, etc). Then ucsd.edu still knows everything about our network in germany, and changes could still be made manually to the amprdns-bot.
About CNAME and MX records: we submit manually to ucsd.edu after request.
vy 73, - Thomas dl9sau
Maybe the use of hamnetdb.net is the reason why Germany and others use own DNS servers.
-- Varga Norbert http://www.nonoo.hu/
Ok, thanks for the info, then we should be ok with one or more DNS servers for name resolving if the hamnet tunnel goes down, and using the AMPR robot with automated hamnetdb export and some scripting.
Can you please share some of your scripts so we don't have to start from scratch?
-- Varga Norbert http://www.nonoo.hu/
If afxr is allowed, I have some scripts I will share for importing into a mysql-backed PowerDNS.
-Rial F Sloan II On May 25, 2015 6:59 PM, "Norbert Varga" nonoo@nonoo.hu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Ok, thanks for the info, then we should be ok with one or more DNS servers for name resolving if the hamnet tunnel goes down, and using the AMPR robot with automated hamnetdb export and some scripting.
Can you please share some of your scripts so we don't have to start from scratch?
-- Varga Norbert http://www.nonoo.hu/
-
Norbert Varga -
Rial Sloan -
Rob Janssen -
Thomas Osterried