SDI exercises related DNS server

In this part you'll transfer your current DNS configuration to a dedicated MI nameserver nssdi.mi.hdm-stuttgart.de. This one being connected to the global DNS system allows for publishing your records worldwide.

Figure 1005. Subdomain per group Slide presentation

  • Dedicated lecture related DNS server nssdi.mi.hdm-stuttgart.de.

  • One subdomain per group e.g. g7.sdi.mi.hdm-stuttgart.de corresponding to group 7.

  • Zone edits require a subdomain specific hmac secret key being provided as dnsupdate.sec file in your personal group entry below the SDI course: 

    hmac-sha256:mykey.g7:I5sDDS3L1BU...

    Note

    The per zone secrets are being created using tsig-keygen. The value appearing here does not reflect a production setting.

  • Edits become globally visible. Mind the TTL setting: A higher value means you'll have to wait longer until error corrections become visible.


Figure 1006. Querying DNS zone Slide presentation 
$ export HMAC=hmac-sha256:mykey.g7:YXWSeh3l... 
$ dig @nssdi.mi.hdm-stuttgart.de -y $HMAC -t AXFR g7.sdi.mi.hdm-stuttgart.de 
...
g7.sdi.mi.hdm-stuttgart.de. 86400 IN	SOA	nssdi.mi.hdm-stuttgart.de. goik.hdm-stuttgart.de. ...
docu.g7.sdi.mi.hdm-stuttgart.de. 5000 IN CNAME	www.g7.sdi.mi.hdm-stuttgart.de.
manual.g7.sdi.mi.hdm-stuttgart.de. 5000 IN CNAME www.g7.sdi.mi.hdm-stuttgart.de.
nextcloud.g7.sdi.mi.hdm-stuttgart.de. 5000 IN CNAME www.g7.sdi.mi.hdm-stuttgart.de.
...

Figure 1007. Creating an A record Slide presentation 
export HMAC=hmac-sha256:mykey.g7:YXWSeh3l... 

goik>nsupdate -y $HMAC
> server nssdi.mi.hdm-stuttgart.de
> update add vm2.g7.sdi.mi.hdm-stuttgart.de 86400 A 141.62.75.114
> send
> quit
goik>dig +noall +answer @nssdi.mi.hdm-stuttgart.de vm2.g7.sdi.mi.hdm-stuttgart.de
vm2.g7.sdi.mi.hdm-stuttgart.de. 86400	IN A	141.62.75.114

This entry should now be globally visible:

>dig +noall +answer  vm2.g7.sdi.mi.hdm-stuttgart.de
vm2.g7.sdi.mi.hdm-stuttgart.de. 7069 IN A	141.62.75.114
Figure 1008. Modify by delete/create Slide presentation 
$ nsupdate -y $HMAC
> server nssdi.mi.hdm-stuttgart.de
> update delete admin.g3.sdi.mi.hdm-stuttgart.de. 3600 IN	CNAME	www.g3.sdi.mi.hdm-stuttgart.de.
> update add admin.g3.sdi.mi.hdm-stuttgart.de. 7200 IN	CNAME	www.g3.sdi.mi.hdm-stuttgart.de.
> send
> quit

Note

Examples at DNS Updates with nsupdate


Due to caching it'll however take up to you SOA or record specific settings for this deletion to be reflected globally. The subsequent query result indicates another 7069 seconds to go before issuing the next update: 

goik>dig +noall +answer  vm2.g7.sdi.mi.hdm-stuttgart.de
vm2.g7.sdi.mi.hdm-stuttgart.de. 7069 IN A	141.62.75.114
Prev  Up  Next
Mail exchange record  Home  LDAP