Admin:DNS

Recursive DNS
The DNS recursor is ha-bind-recursor.esi.toolserver.org, which runs on the HA cluster in the bind-recursor resource group. This handles recursive queries from internal clients.

Authoritative DNS
We run auth DNS servers for these domains:


 * toolserver.org
 * wita.toolserver.org
 * 0.23.10.in-addr.arpa (reverse DNS for 10.23.0/24)
 * 1.24.10.in-addr.arpa (reverse DNS for 10.24.1/24)
 * 192-223.174.198.91.in-addr.arpa (reverse DNS for 91.198.174.192/27)

Except for wita.toolserver.org, these are all served by BIND. The primary server is a.ns.toolserver.org</tt> (turnera</tt>); secondaries are b.ns.toolserver.org</tt> (damiana</tt>) and c.ns.toolserver.org</tt> (amaranth</tt>).

The zone files are in /etc/opt/ts/namedb/master/</tt> on turnera</tt>. After editing a zone, reload it (/opt/ts/sbin/rndc reload toolserver.org</tt>) or restart named (svcadm restart named</tt>).

toolserver.org</tt> is DNSSEC-signed. This means that after editing the zone file, you need to run zonesigner toolserver.org</tt> before you reload the zone. If you don't do this, your changes will not appear.