CoreDNS Dogfood, part 2

April 15, 2016

dns

CoreDNS is running as my DNS server for at least a week.

That post was a bit light on the details, so find the complete Corefile that I’m using attached to this post below.

EDNS is now fixed and zones are reloaded when they changed on disk, i.e. DNSSEC signing with a simple CRON job:

2016/04/15 22:42:41 [INFO] Successfully reloaded zone `miek.nl.'
2016/04/15 22:42:41 [INFO] Sent notify for zone miek.nl. to 37.97.149.87:53
185.49.141.42 - [15/Apr/2016:22:42:41 +0100] "SOA IN miek.nl. udp false 2048" NOERROR 94 181.859µs
2016/04/15 22:42:41 [INFO] Sent notify for zone miek.nl. to 185.49.141.42:53
2016/04/15 22:42:41 [INFO] Outgoing transfer of 42 records of zone miek.nl. to 37.97.149.87 started

Monitoring works well and will be even further extended in the future.

CoreDNS metrics in Grafana.

Next up, is adding support for delegations, and more tests.

This is the Corefile used. When the Caddy allows code imports, this file will be somewhat shortend (when I backport that fix) as the prometheus, logging and errors directives will then only be one line.

miek.nl:53 {
    file /var/lib/bind/miek.nl.signed {
        transfer to *
        transfer to 37.97.149.87 185.49.141.42 185.49.140.62
    }
    chaos CoreDNS "Miek Gieben" "miek@miek.nl"
    rewrite ANY HINFO
    prometheus
    errors stdout
    log stdout
}

dnssex.nl:53 {
    file /var/lib/bind/dnssex.nl.signed {
        transfer to * 185.49.141.42 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

atoom.net:53 {
    file /var/lib/bind/atoom.net.signed {
        transfer to * 185.49.141.42 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

dns.miek.nl:53 {
    file /etc/bind/dns.miek.nl {
        transfer to *
    }
    prometheus
    errors stdout
    log stdout
}

nlgids.london:53 {
    file /etc/bind/nlgids.london {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

berkestoffering.nl:53 {
    file /etc/bind/berkestoffering.nl {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

isitinfra.net:53 {
    file /etc/bind/isitinfra.net {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

# Note: wereldstadSgidsen.com
wereldstadsgidsen.com:53 {
    file /etc/bind/wereldstadgidsen {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}
wereldstadgidsen.nl:53 {
    file /etc/bind/wereldstadgidsen {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}
wereldstadgidsen.be:53 {
    file /etc/bind/wereldstadgidsen {
        transfer to * 185.49.140.62
    }
    prometheus
    errors stdout
    log stdout
}

# secondaries

graat.org:53 {
    secondary {
        transfer to *
        transfer from 82.161.180.170
    }
    prometheus
    errors stdout
    log stdout
}

rikribbers.nl:53 {
    secondary {
        transfer to *
        transfer from 92.63.172.25
    }
    prometheus
    errors stdout
    log stdout
}
DNS  CoreDNS  DNS