Upgrade nsd to new release: 3.2.17.

Add PTR record for ns1.cacert.org in 2001:07b8:616.ip6 zone. Drop dummy PTR record from 2001:07b8:616.ip6 zone. Add AAAA record for ns1.cacert.org. to cacert.org zone. Configure nsd for external access over IPv6. Expand firewall script to support IPv6. git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2534 14b1bab8-4ef6-0310-b690-991c95c89dfd
2014-01-27 16:27:37 +00:00 · 2014-01-27 16:27:37 +00:00 · 0bb876704e
commit 0bb876704e
parent 3234773ffd
4 changed files with 19 additions and 9 deletions
--- a/2001:07b8:616.ip6
+++ b/2001:07b8:616.ip6
@ -1,10 +1,10 @@
 ; DNS master zone file for reverse IPv6 for cacert.org, under RCS control
-; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.4 2014/01/26 09:19:46 root Exp $
+; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.5 2014/01/27 16:00:45 root Exp $

 $TTL	12h	; default TTL for zone data

@	IN	SOA	ns1.cacert.org. hostmaster.cacert.org. (
-					2014012601	; Serial
+					2014012701	; Serial
 					4h		; refresh time
 					1h		; retry interval
 					2d		; expire time
@ -14,5 +14,5 @@ $TTL	12h	; default TTL for zone data
@		IN	NS	ns3.cacert.org.
@		IN	NS	ns5.cacert.org.

-1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0	PTR	dummy.cacert.org.
 0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0	PTR	hopper.cacert.org.
+2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	ns1.cacert.org.
--- a/2001:07b8:616.ip6.log
+++ b/2001:07b8:616.ip6.log
@ -1,16 +1,21 @@

 RCS file: /var/opendnssec/unsigned/RCS/2001:07b8:616.ip6,v
 Working file: /var/opendnssec/unsigned/2001:07b8:616.ip6
-head: 1.4
+head: 1.5
 branch:
 locks: strict
 access list:
 symbolic names:
 keyword substitution: kv
-total revisions: 4;	selected revisions: 4
+total revisions: 5;	selected revisions: 5
 description:
 2001:07b8:616.ip6 - zone file for reverse IPv6 of cacert.org
 ----------------------------
+revision 1.5
+date: 2014/01/27 16:00:45;  author: root;  state: Exp;  lines: +3 -3
+Add PTR record for ns1.cacert.org.
+Drop dummy PTR record.
+----------------------------
 revision 1.4
 date: 2014/01/26 09:19:46;  author: root;  state: Exp;  lines: +3 -2
 Add PTR record for hopper.cacert.org.
--- a/cacert.org
+++ b/cacert.org
@ -1,10 +1,10 @@
 ; DNS master zone file for cacert.org, under RCS control
-; @(#)(CAcert) $Id: cacert.org,v 1.71 2014/01/25 16:50:15 root Exp $
+; @(#)(CAcert) $Id: cacert.org,v 1.72 2014/01/27 16:03:20 root Exp $

 $TTL	12h	;	default TTL for zone data

@	IN	SOA	ns1.cacert.org. hostmaster.cacert.org. (
-					2014012502	; Serial
+					2014012601	; Serial
 					4h		; refresh time
 					1h		; retry interval
 					2d		; expire time
@ -72,6 +72,7 @@ auto._domainkey IN	TXT	"v=DKIM1\;g=*\;k=rsa\;t=y\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN
 monitor		IN	CNAME	infrastructure.cacert.org.
 ns		IN	A	213.154.225.251		; master
 ns1		IN	A	213.154.225.251		; ns.cacert.org
+ns1		IN	AAAA	2001:7b8:616:0163::102
 ns3		IN	A	46.249.47.169		; mars.overmeer.net
 ns3		IN	AAAA	2a00:1ca8:2a::31
 ns4		IN	A	213.154.224.4		; ns-ext.nlnetlabs.nl
--- a/cacert.org.log
+++ b/cacert.org.log
@ -1,16 +1,20 @@

 RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v
 Working file: /var/opendnssec/unsigned/cacert.org
-head: 1.71
+head: 1.72
 branch:
 locks: strict
 access list:
 symbolic names:
 keyword substitution: kv
-total revisions: 71;	selected revisions: 71
+total revisions: 72;	selected revisions: 72
 description:
 cacert.org - zone file for cacert.org
 ----------------------------
+revision 1.72
+date: 2014/01/27 16:03:20;  author: root;  state: Exp;  lines: +3 -2
+Add AAAA record for ns1.cacert.org.
+----------------------------
 revision 1.71
 date: 2014/01/25 16:50:15;  author: root;  state: Exp;  lines: +4 -2
 Add SSHFP records for hopper.