Add PTR records for the full infra and critical networks.

Add four new infrastructure systems. Put the "real" infrastructure systems in a /80 subnet to simplify firewall rules. Correct network addresses in comments. Name changes per e-mail request from Mario Lipinski on 05.02.2014. git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2542 14b1bab8-4ef6-0310-b690-991c95c89dfd
2014-02-06 13:51:52 +00:00 · 2014-02-06 13:51:52 +00:00 · be584cdb5e
commit be584cdb5e
parent 0bb876704e
4 changed files with 82 additions and 8 deletions
--- a/2001:07b8:616.ip6
+++ b/2001:07b8:616.ip6
@ -1,10 +1,10 @@
 ; DNS master zone file for reverse IPv6 for cacert.org, under RCS control
-; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.5 2014/01/27 16:00:45 root Exp $
+; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.8 2014/02/06 13:48:15 root Exp $

 $TTL	12h	; default TTL for zone data

@	IN	SOA	ns1.cacert.org. hostmaster.cacert.org. (
-					2014012701	; Serial
+					2014020601	; Serial
 					4h		; refresh time
 					1h		; retry interval
 					2d		; expire time
@ -14,5 +14,45 @@ $TTL	12h	; default TTL for zone data
@		IN	NS	ns3.cacert.org.
@		IN	NS	ns5.cacert.org.

+; infra - 2001:07b8:0616:0162::/64
+1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0	PTR	fw.cacert.org.
+2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0	PTR	fw01.cacert.org.
+3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0	PTR	fw02.cacert.org.
 0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0	PTR	hopper.cacert.org.
+
+; infra - 2001:07b8:0616:0162:0001::/80
+9.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	infra01.cacert.org.
+0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	infra02.cacert.org.
+1.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	ldap.cacert.org.
+2.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	wiki.cacert.org.
+3.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	blog.cacert.org.
+4.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	irc.cacert.org.
+5.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	svn.cacert.org.
+6.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	bugs.cacert.org.
+7.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	lists.cacert.org.
+8.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	monitor.cacert.org.
+9.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	email.cacert.org.
+0.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	community.cacert.org.
+1.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	mail.cacert.org.
+6.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	translingo.cacert.org.
+7.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	cats.cacert.org.
+8.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	issue.cacert.org.
+9.2.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	logging.cacert.org.
+1.3.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	translations.cacert.org.
+1.3.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	l10n.cacert.org.
+2.3.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	emailout.cacert.org.
+4.3.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	board.cacert.org.
+4.3.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	cod.cacert.org.
+1.4.2.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	arbitration.cacert.org.
+8.4.2.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	test.cacert.org.
+9.4.2.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	test2.cacert.org.
+0.5.2.0.0.0.0.0.0.0.0.0.1.0.0.0.2.6.1.0	PTR	git.cacert.org.
+
+; critical - 2001:07b8:0616:0163::/64
+1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	fw.cacert.org.
+2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	fw01.cacert.org.
+3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	fw02.cacert.org.
+0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	hopper.cacert.org.
 2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	ns1.cacert.org.
+3.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	ocsp.cacert.org.
+4.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0	PTR	crl.cacert.org.
--- a/2001:07b8:616.ip6.log
+++ b/2001:07b8:616.ip6.log
@ -1,16 +1,30 @@

 RCS file: /var/opendnssec/unsigned/RCS/2001:07b8:616.ip6,v
 Working file: /var/opendnssec/unsigned/2001:07b8:616.ip6
-head: 1.5
+head: 1.8
 branch:
 locks: strict
 access list:
 symbolic names:
 keyword substitution: kv
-total revisions: 5;	selected revisions: 5
+total revisions: 8;	selected revisions: 8
 description:
 2001:07b8:616.ip6 - zone file for reverse IPv6 of cacert.org
 ----------------------------
+revision 1.8
+date: 2014/02/06 13:48:15;  author: root;  state: Exp;  lines: +3 -3
+Name changes per e-mail request from Mario Lipinski on 05.02.2014.
+----------------------------
+revision 1.7
+date: 2014/01/29 13:33:25;  author: root;  state: Exp;  lines: +32 -26
+Add four new infrastructure systems.
+Put the "real" infrastructure systems in a /80 subnet to simplify firewall rules.
+Correct network addresses in comments.
+----------------------------
+revision 1.6
+date: 2014/01/28 09:18:48;  author: root;  state: Exp;  lines: +36 -2
+Add PTR records for the full infra and critical networks.
+----------------------------
 revision 1.5
 date: 2014/01/27 16:00:45;  author: root;  state: Exp;  lines: +3 -3
 Add PTR record for ns1.cacert.org.
--- a/cacert.org
+++ b/cacert.org
@ -1,10 +1,10 @@
 ; DNS master zone file for cacert.org, under RCS control
-; @(#)(CAcert) $Id: cacert.org,v 1.72 2014/01/27 16:03:20 root Exp $
+; @(#)(CAcert) $Id: cacert.org,v 1.75 2014/02/06 13:43:11 root Exp $

 $TTL	12h	;	default TTL for zone data

@	IN	SOA	ns1.cacert.org. hostmaster.cacert.org. (
-					2014012601	; Serial
+					2014020601	; Serial
 					4h		; refresh time
 					1h		; retry interval
 					2d		; expire time
@ -21,6 +21,7 @@ $TTL	12h	;	default TTL for zone data
 ; TODO: Remove 'ip4:213.154.225.239' after transition
@		IN	TXT	"v=spf1 ip4:213.154.225.245 ip4:213.154.225.246 ip4:213.154.225.247 ip6:2001:7b8:3:9c::245 ip6:2001:7b8:3:9c::246 ip6:2001:7b8:3:9c::247 ip4:213.154.225.228 ip4:213.154.225.230 ip4:213.154.225.239 -all"

+arbitration	IN	A	213.154.225.241
 audit		IN	A	78.46.255.66
 blog		IN	A	213.154.225.234
 board		IN	A	213.154.225.252
@ -52,6 +53,7 @@ email		IN	A	213.154.225.228
 emailout	IN	A	213.154.225.239
 eu		IN	A	213.154.225.242
 finance		IN	CNAME	board.cacert.org.
+git		IN	A	213.154.225.250
 hopper		IN	AAAA	2001:7b8:616:0162::100
 hopper		IN	SSHFP	1 1 22f35bfddd356b119c1555c3bf4f86edd8ae8dfd
 hopper		IN	SSHFP	2 1 026d7dda6753c2d8810466336fe758d37aed899d
@ -86,6 +88,12 @@ secure		IN	AAAA	2001:7b8:3:9c::246
 svn		IN	A	213.154.225.238
 cert.svn	IN	CNAME	svn.cacert.org.
 nocert.svn	IN	CNAME	svn.cacert.org.
+test		IN	A	213.154.225.248
+secure.test	IN	CNAME	test.cacert.org.
+cats.test	IN	CNAME	test.cacert.org.
+mgr.test	IN	CNAME	test.cacert.org.
+test2		IN	A	213.154.225.249
+secure.test2	IN	CNAME	test2.cacert.org.
 translations	IN	A	213.154.225.240
 tverify		IN	A	213.154.225.247
 tverify		IN	AAAA	2001:7b8:3:9c::247
--- a/cacert.org.log
+++ b/cacert.org.log
@ -1,16 +1,28 @@

 RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v
 Working file: /var/opendnssec/unsigned/cacert.org
-head: 1.72
+head: 1.75
 branch:
 locks: strict
 access list:
 symbolic names:
 keyword substitution: kv
-total revisions: 72;	selected revisions: 72
+total revisions: 75;	selected revisions: 75
 description:
 cacert.org - zone file for cacert.org
 ----------------------------
+revision 1.75
+date: 2014/02/06 13:43:11;  author: root;  state: Exp;  lines: +7 -7
+Remove indentation added in previous commit: it is not allowed by ods-signer.
+----------------------------
+revision 1.74
+date: 2014/02/06 13:37:58;  author: root;  state: Exp;  lines: +9 -5
+Name changes per e-mail request from Mario Lipinski on 05.02.2014.
+----------------------------
+revision 1.73
+date: 2014/01/29 13:24:18;  author: root;  state: Exp;  lines: +6 -2
+Add four new infrastructure systems.
+----------------------------
 revision 1.72
 date: 2014/01/27 16:03:20;  author: root;  state: Exp;  lines: +3 -2
 Add AAAA record for ns1.cacert.org.