DNS

DNS is provided through bind on demeter. We control the zones for ugcs.caltech.edu, and the reverse zones for 131.215.176.64-127. We also have control of ugcs.net and ugcs.org, although we don't do anything with those yet.

Updates

You should never directly edit the files in /etc/bind. Instead, edit the configurator stuff. generate_bind_db and generate_bind_rnds.py take care of generating the files, and then cfengine puts them in place. Static parts are in inputs/db.ugcs.caltech.edu.input. There aren't any static parts for the reverse dns.

If you update the forward dns and regenerate it, the script will make a good zone number so it will get picked up by Caltech's name servers (which are slaves for our domains). In order for reverse dns to be updated, you need to email hostmaster@caltech.edu and ask them to refresh their copy of it.

If nsupdate has been used, you have to be careful about pushing new versions of db.ugcs.caltech.edu, because bind will have a journal file etc. You should use rndc freeze to flush the journal, put the new version in place, and then restart bind for changes to be picked up correctly. However, you shouldn't have to worry about this- cfengine does it automatically for you, and you should always use configurator/cfengine.

Nsupdate

You can use nsupdate for on-the-fly updates. The key file is in /etc/bind on demeter. See 'man nsupdate' for instructions. There will be (soon?) some remctl commands to update the "round-robins" The only note I have is that you need to use FQDN's (with a . on the end) with nsupdate.