Page MenuHomePhabricator
Create Task
Maniphest T308672

fr-tech DNS records incongruences
Closed, ResolvedPublic
Actions

Description

Hi, while performing some DNS checks for T155761 I have encountered some potential incongruences in fr-tech related DNS records and would like you to have a look at them and potentially fix them accordingly in the DNS repository.

Most of them could either be leftover PTRs for records that are not anymore in use and should be deleted, or missing A/AAAA records where the PTR was defined but not the direct record.

Missing IPv4 '208.80.152.230' for name 'frack-default-nat-codfw.wikimedia.org.' and PTR '230.152.80.208.in-addr.arpa.'. No current IP set. (defined in 152.80.208.in-addr.arpa:18)
Missing IPv4 '208.80.152.229' for name 'frack-payments-nat-codfw.wikimedia.org.' and PTR '229.152.80.208.in-addr.arpa.'. No current IP set. (defined in 152.80.208.in-addr.arpa:17)
Missing IPv4 '208.80.155.6' for name 'frack-default-net-eqiad.wikimedia.org.' and PTR '6.155.80.208.in-addr.arpa.'. No current IP set. (defined in 155.80.208.in-addr.arpa:21)
Missing IPv4 '208.80.155.7' for name 'frack-payments-nat-eqiad.wikimedia.org.' and PTR '7.155.80.208.in-addr.arpa.'. No current IP set. (defined in 155.80.208.in-addr.arpa:22)

Details

SubjectRepoBranchLines +/-
fr-tech: add zone validator ignore commentsoperations/dnsmaster+4 -4
fr-tech: fix typo in PTR recordoperations/dnsmaster+1 -1
Add missing forward entries for frack nat addressesoperations/dnsmaster+4 -0
Add in A and PTR records for civicrm-stagingoperations/dnsmaster+2 -0
Customize query in gerrit

Related Objects

Event Timeline

Volans triaged this task as Medium priority.May 18 2022, 1:35 PM
Volans created this task.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 18 2022, 1:35 PM
gerritbot added a comment.May 18 2022, 9:40 PM

Change 793121 had a related patch set uploaded (by Dwisehaupt; author: Dwisehaupt):

[operations/dns@master] Add missing forward entries for frack nat addresses

https://gerrit.wikimedia.org/r/793121

gerritbot added a project: Patch-For-Review.May 18 2022, 9:40 PM
Dwisehaupt claimed this task.May 18 2022, 9:55 PM
Dwisehaupt moved this task from Triage to In Progress on the fundraising-tech-ops board.
Volans added a comment.May 19 2022, 10:07 AM

@Dwisehaupt thanks for taking care of this.
Another record that could be inconsistent (or like that by design) is the payments-eqiad record, that has a reverse for payments:

templates/wikimedia.org:payments        5M  IN CNAME    payments-eqiad
templates/wikimedia.org:payments-eqiad  1H  IN A        208.80.155.5
templates/wikimedia.org:payments-codfw  1H  IN A        208.80.152.228

templates/155.80.208.in-addr.arpa:5   1H IN PTR   payments.wikimedia.org.
templates/152.80.208.in-addr.arpa:228 1H IN PTR   payments-codfw.wikimedia.org.
Volans added a comment.May 19 2022, 10:18 AM

Sorry to add another one, it should be the last one, I'm working on some refactor of the zone_validator script and cleaning up some of the warnings reported ;)

  • civi1002.wikimedia.org seems to be missing the PTR for 208.80.155.17 in templates/155.80.208.in-addr.arpa
  • Just FYI the the PTR for 208.80.155.11 (address for both civi1001 and civicrm) points to the generic name civicrm instead of the host one civi1001. Possibly by design.
gerritbot added a comment.May 19 2022, 9:15 PM

Change 793540 had a related patch set uploaded (by Dwisehaupt; author: Dwisehaupt):

[operations/dns@master] Add in A and PTR records for civicrm-staging

https://gerrit.wikimedia.org/r/793540

gerritbot added a comment.May 19 2022, 9:18 PM

Change 793540 merged by Jgreen:

[operations/dns@master] Add in A and PTR records for civicrm-staging

https://gerrit.wikimedia.org/r/793540

Dwisehaupt added a comment.May 19 2022, 9:19 PM

@Volans Thanks. You are correct about the service record (payments) being by design. I have added another diff for Jeff to review that covers the service address for civi1002 and it's PTR. This will at least keep them consistent for now.

gerritbot added a comment.May 19 2022, 9:23 PM

Change 793121 merged by Jgreen:

[operations/dns@master] Add missing forward entries for frack nat addresses

https://gerrit.wikimedia.org/r/793121

Maintenance_bot removed a project: Patch-For-Review.May 19 2022, 9:30 PM
gerritbot added a comment.May 20 2022, 9:13 AM

Change 793725 had a related patch set uploaded (by Volans; author: Volans):

[operations/dns@master] fr-tech: fix typo in PTR record

https://gerrit.wikimedia.org/r/793725

gerritbot added a project: Patch-For-Review.May 20 2022, 9:13 AM

Change 793726 had a related patch set uploaded (by Volans; author: Volans):

[operations/dns@master] fr-tech: add zone validator ignore comments

https://gerrit.wikimedia.org/r/793726

gerritbot added a comment.May 23 2022, 8:59 AM

Change 793725 merged by Volans:

[operations/dns@master] fr-tech: fix typo in PTR record

https://gerrit.wikimedia.org/r/793725

gerritbot added a comment.May 23 2022, 8:59 AM

Change 793726 merged by Volans:

[operations/dns@master] fr-tech: add zone validator ignore comments

https://gerrit.wikimedia.org/r/793726

Maintenance_bot removed a project: Patch-For-Review.May 23 2022, 9:30 AM
Volans closed this task as Resolved.May 24 2022, 3:37 PM

I'm boldly resolving this as I think everything has been fixed and merged. Feel free to reopen if needed.

Dwisehaupt moved this task from In Progress to Done on the fundraising-tech-ops board.May 24 2022, 4:20 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL