From 0717bc745e32685fdc1664b5a4c907ecc2adb215 Mon Sep 17 00:00:00 2001 From: lare Date: Sat, 13 May 2023 20:48:37 +0200 Subject: [PATCH] add note about validate-my-dns.py in getting-started --- howto/Getting-Started.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/howto/Getting-Started.md b/howto/Getting-Started.md index 804db04..a5288d3 100644 --- a/howto/Getting-Started.md +++ b/howto/Getting-Started.md @@ -284,7 +284,7 @@ You can also add DNSSEC delegations using `ds-rdata` attributes to your domain: ds-rdata: 61857 13 2 bd35e3efe3325d2029fb652e01604a48b677cc2f44226eeabee54b456c67680c ``` -For reverse DNS, add `nserver` attributes to you inet{,6}num objects: +For reverse DNS, add `nserver` attributes to your inet{,6}num objects: ```conf inet6num: fd35:4992:6a6d:0000:0000:0000:0000:0000 - fd35:4992:6a6d:ffff:ffff:ffff:ffff:ffff @@ -301,6 +301,8 @@ nserver: ns2.foo.dn42 source: DN42 ``` +once you have configured your nserver software you can use the included `./validate-my-dns.py` script to check your dns server replies. It notifies you about any missconfiguration it finds and then generates a summary at the end. This is a good option to check DNSSEC and if you configured the correct reverse zones + # Get some peers In dn42, there is no real distinction between peering and transit: in most cases, everybody serves as an upstream provider to all its peers. Note that if you have very slow connectivity to the Internet, you may want to avoid providing transit between your peers, which can be done by filtering or prepending your ASN. For the sake of sane routing, try to peer with people on the same continent to avoid inefficient routing, <50ms is a good rule of thumb. You can also look into Bird communities if you are using Bird to mark the latency for the [link](/howto/Bird-communities).