ns-gce is dead! Long live ns-ovh-sg!

I'm worried the traffic to my GCP server will cost me a hundred dollars
in bandwidth fees. It has a volume similar to my late AWS server which,
in its last month, racked up ~$130 in bandwidth fees!

I'm also trying to balance the servers more geographically: instead of
having two servers in the US and none in Asia, I'll have one server in
the US and one in Asia (Singapore).

The OVH server in Asia is expensive — $60/month instead of $20/month for
the OVH server in Warsaw. Also there's a monthly bandwidth cap in
Singapore in addition to the 300 Mbps cap.

I went with a dedicated server, similar to the one in Warsaw, but I took
the opportunity to upgrade it (same price):

- ns-ovh:    KS-4: Intel Xeon-E3 1230 v6
- ns-ovh-sg: KS-5: Intel Xeon-E3 1270 v6

I'm hoping that by adding this server to Singapore, the traffic to the
ns-ovh, the Warsaw server, will lessen, and I won't get thos "Anti-DDoS
protection enabled for IP address 51.75.53.19" emails every few days.

Current Queries per second:

- 4,087 ns-gce
- 1,131 ns-hetzner
- 7,183 ns-ovh

integration_test.go

@@ -236,21 +236,22 @@ var _ = Describe("sslip.io-dns-server", func() {
 				digCmd = exec.Command("dig", strings.Split(digArgs, " ")...)
 				digSession, err = Start(digCmd, GinkgoWriter, GinkgoWriter)
 				Expect(err).ToNot(HaveOccurred())
-				Eventually(digSession).Should(Say(`104.155.144.4`))
 				Eventually(digSession).Should(Say(`5.78.115.44`))
 				Eventually(digSession).Should(Say(`51.75.53.19`))
+				Eventually(digSession).Should(Say(`51.79.178.89`))
 				Eventually(digSession, 1).Should(Exit(0))
-				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeA ns.sslip.io. \? 104.155.144.4, 5.78.115.44, 51.75.53.19\n`))
+				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeA ns.sslip.io. \? 5.78.115.44, 51.75.53.19, 51.79.178.89\n`))
 			})
 			It("returns all the AAAA records", func() {
 				digArgs = "@localhost aaaa ns.sslip.io +short -p " + strconv.Itoa(port)
 				digCmd = exec.Command("dig", strings.Split(digArgs, " ")...)
 				digSession, err = Start(digCmd, GinkgoWriter, GinkgoWriter)
 				Expect(err).ToNot(HaveOccurred())
-				Eventually(digSession).Should(Say(`2600:1900:4000:4d12::`))
+				Eventually(digSession).Should(Say(`2a01:4ff:1f0:c920::`))
 				Eventually(digSession).Should(Say(`2001:41d0:602:2313::1`))
+				Eventually(digSession).Should(Say(`2402:1f00:8001:d59::1`))
 				Eventually(digSession, 1).Should(Exit(0))
-				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeAAAA ns.sslip.io. \? 2600:1900:4000:4d12::, 2a01:4ff:1f0:c920::, 2001:41d0:602:2313::1\n`))
+				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeAAAA ns.sslip.io. \? 2a01:4ff:1f0:c920::, 2001:41d0:602:2313::1, 2402:1f00:8001:d59::1\n`))
 			})
 		})
 		When("there are multiple MX records returned (e.g. sslip.io)", func() {
@@ -274,18 +275,18 @@ var _ = Describe("sslip.io-dns-server", func() {
 				Eventually(digSession).Should(Say(`flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 6`))
 				Eventually(digSession).Should(Say(`;; ANSWER SECTION:`))
 				Eventually(digSession).Should(Say(`;; ADDITIONAL SECTION:`))
-				Eventually(digSession).Should(Say(`ns-gce.sslip.io..*104.155.144.4\n`))
-				Eventually(digSession).Should(Say(`ns-gce.sslip.io..*2600:1900:4000:4d12::\n`))
 				Eventually(digSession).Should(Say(`ns-hetzner.sslip.io..*5.78.115.44\n`))
 				Eventually(digSession).Should(Say(`ns-hetzner.sslip.io..*2a01:4ff:1f0:c920::\n`))
 				Eventually(digSession).Should(Say(`ns-ovh.sslip.io..*51.75.53.19\n`))
 				Eventually(digSession).Should(Say(`ns-ovh.sslip.io..*2001:41d0:602:2313::1\n`))
+				Eventually(digSession).Should(Say(`ns-ovh-sg.sslip.io..*51.79.178.89\n`))
+				Eventually(digSession).Should(Say(`ns-ovh-sg.sslip.io..*2402:1f00:8001:d59::1\n`))
 				Eventually(digSession, 1).Should(Exit(0))
 				// the server names may appear out-of-order
-				Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-gce.sslip.io.\n`))
 				Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-hetzner.sslip.io.\n`))
 				Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-ovh.sslip.io.\n`))
-				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeNS example.com. \? ns-gce.sslip.io., ns-hetzner.sslip.io., ns-ovh.sslip.io.\n`))
+				Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-ovh-sg.sslip.io.\n`))
+				Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeNS example.com. \? ns-hetzner.sslip.io., ns-ovh.sslip.io., ns-ovh-sg.sslip.io.\n`))
 			})
 		})
 		When(`there are multiple TXT records returned (e.g. SPF for sslip.io)`, func() {
@@ -407,8 +408,8 @@ var _ = Describe("sslip.io-dns-server", func() {
 			// use regex to account for rotated nameserver order
 			Entry("an NS record with acme_challenge with a forbidden string is not delegated",
 				"@localhost _acme-challenge.raiffeisen.fe80--.sslip.io ns +short",
-				`\Ans-[a-z]+.sslip.io.\nns-[a-z]+.sslip.io.\nns-[a-z]+.sslip.io.\n\z`,
-				`TypeNS _acme-challenge.raiffeisen.fe80--.sslip.io. \? ns-gce.sslip.io., ns-hetzner.sslip.io., ns-ovh.sslip.io.\n$`),
+				`\Ans-[a-z-]+.sslip.io.\nns-[a-z-]+.sslip.io.\nns-[a-z-]+.sslip.io.\n\z`,
+				`TypeNS _acme-challenge.raiffeisen.fe80--.sslip.io. \? ns-hetzner.sslip.io., ns-ovh.sslip.io., ns-ovh-sg.sslip.io.\n$`),
 			Entry("an A record with a forbidden CIDR is redirected",
 				"@localhost nf.43.134.66.67.sslip.io +short",
 				`\A52.0.56.137\n\z`,