From ce852009c5b7a34775bd1eed03a106a821cb590f Mon Sep 17 00:00:00 2001 From: Brian Cunnie Date: Sat, 16 Nov 2024 16:02:25 -0800 Subject: [PATCH] "ns-azure is dead, long live ns-hetzner" The nameserver on Azure is probably my least-favorite: much slower, much higher latency. Even though it would've made more geographic sense to dismantle my GCP nameserver in favor of the Hetzner, I'm using this opportunity to get rid of the Azure. And, of course, introduce the Hetzner nameserver with its 20TB of bandwidth allowance, which I've come to need. --- integration_test.go | 11 ++++++----- main.go | 4 +++- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/integration_test.go b/integration_test.go index fca73ce..67a8c9b 100644 --- a/integration_test.go +++ b/integration_test.go @@ -270,20 +270,21 @@ var _ = Describe("sslip.io-dns-server", func() { digCmd = exec.Command("dig", strings.Split(digArgs, " ")...) digSession, err = Start(digCmd, GinkgoWriter, GinkgoWriter) Expect(err).ToNot(HaveOccurred()) - Eventually(digSession).Should(Say(`flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 5`)) + Eventually(digSession).Should(Say(`flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 6`)) Eventually(digSession).Should(Say(`;; ANSWER SECTION:`)) Eventually(digSession).Should(Say(`;; ADDITIONAL SECTION:`)) - Eventually(digSession).Should(Say(`ns-azure.sslip.io..*52.187.42.158\n`)) Eventually(digSession).Should(Say(`ns-gce.sslip.io..*104.155.144.4\n`)) Eventually(digSession).Should(Say(`ns-gce.sslip.io..*2600:1900:4000:4d12::\n`)) + Eventually(digSession).Should(Say(`ns-hetzner.sslip.io..*5.78.115.44\n`)) + Eventually(digSession).Should(Say(`ns-hetzner.sslip.io..*2a01:4ff:1f0:c920::\n`)) Eventually(digSession).Should(Say(`ns-ovh.sslip.io..*51.75.53.19\n`)) Eventually(digSession).Should(Say(`ns-ovh.sslip.io..*2001:41d0:602:2313::1\n`)) Eventually(digSession, 1).Should(Exit(0)) // the server names may appear out-of-order - Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-azure.sslip.io.\n`)) Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-gce.sslip.io.\n`)) + Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-hetzner.sslip.io.\n`)) Eventually(string(digSession.Out.Contents())).Should(MatchRegexp(`NS\tns-ovh.sslip.io.\n`)) - Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeNS example.com. \? ns-azure.sslip.io., ns-gce.sslip.io., ns-ovh.sslip.io.\n`)) + Eventually(string(serverSession.Err.Contents())).Should(MatchRegexp(`TypeNS example.com. \? ns-gce.sslip.io., ns-hetzner.sslip.io., ns-ovh.sslip.io.\n`)) }) }) When(`there are multiple TXT records returned (e.g. SPF for sslip.io)`, func() { @@ -406,7 +407,7 @@ var _ = Describe("sslip.io-dns-server", func() { Entry("an NS record with acme_challenge with a forbidden string is not delegated", "@localhost _acme-challenge.raiffeisen.fe80--.sslip.io ns +short", `\Ans-[a-z]+.sslip.io.\nns-[a-z]+.sslip.io.\nns-[a-z]+.sslip.io.\n\z`, - `TypeNS _acme-challenge.raiffeisen.fe80--.sslip.io. \? ns-azure.sslip.io., ns-gce.sslip.io., ns-ovh.sslip.io.\n$`), + `TypeNS _acme-challenge.raiffeisen.fe80--.sslip.io. \? ns-gce.sslip.io., ns-hetzner.sslip.io., ns-ovh.sslip.io.\n$`), Entry("an A record with a forbidden CIDR is redirected", "@localhost nf.43.134.66.67.sslip.io +short", `\A52.0.56.137\n\z`, diff --git a/main.go b/main.go index 909b0a9..eaf7541 100644 --- a/main.go +++ b/main.go @@ -17,7 +17,7 @@ func main() { var blocklistURL = flag.String("blocklistURL", "https://raw.githubusercontent.com/cunnie/sslip.io/main/etc/blocklist.txt", `URL containing a list of non-resolvable IPs/names/CIDRs, usually phishing or scamming sites. Example "file://etc/blocklist.txt"`) - var nameservers = flag.String("nameservers", "ns-azure.sslip.io.,ns-gce.sslip.io.,ns-ovh.sslip.io.", + var nameservers = flag.String("nameservers", "ns-gce.sslip.io.,ns-hetzner.sslip.io.,ns-ovh.sslip.io.", "comma-separated list of FQDNs of nameservers. If you're running your own sslip.io nameservers, set them here") var addresses = flag.String("addresses", "sslip.io=78.46.204.247,"+ @@ -32,6 +32,8 @@ func main() { "ns-azure.sslip.io=52.187.42.158,"+ "ns-gce.sslip.io=104.155.144.4,"+ "ns-gce.sslip.io=2600:1900:4000:4d12::,"+ + "ns-hetzner.sslip.io=5.78.115.44,"+ + "ns-hetzner.sslip.io=2a01:4ff:1f0:c920::,"+ "ns-ovh.sslip.io=51.75.53.19,"+ "ns-ovh.sslip.io=2001:41d0:602:2313::1", "comma-separated list of hosts and corresponding IPv4 and/or IPv6 address(es). If you're running your own sslip.io nameservers, add their hostnames and addresses here. If unsure, add to the list rather than replace")