The hornet committee is responsible for the maintaining of the hornet platform.
ns4.snt.utwente.nl
ns5.snt.utwente.nl
ns6.snt.utwente.nl
We run quite an interesting DNS setup. DNS. The most important part here is that cpanel-prod runs a hidden DNS master. And ns4,5,6 are separate machines that replicate from there using AFXR. This is not the quickest, or the most reliable. But it usually works.
The UT, and SNT, really want DNSSEC enabled for all domains registered at the UT. Creating a new site in hornet automatically runs a script `/opt/hornet-scripts/cpanel/snt-configure-zone.py`, which creates a DNSSEC combined signing key.
Adding new domains in cpanel is possible, but the script does not automatically trigger.
DO NOT MAKE YOUR OWN DNSSEC KEYS. THIS WILL NOT SYNC CORRECTLY. This is due to issues with nsec3_narrow combined with AFXR.
Instead, run
/opt/hornet-scripts/cpanel/snt-configure-zone.py <<< '{"data": {"user": "cpanelusernam", "domain": "associationdomainname.nl"}}'
with the current domain and username to setup the DNSSEC records in a way that they automatically sync to the other nameservers.
This script will automatically email the DNSSEC records to dnsmaster @ snt, which forwards to some syscommers and board. You can forward this mail nicely to servicedesk, where it usually ends up at Frederik.