1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
dnscvsutil
==========
This package consists of two programs to maintain your DNS zone
files under CVS control, and possibly automatically updating reverse
zones. The main part of this package is called "dns-update", and it is
written by yours truly, Tommi Virtanen <tv@havoc.fi>. dns-update can
use mkrdns to create the reverse zones. mkrdns was written by Theo Van
Dinter <tvd@chrysalis.com>, <felicity@kluge.net>. The mkrdns homepage
is at http://www.mkrdns.org/
Both dnscvsutil and mkrdns are licensed under the GNU Generic Public
License.
There are no proper documents currently (help appreciated!), but
here's a quick rundown on the setup:
Directories:
/var/lib/dnscvsutil/cvs
- holds the CVS repository that is used to manage
the zone files.
/var/lib/dnscvsutil/domains
- holds a central checked out copy of the CVS
repository. Used to generate the actual zone files.
/var/lib/dnscvsutil/compiled
- holds the generated zone files.
Files:
/etc/dns-update.conf
- configuration file for dns-update.
/var/lib/dnscvsutil/compiled/named-primary.conf
- generated named.conf snippet -- include in your
/etc/bind/named.conf with a line like this:
include "/var/lib/dnscvsutil/compiled/named-primary.conf";
Groups:
dnsadmin - the people who should have access to
dnscvsutil zones should be added here.
Commands:
cvs -d /var/lib/dnscvsutil/cvs co domains
- check out a working directory for you
dns-update
- update the DNS information from the CVS
File format
===========
The files in CVS have simple formatting rules.
The files themselves are just bodies of normal zone files,
with the SOA record replaced with
!template
at the beginning of a line.
You can add options to !template to change e.g. the email
address of the hostmaster, or various time-related SOA values.
Entries can span multiple lines by escaping the newlines with
a backslash, like this:
!template \
hostmaster=hostmaster@foo.example.com \
origin=ns1.example.com \
minttl=60000
The default hostmaster is the one set in dns-update.conf, the
default origin is the current host name (you should override this on
a per-domain basis to point to the primary nameserver name for that
domain.
The final domain name of a single zone file is constructed
like this: reverse the order of directories and join with a period.
Join this with a period to the file name. The file should have the
extension ".domain", which will be stripped off.
Example: all of the following file names would generate the
domain "clear-blue.cluster.development.example.com".
example.com/development/cluster/clear-blue.domain
example.com/cluster.development/clear-blue.domain
com/example/development/clear-blue.cluster.domain
..so you can choose whatever way pleases you.
Autoupdating reverse zones
==========================
dns-update can run mkrdns to autoupdate the reverse zones. See
/etc/dns-update.conf on how to configure this. To make mkrdns work,
you just have to create the reverse zone files once (you shouldn't
even need to fill them with data), and ensure the proper users (group
dnsadmin, most probably) can write to the files.
Pre-existing zones
==================
If you are moving pre-existing zones under dnscvsutil control,
please make sure your SOA serial numbers are not messed up. dnscvsutil
uses serial numbers of the form YYYYMMDDnn, where nn is 01..99.
Restrictions
============
dns-update cannot handle more than 99 updates per day. If you do
more than that, switch to run it from crontab every 24/99 hours ;)
(It won't update the zones unless it really is necessary).
Final words
===========
Comments, source, patches, docs, pointers to similar utils, etc.
are welcome. Please tell me what you think of this program.
Tommi Virtanen, <tv@havoc.fi>
|
