Re: Auto add zones to secondary, from primary
The very man you're quoting has himself implemented an index zone using PTR records. The slave periodically runs a script to retrieve the PTR records (and possibly some supporting info) and add any new slave zones (and probably remove any that have been removed from the index). Search the list archives for this topic, and specifically for a message from Kevin Darcy where he outlined this in detail. One archive of the list is available here: http://readlist.com/lists/isc.org/bind-users/ Chris Buxton Professional Services Men Mice On Nov 11, 2008, at 7:31 AM, Todd Snyder wrote: That's really weird - my quoted text is missing ... Context: b) having some sort of index which the slaves pick up and then automagically configure their named.conf (the index could be records in a special DNS zone My apologies. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Snyder Sent: Tuesday, November 11, 2008 10:28 AM To: Kevin Darcy; bind-users@isc.org Subject: RE: Auto add zones to secondary, from primary I am intruiged by this idea. Has anyone here implemented this, and care to give some insight into how it works? Something like this would make me very very happy. My brain is spinning trying to figure out the best way to make it work... Cheers, Todd. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
Re: Auto add zones to secondary, from primary
or you can do this in your secondary... 1st, you have to have a special zone there slaveme.tld with the following set: allow-update to the IP of your choice and/or primary's IP allow-query to localhost/its own IP allow-transfer none 2nd, create a file with (x.x.x.x is the ip address of primary) server x.x.x.x update delete add.slaveme.tld. send 3rd, create a shell/perl script in secondary that will do: 1. dig add.slaveme.tld. @localhost -t txt +short if it does'nt exist then exit script 2. a function in the script inserts secondary zone lines in named.conf based on the output of dig. you have to make this script smart enough to check and not to add lines if the zone name already exists in named.conf (you can grep it of course) 3. nsupdate file_of_2nd_step_above this should delete the TXT record 4. rndc freeze slaveme.tld 5. rndc thaw slaveme.tld 6. rndc reconfig 7. rndc flushname slaveme.tld and cronjob this script every minute or so if you want... - now in action... if you want to add foobar.com 1. create the zone 'foobar.com' in primary then... 2. rndc reconfig 3. then update the slave, where y.y.y.y is the IP address of secondary server nsupdate server y.y.y.y nsupdate update add add.slaveme.tld. 60 IN TXT foobar.com nsupdate send of course you can just script this up to something like ./addzone.sh foobar.com and off you go.. --- On Wed, 11/12/08, Chris Buxton [EMAIL PROTECTED] wrote: From: Chris Buxton [EMAIL PROTECTED] Subject: Re: Auto add zones to secondary, from primary To: Todd Snyder [EMAIL PROTECTED] Cc: bind-users@isc.org Date: Wednesday, November 12, 2008, 7:13 AM The very man you're quoting has himself implemented an index zone using PTR records. The slave periodically runs a script to retrieve the PTR records (and possibly some supporting info) and add any new slave zones (and probably remove any that have been removed from the index). Search the list archives for this topic, and specifically for a message from Kevin Darcy where he outlined this in detail. One archive of the list is available here: http://readlist.com/lists/isc.org/bind-users/ Chris Buxton Professional Services Men Mice On Nov 11, 2008, at 7:31 AM, Todd Snyder wrote: That's really weird - my quoted text is missing ... Context: b) having some sort of index which the slaves pick up and then automagically configure their named.conf (the index could be records in a special DNS zone My apologies. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Snyder Sent: Tuesday, November 11, 2008 10:28 AM To: Kevin Darcy; bind-users@isc.org Subject: RE: Auto add zones to secondary, from primary I am intruiged by this idea. Has anyone here implemented this, and care to give some insight into how it works? Something like this would make me very very happy. My brain is spinning trying to figure out the best way to make it work... Cheers, Todd. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
RE: Auto add zones to secondary, from primary
That's really weird - my quoted text is missing ... Context: b) having some sort of index which the slaves pick up and then automagically configure their named.conf (the index could be records in a special DNS zone My apologies. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Snyder Sent: Tuesday, November 11, 2008 10:28 AM To: Kevin Darcy; bind-users@isc.org Subject: RE: Auto add zones to secondary, from primary I am intruiged by this idea. Has anyone here implemented this, and care to give some insight into how it works? Something like this would make me very very happy. My brain is spinning trying to figure out the best way to make it work... Cheers, Todd. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
Re: Auto add zones to secondary, from primary
On 11-Nov-2008, at 10:31 , Todd Snyder wrote: That's really weird - my quoted text is missing ... Context: b) having some sort of index which the slaves pick up and then automagically configure their named.conf (the index could be records in a special DNS zone There are a couple of implementations of this floating around, though I'm not aware of any that have been cleaned up for distribution. I keep toying with the idea of writing something designed to be portable between sites, but I don't have much need for it myself at the moment (I just manage one big zone) so haven't got around to it. The one that sticks out in my mind the most is Paul's name server federations. He talked about it a bit on this list[1] earlier this year, and could probably be encouraged to go into some more detail. Matt [1] http://marc.info/?l=bind-usersm=120291609009103w=2
Auto add zones to secondary, from primary
I act as a slave for one client. He is growing his business to the point where I am finding it too laborious to add his slave zones all the time. I can script it a bit so I am just pasting in a list of domains, but I wonder if there is not a provision in named for this already. Is there any way to automate this? -- Scott
Re: Auto add zones to secondary, from primary
Scott Haneda wrote: I act as a slave for one client. He is growing his business to the point where I am finding it too laborious to add his slave zones all the time. I can script it a bit so I am just pasting in a list of domains, but I wonder if there is not a provision in named for this already. Is there any way to automate this? No, there's nothing in named or the DNS protocol itself to support this. There's been some talk in the IETF about a provisioning protocol but so far nothing seems to have come from that. In the meantime, the various value-added products (e.g. Lucent's QIP) have their own proprietary way of doing this. And folks (like us) have rolled our own autoslaving subsystems. Usually those methodologies consist of either a) formatting a named.conf on the master side and blasting it verbatim along with the actual zone file(s) to the slave(s), or b) having some sort of index which the slaves pick up and then automagically configure their named.conf (the index could be records in a special DNS zone, a file which is rsync'ed out to the slaves periodically, any number of methodologies are possible). As another idea, if you could get read access to your customer's named.conf file, then you could periodically compare version-to-version and add/delete slave-zone definitions as necessary. - Kevin
