Date: Wed, 2 Aug 2000 16:52:40 -0400 From: "Jason Portwood" <jason@iac.net> To: "'Erin'" <Kahn@deadbbs.com>, <freebsd-isp@FreeBSD.ORG> Subject: RE: Secondary BIND server. Message-ID: <6381A6A8826BD31199500090279CAFBA106C25@FOGHORN> In-Reply-To: <6381A6A8826BD31199500090279CAFBA10206E@FOGHORN>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Does anyone have some sugestions on how I would go about getting my > secondary DNS server to automatically setup the secondary > domain when I put it in the primary DNS server. > > Is there any software that already does this? > I saw the other posts about this and how to do it. I came up with an idea about a week ago on how to do this using a pair of Perl scripts and DNS only. One Perl script to parse the domains out into a zone file with entries like... IN TXT "somehost.com" Then on the secondary the second script does a dig @yourdnsserver zonefile.list.net axfr and then parses that out into a (included) named.conf file. Reload if there is a change ala serial numbers... On the primary you would set that zone file up to allow only zone transfers from your secondary and no queries on the domain. // something like... zone "slaves.somehost.net" { type master; file "slaves.somehost.net"; allow-transfer { 10.1.1.1; }; allow-query { none; }; }; I would have done this update just through the normal zone transfers by that appears to do a query before a transfer (dig doesn't). Also I didn't want to have to set up a record on the secondary and have to fuss protecting that. Plus getting it to sync after a transfer seemed a little hard than just doing a dig and parsing that out. I haven't put it into production yet (still doing the by hand tests) but all appears to be going well. I have also sent a message off to the ISC BIND suggestion people to make sure what I have done is sane. If anyone is interested in a copy of the two scripts just ask. It is still in the beginning stages (doesn't do any sanity checks on the data for one) but it does work at least in tests. If someone can come up with a better reason why not to GPL it I'm going to send it out that way... I would be very interested in any feedback on it or just this idea in general. The usual disclaimer... The script is beta and even if it wasn't. Always backup before/read code/etc... Don't blame me if it goes nuts as it works for me. I've either come up with a good idea or one that is so bad that there is a good reason why it isn't being used already. Jason Portwood - jason@iac.net Systems Administrator - Strategic/Internet Access Cincinnati Sales and Tech Support - 513-860-9052 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6381A6A8826BD31199500090279CAFBA106C25>