Can I change the zone file from command line?
Kevin Darcy
kcd at chrysler.com
Tue Jul 23 18:30:49 UTC 2013
I'm not sure I understand your concern. nsupdate will only update the
records you tell it to update. So, if you have a "static" record, then
don't target it with nsupdate and you should be fine.
When you dial a telephone number, do you worry that your dialing may
have "consequences" against telephone numbers that you *didn't* dial?
Seems very unlikely.
- Kevin
On 7/23/2013 7:21 AM, Manish Rane wrote:
>
> In that case how about other entries from same zone? I m talking about
> any consequences on static entries or the ones which I dont want to me
> dynamic.
>
> On 23 Jul 2013 16:45, "Kumar, Naveen, Vodafone Group"
> <naveen.kumar32 at vodafone.com <mailto:naveen.kumar32 at vodafone.com>> wrote:
>
>
>
> Manish,
>
> You can configure the zone as dynamic, this way it can start
> taking nsupdates,
>
> Upon failed TCP monitor by nagios, it can fire nsupdate command
> and update the A record accordingly.
>
> Regards,
>
> Naveen
>
> *From:*bind-users-bounces+naveen.kumar=cw.com at lists.isc.org
> <mailto:cw.com at lists.isc.org>
> [mailto:bind-users-bounces+naveen.kumar
> <mailto:bind-users-bounces%2Bnaveen.kumar>=cw.com at lists.isc.org
> <mailto:cw.com at lists.isc.org>] *On Behalf Of *Manish Rane
> *Sent:* Tuesday, July 23, 2013 4:30 PM
> *To:* Mark Andrews
> *Cc:* bind-users at isc.org <mailto:bind-users at isc.org>
> *Subject:* Re: Can I change the zone file from command line?
>
> Well, I am trying to configure DNS System Monitoring stuff with
> Nagios plugins. This monitor the server status and if any of th
> link fails remove the said IP from zone and reload the zone. This
> entry would have low TTL so that traffic would be routed to new
> entry instantly.
>
> Lets say I have two ISPs terminated on my firewall and
> www.example.com <http://www.example.com> with private IP
> 172.16.3.10 is natted with 1.2.3.4 and 5.6.7.8 with TTL value 300
>
> Nagios plugin check_tcp would monitor those links or IPs on port
> 80 and if any of the link fails I can have by any mean edit the
> zone file and remove the IP associated with failed link so that
> traffic would never reach to that IP.
>
> Upon recovery the plugin will show the result GREEN and I can
> again have the A record added in zone file, thus reload the zone.
> Due to the low TTL I believe there shouldn't be any issue for
> populating those changes faster.
>
> What say guys?
>
>
> --------------------------------------------------------------------------
> Thanks and Regards,
> Manish R
>
> On Tue, Jul 23, 2013 at 11:46 AM, Mark Andrews <marka at isc.org
> <mailto:marka at isc.org>> wrote:
>
>
> In message
> <CAN3um4yrT+t7Cp2EZYWq-rM5eWx3-ygOK9VKxVUG4qbxcbpzcA at mail.gmail.com <mailto:CAN3um4yrT%2Bt7Cp2EZYWq-rM5eWx3-ygOK9VKxVUG4qbxcbpzcA at mail.gmail.com>>
>
> , Mike Hale writes:
> > This seems pretty straight forward.
> >
> > Use your standard bash tools to modify the file when necessary, then
> > you should simply be able to call rndc reload ZONENAME in the
> script.
>
> Though why one would want to do this rather than just updating the
> zone using DDNS is beyond me. It's not like DDNS can't be made
> secure by using TSIG.
>
> Normalize the zone file using named-checkzone.
> Use awk or similar to change the relevent entries and update the
> SOA serial.
> Use named-checkzone to confirm that the resulting file is still
> valid then
> if it is rename it and reload the zone.
>
> named-checkzone -D -q zone file |
> awk '$1 == "server" && $4 == "A" { print $1, $2, $3, $4, NEWIP}
> $4 == "SOA" { $7 = $7 + 1; print }' > temp
> named-checkzone -q zone temp && mv temp file && rndc reload zone
>
> Mark
>
>
> > On Mon, Jul 22, 2013 at 10:28 PM, Mihamina Rakotomandimby
> > <mihamina at rktmb.org <mailto:mihamina at rktmb.org>> wrote:
> > > Hello,
> > >
> > > I did not catch what you're trying to achieve.
> > > Please give more details.
> > >
> > >
> > > On 2013-07-23 08:25, Manish Rane wrote:
> > >
> > > Hi Folks,
> > >
> > > Wondering if I can edit/change the static zone file as a
> result of certain
> > > bash script. Well, I am trying to write a script which will
> monitor the
> > > server on certain ports and it if fails to connect to the
> server it will
> > > delete or add the entry from zone file so that traffic will be
> routed to
> > > another server, possible?
> > >
> > > OR does any one aware of such solution available in open source?
> > >
> > >
> > >
> > > _______________________________________________
> > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > > unsubscribe from this list
> > >
> > > bind-users mailing list
> > > bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> > > https://lists.isc.org/mailman/listinfo/bind-users
> > >
> > >
> > >
> > > --
> > > RMA.
> > >
> > >
> > > _______________________________________________
> > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > > unsubscribe from this list
> > >
> > > bind-users mailing list
> > > bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> > > https://lists.isc.org/mailman/listinfo/bind-users
> >
> >
> >
> > --
> > 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users
> to unsubscribe
> > from this list
> >
> > bind-users mailing list
> > bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> > https://lists.isc.org/mailman/listinfo/bind-users
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org <mailto:marka at isc.org>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> ------------------------------------------------------------------------
> Vodafone Group Services Limited, One Kingdom Street, Paddington
> Central, London W2 6BY.
>
> www.vodafone.com <http://www.vodafone.com>
>
> This message and any files or documents attached are confidential
> and may also be legally privileged, protected from disclosure
> and/or protected by other legal rules. It is intended only for the
> individual or entity named. If you are not the named addressee or
> you have received this email in error, please inform the sender
> immediately, delete it from your system and do not copy or
> disclose it or its contents or use it for any purpose. Thank you.
> Please also note that transmission cannot be guaranteed to be
> secure or error-free.
> ------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130723/11f9a1a5/attachment-0001.html>
More information about the bind-users
mailing list