Auto add zones to secondary, from primary

ivan jr sy ivan_jr at yahoo.com
Tue Nov 11 18:47:21 UTC 2008 

or you can do this in your secondary...

1st, you have to have a special zone there "slaveme.tld" with the following set:
allow-update to the IP of your choice and/or primary's IP
allow-query to localhost/its own IP
allow-transfer none

2nd, create a file with (x.x.x.x is the ip address of primary)

server x.x.x.x
update delete add.slaveme.tld.
send

3rd, create a shell/perl script in secondary that will do:
1. dig add.slaveme.tld. @localhost -t txt +short
if it does'nt exist then exit script

2. a function in the script inserts secondary zone lines in named.conf based on the output of dig. you have to make this script smart enough to check and not to add lines if the zone name already exists in named.conf (you can grep it of course)

3. nsupdate <file_of_2nd_step_above>
this should delete the TXT record

4. rndc freeze slaveme.tld
5. rndc thaw slaveme.tld
6. rndc reconfig
7. rndc flushname slaveme.tld

and cronjob this script every minute or so if you want...


-----

now in action... if you want to add "foobar.com"

1. create the zone 'foobar.com' in primary then...
2. rndc reconfig
3. then update the slave, where y.y.y.y is the IP address of secondary server

nsupdate> server y.y.y.y
nsupdate> update add add.slaveme.tld. 60 IN TXT "foobar.com"
nsupdate> send

of course you can just script this up to something like

./addzone.sh foobar.com

and off you go..

--- On Wed, 11/12/08, Chris Buxton <cbuxton at menandmice.com> wrote:

> From: Chris Buxton <cbuxton at menandmice.com>
> Subject: Re: Auto add zones to secondary, from primary
> To: "Todd Snyder" <tsnyder at rim.com>
> Cc: bind-users at isc.org
> Date: Wednesday, November 12, 2008, 7:13 AM
> The very man you're quoting has himself implemented an
> index zone  
> using PTR records. The slave periodically runs a script to
> retrieve  
> the PTR records (and possibly some supporting info) and add
> any new  
> slave zones (and probably remove any that have been removed
> from the  
> index).
> 
> Search the list archives for this topic, and specifically
> for a  
> message from Kevin Darcy where he outlined this in detail.
> One archive  
> of the list is available here:
> http://readlist.com/lists/isc.org/bind-users/
> 
> Chris Buxton
> Professional Services
> Men & Mice
> 
> On Nov 11, 2008, at 7:31 AM, Todd Snyder wrote:
> 
> > That's really weird - my quoted text is missing
> ...
> >
> > Context:
> >
> > "b) having some sort of "index" which
> the slaves pick up and then
> > automagically configure their named.conf (the
> "index" could be records
> > in a special DNS zone"
> >
> > My apologies.
> >
> > -----Original Message-----
> > From: bind-users-bounce at isc.org
> [mailto:bind-users-bounce at isc.org] On
> > Behalf Of Todd Snyder
> > Sent: Tuesday, November 11, 2008 10:28 AM
> > To: Kevin Darcy; bind-users at isc.org
> > Subject: RE: Auto add zones to secondary, from primary
> >
> >
> > I am intruiged by this idea.  Has anyone here
> implemented this, and  
> > care
> > to give some insight into how it works?
> >
> > Something like this would make me very very happy.  My
> brain is  
> > spinning
> > trying to figure out the best way to make it work...
> >
> > Cheers,
> >
> > Todd.
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > This transmission (including any attachments) may
> contain confidential
> > information, privileged material (including material
> protected by the
> > solicitor-client or other applicable privileges), or
> constitute
> > non-public information. Any use of this information by
> anyone other  
> > than
> > the intended recipient is prohibited. If you have
> received this
> > transmission in error, please immediately reply to the
> sender and  
> > delete
> > this information from your system. Use, dissemination,
> distribution,  
> > or
> > reproduction of this transmission by unintended
> recipients is not
> > authorized and may be unlawful.
> >
> >
> >
> ---------------------------------------------------------------------
> > This transmission (including any attachments) may
> contain  
> > confidential information, privileged material
> (including material  
> > protected by the solicitor-client or other applicable
> privileges),  
> > or constitute non-public information. Any use of this
> information by  
> > anyone other than the intended recipient is
> prohibited. If you have  
> > received this transmission in error, please
> immediately reply to the  
> > sender and delete this information from your system.
> Use,  
> > dissemination, distribution, or reproduction of this
> transmission by  
> > unintended recipients is not authorized and may be
> unlawful.
> >

More information about the bind-users mailing list