% Zonefile generator tools % David Parsons % Wed Jan 16 13:57:01 PST 2008 #DNS ##Name **dns** -- Build dns maps from `/etc/hosts` ##Synopsis **dns** [ -rbW] [-H hosts-file] [config-file] ##Description `dns` is used to prepare `named(8)` maps for a nameserving machine. It takes a small configuration file (or, alternatively, standard input) and uses it and the contents of your `/etc/hosts` file to build zone maps. The `dns` program uses a `dns` configuration file that contains a list of interesting commands describing things you might want to have in your dns maps. It also picks apart `/etc/hosts` for the dns information of the various sites in your domain. By default, `dns` generates map files for your domain and your loopback domain and writes them into your current directory; if you specify the `-b` option, it will also generate `named.boot` in your current directory. If you specify the `-W` option, `dns` will generate the map files in your `database` (see below) directory. Finally, `dns` will attempt to signal `named(8)` of the changed dns database if you give the `-r` option. If you don't wish to build maps from `/etc/hosts` you can tell `dns` a different hosts file by the `-H` option. The commands you can specify in the _config-file_ are as follows: =**`domain`** _domain-name_= Build maps for the given domain name; these maps will be named `localhost.zone` `for` `your` `loopback` `IN-ADDR.ARPA` map, and _domain-name_`.zone` for your domain map. This command is _required_ to generate dns maps. =**`network`** _address_= Build a `IN-ADDR.ARPA` map for your network (this map includes all entries in `/etc/hosts` that are in the given network.) =**`site`** _machine-name_= This is the authoritative site for the domain, as given in the SOA record in _domain-name_`.zone`. You must give a authoritative site to generate dns records. =**`contact`** _name_= If the contact for this domain is not `root@`_site_, set it here. =**`nameserver`** _name_= Declare the machine _name_ as a nameserver for your domain. You must define at least one nameserver for the domain. =**`private-mail`** `YES` or `NO`= If set to `NO`, every machine in this domain gets MX records; if set to `YES`, mail directly to the machine is allowed. =**`postoffice`** _name_= Declare the machine _name_ as a mail exchanger for your domain. This is useful if you don't want people directly mailing to each machine in your domain. =**`roothost`** _name_= Use the machine _name_ as the alias for your domain, so that attempts to `telnet` or `ftp` into your domain go to this machine instead of simply failing. =**`alias-domain`** _name_= Build an alias map to point this domain into your actual domain. This is useful if you have both a leased domain (.com,.org,.net) and a geographic domain, and wish to point stuff from one place into the other. =**`alias-name`**
**`alias-ip`**= These define how `/etc/hosts` aliases are handled; `dns` generates dns records for every alias in `/etc/hosts`, but generates `CNAME` records if you've set `alias-name` and `A` records if you've set `alias-ip`. =**`database`** _directory_= If you're using the `-W` command-line option, write the completed maps to the given `directory`. Note that the `named.boot` file will still be written to `/etc` no matter what directory you give. If you do not specify a `database` directory, the maps will be written (subject to `-W`) to the directory `/var/namedb`. =**`secondary`** _domain_ _addresses_= Act as a secondary nameserver for _domain_, where its primary nameservers are at the given _addresses_. This is useful if you're at one end of a slow or intermittent IP connection and don't want to spend the time constantly fetching dns information for frequently queried sites. If the secondary domain is instead a network address, generate an `IN-ADDR.ARPA` map for it. ##Example Say I've got the domain `tsfr.org` that I'd like to do nameserving for. I've also inherited the domain `evilparty.org`, which I'm planning on using as an alias for `tsfr.org`, and I'm doing secondary nameservice for the `www.pell.portland.or.us/~mastodon` domain. My `/etc/hosts` looks like this (note that these IP addresses **WILL NOT WORK** in real life, since they are actually reserved multicast addresses): # /etc/hosts # This file contains the ip addresses and names of your host # and of other machines. The format is # #nnn.nnn.nnn.nnn fully qualified name hostname [ aliases ] # 127.0.0.1 localhost loopback 224.1.1.1 central.tsfr.org foo news postoffice 224.1.1.2 right.tsfr.org right 224.1.1.3 left.tsfr.org left 224.1.1.4 gateway.tsfr.org gateway www ftp usenet 225.1.1.5 remote.tsfr.org remote # 226.1.1.1 interesting.site.com 227.1.1.1 woo-woo-woo.www.pell.portland.or.us/~mastodon and the configuration file `tsfr.dns` looks like this: domain tsfr.org ; our domain network 224.1.1 ; and our network site gateway contact henry nameserver gateway nameserver central postoffice 10 postoffice postoffice 20 gateway postoffice 800 central roothost gateway alias-domain evilparty.org alias-name database /var/namedb secondary www.pell.portland.or.us/~mastodon 226.1.1.1 Running `dns -b tsfr.dns` generates the following files in the current directory: `tsfr.org.zone`,`evilparty.org.alias` (the alias map that's mainly a PTR to tsfr.org), `tsfr.org.rev` (the `IN-ADDR.ARPA` map for our domain), `localhost.zone` (the `IN-ADDR.ARPA` map for the loopback interface), and `named.boot`, which looks like this: ; domain tsfr.org ; data file to boot a name server ; generated by dns on Mon May 6 00:50:15 1996 ; directory /var/namedb ; ; type domain/zone host/file local-file ; cache . named.cache primary 0.0.127.IN-ADDR.ARPA localhost.zone primary 1.1.224.IN-ADDR.ARPA tsfr.org.rev primary tsfr.org tsfr.org.zone primary evilparty.org evilparty.org.alias ; domains we do secondary nameservice for ; secondary www.pell.portland.or.us/~mastodon 226.1.1.1 mastodon.biz.bak ##Diagnostics Errors abort the program and return a non-zero exit status. ##History Written by David Parsons to simplify setting up new nameservers for the pell.portland.or.us, psgvb.com, and pell.com domains. ##Bugs If `named(8)` is not running, the `-r` option will have no effect. The _serial number_ in SOA records is formed from the year since the epoch (`1970` ), the julian day, and the number of minutes since midnight divided by two. If you quickly change maps with `dns`, the serial number will `NOT` update, thus leading to confused remote nameservers. ##Source Code & Sample Data [Makefile](Makefile), [sample/tsfr.org.rev](sample/tsfr.org.rev), [dns.8](dns.8), [sample/localhost.zone](sample/localhost.zone), [sample/named.boot](sample/named.boot), [dns.c](dns.c), [sample/tsfr.org.zone](sample/tsfr.org.zone), [sample/hosts](sample/hosts), and [sample/evilparty.org.alias](sample/evilparty.org.alias).