Skip to main content

Secondary dns zone transfer from tinydns to bind

First create necessary users:
# useradd dnslog
# useradd axfrdns

axfrdns-conf command creates axfrdns configuration files and folders: (env, log, Makefile, run, tcp)
# axfrdns-conf axfrdns dnslog /etc/axfrdns /etc/tinydns <tiny dns server ip address>

Allow zone transfer for a bind server that contains secondary zone:
# echo '<bind dns server ip address>:allow,AXFR="<dns zone to allow>"' > /etc/axfrdns/tcp

In order to run make command tcprules should be installed:
# rpm -ivh daemontools-0.76-9.1.i386.rpm
# rpm -ivh ucspi-tcp-0.88-2.1.i386.rpm

make command creates tcp.cdb file:
# cd /etc/axfrdns
# make

run axfrdns tcpserver service:
# ./run

Dnsnotify is a perl script that is used to notify bind dns server about there is a zone update and once bind is triggered it would initiate zone transfer from tiny dns. From another command prompt on the tinydns server run this perl script. dnsnotify needs perl's Net::DNS package to be installed. It can be installed via cpan:
# perl -MCPAN -e shell;
cpan> install Net::DNS

Then run dnsnotify:
# ./dnsnotify

Dnsnotify script contents here: (you should set your axfrdns server ip address)
#!/usr/bin/perl -w
# usage: dnsnotify zone slave [...]
# example: dnsnotify example.org 1.2.3.4 1.2.3.5
# requires Net::DNS >= 0.20
use Net::DNS;
use Data::Dumper;
use strict;
my $MY_IP = "<tiny dns server ip address>"; # your own IP here
my $zone = shift;
die "usage: dnsnotify zone slave [...]\n"
  unless defined $zone and @ARGV;
my $res = new Net::DNS::Resolver;
$res->srcaddr($MY_IP);
for my $slave ( @ARGV ) {
  my $packet = new Net::DNS::Packet($zone, "SOA", "IN")
    or die "new Net::DNS::Packet failed\n";
$packet->header->opcode("NS_NOTIFY_OP");
  $packet->header->aa(1);
  $packet->header->rd(0);
  #$packet->print;
  $res->nameservers($slave);
  print STDERR Dumper($packet);
  my $reply = $res->send($packet);
  if ( defined $reply ) {
    $reply->print;
  } else {
    warn "\n;; TIMED OUT\n";
  }
}
exit 0;

Comments

Popular posts from this blog

Creating Multiple VLANs over Bonding Interfaces with Proper Routing on a Centos Linux Host

In this post, I am going to explain configuring multiple VLANs on a bond interface. First and foremost, I would like to describe the environment and give details of the infrastructure. The server has 4 Ethernet links to a layer 3 switch with names: enp3s0f0, enp3s0f1, enp4s0f0, enp4s0f1 There are two bond interfaces both configured as active-backup bond0, bond1 enp4s0f0 and enp4s0f1 interfaces are bonded as bond0. Bond0 is for making ssh connections and management only so corresponding switch ports are not configured in trunk mode. enp3s0f0 and enp3s0f1 interfaces are bonded as bond1. Bond1 is for data and corresponding switch ports are configured in trunk mode. Bond0 is the default gateway for the server and has IP address 10.1.10.11 Bond1 has three subinterfaces with VLAN 4, 36, 41. IP addresses are 10.1.3.11, 10.1.35.11, 10.1.40.11 respectively. Proper communication with other servers on the network we should use routing tables. There are three

Sending Jboss Server Logs to Logstash Using Filebeat with Multiline Support

In addition to sending system logs to logstash, it is possible to add a prospector section to the filebeat.yml for jboss server logs. Sometimes jboss server.log has single events made up from several lines of messages. In such cases Filebeat should be configured for a multiline prospector. Filebeat takes lines do not start with a date pattern (look at pattern in the multiline section "^[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}" and negate section is set to true ) and combines them with the previous line that starts with a date pattern. server.log file excerpt where DatePattern: yyyy-MM-dd-HH and ConversionPattern: %d %-5p [%c] %m%n Logstash filter: