Steps to reload zone files automatically?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Steps to reload zone files automatically?

Harshith Mulky
Hello

Is there an automatic way we could use reloading the zone files rather than using rndc reload or named restart?

Any methods or links which can be shared to help us reload the zone files automatically once we make changes to the zone files ( cron methods or shell scripts)

We are running bind with version as below

# rpm -qi bind
Name        : bind
Version     : 9.9.5P1
Release     : 2.2.2
Architecture: x86_64
Install Date: Tue Oct 17 16:46:22 2017
Group       : Productivity/Networking/DNS/Servers
Size        : 747523
License     : ISC
Signature   : RSA/SHA256, Tue Oct  7 04:18:01 2014, Key ID b88b2fd43dbdc284
Source RPM  : bind-9.9.5P1-2.2.2.src.rpm
Build Date  : Tue Oct  7 04:17:04 2014
Build Host  : cloud124
Relocations : (not relocatable)
Packager    : http://bugs.opensuse.org
Vendor      : openSUSE
URL         : http://isc.org/sw/bind/
Summary     : Domain Name System (DNS) Server (named)
Description :
Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System.  This package includes the components to operate a DNS server.
Distribution: openSUSE 13.2
sataradnsVM1:~ #


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Steps to reload zone files automatically?

Erich Eckner
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Wed, 1 Jul 2020, Harshith Mulky wrote:

> Hello

Hi,

> Is there an automatic way we could use reloading the zone files rather than
> using rndc reload or named restart?

Shouldn't the design be, that: Whoever changes the zone file, runs "rndc
reload" afterwards?

>
> Any methods or links which can be shared to help us reload the zone files
> automatically once we make changes to the zone files ( cron methods or shell
> scripts)

If you really want to go that path (see suggestion above), have a look at
inotifywait from inotifytools (I'm not sure, how the package is called in
suse):

https://linux.die.net/man/1/inotifywait

>
> We are running bind with version as below
>
> # rpm -qi bind
> Name        : bind
> Version     : 9.9.5P1
> Release     : 2.2.2
> Architecture: x86_64
> Install Date: Tue Oct 17 16:46:22 2017
> Group       : Productivity/Networking/DNS/Servers
> Size        : 747523
> License     : ISC
> Signature   : RSA/SHA256, Tue Oct  7 04:18:01 2014, Key ID b88b2fd43dbdc284
> Source RPM  : bind-9.9.5P1-2.2.2.src.rpm
> Build Date  : Tue Oct  7 04:17:04 2014
> Build Host  : cloud124
> Relocations : (not relocatable)
> Packager    : http://bugs.opensuse.org
> Vendor      : openSUSE
> URL         : http://isc.org/sw/bind/
> Summary     : Domain Name System (DNS) Server (named)
> Description :
> Berkeley Internet Name Domain (BIND) is an implementation of the Domain
> Name System (DNS) protocols and provides an openly redistributable
> reference implementation of the major components of the Domain Name
> System.  This package includes the components to operate a DNS server.
> Distribution: openSUSE 13.2
> sataradnsVM1:~ #
>
>
>
regards,
Erich

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl78OW8ACgkQCu7JB1Xa
e1poQRAAuGVb4Nr+qv82wtzIGkgXElOY8fW+kWf0p8UbZAiQZvVK25RlSytbmO2e
A5Ie7ttJbMDM3qwSJfN69eDj3h8ctL6pVtsazIMUJpT8jGKvncHbm5xLyJUgCWt0
/GaO9gvwthbkmkfA5TyWPAk8SdeHDFS03RsbHcONs2MWwmUYWBeooX3N48DwX6r+
DlNJVIyAi3H2ApT2V/BZ+XTqE5wW9IPZbUqB9wwzzIib+pRq3EOoBpLnXMMZsI96
IJu/7mpTaV8XtY6K8Q+LeAdg86PrXlwg3sgd4ss0b9VkwvH3dELqMPn4I6DwfFkM
4H1AZU413udKx0R4a9CEZfBPHOo0IHAEZsAV3A0gi8/HUU4pUZVhHXza0I5imgHc
rXyl/g6dXhPx/pYIWZmLACYkyNQoJNZEvek9dLn9+ywy2C/jr4H7ivIC1q3I2og5
IaKNHSv6l9VqHK03fCjpm+xxSY5U758N1oReS7khJnBWPGNUh5jLYnC/NXUgEz5a
4hx7K/Syg+WXfAH3TZPx+RCbARNcP7dz3sbpRWu7J6eL4Zhxmht2RcsMtSB2Ckpv
dgZ4/5zD3e0Fi0xDyvnfEoNMp8ihBYUrsvL7vUJXv7ek/VMG6QHJSKxk0U94/io6
xQZXizzvgeHWnYsaWhnR/NkVyyk23R3v+czHf+In5/iOeNU/S/c=
=uZm6
-----END PGP SIGNATURE-----
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Steps to reload zone files automatically?

Bind-Users forum mailing list
In reply to this post by Harshith Mulky
Hi there,

On Wed, 1 Jul 2020, Harshith Mulky wrote:

> Is there an automatic way we could use reloading the zone files
> rather than using rndc reload or named restart?

It should be trivial to implement this, but I'm not sure that I'd want
to do it on a server of mine.

> We are running bind with version as below
>
> # rpm -qi bind
> Name        : bind
> Version     : 9.9.5P1
> ...

https://kb.isc.org/docs/bind-9-end-of-life-dates

> Date: Wed, 08 Jun 2016 20:09:54 +1000
> From: Mark Andrews <[hidden email]>
> To: Harshith Mulky <[hidden email]>
> ...
> ... Harshith Mulky writes:
> > I have bind Running on following Version:
> >
> > bind-9.8.2-0.17.rc1.el6.x86_64
>
> Upgrade.
Plus ça change, plus c'est la même chose...

--

73,
Ged.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Steps to reload zone files automatically?

Chuck Aurora
In reply to this post by Harshith Mulky
On 2020-07-01 00:55, Harshith Mulky wrote:
>  Is there an automatic way we could use reloading the zone files
> rather than using rndc reload or named restart?

Within named, no.  Furthermore a restart of named for changed zone
data was never a good idea.  Likewise, "rndc reload" only makes sense
when numerous zones were changed at one time; otherwise you would use
"rndc reload zone-name [view-name]".

> Any methods or links which can be shared to help us reload the zone
> files automatically once we make changes to the zone files ( cron
> methods or shell scripts)

A different paradigm which would do this better would be to use
dynamic zones (RFC 2136.)  To do this you would set an update-policy
for the zone[s] (or globally) and submit updates using nsupdate(8)
or other RFC 2136 client.

Ideally you would ONLY use dynamic updates to change zone data, but
there's also freeze and thaw functions in rndc(8) for those who want
to edit a zone file for Old Time's Sake.  (The freeze will lose your
zone updates history.)

Dynamic DNS is covered well in the BIND 9 ARM.  There are probably
also some articles at the ISC KB.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Steps to reload zone files automatically?

Tony Finch
Chuck Aurora <[hidden email]> wrote:

nice domain name :-)

> On 2020-07-01 00:55, Harshith Mulky wrote:
>
> > Any methods or links which can be shared to help us reload the zone
> > files automatically once we make changes to the zone files ( cron
> > methods or shell scripts)
>
> A different paradigm which would do this better would be to use
> dynamic zones (RFC 2136.)  To do this you would set an update-policy
> for the zone[s] (or globally) and submit updates using nsupdate(8)
> or other RFC 2136 client.

Yes, this is the way I like to do things. Specifically, it's fairly easy
if you configure your zones with `update-policy local`, and you use
`nsupdate -l` to modify the zone. That way you get a fairly secure setup
with very little configuration effort.

You're all probably bored of me plugging nsdiff, but I wrote it to make
it easier to update zones this way - http://dotat.at/prog/nsdiff/
(My production zones are updated by a cron job that feeds database dumps
into nspatch, and I edit my test and personal zones using nsvi, both of
which are wrappers around nsdiff and nsupdate.)

> Ideally you would ONLY use dynamic updates to change zone data, but
> there's also freeze and thaw functions in rndc(8) for those who want
> to edit a zone file for Old Time's Sake.  (The freeze will lose your
> zone updates history.)

You can preserve the history if you configure the zone with
`ixfr-from-differences`.

Tony.
--
f.anthony.n.finch  <[hidden email]>  http://dotat.at/
democracy, participation, and the co-operative principle
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users