WebXtrA
08-10-2006, 04:54 AM
We were always looking for a solution to have at least one secondary DNS server with all zones of all our servers. So that mail wouldn’t get lost or to prevent that domains would end up in a blacklist because they do not resolv while a server is down.
Well, I found a couple of things and it’s working perfectly at the moment, so I figured, “why don’t I share this and maybe somebody can improve it”.
Note that this script needs some improvement here and there, so feel free to modify it and make it better. Also be nice and share your findings with us. Thanks!
First (like what gethosted said in his howto):
Warning: This HOWTO and related scripts are provided with absolutely positively no warranty. Any damage they do to your system we are indeed sorry for, however we cannot be held liable. Proceed at your own risk....(it really isn't that bad).
Make backups of your original zone files!
Note that this works and is tested with Bind on Ensim Pro servers. We use it together with a sec. DNS server that also has the zones of all our interworx servers. The steps with scripts that might need some modification are RED.
Everything that has to be done on the External Secondary DNS box are marked with a green (Sec. DNS) in the step, everything else has to be done on the Bind box.
You have to be root to use this howto!
Step #1 (Sec. DNS):
First you will have to install TinyDNS on a external server (or use your InterWorx server, not covered in this howto, maybe somebody else can cover this).
You can do this very easily by following this howto:
http://www.djbdnsrocks.com/ (http://www.djbdnsrocks.com/)
If you are going to use this script, you will have to make the map “/etc/tinydns/root/zones”
Step #2 (Sec. DNS):
You can skip this step, we won’t be using gethosted’s script since it is too time consuming to export all the zones for the domains which we have our InterWorx boxes.
After that you can use gethosted’s howto to sync your TinyDNS data to the external Secondary DNS server:
http://www.interworx.com/forums/showthread.php?t=319 (http://www.interworx.com/forums/showthread.php?t=319)
You will have to modify gethosted’s script a bit if you want to get it to work with my solution. I won’t cover that here. Maybe somebody else wants to cover that, give me a PM I will add it to this howto!
Step #3:
Since we have a couple of InterWorx servers and are stuck with some Ensim servers (and no it’s not easier to migrate all the sites to InterWorx), I had to find a solution to convert the Bind data to TinyDNS data. You will have to download the a tar.gz file (which can be downloaded here: http://www.erat.org/ (http://www.erat.org/) you’ll need “bind-to-tinydns”).
So download the script to your server using bind:
wget http://www.erat.org/files/bind-to-tinydns-0.4.3.tar.gz
Now untar it:
tar xzvf bind-to-tinydns-0.4.3.tar.gz
Go to the just created map with the bind-to-tinydns files:
cd bind-to-tinydns-0.4.3
Compile it:
make
So now we have the bind-to-tinydns binary.
You can test if it works by doing this:
./bind-to-tinydns example-bind-zone.db foo foo1.tmp < example-bind-zone.db
This will create the tinyDNS data file “foo” out of the “example-bind-zone.db”
Check the content of the foo file:
cat foo
And it should look like this:
Zexample.com.example-bind-zone.db.:dns1.example.com.:hostmaster.example.com. :2001062501:21600:3600:604800:86400
&example.com.example-bind-zone.db.::dns1.example.com.:86400
&example.com.example-bind-zone.db.::dns2.example.com.:86400
@example.com.example-bind-zone.db.::mail.example.com.:10:86400
@example.com.example-bind-zone.db.::mail2.example.com.:20:86400
+example.com.example-bind-zone.db.:10.0.1.5:86400
+server1.example.com.example-bind-zone.db.:10.0.1.5:86400
+server2.example.com.example-bind-zone.db.:10.0.1.7:86400
+dns1.example.com.example-bind-zone.db.:10.0.1.2:86400
+dns2.example.com.example-bind-zone.db.:10.0.1.3:86400
Cftp.example.com.example-bind-zone.db.:server1.example.com.example-bind-zone.db.:86400
Cmail.example.com.example-bind-zone.db.:server1.example.com.example-bind-zone.db.:86400
Cmail2.example.com.example-bind-zone.db.:server2.example.com.example-bind-zone.db.:86400
Cwww.example.com.example-bind-zone.db.:server2.example.com.example-bind-zone.db.:86400
OK, now this is working, proceed to the following step!
Step #4:
Now we are going to create some maps (you can choose to use a different location):
mkdir /root/scripts
mkdir /root/scripts/bind-to-tinydns
mkdir /root/scripts/bind-to-tinydns/zones
mkdir /root/scripts/bind-to-tinydns/tmp
mkdir /root/scripts/bind-to-tinydns/zones-named
Then copy the bind-to-tinydns binary:
cp bind-to-tinydns /root/scripts/bind-to-tinydns/
Step #5:
Now we are going to create the script that we are using:
nano /root/scripts/bind-to-tinydns/export-all-bind-zones.sh
And then we fill it with the script ;):
#!/bin/bash
BINDTOTINYDNSPATH=/root/scripts/bind-to-tinydns #bind-to-tinydns path, note lack of /
NAMEDPATH=/var/named #path to your bind/named db files, note lack of /
EXCLUDE=".jnl|webxtra" #db files we want to exclude, for shure the .jnl files and maybe some zones, for us the “webxtra” zones, since they are simply created on these servers because we had to ;-)
cd $BINDTOTINYDNSPATH #change to bind-to-tinydns path
rm -f data-local #delete the tinyDNS data-local file in $BINDTOTINYDNSPATH
rm -f tmp/* #delete tmp files in $BINDTOTINYDNSPATH/tmp
rm -f zones-named/* #delete named/bind db files in $BINDTOTINYDNSPATH/zones-named
rm -f zones/* #delete tinyDNS zone data in $BINDTOTINYDNSPATH/zones
#Now we are going to create a script to copy the original bind zones-named/db files to $BINDTOTINYDNSPATH/zones-named
ls -1 $NAMEDPATH/db.* | grep -Ev "$EXCLUDE" | awk '{print "cp "$1" zones-named/"}' > tmp/copy-bind-zones.sh
sh tmp/copy-bind-zones.sh #copy all bind zones/db files to $BINDTOTINYDNSPATH/zones-named
cd $BINDTOTINYDNSPATH/zones-named #change to $BINDTOTINYDNSPATH/zones-named
#create the conver-to-tinydns.sh script. This script will convert the bind zones/db files to tinyDNS data
ls -1 db.* | grep -Ev "$EXCLUDE" | sed -e 's/db.//' | awk '{print "./bind-to-tinydns "$1" zones/data-"$1" tmp/data-"$1".tmp < zones-named/db."$1}' > ../tmp/convert-to-tinydns.sh
cd $BINDTOTINYDNSPATH #change to bind-to-tinydns path
sh tmp/convert-to-tinydns.sh # convert the bind zones/db files to tinyDNS data
cat zones/data* >> data-local #merge all tinyDNS zone data in one file
#scp/rsync code can be below here
Test your script!
sh export-all-bind-zones.sh
The scripts will end after a few seconds, your bind zones/db files should be copied in the zones-named map and your tinyDNS zone files should be created in the zones map.
Check it!
ls zones-named/
ls zones/
Now check if the bind and tinyDNS zones have the same data (not the same, but you know what I mean):
cat zones-named/db.domain.tld
cat zones/domain.tld
EDIT: Step 3: bind2tinydns --> bind-to-tinydns
Well, I found a couple of things and it’s working perfectly at the moment, so I figured, “why don’t I share this and maybe somebody can improve it”.
Note that this script needs some improvement here and there, so feel free to modify it and make it better. Also be nice and share your findings with us. Thanks!
First (like what gethosted said in his howto):
Warning: This HOWTO and related scripts are provided with absolutely positively no warranty. Any damage they do to your system we are indeed sorry for, however we cannot be held liable. Proceed at your own risk....(it really isn't that bad).
Make backups of your original zone files!
Note that this works and is tested with Bind on Ensim Pro servers. We use it together with a sec. DNS server that also has the zones of all our interworx servers. The steps with scripts that might need some modification are RED.
Everything that has to be done on the External Secondary DNS box are marked with a green (Sec. DNS) in the step, everything else has to be done on the Bind box.
You have to be root to use this howto!
Step #1 (Sec. DNS):
First you will have to install TinyDNS on a external server (or use your InterWorx server, not covered in this howto, maybe somebody else can cover this).
You can do this very easily by following this howto:
http://www.djbdnsrocks.com/ (http://www.djbdnsrocks.com/)
If you are going to use this script, you will have to make the map “/etc/tinydns/root/zones”
Step #2 (Sec. DNS):
You can skip this step, we won’t be using gethosted’s script since it is too time consuming to export all the zones for the domains which we have our InterWorx boxes.
After that you can use gethosted’s howto to sync your TinyDNS data to the external Secondary DNS server:
http://www.interworx.com/forums/showthread.php?t=319 (http://www.interworx.com/forums/showthread.php?t=319)
You will have to modify gethosted’s script a bit if you want to get it to work with my solution. I won’t cover that here. Maybe somebody else wants to cover that, give me a PM I will add it to this howto!
Step #3:
Since we have a couple of InterWorx servers and are stuck with some Ensim servers (and no it’s not easier to migrate all the sites to InterWorx), I had to find a solution to convert the Bind data to TinyDNS data. You will have to download the a tar.gz file (which can be downloaded here: http://www.erat.org/ (http://www.erat.org/) you’ll need “bind-to-tinydns”).
So download the script to your server using bind:
wget http://www.erat.org/files/bind-to-tinydns-0.4.3.tar.gz
Now untar it:
tar xzvf bind-to-tinydns-0.4.3.tar.gz
Go to the just created map with the bind-to-tinydns files:
cd bind-to-tinydns-0.4.3
Compile it:
make
So now we have the bind-to-tinydns binary.
You can test if it works by doing this:
./bind-to-tinydns example-bind-zone.db foo foo1.tmp < example-bind-zone.db
This will create the tinyDNS data file “foo” out of the “example-bind-zone.db”
Check the content of the foo file:
cat foo
And it should look like this:
Zexample.com.example-bind-zone.db.:dns1.example.com.:hostmaster.example.com. :2001062501:21600:3600:604800:86400
&example.com.example-bind-zone.db.::dns1.example.com.:86400
&example.com.example-bind-zone.db.::dns2.example.com.:86400
@example.com.example-bind-zone.db.::mail.example.com.:10:86400
@example.com.example-bind-zone.db.::mail2.example.com.:20:86400
+example.com.example-bind-zone.db.:10.0.1.5:86400
+server1.example.com.example-bind-zone.db.:10.0.1.5:86400
+server2.example.com.example-bind-zone.db.:10.0.1.7:86400
+dns1.example.com.example-bind-zone.db.:10.0.1.2:86400
+dns2.example.com.example-bind-zone.db.:10.0.1.3:86400
Cftp.example.com.example-bind-zone.db.:server1.example.com.example-bind-zone.db.:86400
Cmail.example.com.example-bind-zone.db.:server1.example.com.example-bind-zone.db.:86400
Cmail2.example.com.example-bind-zone.db.:server2.example.com.example-bind-zone.db.:86400
Cwww.example.com.example-bind-zone.db.:server2.example.com.example-bind-zone.db.:86400
OK, now this is working, proceed to the following step!
Step #4:
Now we are going to create some maps (you can choose to use a different location):
mkdir /root/scripts
mkdir /root/scripts/bind-to-tinydns
mkdir /root/scripts/bind-to-tinydns/zones
mkdir /root/scripts/bind-to-tinydns/tmp
mkdir /root/scripts/bind-to-tinydns/zones-named
Then copy the bind-to-tinydns binary:
cp bind-to-tinydns /root/scripts/bind-to-tinydns/
Step #5:
Now we are going to create the script that we are using:
nano /root/scripts/bind-to-tinydns/export-all-bind-zones.sh
And then we fill it with the script ;):
#!/bin/bash
BINDTOTINYDNSPATH=/root/scripts/bind-to-tinydns #bind-to-tinydns path, note lack of /
NAMEDPATH=/var/named #path to your bind/named db files, note lack of /
EXCLUDE=".jnl|webxtra" #db files we want to exclude, for shure the .jnl files and maybe some zones, for us the “webxtra” zones, since they are simply created on these servers because we had to ;-)
cd $BINDTOTINYDNSPATH #change to bind-to-tinydns path
rm -f data-local #delete the tinyDNS data-local file in $BINDTOTINYDNSPATH
rm -f tmp/* #delete tmp files in $BINDTOTINYDNSPATH/tmp
rm -f zones-named/* #delete named/bind db files in $BINDTOTINYDNSPATH/zones-named
rm -f zones/* #delete tinyDNS zone data in $BINDTOTINYDNSPATH/zones
#Now we are going to create a script to copy the original bind zones-named/db files to $BINDTOTINYDNSPATH/zones-named
ls -1 $NAMEDPATH/db.* | grep -Ev "$EXCLUDE" | awk '{print "cp "$1" zones-named/"}' > tmp/copy-bind-zones.sh
sh tmp/copy-bind-zones.sh #copy all bind zones/db files to $BINDTOTINYDNSPATH/zones-named
cd $BINDTOTINYDNSPATH/zones-named #change to $BINDTOTINYDNSPATH/zones-named
#create the conver-to-tinydns.sh script. This script will convert the bind zones/db files to tinyDNS data
ls -1 db.* | grep -Ev "$EXCLUDE" | sed -e 's/db.//' | awk '{print "./bind-to-tinydns "$1" zones/data-"$1" tmp/data-"$1".tmp < zones-named/db."$1}' > ../tmp/convert-to-tinydns.sh
cd $BINDTOTINYDNSPATH #change to bind-to-tinydns path
sh tmp/convert-to-tinydns.sh # convert the bind zones/db files to tinyDNS data
cat zones/data* >> data-local #merge all tinyDNS zone data in one file
#scp/rsync code can be below here
Test your script!
sh export-all-bind-zones.sh
The scripts will end after a few seconds, your bind zones/db files should be copied in the zones-named map and your tinyDNS zone files should be created in the zones map.
Check it!
ls zones-named/
ls zones/
Now check if the bind and tinyDNS zones have the same data (not the same, but you know what I mean):
cat zones-named/db.domain.tld
cat zones/domain.tld
EDIT: Step 3: bind2tinydns --> bind-to-tinydns