Re: Can I change the zone file from command line?

Tue, 23 Jul 2013 11:32:59 -0700

I'm not sure I understand your concern. nsupdate will only update the records you tell it to update. So, if you have a "static" record, then don't target it with nsupdate and you should be fine.
When you dial a telephone number, do you worry that your dialing may have "consequences" against telephone numbers that you *didn't* dial? Seems very unlikely. 

                                        - Kevin
On 7/23/2013 7:21 AM, Manish Rane wrote:



In that case how about other entries from same zone? I m talking about 
any consequences on static entries or the ones which I dont want to me 
dynamic.



On 23 Jul 2013 16:45, "Kumar, Naveen, Vodafone Group" 
<naveen.kuma...@vodafone.com <mailto:naveen.kuma...@vodafone.com>> wrote:




    Manish,

    You can configure the zone as dynamic, this way it can start
    taking nsupdates,

    Upon failed TCP monitor by nagios, it can fire nsupdate command
    and update the A record accordingly.

    Regards,

    Naveen

    *From:*bind-users-bounces+naveen.kumar=cw....@lists.isc.org
    <mailto:cw....@lists.isc.org>
    [mailto:bind-users-bounces+naveen.kumar
    <mailto:bind-users-bounces%2Bnaveen.kumar>=cw....@lists.isc.org
    <mailto:cw....@lists.isc.org>] *On Behalf Of *Manish Rane
    *Sent:* Tuesday, July 23, 2013 4:30 PM
    *To:* Mark Andrews
    *Cc:* bind-us...@isc.org <mailto:bind-us...@isc.org>
    *Subject:* Re: Can I change the zone file from command line?

    Well, I am trying to configure DNS System Monitoring stuff with
    Nagios plugins. This monitor the server status and if any of th
    link fails remove the said IP from zone and reload the zone. This
    entry would have low TTL so that traffic would be routed to new
    entry instantly.

    Lets say I have two ISPs terminated on my firewall and
    www.example.com <http://www.example.com> with private IP
    172.16.3.10 is natted with 1.2.3.4 and 5.6.7.8 with TTL value 300

    Nagios plugin check_tcp would monitor those links or IPs on port
    80 and if any of the link fails I can have by any mean edit the
    zone file and remove the IP associated with failed link so that
    traffic would never reach to that IP.

    Upon recovery the plugin will show the result GREEN and I can
    again have the A record added in zone file, thus reload the zone.
    Due to the low TTL I believe there shouldn't be any issue for
    populating those changes faster.

    What say guys?


    --------------------------------------------------------------------------
    Thanks and Regards,
    Manish R

    On Tue, Jul 23, 2013 at 11:46 AM, Mark Andrews <ma...@isc.org
    <mailto:ma...@isc.org>> wrote:


    In message
    <can3um4yrt+t7cp2ezywq-rm5ewx3-ygok9vkxvug4qbxcbp...@mail.gmail.com 
<mailto:can3um4yrt%2bt7cp2ezywq-rm5ewx3-ygok9vkxvug4qbxcbp...@mail.gmail.com>>

    , Mike Hale writes:
    > This seems pretty straight forward.
    >
    > Use your standard bash tools to modify the file when necessary, then
    > you should simply be able to call rndc reload ZONENAME in the
    script.

    Though why one would want to do this rather than just updating the
    zone using DDNS is beyond me.   It's not like DDNS can't be made
    secure by using TSIG.

    Normalize the zone file using named-checkzone.
    Use awk or similar to change the relevent entries and update the
    SOA serial.
    Use named-checkzone to confirm that the resulting file is still
    valid then
    if it is rename it and reload the zone.

    named-checkzone -D -q zone file |
    awk '$1 == "server" && $4 == "A" { print $1, $2, $3, $4, NEWIP}
    $4 == "SOA" { $7 = $7 + 1; print }' > temp
    named-checkzone -q zone temp && mv temp file && rndc reload zone

    Mark


    > On Mon, Jul 22, 2013 at 10:28 PM, Mihamina Rakotomandimby
    > <miham...@rktmb.org <mailto:miham...@rktmb.org>> wrote:
    > > Hello,
    > >
    > > I did not catch what you're trying to achieve.
    > > Please give more details.
    > >
    > >
    > > On 2013-07-23 08:25, Manish Rane wrote:
    > >
    > > Hi Folks,
    > >
    > > Wondering if I can edit/change the static zone file as a
    result of certain
    > > bash script. Well, I am trying to write a script which will
    monitor the
    > > server on certain ports and it if fails to connect to the
    server it will
    > > delete or add the entry from zone file so that traffic will be
    routed to
    > > another server, possible?
    > >
    > > OR does any one aware of such solution available in open source?
    > >
    > >
    > >
    > > _______________________________________________
    > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
    > > unsubscribe from this list
    > >
    > > bind-users mailing list
    > > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
    > > https://lists.isc.org/mailman/listinfo/bind-users
    > >
    > >
    > >
    > > --
    > > RMA.
    > >
    > >
    > > _______________________________________________
    > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
    > > unsubscribe from this list
    > >
    > > bind-users mailing list
    > > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
    > > https://lists.isc.org/mailman/listinfo/bind-users
    >
    >
    >
    > --
    > 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    > _______________________________________________
    > Please visit https://lists.isc.org/mailman/listinfo/bind-users
    to unsubscribe
    >  from this list
    >
    > bind-users mailing list
    > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
    > https://lists.isc.org/mailman/listinfo/bind-users

    --
    Mark Andrews, ISC
    1 Seymour St., Dundas Valley, NSW 2117, Australia
    PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org <mailto:ma...@isc.org>

    _______________________________________________
    Please visit https://lists.isc.org/mailman/listinfo/bind-users to
    unsubscribe from this list

    bind-users mailing list
    bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
    https://lists.isc.org/mailman/listinfo/bind-users



    ------------------------------------------------------------------------
    Vodafone Group Services Limited, One Kingdom Street, Paddington
    Central, London W2 6BY.

    www.vodafone.com <http://www.vodafone.com>

    This message and any files or documents attached are confidential
    and may also be legally privileged, protected from disclosure
    and/or protected by other legal rules. It is intended only for the
    individual or entity named. If you are not the named addressee or
    you have received this email in error, please inform the sender
    immediately, delete it from your system and do not copy or
    disclose it or its contents or use it for any purpose. Thank you.
    Please also note that transmission cannot be guaranteed to be
    secure or error-free.
    ------------------------------------------------------------------------



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users





















					Reply via email to