mkrdns(1)
NAME
mkrdns - MaKe Reverse DNS (auto generate PTR maps)
SYNOPSIS
mkrdns [options] [configuration file]
DESCRIPTION
- mkrdns is a program designed to auto-generate reverse DNS
- maps (IN PTR records). Some programs already accompany the BIND
- source package that will do this kind of thing on a single domain
- or network basis. mkrdns will read either a named.boot or
- named.conf file, figure out which domains and networks to deal
- with, and then generate the reverse maps.
- You are deemed "in charge" of a network/domain if you are
- the primary DNS for a reverse zone, or if you are either the pri
- mary or secondary for a forward zone. The exception to this rule
- is that the 127.* network is not auto-generated due to the "1 IN
- PTR localhost." issue.
OPTIONS
- -debug Print debugging information. (this will
- print a LOT of information, be warned.)
- -extension <ext> Append the given extension to the output
- files. This is useful if you want to
have the reverse maps generated, but want
to check their contents before use. - -hash <hash> Allows you to override the default hash
- function. (used to determine if a map
has changed) mkrdns will try to use
MD5 (1) if the Digest::MD5 Perl module is
installed. Otherwise, it'll default to
32-bit checksums (0). - -help The help screen.
- -quiet Turn off warning messages (multiple A
- records -> IP, etc.) Good for scripts,
but you probably want to check on what
the warnings report. - -rootdir <path> Specify the path to the root directory
- that named will be running in. This
will handle anyone using a chrooted
environment for named. Everything except
the configuration file is assumed to be
under the new root. - -version Show mkrdns version information.
CONFIGURATION FILE
- mkrdns reads the standard BIND configuration files
- named.boot and named.conf. If you don't specify the full path to
- the file on the command line, mkrdns assumes that one (or both)
- will exist in /etc and will search for them. If none are found,
- the program exits. If one is found, it is used. If both are
- found, named.conf is used.
DIRECTIVES
- Directives are new in mkrdns since version 1.2. Think of
- directives as configuration options for mkrdns which are simply
- comments to BIND. The current directives are map, serialt, skip,
- and skipzone.
- Map allows you to map hosts to another network. This was
- designed in for the purpose of handling DNS for a subnet of a
- class C network which you do not control. (See the DNS & BIND
- O'Reilly and Associates book, 3rd Ed., pg. 215-218) Assume that
- you have 10.4.4.32/27 (ie: you have the 32 IPs from 10.4.4.32 to
- 10.4.4.63 ...) You want to do reverse mappings for those IPs,
- but you don't control 4.4.10.in-addr.arpa. How do you do it?
- The solution is to become the master for another zone (such as
- 32.4.4.10.in-addr.arpa. or 32-63.4.4.10.in-addr.arpa.), and CNAME
- the correct reverse pointers to the ones you're in charge of.
- The format for the directive is:
- map <network/mask> <new network>
- Ex: map 10.4.4.32/27 10.4.4.32-63
- This maps all hosts between 10.4.4.32 and 10.4.4.63 to
- 10.4.4.32-63.32 to 10.4.4.32-63.63.
- Serialt will change mkrdns's behavior with the serial num
- ber for certain zones. By default (and in all pre-1.6 versions of
- mkrdns), the serial number is assumed to be in date format
- (YYYYMMDDVV, year/month/day/version). As of v1.6 you can force
- mkrdns to treat it as a regular number instead. This allows for
- more than 100 zone changes a day, and has a bit more flexibility
- depending on the environment. The format for the directive is:
- serialt <zone> <format>
- <zone> is either "default" or the actual zone (ie:
- 0.0.0.10.in-addr.arpa). <format> is either "date" or "number".
- Ex: serialt 1.168.192.in-addr.arpa number
- Skip forces mkrdns to ignore certain hosts/IPs via regular
- expression. The concept is that there are some IN A records that
- you would like to skip and not create a reverse entry. Skip al
- lows this. (for instance, "foo IN A 10.4.4.32" and "mail IN A
- 10.4.4.32" both exist, but you want to force foo as the reverse
- lookup and ignore mail. The following example can do this for
- you.) Format:
- skip <regular expression>
- Ex: skip ^mail
- This will skip any host (or IP) that matches the "^mail"
- regular expression. The host is the FQDN, and the IP is before
- mapping (see above).
- Skipzone forces mkrdns to ignore certain zones while pro
- cessing the named configuration file. A possible use for this is
- where you have "bar.com" and "bar.net", and both of them should
- have the same host info (ie: foo.bar.com and foo.bar.net both
- have the same records.) You want "bar.com" to be the reverse
- lookup for the IPs used. So set the zone file setting to the
- same file (bar.zone), and then add "skipzone bar.net". NOTE:
- The skipzone argument must match EXACTLY with the zone name in
- the config file. NOTE: You can specify multiple zones in the
- same "skipzone" statement. (ie: "skipzone foo.com bar.com")
- The format of a directive differs (sorry) between
- named.conf and named.boot. UNIX-style comments (the hash mark
- then the comment) are allowed.
- named.boot directives
- Directives look like a comment, so the format is simply:
; mkrdns <directive type> <parameters>- named.conf directives
- To make directives more efficient with BIND 8, the format
- is slightly different:
/* mkrdns<directive type> <parameters>
...- */
EXAMPLES
mkrdns -e new /etc/named.boot
- This will run mkrdns over the file /etc/named.boot. Out
- put files will be generated as <name>.new (i.e.: if the PTR zone
- file is called 160.zone, the output will be 160.zone.new.)
NOTES
- I tend to use this script like a lint check. i.e.: Edit
- the proper zone files, then run mkrdns.
- As with most documentation, there are probably things that
- aren't mentioned in the docs that the script does/assumes/etc. I
- apologize for any inaccuracies/omissions. Let me know if there
- are any parts that have an "issue", and I'll see if I can't
- straighten it out.
ASSUMPTIONS
- - the <network>.zone reverse map files must already be
- created, and have the appropriate information (SOA/NS records,
- etc.) in there. This script will strip out any PTR records, and
- then add them back in. (This means anything like blank lines and
- comments will be moved to the top of the file.) $ORIGIN and $IN
- CLUDE are striped as of mkrdns 1.3.
- - you must be at least a secondary for all domains which
- reference IP networks for which you're responsible. There is no
- means (currently at least) to specify a PTR record for a non-ex
- istent A record, so this script must have access to all A records
- that need to be "reversed".
- - if you have more than 1 A record pointing to a specific
- IP, you can't have both be the PTR record. This script takes the
- first A record it sees as the one used for the PTR record. A
- warning is printed for any additional entries. (While the RFCs
- don't prohibit multiple PTR records for the same IP, I have yet
- to find anyone who can give me a good reason to do it.)
- - map serial numbers default to be in YYYYMMDDVV format.
- (YYYY = year, MM = month, DD = day, VV = version (00-99). This
- script will convert your serial number to this format if it's not
- already. I don't have too many daily DNS changes, so the action
- for not being able to update the serial number (ie: VV is at 99
- and can't be increased) is to simply exit. If this is going to
- cause a problem for you, you can use the serialt directive to
- specify a zone (or the default) should treat the serial number as
- a number instead of using the date format. Either way, a problem
- will come up when the serial number reaches 4294967295 (max val
- ue), but that's another story. (mkrdns will print a warning if
- this is about to happen)
AUTHOR
- Theo Van Dinter <felicity@mkrdns.org> <tvd@colltech.com>
- perl v5.8.8 2001-08-28