[nsd-users] How to dynamically add and remove zones?

Peter Hudec phudec at cnc.sk
Fri Jun 29 07:56:01 UTC 2018 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

as it was written to add/remove zone could be nsd-control used.

To be full automatic, try to combine
http://dotat.at/prog/nsnotifyd/
there is a nice post about it on
https://jpmens.net/2015/06/16/alert-on-dns-notify/

And another link to the same site ;) greetings Jan-Piet
https://jpmens.net/2013/02/13/automatic-provisioning-of-slave-dns-server
s/

Depends on the master you have, but the idea on slave NSD is as follow

run nsnotify on the slave on port 5353
from master add nofify also on this port
   notify: slave at 53
   notify: slave at 5353


the nsnotifyd script should be like
 - find if zone exists
    nsd-control zonestatus | grep ^zone | awk '{print $2}' | grep
"^${ZONE}$"
 - if not ad the zone
    nsd-control addzone ${ZONE} pattern


For removing the zone could the the meta.meta zone used as described
on the post above.

If need could help, free of charge of course ;)

	regards
		Peter



On 28/06/2018 21:50, Anand Buddhdev wrote:
> On 28/06/2018 21:37, kaulkwappe at prvy.eu wrote:
> 
> Hi,
> 
>> May I ask another question? I want to have two or three
>> nameservers, so one Master and one or two Slaves. There are some
>> opportunities like AXFR but I'm afraid of loosing synchronicity.
>> As I want all servers to provide the same data the same time what
>> would be the best approach for doing this? Is it a good approach
>> to directly transfer files automatically over SSH from the Master
>> to the Slaves when there are changes or should I use AXFR?
> 
> You can set up your slaves in master mode. Then you can copy your
> zone files from the master to the slaves using scp or rsync, and
> reload NSD to make it re-read the updated zone files. However, this
> is more cumbersome and increases the chance of failure.
> 
> AXFR is a perfectly fine mechanism to use for keeping slaves 
> synchronised with the master, and I recommend it. If you send
> NOTIFY messages from the master to the slaves, then they should
> update almost immediately after the master is updated.
> 
> Regards, Anand _______________________________________________ 
> nsd-users mailing list nsd-users at NLnetLabs.nl 
> https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
> 


- -- 
*Peter Hudec*
Infraštruktúrny architekt
phudec at cnc.sk <mailto:phudec at cnc.sk>

*CNC, a.s.*
Borská 6, 841 04 Bratislava
Recepcia: +421 2  35 000 100

Mobil:+421 905 997 203
*www.cnc.sk* <http:///www.cnc.sk>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEqSUbhuEwhryifNeVQnvVWOJ35BAFAls15g0ACgkQQnvVWOJ3
5BCuNQ//bNNrjdsanq82Uz2estRrv4Z4v/M1aqr+sPYBG2EDMU+VFtSVrMEORA7Y
rNgtYt4iQhduvkveZFqGRq4ECzPRRqL8H8upc3fgjLBAI5blKabhBYo6T9jukyLq
IxUgS/LemNbxfBv38O7PRbaJk61jpZ4icezsIaA9djLdVZhpDcKhiT+0Rcts0nyz
Gu1nCNPQQlKKGoMYFqfQsSrutQ1JjW8CKsA2Q4SWxhUTrtJBic5ivdCiy9zD6JtM
gKNGEdiXJ8yME3YIo2dMx2aqtF4P9hzx9RvS7oYKZ3u0ovNr1i0J7Id2Vh7nZ/He
4x0UdX3TMLiz8PweJQjKhw02rNZK5LzPbmt5H881cErmKhkoowd3wgKkdjEZQbhn
aZie5Hvo9opYm63Voc9MQRhJdHtOYojH9T7PVBb+AZP5TSsYkAj+lQhJvz2jRMPM
6UyVLnnTdciQfpTDKgxcCfEU/CUs6kXSqcDoYJZ+bAoqgMKBJ8bBc2QXJpAaPC2o
+fOsWzW+4v29J3ToqQ4rUI5i31COAjSuhAaUMZP4yrjpMkvP6GvSyZVhxKSUM+VU
R2piFpqwqEarDQXTTlEpuhBYD13gjJiYIwnZ7k9p2MNX/gTiyxojbfvcavy67G3P
em70lhMKzeNwJtN1OvrTXQ8I+NVAHoizOLsyXPEN1MEuxVTEKCo=
=Cz4q
-----END PGP SIGNATURE-----

More information about the nsd-users mailing list