2 Domain Name Server Configuration Utilities -- NSC 2.1
4 (c) 1998 Martin Mares <mj@ucw.cz>
6 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8 NSC is a set of shell and M4 scripts for easy maintenance of all domain name
9 server files (including configuration and zone files). It requires BIND 8.X,
10 GNU bash and GNU m4 to be installed on the system. All programs have been
11 tested on Linux, but should work on all unices assuming the required packages
14 The whole program can be used and distributed according to the terms of the
15 GNU General Public License. See file COPYING in any of the GNU utility archives
16 (you should have one as you are expected to have at least GNU M4 :-]).
22 To use NSC, you need to perform the following steps:
24 - Create a directory where all NSC files will reside (e.g., /etc/named)
25 and copy everything from the NSC distribution here.
27 - Link /etc/named.conf to /etc/named/named.conf
31 - Edit cf/domains and add lines for all domains you want to use (see
32 the next section for what configuration commands are available).
34 - Define cf/<domain-name> for all domains (see section three).
36 - Run bin/nsconfig (Makefile and named.conf will be generated).
40 - Enjoy your new DNS setup. If everything goes OK, be happy. Else
41 write a bug report :-)
44 2. The Domain List File
45 ~~~~~~~~~~~~~~~~~~~~~~~
47 The domain list contains configuration commands describing all domains the
48 server should act as primary or secondary for and also some other parameters
49 which get inserted to named.conf and to the Makefile:
51 OPTIONS(...) - set insert options to named.conf. This command _must_ be used
52 at the start of cf/domains even if the list of supplied
55 CONFIG(...) - insert user data to named.conf (e.g., the logging options).
57 FORWARD(f1,f2,...) - specify forwarders (name servers we ask first if we are
58 behind a firewall or we try to do better caching). This must
59 be included in the OPTIONS block.
61 SLAVE(f1,f2,...) - same as FORWARDers, but asks _only_ these.
63 MAKEFILE(...) - insert user data to the Makefile.
65 PRIMARY(zone) - define zone we act as a primary name server for.
67 SECONDARY(zone, primary) - define zone we act as a secondary name server
68 for. "primary" is an IP address of the primary NS for this
71 REVERSE(netprefix, zone1, zone2...) - define reverse zone containing all hosts
72 from given zones starting with given netprefix. If you want
73 to delegate some subrange of addresses to another name server
74 (as defined by RFC XXXX), you need to use netprefix+count
75 instead of zone name (e.g., 194.213.32.16+16) -- this
76 generates correct CNAME glue records for the subrange.
77 The list of name servers authoritative for the reverse zone
78 is obtained from the _first_ zone specified as an argument,
79 which must NOTbe a subrange specifier (you should use a dummy
80 zone in case you want only subranges).
82 PARTIAL(netprefix, count, primary, sec1, sec2...) - define delegation of a
83 reverse subzone (see REVERSE above) consisting of <count>
84 addresses starting at <netprefix>. <primary> is a master
85 server for that subzone, <sec1> ... <secn> are secondaries
86 (except our name-server which is _always_ expected to be
89 PREVERSE(netprefix, zone1, zone2...) - define reverse zone for a subrange
90 -- used when we want to export a subzone (to be imported
91 by the master server for the corresponding parent zone
92 by a mechanism similar to that specified by the PARTIAL
99 The domain files contain descriptions of all DNS records for the given
100 domain, starting with the SOA record. As these files are processed by the M4,
101 you can simply insert plain RR data between the macro calls (such data are
102 ignored if we're generating a reverse zone) and define your own macros at the
103 beginning. The standard macros you can redefine are:
105 - refresh, retry, expire, minttl: standard SOA timing parameters (you
106 can specify them as number of seconds or using predefined time macros
107 as minutes(N), hours(N) and days(N).
109 - nsname: our canonical name (defaults to result of `hostname -f`)
111 - maintname: zone maintainer name (defaults to 'root@nsname')
115 SOA(domainname) - generates the SOA itself (serial numbers are
116 created automagically from current data and
117 version counter stored in a separate file)
118 NS(ns1,ns2,...) - generates list of authoritative NS's
119 MX(pri1 mx1, ...) - [optional] - generates list of mail exchangers
120 for mail addressed directly to the domain
121 name. Each MX is preceeded by its priority.
125 D(name) - remembers domain name for further macros
126 NS(ns1,ns2,...) - generates list of authoritative NS's
127 [you might need to insert glue A records
132 H(name,list-of-ip-addrs) - define new host with given IP addresses
133 HI(hw,os) - define HINFO record
134 MX(pri1 mx1, ...) - define mail exchangers for that host
135 ALIAS(al1, al2,...) - define aliases for that host
137 HH(name) - define dummy host without any addresses
138 (e.g., only for mail)
139 RH(name,list-of-ip-addrs) - define out-of-domain host appearing only
143 4. Directory structure
144 ~~~~~~~~~~~~~~~~~~~~~~
146 The NSC directory hierarchy contains the following directories:
148 bak/ - backups of zones we act as a secondary for
149 bin/ - scripts (e.g., nsconfig)
150 cf/ - configuration files (domains etc.)
152 ver/ - version files where NSC remembers version
153 numbers for the zones
154 zone/ - primary zone files
160 all - update all files and restart named
161 clean - clean all normal data files
162 clobber - clean + delete Makefile and named.conf (should
163 be done after major reconfiguration)
164 distclean - clobber + delete all version files (use only
165 if you really know what you are doing as the
166 serial number information in newly generated
167 files might be inconsistent then).
173 chkdom Checks domains for correctness using the 'host' utility
174 (check ftp://ftp.nikhef.nl/pub/network for latest version).
175 Use chkdom <domain> <NS> to check specific domain or no
176 parameters to check all domains mentioned in cf/domains.