DNS
Contents
Edit zone and reverse file for bind9 with automatic serial increment
This is primitive, but gets the job done and is pretty safe, not counting some race conditions and lack of exception cleanup in the case something tragically goes wrong.
#!/bin/sh # This edits both the primary zone and the reverse zone in Vim, then # after you exit Vim the serial numbers will be incremented and the # bind9 services will be restarted. The diff between the previous and # new versions will be printed at the end. Note that the previous versions of # the zone files are preserved with a date-timestamp appended to the filename. # # -- Noah Spurrier # DTS=$(date "+%Y%m%d-%H%M%S") cp /etc/bind/db.example.com /etc/bind/db.example.com-${DTS} cp /etc/bind/db.10 /etc/bind/db.10-${DTS} vim -O /etc/bind/db.example.com /etc/bind/db.10 awk '/.*; Serial/{print " "$1+1" ; Serial";next }{print $0}' /etc/bind/db.example.com > /etc/bind/db.example.com.new awk '/.*; Serial/{print " "$1+1" ; Serial";next }{print $0}' /etc/bind/db.10 > /etc/bind/db.10.new mv /etc/bind/db.example.com.new /etc/bind/db.example.com mv /etc/bind/db.10.new /etc/bind/db.10 /etc/init.d/bind9 restart echo "# diff /etc/bind/db.example.com-${DTS} /etc/bind/db.example.com" diff /etc/bind/db.example.com-${DTS} /etc/bind/db.example.com echo "# diff /etc/bind/db.10-${DTS} /etc/bind/db.10" diff /etc/bind/db.10-${DTS} /etc/bind/db.10
dump list of DNS Root servers
This command will find and print the root servers:
dig +nocmd +noall +additional . NS
That will dump the current root nameservers list. It should look like this:
j.root-servers.net. 248608 IN A 192.58.128.30 j.root-servers.net. 249824 IN AAAA 2001:503:c27::2:30 f.root-servers.net. 248802 IN A 192.5.5.241 f.root-servers.net. 248809 IN AAAA 2001:500:2f::f g.root-servers.net. 249452 IN A 192.112.36.4 b.root-servers.net. 249421 IN A 192.228.79.201 d.root-servers.net. 250022 IN A 128.8.10.90 h.root-servers.net. 248802 IN A 128.63.2.53 h.root-servers.net. 249104 IN AAAA 2001:500:1::803f:235 m.root-servers.net. 248488 IN A 202.12.27.33 m.root-servers.net. 248702 IN AAAA 2001:dc3::35 a.root-servers.net. 248277 IN A 198.41.0.4 a.root-servers.net. 248283 IN AAAA 2001:503:ba3e::2:30 c.root-servers.net. 359941 IN A 192.33.4.12
You can also download it from here named.root
Testing
I use DNSdoctor
Newbies guide to CNAME versus A records
In general, avoid using CNAME records. Always use A records.
It is common to get A records and CNAME records mixed-up when learning DNS. A does not stand for alias; A stands for Address. It maps a name to an IP address. CNAME might sound like you are defining a canonical name, but it is the other way around. It maps an alias name to a canonical name. So really, the CNAME record is the type of record used to define an alias, but you don't use it even that way. If you want to have different names point to the same IP address you simply define multiple A records that map different names to the same address. So what kind of aliases to CNAME records define? They define pointers to hosts managed on different DNS servers. A CNAME record is like a link out of out of the current directory. If you don't need to link different DNS zones then don't worry about CNAME records. If a CNAME record appears for a host in a zone file then you must not have any other types of records for that host.
resolv.conf
I add some public nameservers to the end of my resolv.conf on my home machines. These are not the fastest or most reliable nameservers, but they keep my machine going if my ISP DNS goes down. I use OpenDNS and I also add 4.2.2.2 because it's easy to remember and it's open. PortForward maintains a list of public DNS servers.
On Ubuntu and Debian you may find that changes to resolv.conf disappear from time-to-time. This is because you are not supposed to manually edit the resolv.conf file anymore. See Resolv.conf for more information.
nameserver 8.8.8.8 nameserver 208.67.222.222 nameserver 208.67.220.220 nameserver 4.2.2.1 nameserver 4.2.2.2 nameserver 4.2.2.3 nameserver 4.2.2.4 nameserver 4.2.2.5 nameserver 4.2.2.6 nameserver 198.6.1.1 nameserver 199.166.24.253 nameserver 199.166.27.253 nameserver 199.166.28.10 nameserver 199.166.29.3 nameserver 199.166.31.3 nameserver 195.117.6.25 nameserver 204.57.55.100