Commit 099c1ca9 authored by hark's avatar hark

amsw dns

parents
output/*
old/*
#!/bin/bash -x
. paths.sh
#
# copy all 020 reverse zones
#
#
# ki zone
#
echo "copying ki zone: "
cd $OUT/ki.squesh.net
scp db.10.205.14 db.ki $HFD/gitzones.conf root@trashbat:/etc/bind/zones/
cd $OUT
cd $OUT/ki.squesh.net
scp db.10.205.14 db.ki $HFD/gitzones.conf root@pinky:/etc/bind/zones/
cd ..
cd $OUT/ki.020
scp db.10.205.14 db.ki $HFD/gitzones.conf root@trashbat:/etc/bind/zones/
cd $OUT
cd $OUT/ki.020
scp db.10.205.14 db.ki $HFD/gitzones.conf root@atc:/etc/bind/zones/
cd $OUT
#
# irl zone
#
echo "copying irl zone: "
cd $OUT/irl.squesh.net
scp db.10.205.12 db.172.16.17 db.irl root@pinky:/etc/bind/zones/
cd $OUT
cd $OUT/irl.020
scp db.10.205.12 db.irl root@stanleyH:/etc/bind/zones/
cd $OUT
cd $OUT/irl.020
scp db.10.205.12 db.irl root@atc:/etc/bind/zones/
cd $OUT
#
# reload configs
#
echo "reload trashbat: "
ssh root@trashbat /etc/init.d/bind9 reload
echo "reload pinky: "
ssh root@pinky /etc/init.d/bind9 reload
echo "reload stanleyH: "
ssh root@stanleyH /etc/init.d/named reload
echo "reload air traffic control: "
ssh root@atc /etc/init.d/bind9 reload
This diff is collapsed.
This diff is collapsed.
NAME
h2n - Translate host table to name server file format
SYNOPSIS
h2n -d DOMAIN -n NET [options]
DESCRIPTION
h2n translates /etc/hosts to DNS files and creates a BIND configuration file.
This tool can be run once or many times. After converting your host
table to DNS format, you can manually maintain the DNS files, or you
can maintain the host table and run h2n each time you modify
/etc/hosts. h2n automatically increments the serial number in each DNS
file when it makes a new one.
h2n generates files starting with the prefix "db." These are called
"db files." The domain data is stored in a file called db.DOMAIN,
where DOMAIN is the first label in your domain name (given with the -d
option). The address-to-name data is stored in files named db.NET,
where NET is a network number (given with the -n option).
Each time h2n is run, it generates the DNS files from scratch. Any
changes you manually made to the DNS files are lost. If you'd like to
add resource records to a db file generated by h2n, put your RRs in a
file prefixed with "spcl" instead of "db". h2n will include this
file's data by adding a $INCLUDE directive to the end of the db file.
By default, h2n will generate an MX record with a weight of 10 that
points to the host itself as the mail exchanger. Additional MX records
can be added with -m. The -M option will suppress the default MX
record for all hosts (but not MX records added with -m options). Including
"[no smtp]" in the hosts table comment will suppress all MX records (both
the default MX record and those added with -m options) for that single host.
By default, h2n will create a configuration file, ./boot.cacheonly, for a
caching only name server. If either of the -z or -Z options are used,
h2n creates a configuration file, named ./boot.sec.save or ./boot.sec
respectively, for a secondary name server.
If you are running BIND 4.9.3 or later and you'd like to add configuration
file directives to the configuration files, put your directives in a file
called "spcl.boot" (for the primary and secondary server configuration files)
or "spcl.cacheonly" (for a caching only server configuration file). h2n will
include this file's data by adding an "include" directive to the end
of the configuration file.
If you are running BIND 8.1.1 or later and you'd like to add options
to the configuration files, put your options in a file called "spcl.options"
and they will be copied into the configuration files. (This feature requires
that you use "-v 8" to generate configuration files for version 8 of BIND.)
Options are:
-a Generate A records for all entries in the hosts file, not
just for hosts which are part of the networks specified
with -n (the default).
-b BOOTFILE
Use BOOTFILE instead of the default: ./named.boot.
-c REMOTE-DOMAIN
Create CNAME records in the default domain for all the
hosts in REMOTE-DOMAIN. Including more than one -c option
is allowed. This is intended for creating CNAME records
in DOMAIN that point to names in REMOTE-DOMAIN.
-d DOMAIN
Your domain name is DOMAIN. Only 1 -d option is allowed.
To build data for multiple domains, run h2n multiple times,
once for each domain. For multiple domains, you have to
provide your own configuration file since the configuration
file made by h2n will only match the arguments for the last
time h2n was run.
-e DOMAIN
Eliminate all lines from the host table with names in
DOMAIN. Including more than one -e option is allowed.
-f FILE
Command line options are in a file called FILE. This
option cannot be used within FILE.
-h HOST
Use HOST in the fields of the SOA record that require a
hostname. The default is the host on which you run h2n.
-i SERIAL
Force the serial number to be SERIAL in all files.
This option disables incrementing the serial number
each time the files are updated. If you continue
to use this option, you must increment the serial
number yourself each time h2n is run.
-m WEIGHT:MX-HOST
Include an MX record for each host in your domain pointing
to MX-HOST at WEIGHT. Including more than one -m option is
allowed. Example: -m 10:terminator.movie.edu -m
20:wormhole
-n NET[:SUBNETMASK]
NET is your network number without the trailing zeros.
Including more than one -n option is allowed. If
SUBNETMASK is provided, create data for each subnet of NET.
Example: -n 192.249.249 -n 15.15.16:255.255.248.0
-o REFRESH:RETRY:EXPIRE:MINIMUM
Set the values in the SOA record to those specified.
The default values are 10800:3600:604800:86400.
-s SERVER
List SERVER in each domain's NS records. Including more
than one -s option is allowed.
-t Generate TXT records from the host table comments. If "[no
smtp]" appears in a comment, it is ignored.
-u USER
Use USER in the SOA mail address instead of root. USER can
be a complete mail address as in: me@a.b.c.
-w Generate WKS records that list the SMTP service over the
TCP protocol if an MX record is also created.
-v 4|8 Generate configuration files for BIND version 4.x.x or 8.x.x.
Version 4 is the default.
-y Use the date to create the serial number. The date format
used is YYYYMMDDXX. YYYY is the year. MM is the month.
DD is the day of the month. XX is counter that starts at
00 and increments each time h2n is run on the same day.
The date-based serial number must be larger than the existing
serial number for the date-based serial number to be used.
-z ADDRESS
Create a configuration file, ./boot.sec.save, for a secondary
name server that lists ADDRESS as the master to load from.
Save a copy of the domain data in a backup file. (This option
is similar to the -Z option.)
-C COMMENT-FILE
Create resource records by using keys in the host table
comment field as indices into COMMENT-FILE. COMMENT-FILE
contains "key:resource record" pairs like: "720:IN HINFO
hp9000s720 hp-ux". When h2n encounters "720" in the
comment section of the host table, it creates a resource
record by replacing the "720:" with the host's canonical
name.
-H HOSTFILE
Use HOSTFILE instead of /etc/hosts.
-M Don't generate default MX records. MX records specified
with -m will still be generated.
-N SUBNETMASK
Apply SUBNETMASK to all network numbers instead of listing
each subnet with -n. Specifying a subnet mask with -n
overrides the -N subnet mask for that network only.
-T TTL
Apply TTL as the default TTL for all database files. This
option puts "$TTL <TTL>" as the first line in each database
file as used by later versions of bind 8. Without this
option, h2n will check the existing files for a "$TTL" line
and use it in the new file. A TTL of "0" clears any "$TTL"
line from the created database files.
-Z ADDRESS
Create a configuration file, ./boot.sec, for a secondary name
server that lists ADDRESS as the master to load from. Do not
save a copy of the data in a backup file. (This option is
similar to the -z option.)
EXAMPLES
Create name server data for networks 192.249.249 and 192.253.253 in
movie.edu. The configuration file is in version 4 format.
h2n -d movie.edu -n 192.249.249 -n 192.253.253
Create name server data for networks 192.249.249 and 192.253.253 in
movie.edu. Eliminate lines in the host table that contain fx.movie.edu
and include MX records for all hosts pointing to the mail hub,
postmanrings2x.movie.edu. Include all of the options in a file.
h2n -f option_file
option_file contains the following lines:
-d movie.edu
-n 192.249.249
-n 192.253.253
-e fx.movie.edu
-m 50:postmanrings2x.movie.edu
#
# forwarders
#
zone "wg" {
type forward;
forward only;
forwarders { 10.205.253.2; };
};
zone "adm" {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "020" {
type forward;
forward only;
forwarders { 10.205.253.1; };
};
#
#adm reverse dns
#
zone "16.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "17.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "18.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "19.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "20.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "21.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "22.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "23.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "24.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "25.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "26.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "27.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "28.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "29.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "30.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
zone "31.205.10.IN-ADDR.ARPA" in {
type forward;
forward only;
forwarders { 10.205.25.25; };
};
#make_zone hostfile.amsw amsw.020 10.205.252
#make_zone hostfile.routers routers.020 10.205.253
#make_zone hostfile.transfernet transfernet.020 10.205.254
#make_zone hostfile.radio radio.020 10.205.255
zone "irl.020" in {
type master;
file "/etc/bind/zones/db.irl";
};
zone "12.205.10.IN-ADDR.ARPA" in {
type master;
file "/etc/bind/zones/db.12.205.14";
};
zone "ki.020" in {
type master;
file "/etc/bind/zones/db.ki";
};
zone "14.205.10.IN-ADDR.ARPA" in {
type master;
file "/etc/bind/zones/db.10.205.14";
};
#
# The IRL network
#
# office subnet: 172.16.17.0/24
# server subnet: 10.205.12.0/24
# vm address range 10.205.12.50/24 - 10.205.12.200/24
#
172.16.17.1 router # uplink router, accesspoint (tplink)
172.16.17.2 interference-mainswitch #the main switch
172.16.17.3 unused
172.16.17.4 atc #air traffic control - router to 020, vm on isoup
172.16.17.18 wurlitzer #jukebox, in small rack
#serversubnet
#
10.205.12.1 atc #air traffic control - router to 020, vm on isoup
10.205.12.14 tomato dellws # connected to first disk shelf
10.205.12.15 isoup 16GB #xen machine
10.205.12.16 kalium sun #nothing yet
10.205.12.17 supai #connected to second disk shelf
10.205.12.18 wurlitzer #jukebox
10.205.12.19 stofzuiger #big thing with lots of disks
10.205.12.51 zm-ldap #vm on isoup
10.205.12.52 zm-mailstore #vm on isoup
10.205.12.53 zm-proxy #vm on isoup
10.205.12.54 streaming #vm on isoup, for streaming
10.205.12.59 ssdd #vm on isoup
10.205.12.60 vape # voice application environment
10.205.12.61 unallocated
10.205.12.62 skibadee #airtime
10.205.12.55 cent
10.205.12.59 ssdd
10.205.12.61 peel
10.205.12.62 skibadee
10.205.12.63 gnunet
10.205.12.64 owrtbuild openwrtbuild #machine to build gluon and openwrt
10.205.12.65 gitlab #gitlab machine
#
# ki zone
#
10.205.14.2 unallocated
10.205.14.118 alcohol movie
10.205.14.1 trashbat router #router to amsterdam wireless
10.205.14.5 mozarella inetrouter #router to the internet
#
# amsw routers (loopback addressess)
#
10.205.253.1 stanleyh
10.205.253.2 duja
10.205.253.3 trashbat
10.205.253.4 y
10.205.253.5 atc
#!/bin/bash
. paths.sh
make_zone () {
# 1 hostfile.irl
# 2 irl.020
# 3 10.205.12:255.255.0.0 (don't put leading 0's in subnet)
# 4
hostfile=$1
zone_name=$2
subnet=$3
mkdir $OUT/$zone_name
cd $OUT/$zone_name && rm *
$BIN/h2n -d $zone_name \
-m 10:mail.$zone_name \
-n $subnet \
-h 10.205.253.1 \
-v 8 -y \
-s 10.205.253.1 \
-H $HFD/hostfile.irl \
-u wireless-amsterdam@lists.puscii.nl \
-M -t
shortname="!todo!"
echo "made: "
ls -lh $OUT/$zone_name
echo " $OUT/$zone_name/db.$shortname"
echo " $OUT/$zone_name/db.$shortname"
cd $OUT
}
#routers /radios /etc.
make_zone hostfile.amsw amsw.020 10.205.252
make_zone hostfile.routers routers.020 10.205.253
make_zone hostfile.transfernet transfernet.020 10.205.254
make_zone hostfile.radio radio.020 10.205.255
#
# irl.squesh.net zone
#
make_zone hostfile.irl irl.020 10.205.12:255.255.255.0
make_zone hostfile.irl irl.squesh.net 10.205.12:255.255.255.0
#ki zone
make_zone hostfile.ki ki.020 10.205.14:255.255.255.0
make_zone hostfile.ki ki.squesh.net 10.205.14:255.255.255.0
; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL 86400
@ IN SOA localhost. admin.squesh.net. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ IN NS localhost.
1.5 IN PTR dc1000.squesh.net.
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
//
// Do any local configuration here
//
zone "irl.squesh.net" in {
type master;
file "/etc/bind/zones/db.irl";
};
zone "17.16.172.IN-ADDR.ARPA" in {
type master;
file "/etc/bind/zones/db.172.16.17";
};
zone "12.205.10.IN-ADDR.ARPA" in {
type master;
file "/etc/bind/zones/db.10.205.12";
};
zone "dn42" {
type forward;
forwarders { 172.22.0.53; };
};
zone "22.172.in-addr.arpa" {
type forward;
forwarders { 172.22.0.53; };
};
zone "23.172.in-addr.arpa" {
type forward;
forwarders { 172.22.0.53; };
};
zone "squesh.dn42" {
type master;
file "/etc/bind/zones/squesh.dn42.db";
};
zone "totalchaosdesign.eu" {
type master;
file "/etc/bind/zones/totalchaosdesign.eu.db";
};
// 0.1.31.172.in-addr.arpa.
zone "31.172.in-addr.arpa" {
type master;
file "/etc/bind/zones/31.172.db";
};
zone "squesh.net" {
type master;
file "/etc/bind/zones/squesh.net.db";
};
zone "mng.squesh.net" {
type master;
file "/etc/bind/zones/mng.squesh.net.db";
};
zone "man.squesh.net" {
type master;
file "/etc/bind/zones/man.squesh.net.db";
};
zone "dyn.squesh.net" {
type master;
file "/etc/bind/zones/dyn.squesh.net.db";
allow-update { 10.13.13.30; }; // x.mng.squesh.net
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
acl squesh-nets { 127.0.0.1; 10.13.13.0/24; 172.31.0.0/16; };
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };