1MKRDNS(1) User Contributed Perl Documentation MKRDNS(1)
2
6 mkrdns - MaKe Reverse DNS (auto generate PTR maps)
7
9 mkrdns [options] [configuration file]
10
12 mkrdns is a program designed to auto-generate reverse DNS maps (IN PTR
13 records). Some programs already accompany the BIND source package that
14 will do this kind of thing on a single domain or network basis. mkrdns
15 will read either a named.boot or named.conf file, figure out which
16 domains and networks to deal with, and then generate the reverse maps.
17 You are deemed "in charge" of a network/domain if you are the primary
19 DNS for a reverse zone, or if you are either the primary or secondary
20 for a forward zone. The exception to this rule is that the 127.*
21 network is not auto-generated due to the "1 IN PTR localhost." issue.
22
24 -debug Print debugging information. (this will
25 print a LOT of information, be warned.)
26 -extension <ext> Append the given extension to the output
28 files. This is useful if you want to
29 have the reverse maps generated, but want
30 to check their contents before use.
31 -help The help screen.
33 -quiet Turn off warning messages (multiple A
35 records -> IP, etc.) Good for scripts,
36 but you probably want to check on what
37 the warnings report.
38 -rootdir <path> Specify the path to the root directory
40 that named will be running in. This
41 will handle anyone using a chrooted
42 environment for named. Everything except
43 the configuration file is assumed to be
44 under the new root.
45 -version Show mkrdns version information.
47
49 mkrdns reads the standard BIND configuration files named.boot and
50 named.conf. If you don't specify the full path to the file on the
51 command line, mkrdns assumes that one (or both) will exist in /etc and
52 will search for them. If none are found, the program exits. If one is
53 found, it is used. If both are found, named.conf is used.
54
56 Think of directives as configuration options for mkrdns which are
57 simply comments to BIND. The current directives are map, serialt,
58 skip, and skipzone.
59 Map allows you to map hosts to another network. This was designed in
61 for the purpose of handling DNS for a subnet of a class C network which
62 you do not control. (See the DNS & BIND O'Reilly and Associates book,
63 3rd Ed., pg. 215-218) Assume that you have 10.4.4.32/27 (ie: you have
64 the 32 IPs from 10.4.4.32 to 10.4.4.63 ...) You want to do reverse
65 mappings for those IPs, but you don't control 4.4.10.in-addr.arpa. How
66 do you do it? The solution is to become the master for another zone
67 (such as 32.4.4.10.in-addr.arpa. or 32-63.4.4.10.in-addr.arpa.), and
68 CNAME the correct reverse pointers to the ones you're in charge of.
69 The format for the directive is:
70 map <network/mask> <new network>
71 Ex: map 10.4.4.32/27 10.4.4.32-63
73 This maps all hosts between 10.4.4.32 and 10.4.4.63 to 10.4.4.32-63.32
75 to 10.4.4.32-63.63.
76 Serialt will change mkrdns's behavior with the serial number for
78 certain zones. By default, the serial number is assumed to be in date
79 format (YYYYMMDDVV, year/month/day/version). However, you can tell
80 mkrdns to treat the serial number as a regular number instead. This
81 allows for more than 100 zone changes a day, and has a bit more
82 flexibility depending on the environment. The format for the directive
83 is: serialt <view> <zone> <format>
84 <view> specifies which view should be used for the behavior change. If
86 not specified, mkrdns assumes "default". <zone> is either "default" or
87 the actual zone (ie: 0.0.0.10.in-addr.arpa). <format> is either "date"
88 or "number".
89 Ex: serialt internal 1.168.192.in-addr.arpa number
91 Skip forces mkrdns to ignore certain hosts/IPs via regular expression.
93 The concept is that there are some IN A records that you would like to
94 skip and not create a reverse entry. Skip allows this. (for instance,
95 "foo IN A 10.4.4.32" and "mail IN A 10.4.4.32" both exist, but you want
96 to force foo as the reverse lookup and ignore mail. The following
97 example can do this for you.) Format:
98 skip <regular expression>
99 Ex: skip ^mail
101 This will skip any host (or IP) that matches the "^mail" regular
103 expression. The host is the FQDN, and the IP is before mapping (see
104 above).
105 Skipzone forces mkrdns to ignore certain zones while processing the
107 named configuration file. A possible use for this is where you have
108 "bar.com" and "bar.net", and both of them should have the same host
109 info (ie: foo.bar.com and foo.bar.net both have the same records.) You
110 want "bar.com" to be the reverse lookup for the IPs used. So set the
111 zone file setting to the same file (bar.zone), and then add "skipzone
112 bar.net". NOTE: The skipzone argument must match EXACTLY with the
113 zone name in the config file. NOTE: You can specify multiple zones in
114 the same "skipzone" statement. (ie: "skipzone foo.com bar.com") NOTE2:
115 If you are using views, the zone string must be in the format
116 "view:zone". If a view isn't given, "default" is assumed.
117 ignoreslaves tells mkrdns to ignore any forward slave domains in the
119 configuration. This is useful if, for instance, you are master for
120 both a forward domain and reverse domain (say 168.192.in-addr.arpa)
121 which go together, but you also have slave domains with hosts in the
122 same reverse zone.
123 The format of a directive differs (sorry) between named.conf and
125 named.boot. UNIX-style comments (the hash mark then the comment) are
126 allowed.
127 named.boot directives
129 Directives look like a comment, so the format is simply:
130 ; mkrdns <directive type> <parameters>
132 named.conf directives
134 To make directives more efficient with BIND 8, the format is slightly
135 different:
136 /* mkrdns
138 <directive type> <parameters>
139 ...
140 */
141
143 mkrdns -e new /etc/named.boot
144 This will run mkrdns over the file /etc/named.boot. Output files will
146 be generated as <name>.new (i.e.: if the PTR zone file is called
147 160.zone, the output will be 160.zone.new.)
148
150 I tend to use this script like a lint check. i.e.: Edit the proper
151 zone files, then run mkrdns.
152 As with most documentation, there are probably things that aren't
154 mentioned in the docs that the script does/assumes/etc. I apologize
155 for any inaccuracies/omissions. Let me know if there are any parts
156 that have an "issue", and I'll see if I can't straighten it out.
157
159 The <network>.zone reverse map files must already be created, be
160 uniquely specified in the configuration file, and have the appropriate
161 information (SOA/NS records, etc.) in there. This script will strip
162 out any PTR records, and then add them back in. (This means anything
163 like blank lines and comments will be moved to the top of the file.)
164 $ORIGIN and $INCLUDE are striped as of mkrdns 1.3.
165 You must be at least a secondary for all domains which reference IP
167 networks for which you're responsible. There is no means (currently at
168 least) to specify a PTR record for a non-existent A record, so this
169 script must have access to all A records that need to be "reversed".
170 If you have more than 1 A record pointing to a specific IP, you can't
172 have both be the PTR record. This script takes the first A record it
173 sees as the one used for the PTR record. A warning is printed for any
174 additional entries. (While the RFCs don't prohibit multiple PTR
175 records for the same IP, I have yet to find anyone who can give me a
176 good reason to do it.)
177 Map serial numbers default to be in YYYYMMDDVV format. (YYYY = year,
179 MM = month, DD = day, VV = version (00-99). This script will convert
180 your serial number to this format if it's not already. I don't have
181 too many daily DNS changes, so the action for not being able to update
182 the serial number (ie: VV is at 99 and can't be increased) is to simply
183 exit. If this is going to cause a problem for you, you can use the
184 serialt directive to specify a zone (or the default) should treat the
185 serial number as a number instead of using the date format. Either
186 way, a problem will come up when the serial number reaches 4294967295
187 (max value), but that's another story. (mkrdns will print a warning if
188 this is about to happen)
189
191 Theo Van Dinter <felicity@mkrdns.org>
192perl v5.30.1 2020-01-29 MKRDNS(1)