search

opennetadmin / build_bind

OpenNetAdmin plugin to manage and build BIND DNS server configurations
13 stars 13 forks source link

Update build_bind.inc.php #21

Open dmgeurts opened 3 years ago

dmgeurts commented 3 years ago

Forwarding zone solution. Add ona servers are forwarding, this will ensure the named config is added to these servers. Add master servers, these will be the forwarding servers. Ensure ona has an A record for the master server as the forwarding statement needs an IP address not a FQDN.

mattpascoe commented 3 years ago

I may not fully understand your specific situation but this code has a few things I'm not certain will work for everyone.

If someone needs to have master servers set up and also have forwarders set up, this seems to combine them both together and would not allow that. By taking all the IP addresses that are masters, and using them as the forwarder address it is losing the distinction between the two.

Also if someone need to run a single master but also have several forwarders then this would not allow for that.

The initial intent was to have a location in the database to store the IP address(es) for the forwarders separately from how the masters are defined. This way you would have full flexibility in any combination of how it is used. Obviously this is more effort than just an update to the build_bind code.

I'm not sure I can merge this into the main code as it would likely cause others some issue if trying to set up forwarders that could conflict with their current masters.

Again, I'm not up to speed on your current situation but I think one way you could work around this for now, while not optimal, would be to just hard code the forward zones in the named.conf file. This assumes that you only have a handful of forward zones to deal with as hard coding things is always annoying to have to manage.

dmgeurts commented 3 years ago

I have 2 ONA servers that share a database and I have a FreeIPA server. Both ONA and FreeIPA serve different domains. The forward zone has been configured with the ONA servers as FORWARD and the FreeIPA server as the MASTER. As you see, I have a single master and two forwarding servers. If I added HA or a slave to the FreeIPA server I'd add a second master DNS server to the zone.

The proposed code will configure the ONA servers with a forward zone that uses the configured MASTER server(s) as the forwarding targets.

It's a quick means of getting working forward zones. But yes it means you add the forward target as a DNS server in ONA. I understand this may well confuse some. But with the current code this works well. Alternatively, one could modify the database and provide a means of configuring forwarder IP addresses but I'd have to look deeper into ONA code to see how this should be done and where to store the forwarders in the database.

My suggested code requires no database modification and no GUI changes. It may not be perfect but currently adding a FORWARDING DNS server to a zone breaks things, so it's at least an improvement on the current code.

The limitation is that the external-non-ONA master/target server(s) for the zone need to be added as DNS servers to ONA and ONA must have an IP address for them in the database.