Excerpt |
---|
This document is an overview of the DNS Manager 4 architecture. |
DNS RFC compliance
DNS Manager complies to the RFC listed below.
Aspect | RFC | Description |
---|
A record | RFC 1035 | |
AAAA record | RFC 3596 | |
CNAME record | RFC 1035 | |
MX record | RFC 1035 | |
NAPTR record | RFC 3403 | |
NS record | RFC 1035 | |
PTR record | RFC 1035 | |
SRV record | RFC 2782 | |
TXT record | RFC 1035 | |
SOA record | RFC 1912 | For default values for SOA records. |
SERIAL | RFC 1912 | Supports both RFC 1912 and timestamp SOA Serial number formats. |
Classless delegation | RFC 2317 | Classless routing allows allocation of subnets on non-octet boundaries that is less than 256 addresses from a Class C address. |
E.164 | RFC 3761 | DNS zones for storage of E.164 numbers. |
IPv6 zones | RFC 4291 | Reverse DNS lookups for IPv6 addresses. |
Mask delimiters | RFC 4183 | Both / and - are supported as mask delimiters. |
Zone dump
The zone dump file format that is used by DNS Manager remote update protocol has been improved with:
Dump file examples
Master zones examples
Code Block |
---|
domain.ltd.|master {
|SERIAL| |2011110802| || ||
|DEFAULT_TTL| |86400| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|ALLOW_TRANSFER| |4.3.2.1| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|AAAA| |sub.domain.ltd.| |2001:db8:85a3:88:8a2e:370:7334:89| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |domain.ltd.| |sometext| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
|SRV| |_sip._tcp.domain.ltd.| |.| |5| |25| |12345| ||
|SRV| |_sip._tcp.domain.ltd.| |anotherdomain.com.| |10| |20| |5560| ||
|SRV| |_h323._udp.domain.ltd.| |sub.domain.ltd.| |15| |25| |8550| ||
}
testdomain.com.|master {
|$ORIGIN| |com.| || ||
|TXT| |testdomain| |v=spf1 a mx ptr mx:mail.testdomain.com ~all| ||
|NS| || |ns1.test-web| ||
|NS| || |ns2.test-web| ||
|A| || |64.85.2.56| ||
} |
Anchor |
---|
| default master |
---|
| default master |
---|
|
Default zone type is master
If the zone type is missing, it is assumed to be a master zone definition.
Code Block |
---|
domain.ltd.{
|REFRESH| |108002| || ||
|RETRY| |36002| || ||
|EXPIRE| |604802| || ||
|MIN_TTL| |86402| || ||
|DEFAULT_TTL| |86402| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |4.3.2.1| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|AAAA| |sub.domain.ltd.| |2001:db8:85a3:88:8a2e:370:7334:89| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |domain.ltd.| |sometext| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
} |
Slave zones example
Slave zones may be included in dump as follows.
Code Block |
---|
3.2.1.in-addr.arpa.|slave {
|MASTER| |6.7.8.9| || ||
}
foo.com.|slave {
|MASTER| |6.7.8.9| || ||
} |
Classless delegation
The rules mentioned above also apply to reverse DNS zones. You can see below full DNS zones with /24 /28 and /32 subnet mask.
Code Block |
---|
4.3.2.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |36000| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|NS| |4.3.2.in-addr.arpa.| |ns1.name.com.| ||
|NS| |0/25.4.3.2.in-addr.arpa.| |ns.domain.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |zone.name.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom1.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom2.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom3.com.| ||
|CNAME| |10.4.3.2.in-addr.arpa.| |10.0/25.4.3.2.in-addr.arpa.| ||
|TXT| |host.4.3.2.in-addr.arpa.| |value| ||
|TXT| |4.3.2.in-addr.arpa.| |sometext| ||
}
4/28.3.2.1.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |60480| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |7.8.9.10| || ||
|NS| |4/28.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |zone.c.om.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.in-addr.arpa.| |text value| ||
|TXT| |4/28.3.2.1.in-addr.arpa.| |sometext| ||
}
4.3.2.1.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |60480| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |7.8.9.10| || ||
|NS| |4.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |4.3.2.1.in-addr.arpa.| |zone.c.om.| ||
|TXT| |abc.4.3.2.1.in-addr.arpa.| |sometext| ||
} |
$ORIGIN, @ and Blank Substitution
The "@" character is accepted when defining zones. It is substituted with:
The last $ORIGIN directive encountered in the file, or
If no $ORIGIN directive is present - it is generated automatically.
Blank Substitution - with the last valid name (or label) or $ORIGIN if there are no previous names (labels).
Code Block |
---|
testdomain.com.|master {
|NS| |@| |ns.isdomain.com.| ||
|NS| || |new| ||
|MX| |@| |mail.testdomain.com.| |10|
|MX| |test| |mail1.testdomain.com.| |15|
|TXT| |@| |this is not a test| ||
|CNAME| |*.new| |newtest.com.| ||
} |
Anchor |
---|
| mask delimiter |
---|
| mask delimiter |
---|
|
Mask delimiter
Both "-" and "/" character are accepted when defining reverse zones. The zones are different!
Code Block |
---|
4-28.3.2.1.IN-ADDR.ARPA.|master {
|NS| |4-28.3.2.1.IN-ADDR.ARPA.| |aa.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |zone.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |dom1.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |dom2.com.| ||
|TXT| |a.4-28.3.2.1.IN-ADDR.ARPA.| |text value| ||
|TXT| |4-28.3.2.1.IN-ADDR.ARPA.| |sometext| ||
}
4/28.3.2.1.IN-ADDR.ARPA.|master {
|NS| |4/28.3.2.1.IN-ADDR.ARPA.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |zone.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.IN-ADDR.ARPA.| |text value| ||
|TXT| |4/28.3.2.1.IN-ADDR.ARPA.| |sometext| ||
} |
SOA records
If the SOA records are not found in the zone definition, they are inherited from the client preferences, if the client has SOA records defined. If the client has no SOA records defined, the system wide SOA settings defined by the administrator are used.
Code Block |
---|
domain.ltd.|master {
|ALLOW_TRANSFER| |4.3.2.1| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
|TXT| |domain.ltd.| |text value| ||
}
4/28.3.2.1.in-addr.arpa.|master {
|NS| |4/28.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |zone.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.in-addr.arpa.| |text value| ||
|TXT| |4/28.3.2.1.in-addr.arpa.| |sometext| ||
} |
E164.ARPA reverse zone
Check the below example of E.164 reverse zone that contains all the supported record types, NS and NAPTR:
Code Block |
---|
1.2.3.1.E164.ARPA.|master {
|SERIAL| |1330507579| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|ALLOW_TRANSFER| |134.222.123.123/27| || ||
|NAPTR| |2.3.4.5.1.2.3.1.E164.ARPA.| |!regex!replacement!i| |10| |20| | | || |services| |S|
|NAPTR| |9.1.2.3.1.E164.ARPA.| |!^.*$!mailto:info@example.com!i| |10| |20| | | || |email| |S|
|NS| |1.2.3.1.E164.ARPA.| |ns1.example.com.| |1|
|NS| |1.2.3.1.E164.ARPA.| |ns2.example.com.| ||
} |
IP6.ARPA reverse zone
Check this example of IP6.ARPA reverse zone that contains both supported record types, NS and PTR:
Code Block |
---|
1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.|master {
|SERIAL| |1330509267| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|NS| |1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |ns1.bar.com.| ||
|NS| |1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |ns3.bar.com.| |1|
|PTR| |9.8.7.6.5.1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |foo.com.| ||
|PTR| |9.9.9.9.9.1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |bar.com.| ||
} |
Primary NS
The primary NS record is marked with 1 in the dump file. If missing the NS order is random.
Code Block |
---|
bar.com.|master {
|NS| |bar.com.| |ns1.first.co.uk.| ||
|NS| |bar.com.| |ns2.first.co.uk.| |1|
} |
Dump export utilities
Command line utilities
The export command line utilities support the new dump file format. These utilities help you set the 4PSA DNS Manager server to act as slave DNS for other servers.
The dump export utility should be copied on the primary server. To find out more details about how to configure Primary/Secondary Server Setup with 4PSA DNS Manager read this KB article.
Dump scripts
New dump scripts are provided for major control panels on the market. The new dump scripts can export both master and slaves zones. Export settings are set as variables in the script or in the configuration file.
Use this command to find the DNSMANAGER_ROOT_D path:
Shell |
---|
#> grep DNSMANAGER_ROOT_D /etc/dnsmanager/dnsmanager.conf
DNSMANAGER_ROOT_D /usr/local/dnsmanager |
Below you can find the list of export scripts available:
Zones management software | Folder | DNS Manager Script |
---|
Bind generic | DNSMANAGER_ROOT_D/remote/bind | bind_export.sh |
DNS Manager | DNSMANAGER_ROOT_D/remote/dnsmanager | dnsmanager_export.sh |
Plesk Linux | DNSMANAGER_ROOT_D/remote/plesk | plesk_export.sh plesk_export.pl |
Plesk Windows | DNSMANAGER_ROOT_D/remote/plesk_win | plesk_win_export.exe |
PowerDNS | DNSMANAGER_ROOT_D/remote/powerdns | powerdns_export.sh |
Helm Control Panel for Windows | DNSMANAGER_ROOT_D/remote/helm | helm_complete.exe helm_export.exe helm_zones.exe |
InterWorx Hosting Control Panel | DNSMANAGER_ROOT_D/remote/iworx | iworx_complete.php iworx_zones.php |
Ensim | DNSMANAGER_ROOT_D/remote/ensim | ensim_complete.sh ensim_zones.sh |
Services
Please find below a list of all services on a DNS Manager 4 server.
Web interface service
- Name: dnsmanager
- Short description: The service is responsible for running 4PSA DNS Manager web interface
- Init script: Usually located in /etc/init.d/dnsmanager
Zone management service
- Name: zonemngd
- Short description: The service synchronizes the bind configuration file with updates (received using any means)
- Init script: Usually located in /etc/init.d/zonemngd
Remote import service
- Name: updateurld
- Short description: The service synchronizes DNS Manager local database with remote updates.
- Init script: Usually located in /etc/init.d/updateurld
BIND service
- Name: bind
- Short description: BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols; BIND includes a DNS server (named), which resolves host names to IP addresses, a resolver library (routines for applications to use when interfacing with DNS), and tools to verify that the DNS server is operating properly.
- Init script: Usually located in /etc/init.d/named
Round robin service
- Name -
rrmonitd
- Short description - Automates the DNS Round Robin disqualification and qualification when a resource associated with a resource record becomes unavailable/available again.
- Init script - Usually located in
/etc/init.d/rrmonitd
Interface access and disk location
4PSA DNS Manager comes with a dedicated web management interface, accessible in the browser at:
Panel |
---|
https://<your_server_ip>:8550 |
To log in to the interface for the first time, you must supply the following login credentials:
Panel |
---|
user: admin
password: welcome |
The skin directory can be found in:
Panel |
---|
bgColor | #f8f8f8 |
---|
borderStyle | dashed |
---|
|
DNSMANAGER_ROOT_D/admin/htdocs/skins
|
The language pack directory can be found in:
Panel |
---|
bgColor | #f8f8f8 |
---|
borderStyle | dashed |
---|
|
DNSMANAGER_ROOT_D/admin/htdocs/language
|
Note |
---|
All important paths are defined in /etc/dnsmanager/dnsmanager.conf |