North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Thoughts on best practice for naming router infrastructure in DNS

  • From: Joe Abley
  • Date: Fri Jun 15 09:41:48 2007


On 14-Jun-2007, at 16:25, K K wrote:

On 6/14/07, randal k <[email protected]> wrote:
This particular issue has been confounding to work around as well. The issue
of constantly updating DNS to match the current topology is a pain, but in
my opinion, very necessary. 

I'm not entirely convinced DNS records for every possible interface
address are needed, in part because it's so difficult to keep them
updated with topology changes over time.

I once wrote a couple of scripts to parse a repository of configurations stored by rancid, and to produce zone file fragments which could be INCLUDEd into zones and published in the DNS automagically. It wasn't hard. There is some text about it in the tutorial I wrote for NANOG 26, which Stephen Stuart presented after I accidentally went to an ICANN meeting in Shanghai instead of going to Eugene:

http://www.nanog.org/mtg-0210/ppt/stephen.pdf

Check pages 37-41. You'll find example scripts here:

ftp://ftp.isc.org/isc/toolmakers/

I can't pretend I have used it since 2002, so some hacking may be required. Also, unless you have a particular reason to generate a topology map of a network for other reasons, and unless your naming scheme is based on something that looks like an undirected graph, you may find it easier to write something a little more focussed. For example, the trivial awk script

/^interface / {
  ifname = $2;
  gsub(/\//, "-", ifname);
  gsub(/\./, "-", ifname);
}

/^ ip address / {
  print $3, ifname ".someisp.net";
}

will digest cisco-style configs like

interface FastEthernet3/1/0.214
 ip address 203.97.1.241 255.255.255.240
 ...
!
interface POS3/2
 ip address 199.212.93.1 255.255.255.252
 ...

and excrete the following, for example:

203.97.1.241 FastEthernet3-1-0-214.someisp.net
199.212.93.1 POS3-2.someisp.net

Building IN-ADDR.ARPA zones from data like that is not at all difficult. Dealing with JUNOS configs is marginally more difficult with line-based tools like awk, but still entirely possible (see those example scripts I mentioned for examples).

Package up some of this stuff so it will run unattended, and run it out of cron every $interval, and suddenly reverse DNS takes no effort at all.

The hard bit is back at the beginning, working out what the mapping of router configuration -> DNS name should be (i.e. what your naming scheme is).


Joe