MKRDNS

Have you ever gotten tired of having to change both the forward and reverse zone maps when adding, removing, or changing hosts in DNS? If so, then mkrdns is for you! mkrdns automates the tedious procedure of editing both forward and reverse zones when making changes to your zones with likely no changes to your current configuration file.

mkrdns does this by reading through all of the primary/secondary (master/slave) zones in your configuration file (either named.boot or named.conf). It will then automatically generate the reverse zone entries (IN PTR) for the networks for which you are the primary/master. It is now possible to simply edit the forward map, run mkrdns, and reload the zone. Clean, simple, and best of all, automatic.

mkrdns also acts as a limited lint-like program, issuing warnings and errors if there are problems with your configuration or zone files.

If you would like a copy of mkrdns, you can get it via one of the two following methods:

1. HTTP - http://www.mkrdns.org/ftp/
2. FTP - ftp://ftp.mkrdns.org/pub/felicity/mkrdns/

There is a mailing list dedicated to mkrdns and related issues. If you'd like to join, please visit the mkrdns list web interface at https://www.kluge.net/mailman/listinfo/mkrdns, or send a message with "subscribe" in the body to mkrdns-request@mkrdns.org.

If you would like to send my any questions/comments/etc directly, please send it to felicity@mkrdns.org. For instance, I love receiving feedback that I can quote:

"We recently tested mkrdns-2.1 and experienced a 10x performance
improvement in reverse zone generation times.  The script generates
approximately 100,000 reverse records in under 30 seconds.  Thanks Theo!"
	- David LaPorte, from an Unnamed University

On my RedHat 8/9 and/or perl 5.8.x machine, mkrdns doesn't work!

It's been reported that by default, mkrdns (up to at least 3.3) doesn't work on RedHat 8 and 9 machines. The errors will be something like the following:

(warn) No file specified for zone "192.in-addr.arpa" in "/etc/named.conf".
(fatal) Can't open "/"/10.in-addr.arpa" for reading:No such
file or directory at ./mkrdns-3_3 line 379.

The problem is related to RH/perl 5.8's unicode "support", which ends up breaking a bunch of perl code that's out there. For mkrdns, parsing the named.conf file results in a single double-quote for the directory where named files lives. Via "--debug":

(debug) Named Directory = "

This issue may be addressed in a future version of mkrdns, but there are 2 simple solutions until then:

1. Before running mkrdns, set the LANG environment variable to 'C' ("LANG=C ; export LANG", or "setenv LANG C", depending on your shell).
2. Add "use bytes;" to the top of the mkrdns script.

mkrdns doesn't properly support $GENERATE statements

Between BIND 9.2 and 9.3, the syntax for $GENERATE was modified to allow for TTL and class parameters. mkrdns currently only supports the 9.2 and previous format. ie:

$GENERATE 100-250 dhcp-$      IN      A       10.10.10.$

is now allowed in BIND 9.3, but the class "IN" wasn't valid in pre-9.3, so a simple fix could be:

$GENERATE 100-250 dhcp-$      A       10.10.10.$

assuming you want to use the same class as the previous record (since most people just use "IN", which is the default anyway, you can very likely just leave it out.)

mkrdns doesn't seem to see the zones that I'm a master/primary for -- what's wrong?

After some investigation, it seems that the docs specify a certain syntax for BIND configuration files, but bind (daemon) can handle a more flexible syntax. Specifically, the BIND docs specify that the master zone statement syntax is:

zone domain_name [ ( in | hs | hesiod | chaos ) ] {
  type master;
  file path_name;
  ...
};

bind, however, allows the "file" section to appear later in the statement. This isn't necessarily a bug in mkrdns (since it pays attention to the specified syntax), but it does cause some confusion. Make sure that if you're using bind 8 or later (w/ the named.conf file) that the "file" statement appears directly after the "type" statement.

Note: This has been fixed in mkrdns v3.0!

Why doesn't mkrdns understand my BIND9 view configuration?

mkrdns does not yet support all of the features in BIND9, views being one of them. For the time being, the solution is to create BIND8 equivilent configurations, one for each zone, and then run mkrdns against each one. You can alternatively run multiple BIND9 servers with the seperate configuration files like BIND8 was run, but this is sub-optimal.

Note: This has been fixed in mkrdns v3.0!

Release History

3.3 (2002.12.06)

Fixed a bug when updating single-line SOA records. Also added code to allow "} ;" instead of "};".

3.2 (2002.07.09)

Fixed a bug where parsing a named.conf with both "controls { inet ... };" and views wouldn't work correctly.

3.1 (2002.06.20)

named.conf parsing will now correctly see multiple commands on a single line (ie: 'type master; file "foo.zone"; notify no;' all on same line.) This goes for include files as well which were incorrectly handled if on a line with other parameters previously.

3.0 (2002.05.15)

Added support for BIND 9 views. Added support for BIND 8's "$$" means "$" in GENERATE statements. Modified the unique file/zone check to only care about reverse zones. The added support for views also allows mkrdns to find zone "file" statements anywhere in the zone statement (see the FAQ on this page.) Added a "ignoreslaves" directive to ignore forward zone slaves in the configuration. SOA record support will now catch both the multiple-line (standard) and single-line versions.

2.3 (2002.01.11)

mkrdns 2.3 fixes a small bug where the MD5 module is actually required due to an incorrect call to the Perl module.

2.2 (2001.10.10)

mkrdns 2.2 fixes a small bug and makes a small debugging change. BIND accepts TTLs in the form "1w2d3h4m5s" instead of just an integer number of seconds (from RFC1035), which is all that mkrdns used to support. RFC1035 also specifies that the class and ttl of a resource record can be reversed, which wasn't supported before either. mkrdns now handles both cases. Modified the debugging output to only report "keeping host" if it actually is going to keep the host (it used to check for duplicates after the print out). Added a debugging line that specifies that a host/ptr combo is duplicate and that mkrdns is skipping it. (this went unreported before)

2.1 (2001.07.12)

mkrdns 2.1 has a major focus on performance. Testing in various environments have shown anywhere from a 2 to 10-times speed increase. Memory usage should be lower now as well due to consolidation of in-memory records. Other changes include minor bug fixes and an addition of /etc/bind and /etc/named as default configuration search locations. Thanks to Mike Robbins for reporting bugs and David LaPorte for prompting the performance changes.

2.0 (2001.05.01)

This is really just a renumbered 2.0pre3 ... The main changes between 1.6 and 2.0 are:

• named.conf doesn't need whitespace between the quote and brace characters in zone statements anymore (i.e.: 'zone "foo.com"{' is valid).
• Lots of code cleanup, and bug fixes. This has resulted in a lower memory footprint, and faster execution times.
• A check was added to verify that A records have a valid syntax (i.e.: IP Address, not a name, etc.)
• Added in the ability to use 32-bit checksums if MD5 isn't available. The 32-bit checksums are also faster to calculate than MD5.
• mkrdns will now look in other "standard" directories besides /etc for configuration file. The defaults are: /etc, /var/named, /usr/named, /usr/freeware/etc, and /usr/local/etc.
• Support for chroot environments has been added.

2.0pre3 (2001.03.23)

Found a bug in the named.conf regexp that parses for zone/type/file statements. It would match the hint zone and ignore the first zone after it.

2.0pre2 (2001.03.06)

Debugging output would mention "Path changed from ... to ..." even if the path hadn't changed. There's now an if/then clause around that section of code. The BIND docs wasn't specific about needing whitespace between the closing quote and the brace in a zone statement (i.e.: 'zone "foo.com"{'). The regexp that matches zone statements was made simpler and was also modified to handle this case.

2.0pre1 (2001.01.30)

There were two interim releases: 2.0dev1 and 2.0dev2 that weren't announced and were just available from this web page.

Replaced duplicated pieces of code, and made the code more maintainable. Rewrote some sections to be more efficient (time and memory). Added a check to verify that A records have an *IP*, not a name (A records _require_ an IP from RFC 1035). Added in the ability to use a 32-bit checksum (perl built-in) if MD5 isn't available (used to determine if zone files have changed). mkrdns will now look in other "standard" directories besides /etc for the default configuration file (/etc, /var/named, /usr/named, /usr/freeware/etc, and /usr/local/etc). Added support for chroot environments.

1.6 (2000.05.13)

Added a new directive called "serialt" which instructs mkrdns how to handle the serial numbers. (is it a date (YYYYMMDDVV) or a number?) Added in support for $GENERATE command in forward maps. Fixed a bug where having "// directory foo" in a BIND 8 config file would cause "foo" to become the storage directory for the zone files. There was a misspelling in the BIND 4 directives (has been in for a while -- does anyone use BIND 4 out there?) which caused the directives to not work in BIND 4. mkrdns assumed reverse maps were for (lowercase) in-addr.arpa -- make this case-insensitive. Most open() calls were done using Perl's "magic" open, which were changed to read-only opens. Cleaned up the code quite a bit as well.

1.5 (2000.01.06)

Fixed a bug where directives in the named.conf were forced to be at the beginning of the file. They can now be anywhere in the file. Added code to remove leading dots from an extension. Added a new directive called "skipzone" to skip specific zones from processing. Fixed a small typo bug in debug output.

Thanks to Tommi Virtanen for reporting the directive bug!

1.4 (1999.06.03)

Support for TTL statements in A records. Fixed bug where quiet mode and an IP multiple entry (foo and bar have A records to IP) would improperly not skip the duplicate entries. Changed script so that older versions of Perl can handle the TTL statements correctly. ( (undef) = /(foo)/ is invalid in older versions of Perl.)

Thanks to David LaPorte for reporting the TTL and quiet mode problems!

1.3 (1999.04.07)

Support for $ORIGIN and $INCLUDE zone file statements (will even handle multi-level $INCLUDEs ($INCLUDEs inside an $INCLUDE ...) Support for include configuration file statements. Support for A-C class networks, not just C class nets. Fixed bug where " IN A <IP>" would take hostname from previous A record exclusively-- script will now check all IN records to get the proper hostname for this case. Comments in named.conf are now handled properly (might have caused problems if option/zone statements were in a comment.)

Thanks to Klaus Peter Thorn for reporting bugs and testing the new A-C class network support.

1.2 (1998.11.24)

Added in the concept of "directives" (see the man page above). Added in the GNU preamble (mkrdns was open source the entire time, now it's just more official).

1.1 (1998.11.13)

Added in check to not allow multiple zones to use the same zone file. (i.e.: foo.com & bar.com can't both use foo.zone for records.)

1.0 (1998.11.02)

Initial release.

Development Versions

3.0dev1 (2002.03.14)

Added support for BIND 9 views. Added support for BIND 8's "$$" means "$" in GENERATE statements. Modified the unique file/zone check to only care about reverse zones. The added support for views also allows mkrdns to find zone "file" statements anywhere in the zone statement (see the FAQ on this page.)

2.1dev2 (2001.06.16)

Fixed two bugs and made a small performance change. Having no "skip" directive configured means mkrdns would skip *EVERY* record. Incomplete comment removal while reading in zones could cause problems with $INCLUDE statements. RFC2317 handling is a little more efficient.

Thanks to Mike Robbins for reporting the bugs.

2.1dev1 (2001.06.14)

The push of this release is performance. In my tests (mainly 65k hosts from 256 $GENERATE commands), mkrdns 2.0 took 3:45 to complete, and 2.1dev1 takes 1:30. Some testers have reported much greater speed increases, anywhere from 5 to 10x. Not only has speed increased, but memory usage should have dropped as well. There were also a few small bug fixes to round out the changes.

Thanks to David LaPorte for prompting the performance changes.

2.0dev2 (2000.05.15)

Added in SYSV checksum (32-bit) routine. mkrdns will now use MD5 if available, or the SYSV algorithm otherwise. mkrdns will now check other "standard" directories besides /etc for named.boot/named.conf. Updated man page information.

2.0dev1 (2000.05.13)

Added in support for chroot environments. Added in code to compress paths (handle ".." and "."). Fixed a few more small bugs. Moved duplicate boot/conf code into a single subroutine for maintainability. Updated man page information.

Other people's projects that use mkrdns

• dnscvsutil. This lets you keep your zone files under CVS control, and the project uses mkrdns to auto-generate the reverse zone files!

If you have a project that uses mkrdns, please send a notice to the mkrdns mailing list (information above) and I'll add it here!

MKRDNS Related documents and pages

• ISC BIND
• RFC 1034 (DOMAIN NAMES - CONCEPTS AND FACILITIES)
• RFC 1035 (DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION)
• RFC 1536 (Common DNS Implementation Errors and Suggested Fixes)
• RFC 2317 (Classless IN-ADDR.ARPA delegation)
• DNS Resource Directory

(Possible) Wishlist and Dev. Plan

• automatic method to notice that RFC2317 is being used instead of requiring the "map" directive. (look for CNAME records in the reverse zone?)
• (not in near future) Support for IPv6 (AAAA->PTR...)
• commandline parameter to allow multiple PTR records for a given IP