DNS Zone Munging

zonemunge

Zonemunge is a designed as a wrapper for the standard V8.x ISC bind based program named-xfer. Its performs manipulations of zone files based on record types after they have been transferred by the real named-xfer program.

Download

The current version (V1.5) can be downloaded from here.

Installing & Configuring

To install & configure the program
  1. Unpack the archive into a suitable directory (I usually use /usr/local/zonemunge/bin).
  2. Amend the paths of the xfer and rulefile variables at the head of the program to suit your system.
  3. Add the rules for your zone to the rule file.
  4. Test the rules by running the zonemunge program against a copy of the zone file.
  5. Amend your named.conf file to use the zonemunge version of named-xfer.

How it works

The program works in one of three modes depending on the basename when it is called. When called as named-xfer it runs the real named program and then munges the zone file, when called as rulemaint it allows for rule maintenance, and when called as zonemunge it operates in a test mode and munges the specified file.

The program can perform three basic manipulations, deletion, addition and supplementation. In order to explain these rules, we will take the example of a domain of our own hosted by some ISP who look after our DNS requirements to the outside world. We maintain a private network, which for consistencies sake we are going to name as machines within our domain, but which are not visible in the outside world. We have a mail machine on our private network, which is going to be the hub and a local DNS which is going to feature.

The following is the file as held by our ISP

    demo.example.com.  IN SOA  dns.isp.example.com. dnsadmin.isp.example.com. (
                        1999052204
                        10800
                        3600
                        432000
                        38400 )
    demo.example.com.       IN  NS      dns.isp.example.com.
    www.demo.example.com.   IN  A       127.0.0.1
    demo.example.com.       IN  MX  100 mailhub.isp.example.com

We would like a copy of this file on our internal nameserver, but with suitable modifications which provide the following.

The tool works in two stages, firstly any deletes or supplements are performed, then the additions.

To achieve the result we are after we must create the rule set using the rulemaint mode of operation.

    $ rulemaint -a demo.example.com -v
    D MX
    S A MX 0 mailrelay.demo.example.com.
    A demo.example.com.           IN NS dns.demo.example.com.
    A demo.example.com.           IN MX 0 mailrelay.demo.example.com.
    A dns.demo.example.com.       IN A 192.168.1.10
    A mailrelay.demo.example.com. IN A 192.168.1.20
We then confirm that the rules are in place
    $ zonemunge -l demo.example.com
    Zone demo.example.com

    D MX
    S A MX 0 mailrelay.demo.example.com.
    A demo.example.com. IN NS dns.demo.example.com.
    A demo.example.com. IN MX 0 mailrelay.demo.example.com.
    A dns.demo.example.com. IN A 192.168.1.10 
    A mailrelay.demo.example.com. IN A 192.168.1.20
Next, we test this by running it over a copy of the zone file
    $ zonemunge -f zonecopy -z demo.example.com
after which the file contains something like
    ; zone munged by zonemunge V1.4
    demo.example.com.       IN      SOA     dns.isp.example.com. dnsadmin.isp.example.com. ( 1999052207  10800  3600  432000  38400 )
    demo.example.com.       IN      NS      dns.isp.example.com.
    demo.example.com. IN MX 0 mailrelay.demo.example.com.
    www.demo.example.com.   IN      A       127.0.0.1
	    IN      MX      0       mailrelay.demo.example.com.
    demo.example.com. IN NS dns.demo.example.com.
    dns.demo.example.com. IN A 192.168.1.10 
    mailrelay.demo.example.com. IN A 192.168.1.20