Thoughts on best practice for naming router infrastructure in DNS

Joe Abley jabley at ca.afilias.info
Fri Jun 15 13:39:35 UTC 2007


On 14-Jun-2007, at 16:25, K K wrote:

> On 6/14/07, randal k <nanog at data102.com> wrote:
>> This particular issue has been confounding to work around as well.  
>> The issue
>> of constantly updating DNS to match the current topology is a  
>> pain, but in
>> my opinion, very necessary.
>
> I'm not entirely convinced DNS records for every possible interface
> address are needed, in part because it's so difficult to keep them
> updated with topology changes over time.

I once wrote a couple of scripts to parse a repository of  
configurations stored by rancid, and to produce zone file fragments  
which could be INCLUDEd into zones and published in the DNS  
automagically. It wasn't hard. There is some text about it in the  
tutorial I wrote for NANOG 26, which Stephen Stuart presented after I  
accidentally went to an ICANN meeting in Shanghai instead of going to  
Eugene:

   http://www.nanog.org/mtg-0210/ppt/stephen.pdf

Check pages 37-41. You'll find example scripts here:

   ftp://ftp.isc.org/isc/toolmakers/

I can't pretend I have used it since 2002, so some hacking may be  
required. Also, unless you have a particular reason to generate a  
topology map of a network for other reasons, and unless your naming  
scheme is based on something that looks like an undirected graph, you  
may find it easier to write something a little more focussed. For  
example, the trivial awk script

/^interface / {
   ifname = $2;
   gsub(/\//, "-", ifname);
   gsub(/\./, "-", ifname);
}

/^ ip address / {
   print $3, ifname ".someisp.net";
}

will digest cisco-style configs like

interface FastEthernet3/1/0.214
  ip address 203.97.1.241 255.255.255.240
  ...
!
interface POS3/2
  ip address 199.212.93.1 255.255.255.252
  ...

and excrete the following, for example:

203.97.1.241 FastEthernet3-1-0-214.someisp.net
199.212.93.1 POS3-2.someisp.net

Building IN-ADDR.ARPA zones from data like that is not at all  
difficult. Dealing with JUNOS configs is marginally more difficult  
with line-based tools like awk, but still entirely possible (see  
those example scripts I mentioned for examples).

Package up some of this stuff so it will run unattended, and run it  
out of cron every $interval, and suddenly reverse DNS takes no effort  
at all.

The hard bit is back at the beginning, working out what the mapping  
of router configuration -> DNS name should be (i.e. what your naming  
scheme is).


Joe




More information about the NANOG mailing list