On 14-Jun-2007, at 16:25, K K wrote:
On 6/14/07, randal k <[EMAIL PROTECTED]> wrote:
This particular issue has been confounding to work around as well.
The issue
of constantly updating DNS to match the current topology is a
pain, but in
my opinion, very necessary.
I'm not entirely convinced DNS records for every possible interface
address are needed, in part because it's so difficult to keep them
updated with topology changes over time.
I once wrote a couple of scripts to parse a repository of
configurations stored by rancid, and to produce zone file fragments
which could be INCLUDEd into zones and published in the DNS
automagically. It wasn't hard. There is some text about it in the
tutorial I wrote for NANOG 26, which Stephen Stuart presented after I
accidentally went to an ICANN meeting in Shanghai instead of going to
Eugene:
http://www.nanog.org/mtg-0210/ppt/stephen.pdf
Check pages 37-41. You'll find example scripts here:
ftp://ftp.isc.org/isc/toolmakers/
I can't pretend I have used it since 2002, so some hacking may be
required. Also, unless you have a particular reason to generate a
topology map of a network for other reasons, and unless your naming
scheme is based on something that looks like an undirected graph, you
may find it easier to write something a little more focussed. For
example, the trivial awk script
/^interface / {
ifname = $2;
gsub(/\//, "-", ifname);
gsub(/\./, "-", ifname);
}
/^ ip address / {
print $3, ifname ".someisp.net";
}
will digest cisco-style configs like
interface FastEthernet3/1/0.214
ip address 203.97.1.241 255.255.255.240
...
!
interface POS3/2
ip address 199.212.93.1 255.255.255.252
...
and excrete the following, for example:
203.97.1.241 FastEthernet3-1-0-214.someisp.net
199.212.93.1 POS3-2.someisp.net
Building IN-ADDR.ARPA zones from data like that is not at all
difficult. Dealing with JUNOS configs is marginally more difficult
with line-based tools like awk, but still entirely possible (see
those example scripts I mentioned for examples).
Package up some of this stuff so it will run unattended, and run it
out of cron every $interval, and suddenly reverse DNS takes no effort
at all.
The hard bit is back at the beginning, working out what the mapping
of router configuration -> DNS name should be (i.e. what your naming
scheme is).
Joe