Re: Configuring the location of named .jnl files
;> > >> Hi Greg, > >> > >>> In regards to the nsupdate, what is the best way to secure the > >> connection, > >>> so to ensure that only my local server can make the amendments to the > >>> remote server named & zone files? > >>> I dont want anyone/anything else other than my local machine to make > any > >>> changes on my remote BIND server. > >> > >> You should create a TSIG key, and configure the zones on the remote > >> server to only accept dynamic DNS updates signed by this key. And then > >> use this key with nsupdate when sending your updates. Check the man page > >> of nsupdate and look at the '-k' and '-y' options for using tsig keys. > >> > >> You can additionally also configure your remote BIND to accept updates > >> only from certain IP addresses. For details on how to configure this, > >> please read the excellent documentation (especially section 4.2.29 and > >> the "allow-update" option): > >> > >> https://bind9.readthedocs.io/en/v9_16/ > >> > >> Regards, > >> Anand Buddhdev > >> > > > > > -- > > Message: 4 > Date: Mon, 26 Apr 2021 14:46:07 + > From: Dom Brown > To: "bind-users@lists.isc.org" > Cc: Greg Choules > Subject: How to interpret BIND 9 JSON Counters > Message-ID: > < > cwxp123mb3045d7583644d5ff1f7aec30b6...@cwxp123mb3045.gbrp123.prod.outlook.com > > > > Content-Type: text/plain; charset="us-ascii" > > Hi All, > Wonder if you can help, I'm looking to input the BIND 9 JSON stats file to > our OSS PM tool and I need some basic information on the counter types. > Looking at the various counters I need to understand whether they are of > type gauge (a snapshot in time) or counter (we need to calculate the delta > between the last and the last but one values received). > > I think they are gauge but would be great if you can confirm. > > Additionally is there guidance on how the Network Elements and the time > would be aggregated. Would they be aggregated by sum? > > Please feedback if my ask isn't clear. I hope you can help. > > BR, > Dom Brown > 07577 272977 > -- next part -- > An HTML attachment was scrubbed... > URL: < > https://lists.isc.org/pipermail/bind-users/attachments/20210426/94a03d39/attachment.htm > > > > -- > > Subject: Digest Footer > > ___ > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > -- > > End of bind-users Digest, Vol 3696, Issue 2 > *** > -- Cameron Banowsky c. 323-217-8592 o. 323-664-8285 https://shebash.io https://calendly.com/banowsky The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Zonefile Management in git
Thank you Anand, Would it be possible to look at your script and gitlab-ci yaml? This is incredibly helpful. Thank you so much. Cameron Banowsky SHE BASH 323-217-8592 https://shebash.io The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. On Tue, Dec 8, 2020 at 1:54 PM Anand Buddhdev wrote: > Hi Cameron, > > We do something like this for our zones. In our zone repository, I have > a script called "checkzones". I can run it any time in my checkout of > the repository, and it checks all the zones for various things. For > example, it checks for implicit owner names, missing TTL, etc. It also > runs "named-checkzone" for every zone. You can make the script as > extensive as you like. > > Next, we have a GitLab CI/CD config file in the repo, that tells GitLab > to spawn a docker image, check out the repository in there, and run the > "checkzones" script. If it fails for any reason, the pipeline fails. > > Our GitLab repository is configured to prevent direct commits to the > "master" branch. Instead, all users must create a separate branch, and > push their commits to it. If the pipeline succeeds, GitLab merges the > commit to master. If the pipeline fails, the user gets email, and they > need to go and fix their mistakes with additional commits, until the > pipeline succeeds. > > Regards, > Anand > > On 08/12/2020 21:54, Cameron Banowsky wrote: > > > Seasons Greetings, > > > > We are managing our zone files in git and are looking for tools to > > accomplish validation checks within our CI/CD pipeline. Does anyone have > > any pro tips or code references for how we can optimize our user and > admin > > experience? We are using Gitlab CI. > > > > For example, we would like to achieve input validation for zone entries, > > check for syntax errors, automated zone file serial number incrementing, > > and resolve new DNS entries in a staging server. > > > > Any and all help would be greatly appreciated. > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Zonefile Management in git
Seasons Greetings, We are managing our zone files in git and are looking for tools to accomplish validation checks within our CI/CD pipeline. Does anyone have any pro tips or code references for how we can optimize our user and admin experience? We are using Gitlab CI. For example, we would like to achieve input validation for zone entries, check for syntax errors, automated zone file serial number incrementing, and resolve new DNS entries in a staging server. Any and all help would be greatly appreciated. Cameron Banowsky SHE BASH 323-217-8592 https://shebash.io The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
