Features, bugs, etc for the OpenNetAdmin web interface
FS#67 - [patch] [build_bind] Support for Classless IN-ADDR.ARPA delegation (RFC2317)
Attached to Project:
OpenNetAdmin Web Interface
Opened by Alex Kabakaev (synapse) - Friday, 27 November 2009, 21:09 GMT-6
Opened by Alex Kabakaev (synapse) - Friday, 27 November 2009, 21:09 GMT-6
|
DetailsIn order to support the classless IN-ADDR.ARPA delegation, it's required to (1) generate a bind config with domain name like '192/26.2.0.192.in-addr.arpa.' -- for 192.0.2.192/26 being delegated to ONA's DNS server.
Another change (2) is to provide ip numbers in PTR records relative to $ORIGIN, instead of giving FQDN to the left from 'PTR'. So, ideally we need something like this for the network 192.123.161.0/25 ========== $ORIGIN 0/25.161.123.192.in-addr.arpa. $TTL 86400 ;Serial number is current unix timestamp (seconds since UTC) @ IN SOA server.example.com. hostmaster.example.com. (1259378388 86400 3600 3600 3600) 0/25.161.123.192.in-addr.arpa. IN NS server.example.com. 1 IN PTR gw.example.com. 2 IN PTR host1.example.com. ========== Having that, we can add to header's named.conf: zone "0/25.161.123.192.in-addr.arpa" in { type master; file "/etc/bind/zone_data/named-161.123.192.in-addr.arpa"; // allow-transfer { slave_dns; }; // to support slave dns }; ========== solution ========== The (1) change should be made in www/include/functions_general.inc.php to allow '/' symbol in a host name: diff /tmp/original/ona/www/include/functions_general.inc.php functions_general.inc.php 887c887 < if (preg_match('/^([a-z0-9_\*]([a-z0-9_\.\-]*))?[a-z0-9]$/', $string)) { --- > if (preg_match('/^([a-z0-9_\*]([a-z0-9_\.\-\/]*))?[a-z0-9]$/', $string)) { == The (2) change is made in build_bind.inc.php.diff $ cat build_bind.inc.php.diff 415c415,418 < $text .= sprintf("%-50s %-8s IN %-8s %s.%-30s %s\n" ,ip_mangle($interface['ip_addr'],'flip').'.in-addr.arpa.',$dnsrecord['ttl'],$dnsrecord['type'],$ptr['name'],$ptr['domain_fqdn'].'.',$dnsrecord['notes']); --- > # $text .= sprintf("%-50s %-8s IN %-8s %s.%-30s %s\n" ,ip_mangle($interface['ip_addr'],'flip').'.in-addr.arpa.',$dnsrecord['ttl'],$dnsrecord['type'],$ptr['name'],$ptr['domain_fqdn'].'.',$dnsrecord['notes']); > $ip_last_digit = ip_mangle($interface['ip_addr'],'flip'); > $ip_last_digit = substr($ip_last_digit, 0, strpos($ip_last_digit,'.')); > $text .= sprintf("%-50s %-8s IN %-8s %s.%-30s %s\n" ,$ip_last_digit,$dnsrecord['ttl'],$dnsrecord['type'],$ptr['name'],$ptr['domain_fqdn'].'.',$dnsrecord['notes']); === It works for me, so it might be that i forgot to mention something else. If it does not work for you, then please look through my full diff at http://netserver.chtd.tpu.ru/ona_diff/ona.diff It gives support for both UTF-8 symbols and classless delegation. |
This task depends upon
I'm inclined to do it that way for now because it opens up possible problems for other names that use the sanitize_hostname function. That function really needs to be updated so you can pass in a type so it can deal with the various rules for the different resource records that behave differently.
Another issue I have found relates to how ONA determines which PTR domain to put records into. I need to update that bit of code to handle things properly if you had the following 3 domains as an example:
0-27.23.168.192.in-addr.arpa
64-27.23.168.192.in-addr.arpa
23.168.192.in-addr.arpa
Also I think the update to the build_bind will need to deal with more than the last digit if someone was using the more encompassing PTR domains like 168.192.in-addr.arpa for example. There is similar code in some of the display record code I think that can be used.
Anyway.. looks like a good feature to add. I'll start getting things incorporated.