Home / Blogs

Supporting New DNS RR Types with dnsextlang, Part II

John Levine

Previous article introduced my DNS extension language, intended to make it easier to add new DNS record types to DNS software. It described a new perl module Net::DNS::Extlang that uses the extension language to automatically create perl code to handle new RRTYPEs. Today we look at my second project, intended to let people create DNS records and zone files with new RRTYPEs.

I've long had a DNS "toaster", a web site where my users and I could manage our DNS zones. Rather than limiting users to a small list of RRTYPEs, it lets users edit the text of their zone files, which works fine except when it doesn't. Every hour a daemon takes any changed zonefiles, signs them, and passes them to the DNS servers. With no syntax check in the toaster, if there's a syntax error in a zone file, the entire rebuild process fails until someone (usually me) notices and fixes it.

Since the toaster is written in python, I wrote a python library that uses the same extension language to do syntax checked zone edits and a simple version of the toaster as a django app that people can start with. The syntax checker does two things: one is to read text strings that are supposed to be DNS master files, or single master records and check whether they're valid. The other is to create and parse HTML forms for DNS records to help people enter valid ones.

To show how this works, I put a series of screen shots in this PDF so you can follow along.

The first screen shows the site after you log in, with a few existing random domains. If you the Create tab, you get the second screen, which lets you fill in the domain name and (if you're a site admin) the name of the user who owns the site. Click Submit, and now you're on the edit page, where you can see the zone has been created with a single comment record, just so it wouldn't be empty.

There's a New Record: section where you can choose the record type you want to create, and click Add. The set of record types is created on the fly from the extension language database in the DNS that I described in the last blog post, so you can create and later edit any RRTYPE that the extension language can describe. We choose MX and click Add, which gives us a screen with a form that has all of the fields in the MX record. This form is also created on the fly by the extension language library, so for each rrtype, it will show an appropriate form with prompts for each field. Fill in the form and click Submit, and the record is added to the zone file if it's valid.

The next screen shows what happens if you get the syntax wrong, in this case, an A record with an invalid IPv4 address. The extension library has a class for every field type that produces helpful error messages in case of syntax errors.

Since sometimes it's tedious to edit a record at a time, there's also a Block edit mode, shown in the next screen, where you can edit the zone as a block of text. When you submit the changes, it syntax checks the zone. The next screen shows an error message for an AAAA record with an invalid IPv6 address.

Not shown are some other odds and ends, notably a batch script that exports a list of zone names and a set of zone files that you can give you your DNS server. The django app is only about 1000 lines of python, of which about 1/3 is managing the various web pages, 1/3 is connecting the extlang library to the forms generated by django's forms class, and 1/3 is everything else.

The python library is in pypi at https://pypi.python.org/pypi/dnsextlang/, currently python3 only.

The django app is on github at https://github.com/jrlevine/editdns, written in django 1.9 and python3. It uses the dnsextlang library, of course.

By John Levine, Author, Consultant & Speaker. More blog posts from John Levine can also be read here.

Related topics: DNS

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Cybersecurity

Sponsored by Verisign

IP Addressing

Sponsored by Avenue4 LLC

DNS Security

Sponsored by Afilias

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Don't Gamble With Your DNS

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Radix Adds Dyn as a DNS Service Provider

Dyn Partners with the Internet Systems Consortium to Host Global F-Root Nameservers

Is Your TLD Threat Mitigation Strategy up to Scratch?

Domain Management Handbook from MarkMonitor

What Holds Firms Back from Choosing Cloud-Based External DNS?

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Protect Your Privacy - Opt Out of Public DNS Data Collection

Measuring DNS Performance for the User Experience

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Internet Grows to 296 Million Domain Names in Q2 2015

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Introducing the Verisign DNS Firewall

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider