This provider maintains a directory with a collection of .zone files.
This provider does not generate or update the named.conf file, nor does it deploy the .zone files to the BIND master. Both of those tasks are different at each site, so they are best done by a locally-written script.
The BIND provider does not require anything in
you can specify a
directory where the provider will look for and create zone files. The default is the
zones directory (in the current directory).
The BIND accepts some optional metadata via your DNS config when you create the provider:
In this example we set the default SOA settings and NS records.
SOA records are a bit weird in DNSControl. Most providers auto-generate SOA records and do not permit any modifications. BIND is unique in that it requires users to manage the SOA records themselves.
Because BIND is unique, BIND’s SOA support is kind of a hack. It leaves the SOA record alone, with 2 exceptions:
default_soa values are only used when creating an SOA for the first time. The values are not used to update an SOA. Therefore, the only way to change an existing SOA is to edit the zone file.
There is an effort to make SOA records handled like A, CNAME, and other records. See https://github.com/StackExchange/dnscontrol/issues/1131
DNSControl tries to maintain the serial number as yyyymmddvv. The algorithm for increasing the serial number is to select the max of (current serial + 1) and (yyyymmdd00). If you use a number larger than today’s date (say, 2099000099) DNSControl will simply increment it forever.
The good news is that DNSControl is smart enough to only increment a zone’s serial number if something in the zone changed. It does not increment the serial number just because DNSControl ran.
DNSControl does not handle special serial number math such as “looping through zero” nor does it pay attention to the rules around the maximum delta permitted. Those are simply avoided because yyyymmdd99 fits in the first quadrant of the 32-bit serial number space. If you don’t understand this paragraph consider yourself lucky; with DNSControl you don’t need to.
filenameformat parameter specifies the file name to be used when
writing the zone file. The default is acceptable in most cases: the
name as specified in the
D() function, plus “.zone”.
The filenameformat is a string with a few printf-like
%Uthe domain name as specified in
%Dthe domain name without any split horizon tag
%Tthe split horizon tag, or “”, see
xif the split horizon tag is non-null, otherwise nothing.
xcan be any printable.
%) are copied unchanged to the output stream
/or other filesystem separators result in undefined behavior
%T%*U%D.zone(optional tag and
_+ domain +
The last example will generate the same name for both
assumes two BIND providers are configured in
creds.json, eacch with
directory setting. Otherwise
dnscontrol will write
both domains to the same file, flapping between the two back and
get-zones all subcommand scans the directory for
any files named
*.zone and assumes they are zone files.
dnscontrol get-zones --format=nameonly - BIND all
filenameformat is defined,
dnscontrol makes an guess at which
filenames are zones but doesn’t try to hard to get it right, which is
mathematically impossible in all cases. Feel free to file an issue if
your format string doesn’t work. I love a challenge!