Syncing Interworx With External DNS Servers [HOWTO]

Customization Hacks / Tools / Tips / Tricks
1

Installing External DNS For Your Interworx Server(s)
If you are like us and have several Interworx servers that house clients, and
want those clients to be able to change their DNS settings through the Interworx cp you are pretty much out of luck without some serious hacking.

Well, we had the same problem and decided to solve it. Here is a short HOWTO on syncing all of your Interworx servers with an external tinydns server(s).

Here is what is needed:

  • A server, or servers with the Interworx CP installed. Steps will be color coded green
  • A server, or server with an Interworx compatible OS installed. Steps will be color coded blue
  • About an hour
  • A brain with a mass of at-least 525 grams. For more information on calculating brain mass, please visit: http://www.roadtoreading.org/personal/brain_power.html
  • Some sense of humor

For everyone’s clarification here are the terms that we will be using in this HOWTO:

  • CPServer = Refers to one of your Interworx servers that you would like to sync with a "DNS Server"(see next item).
  • DNS Server = Refers to one of your external DNS servers that will actually be publishing the data from your CPServer(s).
  • Tinydns = The actual DNS program that runs on your "DNS Servers" (see item above).
  • *word* = The inclusion of "*" marks around a word means that the word is emphasized.
  • // = When a line starts with these symbols: "//" it is a comment...Don't type this on the command line...It is just me trying to help you understand a specifc command.
  • patience = The capacity, quality, or fact of being patient
  • hosed = [i]"(Slang.) To attack and kill (a computer entity), typically by use of a poorly executed user input, example: Peter hosed the computer by typing: (rm -rf /)."[/i] [b]THIS IS ALWAYS BAD[/b]

Warning: This HOWTO and related scripts are provided with absolutely positively no warranty. Any damage they do to your system we are indeed sorry for, however we cannot be help liable. Proceed at your own risk…(it really isn’t that bad).

Ok, throw on your brain protectors, grab a Mountain Dew, and perhaps say a small prayer…lets begin.

Step #1 - Install tinydns(and related apps) on your DNS Server(s)
Since this HOWTO is relatively platform inspecific (you can make it work on a FreeBSD box), we will use the standard install(compile).

[b]Hose Potential Warning: These steps must NOT be executed on your CPServers![/b]

Visit: http://cr.yp.to/djbdns/run-server.html for the exact step by step instructions on installing tinydns.

Step #2 - Install PHP On Your DNS Server(s)
Yeah yeah, I know…a simple SH would have been easier…but I like PHP, support it’s use in shell scripting…and Interworx uses it as well. It was just a natural selection.

The script for syncing the CPServer(s) to the DNS Server(s) does not need any special modules installed. We just need to do a standard install.


mkdir /var/src
mkdir /var/src/tar
cd /var/src/tar

wget http://techdev.gethosted.net/php/php-current.tar.gz
cd /var/src
tar zxf tar/php-current.tar.gz

cd php*
./configure
make
make install

You should see quite a few lines run by, and hopefully no errors…If there were errors take a look here: http://www.php.net/manual/en/install.php

Step #3 - Grant Access To Your DNS Server(s) On Your CPServer(s)
Interworx comes with a pretty nifty XML access system that lets other computers access the DNS records it currently publishes via a PHP file. This option is disabled by default, however we can selectively add in the authorized IPs by editing a simple text file. Lets begin:


// This assumes you are on your CPServer and at a command line
cd /home/interworx/etc/
vi remote-access.ini

Great, you should now have a file that looks a little like this:


[dns]
exportdns.allow=""

We want it to look like:


[dns]
exportdns.allow="xxx.xxx.xxx.xxx"

Please replace the “xxx.xxx.xxx.xxx” with the IP of your DNS Server(s). If you have multiple DNS Servers that will be accessing this CP Server seperate the IP addresses with the “|” symbol.

Go ahead and save that file…We are all done with the CP Server

Step #4 - Download The DNS_SYNC Script On Each DNS Server
Ok, we don’t have much left…Now we just need to download the DNS_SYNC script and configure it.


mkdir /usr/local/dns_sync
cd /usr/local/dns_sync
wget http://techdev.gethosted.net/dns_sync/dns_sync
chmod 770 dns_sync

Ok, great…if everything went ok we just downloaded DNS_SYNC and made it executable.

Now we need to configure it for your specific installation:


vi dns_sync

You should now see the actual syncing script, and there should be quite a few comments. Read each of those comments, the defaults usually are ok for most installations, but if you have errors while syncing make sure they are correct.

After you have read through the comments, and made the corresponding changes save the file and return back to the prompt.

IMPORTANT: The last variable in the variable section is a variable called: $TEST_MODE . This variable defaults to: true (Test Mode is one). Test mode will just download the DNS data from your CP servers, however it will not overwrite your default tinydns datafile, nor will it create a .cdb file.

Once this variable is set to: false , the tinydns datafile will be overwritten with the dns_sync created one and dns_sync will create a new cdb file.

Ok, now that we have the configuration stuff taken care of we need to test the script to see if everything is running. Go ahead and type the following from a command prompt:


/usr/local/dns_sync/dns_sync

You should see some status messages outputted to the shell screen while dns_sync is working.

Here are some crucial lines:


##### XML Data File Successfully Downloaded For: yourserver.domain.com #####

That one is very good…Jump up and down 10 times if that one is displayed!


#######  - {insert number here} records added for server: yourserver.domain.com

That is also good…10 more jumps for you!


##### Writing yourserver.domain.com data to new tinydns datafile.....Done

That is the best one…That means all of the tinydns data has been successfully parsed and added to a temporary datafile.

You can feel free to take a look at that datafile if you would like to make sure all of the configuration is correct. You can take a look at it by doing:


cd /usr/local/dns_sync/data
cat data

Once you are happy that everything is correct, go ahead and set the $TEST_MODE variable in the dns_sync script to false, and run the command again:


/usr/local/dns_sync/dns_sync

There should be two additional lines outputted by the script…they are:


##### Copying new data to tinydns production file
##### Running the tinydns makefile.......Done
##### dns_sync completed successfully

Now everything should be sync’d correctly!

We have the script sync with all of our Interworx server(s) every 5 minutes. The bandwidth transferred is really negligible, and the ability for users to create/edit subdomains from within Interworx is a huge plus!

If you received any errors during the process feel free to post them to this thread or to e-mail me: techdev@gethosted.net

This is a beta release, so feedback/bug reports would be much appreciated! Enjoy!

Peter

2

This is fantastic gethosted and not many people know of the xml-export ability so at least we have a solid ‘howto’ now so 1) people know it exists and 2) it’s not mega mysterious anymore :).

Thanks a ton,

Chris

1 Like
3

i’m not gonna use it for the moment, but that’s a great tutorial !!!
thank you very much, you make some great work to help this comunity :slight_smile: :slight_smile:

1 Like
4

you’ve done a great job. Thta’s cool

If you are like us and have several Interworx servers that house clients, and
want those clients to be able to change their DNS settings through the Interworx cp you are pretty much out of luck without some serious hacking.

haha, maybe I’ve jumped to high when I was young, because I do not understand this sentence

want those clients to be able to change their DNS settings through the Interworx cp

yes. I want, but it is already the case ?
to have an external dns server will not give the ability to those clients to change their dns without an other script giving them an interface to do this ?

I understand what you are doing, but I do not undersatand this sentence… ouin ouin :confused: :frowning:

somebody could explain me :rolleyes:

Thanks
Pascal

5

Pascal,
Basically this script allows you to sync all of the Interworx DNS information with an external DNS server.

This is often referred to in the Bind world as a master-slave sync…or a zone transfer.

The best way to describe it is to ask a question:

Suppose you have 50 Interworx servers that house client websites, etc. You want each account on those 50 servers to be able to add subdomains, etc.

Now, the not so great way of doing this would be to register 100 NS servers with your registrar(i.e. ns1-ns100). Then, each Interworx server would have its own ns server associated to it(i.e. ns20 ns21 for one server). Your clients would have to put ns20 and ns21 into their nameserver settings at their registrar. That would be the wrong way to do things.

The right way, and the way I would suggest doing it would be to have two “external” DNS servers for those 50 interworx servers. These servers would do nothing besides serve DNS information.

In order to “sync” all of those 50 Interworx servers to the external DNS servers you would need to use the script I wrote above.

This method would allow you to tell your clients to just use: ns1 and ns2.yourdomain.com as their nameservers.

Does this make sense?

Peter

6

lol, ok now I understand.

"to be able to change their DNS settings through the Interworx cp " disturb me a lot.

I thought you talking about a more functionnal tool to allow the users to edit their dns information (as nodeworks does for esample)

You absolutly right.

And I’ll tell more, with this script ypu may now easliy create a primay dns server on a dedicated dns box1 and the secondary on an other dedicated dns box, that is also great.

I was thinking doing this only by rsync the /var/djbdns/tinydns/root/data.cdb, but there was some pbms doing this.

So your script is really welcome

Great job

Pascal

7

Now It’s time for me to play with this !!!

I’ve decided to have only 2 dns servers regitered and not 1 hundred :slight_smile:

Ok a question : Is it possible that my DNS server are hosted on a Interworx-cp server ? I do not have so much money to have a dedicated box only for DNS.

So I’d like to share one box as dns server and interworx-cp

Is it ok ?

Thanks

Pascal

8

Could an Interworx member confirm me that I may use the /var/djbdns/tinydns/root/data rather /etc/tinydns/root/data to add the data that come from the interworx xml dns-export ?

I’d like to use a box with Interworx as my main dns server and includ in it the dns informations that come from others interworx cp server

Is it ok ?

9

I’m a little confused by the question Pascal. /etc/tinydns/root/data?

Chris

10

In the gethosted script “dns_sync” it adds dns data somewhere in /etc/tinydns/root/data

Also he told us

Step #1 - Install tinydns(and related apps) on your DNS Server(s)
Since this HOWTO is relatively platform inspecific (you can make it work on a FreeBSD box), we will use the standard install(compile).

Hose Potential Warning: These steps must NOT be executed on your CPServers!

Visit: http://cr.yp.to/djbdns/run-server.html for the exact step by step instructions on installing tinydns

So if I understand well it means that he installed a new dns server from scratch. Maybe by default the data is are store in /etc/tinydns/root/data ?

Hose Potential Warning: These steps must NOT be executed on your CPServers!

Not sure why, my idea is that it is possible to have my main dns server on an interworx box as this one has already tinydns etc …

Also not sure to have to do these steps http://cr.yp.to/djbdns/run-server.html

I could change the directory set in the gethosted script as he has commented all the codes. But before doing this I’d like to be sure I can export all the dns data from my others interworx-cp boxes to one boxe with intetrworx-cp ?

If yes, is there some things I have to change, to be care with ?

Thanks

11

Pascal,
Personally, I would run two instances of tinydns on that second Interworx box. One would be the one that Interworx comes installed with, and the second I would install myself. It is very easy to do, just assign your machine another IP address and create a new directory for the tinydns installation.

Once the install has been completed simply edit my script to point to that new tinydns installation and run as usual. It should query all of the information from your servers and add it to that new tinydns install.

Hope this helps,

Peter

12

It is very easy to do, just assign your machine another IP address

Not sure to understand. When I look the default interworx’s tinydns install it seems tinydns is on (“listening”) all IP.

What do you mean by assign your machine another IP address ?

Ok say that I have two boxes.
Box1 is today my dns server box + interworx-cp
Box2 is a new one (also with interworx-cp)

I install a new tinydns instance on the box2. Right ?
Then I read the export-dns.php from box1. Right ?
But I also have to read the export-dns.php file that is on the same box, so box2 ? inst it ?

After this, I’ll have to register in my registrar this new dns server. And change all existing account to this new dns server. Every account won’t be available for 12h/-48h00 the time all world dns server been updated. Right ? It’s also why I would prefer keep my existing dns server.

Why do you think it should be best to create a second tinydns server on the same box ? to not interfer with the interworx one ?

Thanks a ton for your help

I’m really not so good in dns management

Pascal

13

Chris ? Paul ?

What is your comment. What Interworx would do or thing is the best to do ?

I’m waiting for your opinion before starting to use this box.

Also, today I have registered 2 names server (primary and secondary) at my registrar, would it be possible to uses these two IP for the new (second) tinydns instance (in case I can’t use the existing one) ?

What is the difference between this http://cr.yp.to/djbdns/run-server.html and the interworx-cp installation ?

If I follow this http://cr.yp.to/djbdns/install.html and this http://cr.yp.to/djbdns/run-server.html would be ok and suffisant ? Any pbm to do this with my on my two registered dns IP ? no conflict with interworx ?

If not thanks for your assistance and to provide a mini howto if you can.

I’d like to understand. Apparently on an interworx box there is a dns server on every IP ?
Indeed I have a data.cdb file in every /service/tinydns-xx.xx.xx.xx directory (where xx.xx.xx.xx is all the IP adress hosted on my box)

Thanks a ton for your help

Pascal

14

Pascal,

There’s so many questions here I’ll just lay out how iworx-cp works and how to sync 2 servers easily.

iworx-cp runs an instance of tinydns (tinydns is the iterative dns server) on every IP bound to your server by default.

If you nslookup using any IP on the server as a dns server you’ll get a response for sites hosted on the server.

You can use any of these IPs as a dns server, so any is valid to provide (along with their DNS’d name) to a domain registrar.

gethosted’s script is a good way to sync servers using iworx-cp’s DNS database. If you simply want a 2nd DNS server which mirrors your iworx-cp box and only the iworx-cp box all you really have to do is the following:

  • setup tinydns on the 2nd (non-iworx) server (using any docs you find, the cr.yp.to docs are fine here and you can use them).

  • every so often just copy /var/djbdns/tinydns/root/data.cdb from the iworx-cp server to your new tinydns server’s tinydns/root directory. Nothing else is needed, no restating, nothing.

That’s the simplest method to get 2 dns servers with the same data answering iterative queries.

Chris

15

Thanks Chris

The only thing I’d like is to use the DNS server I already have on my Interworx-cp as my main dns server for ALL other boxes. I mean I have one boxe with interworx-cp and I have registered at my registrar 2 IPs of this one to be my main dns server.
Now I’d like that all others interworx-cp boxe update the data.cab of the first dns server owned by the first box. In fact exactly as gethosted howto does, but only keep my exisitng dns server as the main one, not creating a new one on an other box

I hope what I wrote is understanding ?

So the only real question I have is to know if I can use my existing dns server (the ones on my first interworx-cp) as the main one ?

Thanks a ton

Pascal

16

“main” or “primary” isn’t really distinguished in djbdns. If you copy the data.cdb from the iworx-cp box to all others then you could call the iworx-cp box the “main” one since it holds all the base data. So the short answer is, yes, this is possible.

Chris

17

ok

but you mean if I copy the data.cdb from, and not to, all others box to the main one, isn’t it ?

18

copy data.cdb from whatever box you want to deem “main” to all boxes that you want to deem “secondary”.

Chris

19

Ok sorry Chris, but I understand that maybe you don’t understand what I mean. It’s sure it is because I have some pbms to explain. Sorry for that. Really.

When I tell MAIN I don’t mean primary. My primary dns server and my secondary (in fact an other primary if I understand well) dns server is defined on 2 IPs on box 1.
I’d like to use these 2 dns server as my dns servers for ALL interworx-cp boxes. So every changes on other boxes as to be copied (replicated) to these two dns server.

Ok I understand now that /var/djbdns/tinydns-xxx.xxx.xxx.xxx/root/data.cdb is a link to /var/djbdns/tinydns/root/data.cdb (I didn’t figure out this)

So, I’ll do some tests.
Allow on my box1 the access from box2

[dns]
exportdns.allow=“xxx.xxx.xxx.xxx”

modify the gethosted script to get data from box2 from /var/djbdns/tinydns/root/data.cdb to modify /var/djbdns/tinydns/root/data.cdb on box1

Anyway

Thanks a ton for your patience and your time past with me.

Pascal

20

Ok finally it seems to work

I have two Iworx-cp box, my box1 is my dns server

I have edited on box2
[dns]
exportdns.allow=“xxx.xxx.xxx.xxx” (= ip of box1)

Changed in the gesthosted script :
– the tinydns path to /var/djbdns/tinydns
– the iworx server to my box2 ip

And everything works fine

I’m just afraid now to forget to also add my box1 as an iworx server in the gethosted script. Indeed, I afraid to have updated my data.cdb file with only the dns data from box2 and so lost and erased the data from box1. In fact the script look in data to keep existing data, but as in data there is nothing the first time, I assume than Interworx create directly data.cdb without adding not compiled (clear information) information in data

I think i’d also add the box1 as iworx server to sync from

Lol I’ve asked a ton of questions before trying, I had to test by myself. Unless there is this last questoin to resolve

Pascal