#3681 implements a check for existing DNS zone. However, there are deployments (especially some testing / POC ones) when adding the zone which is otherwise resolvable in the network is valid.
It would be nice to populate the DNS zone with the content from forwarders (do zone transfer and put in all records), to seed it with the existing content. That would make it easy to do migrations, and could also be used for POCs / testing setups to keep the hostnames available.
Makes sense, though looks like duplicate to #3681. Though I think the check is orthogonal to forwarders, it would stumble without them too.
This definitelly makes sense - and it really is more general version of #3681. I would schedule both tickets to the same milestone because the 'check' code will be the same.
I updated the title and description to track just the seeding part. It will most probably end in different release as the check itself is much more important than the seeding idea.
One possible poor man's solution: dig's axfr output
dig +noall +answer $DNSDOMAINNAME axfr | grep -v '^;' | grep .
can be piped to
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
#!/bin/bash DNSDOMAINNAME=$1 shift echo "Loading dig output for domain [$DNSDOMAINNAME]" while read name ttl class type value ; do option='' if [ "$class" != IN ] ; then echo "Unexpected class in [$name $ttl $class $type $value]" >&2 elif [ "$name" == "$DNSDOMAINNAME" -o "$name" == "$DNSDOMAINNAME." ] ; then # Skip : else name=${name%.$DNSDOMAINNAME.} case "$type" in A ) option="--a-ip-address=$value" ;; AAAA ) option="--aaaa-ip-address=$value" ;; CNAME ) option="--cname-hostname=$value" ;; TXT ) option="--txt-data=$value" ;; NS ) option="--ns-hostname=$value" ;; SRV ) # Skip ;; * ) echo "Unexpected type in [$name $ttl $class $type $value]" >&2 ;; esac fi if [ -n "$option" ] ; then ipa dnsrecord-add $DNSDOMAINNAME $name "$option" || echo "add of $name $option failed" fi done
to create the records.
... or use script https://github.com/spacekpe/zone2dyndb-ldif and do LDIF import.
Metadata Update from @adelton: - Issue assigned to someone - Issue set to the milestone: Future Releases
Thank you taking time to submit this request for FreeIPA. Unfortunately this bug was not given priority and the team lacks the capacity to work on it at this time.
Given that we are unable to fulfil this request I am closing the issue as wontfix. To request re-consideration of this decision please reopen this issue and provide additional technical details about its importance to you.
Metadata Update from @rcritten: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.