BIND(named)에서 $GENERATE 지시어를 사용하는 방법
BIND(named)에서 $GENERATE 지시어를 사용하여 여러 개의 DNS 레코드를 생성할 수 있습니다. $GENERATE 지시어는 특정 패턴을 기반으로 DNS 레코드를 생성하므로, DNS 서버를 구성하는 데 매우 유용합니다.
기본 파일 확장자: $GENERATE 지시어
$GENERATE first-last@interval pattern
- first : 생성될 첫 번째 레코드의 숫자
- last : 생성될 마지막 레코드의 숫자
- interval : 레코드 간의 간격
- pattern : 레코드의 이름 및 기타 속성을 지정하는 패턴
예를 들어,
172.20.0.0/24 역도메인(reverse domain) zonefile 생성
- named.conf(/etc/bind/named.conf) 편집
vim /etc/bind/named.conf
zone "0.20.172.in-addr.arpa" {
type master;
file "172.20.0.zone";
};
- 172.20.0.zone(/var/cache/bind/172.20.0.zone) 편집
vim /var/cache/bind/172.20.0.zone
$TTL 60
$ORIGIN 0.20.172.IN-ADDR.ARPA.
@ IN SOA localhost. root.localhost. (
2022112307 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns.mocha.scbyun.com.
;
$GENERATE 1-10 $ IN PTR $.
- zonefile 문법 검사
named-checkzone 0.20.172.IN-ADDR.ARPA 172.20.0.zone
$ named-checkzone 0.20.172.IN-ADDR.ARPA 172.20.0.zone
zone 0.20.172.IN-ADDR.ARPA/IN: loaded serial 2022112307
OK
$GENERATE 지시어 ↓↓↓↓↓
Syntax: $GENERATE range lhs [ttl] [class] type rhs [comment]
$GENERATE is used to create a series of resource records that only differ from each other by an iterator. $GENERATE can be used to easily generate the sets of records required to support sub /24 reverse delegations described in RFC 2317: Classless IN-ADDR.ARPA delegation.
$ORIGIN 0.0.192.IN-ADDR.ARPA.
$GENERATE 1-2 0 NS SERVER$.EXAMPLE.
$GENERATE 1-127 $ CNAME $.0
is equivalent to
0.0.0.192.IN-ADDR.ARPA. NS SERVER1.EXAMPLE.
0.0.0.192.IN-ADDR.ARPA. NS SERVER2.EXAMPLE.
1.0.0.192.IN-ADDR.ARPA. CNAME 1.0.0.0.192.IN-ADDR.ARPA.
2.0.0.192.IN-ADDR.ARPA. CNAME 2.0.0.0.192.IN-ADDR.ARPA.
...
127.0.0.192.IN-ADDR.ARPA. CNAME 127.0.0.0.192.IN-ADDR.ARPA.
range
This can be one of two forms: start-stop or start-stop/step. If the first form is used, then step is set to 1. All of start, stop and step must be positive.
lhs
This describes the owner name of the resource records to be created. Any single $ (dollar sign) symbols within the lhs string are replaced by the iterator value. To get a $ in the output, you need to escape the $ using a backslash \, e.g. \$. The $ may optionally be followed by modifiers which change the offset from the iterator, field width and base. Modifiers are introduced by a { (left brace) immediately following the $ as ${offset[,width[,base]]}. For example, ${-20,3,d} subtracts 20 from the current value, prints the result as a decimal in a zero-padded field of width 3. Available output forms are decimal (d), octal (o) and hexadecimal (x or X for uppercase). The default modifier is ${0,0,d}. If the lhs is not absolute, the current $ORIGIN is appended to the name.
For compatibility with earlier versions, $$ is still recognized as indicating a literal $ in the output.
ttl
Specifies the time-to-live of the generated records. If not specified this will be inherited using the normal TTL inheritance rules.
class and ttl can be entered in either order.
class
Specifies the class of the generated records. This must match the zone class if it is specified.
class and ttl can be entered in either order.
type
At present the only supported types are PTR, CNAME, DNAME, A, AAAA and NS.
rhs
rhs is a domain name. It is processed similarly to lhs.
The $GENERATE directive is a BIND extension and not part of the standard zone file format.
BIND 8 does not support the optional TTL and CLASS fields.
Additional File Formats
In addition to the standard textual format, BIND 9 supports the ability to read or dump to zone files in other formats. The raw format is currently available as an additional format. It is a binary format representing BIND 9's internal data structure directly, thereby remarkably improving the loading time.
For a primary server, a zone file in the raw format is expected to be generated from a textual zone file by the named-compilezone command. For a secondary server or for a dynamic zone, it is automatically generated (if this format is specified by the masterfile-format option) when named dumps the zone contents after zone transfer or when applying prior updates.
If a zone file in a binary format needs manual modification, it first must be converted to a textual form by the named-compilezone command. All necessary modification should go to the text file, which should then be converted to the binary form by the named-compilezone command again.
Although the raw format uses the network byte order and avoids architecture-dependent data alignment so that it is as much portable as possible, it is primarily expected to be used inside the same single system. In order to export a zone file in the raw format or make a portable backup of the file, it is recommended to convert the file to the standard textual representation.
참고URL
- readthedocs : https://bind9.readthedocs.io/en/v9_18_4/chapter3.html
- bind $GENERATE Directive : https://scbyun.com/384
'네임서버' 카테고리의 다른 글
우분투에서 DNS 서버로 Bind를 사용하고 포워딩(Forwarding)을 설정하는 방법 (0) | 2023.10.22 |
---|---|
BIND(named)의 로깅을 설정하는 방법(bind logging) (0) | 2023.10.14 |
bind bad owner name (check-names) (0) | 2023.01.16 |
[네임서버] caching dns server(bind caching only dns server) (0) | 2023.01.16 |
BIND DNS 서버에서 통계 채널(bind statistics-channels)을 설정하는 방법 (0) | 2023.01.16 |