This document is an overview of the DNS Manager architecture.
Below you can find the list of export scripts available:
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
DNS RFC compliance
DNS Manager complies to the RFC listed below.
Aspect | RFC | Description |
|---|---|---|
| A record | RFC 1035 | |
| AAAA record | RFC 3596 | |
| CNAME record | RFC 1035 | |
| MX record | RFC 1035 | |
| NAPTR record | ||
| CAA record | RFC 6844 | |
| NS record | RFC 1035 | |
| PTR record | RFC 1035 | |
| SRV record | RFC 2782 | |
| TXT record | RFC 1035 | |
| TXT record stuctured | RFC 1464 | Structured format in TXT data fields. |
| SOA record | RFC 1912 | For default values for SOA records. |
| SERIAL | RFC 1912 | Supports both RFC 1912 and timestamp SOA Serial number formats. |
| Classless delegation | RFC 2317 | Classless routing allows allocation of subnets on non-octet boundaries that is less than 256 addresses from a Class C address. |
| E.164 | RFC 3761 | DNS zones for storage of E.164 numbers. |
| IPv6 zones | RFC 4291 | Reverse DNS lookups for IPv6 addresses. |
| Mask delimiters | RFC 4183 | Both / and - are supported as mask delimiters. |
| SRV services and protocols | RFC 3958 | The list of services and protocols accepted by SRV records. |
| IPv6 format | RFC 5952 | Recommendation for IPv6 address text representation. |
| Dynamic Delegation Discovery System (DDDS) | ||
Straightforward-NAPTR (S-NAPTR) Specification | RFC 3958 | |
DomainKeys Identified Mail (DKIM) | RFC 4871 | |
| List of accepted services for SRV and NAPTR records | https://www.iana.org/assignments/enum-services/enum-services.xhtml | |
Wildcard usage in IPv6 reverse DNS | ||
Split value of long TXT record in 255 characters strings | RFC 4408 |
Zone dump
The zone dump file format that is used by DNS Manager remote update protocol has been improved with:
- Zones are classified according to type, if a zone type is missing, then the zone is treated as master
- Master server IP addresses can be included in the dump on slave zones
- Allow-transfer server IP addresses can be included in the dump on master zones
- SOA records can be included in the dump on master zones, if the SOA records are not found in the dump, they are inherited from the client or system defaults;
- Classless IN-ADDR.ARPA delegation for zone names and records (RFC 2317)
- E164.ARPA
- Reverse DNS lookups for IPv6 addresses
- $ORIGIN, @ and blank substitution
- Both / and - as mask delimiters for reverse zones
- The primary nameserver may be tagged to be imported correctly
Dump file examples
Master zones examples
domain.ltd.|master {
|SERIAL| |2011110802| || ||
|DEFAULT_TTL| |86400| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|ALLOW_TRANSFER| |4.3.2.1| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|AAAA| |sub.domain.ltd.| |2001:db8:85a3:88:8a2e:370:7334:89| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |domain.ltd.| |sometext| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
|NAPTR| |mail.domain.ltd.| |!^.*$!mailto:info@domain.ltd!i| |6| |5| || || |SMTP| |A| ||
|SRV| |_sip._tcp.domain.ltd.| |.| |5| |25| |12345| ||
|SRV| |_sip._tcp.domain.ltd.| |anotherdomain.com.| |10| |20| |5560| ||
|SRV| |_h323._udp.domain.ltd.| |sub.domain.ltd.| |15| |25| |8550| ||
}
testdomain.com.|master {
|$ORIGIN| |com.| || ||
|TXT| |testdomain| |v=spf1 a mx ptr mx:mail.testdomain.com ~all| ||
|NS| || |ns1.test-web| ||
|NS| || |ns2.test-web| ||
|A| || |64.85.2.56| ||
|CAA| |test.testdomain.com.| |test.com| |issue| |2|
}
Default zone type is master
If the zone type is missing, it is assumed to be a master zone definition.
domain.ltd.{
|REFRESH| |108002| || ||
|RETRY| |36002| || ||
|EXPIRE| |604802| || ||
|MIN_TTL| |86402| || ||
|DEFAULT_TTL| |86402| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |4.3.2.1| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|AAAA| |sub.domain.ltd.| |2001:db8:85a3:88:8a2e:370:7334:89| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |domain.ltd.| |sometext| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
}
Slave zones example
Slave zones may included in dump as follows:
3.2.1.in-addr.arpa.|slave {
|MASTER| |6.7.8.9| || ||
|MASTER| |1999:db8:a0b:12f0:a1b2:c3d4:f5e6:1234| || ||
|ALLOW_TRANSFER| |2002:a96:b95::a96f:b95| || ||
|ALLOW_TRANSFER| |69.41.170.223| || ||
}
foo.com.|slave {
|MASTER| |1999:db8:a0b:12f0:a1b2:c3d4:f5e6:1234| || ||
|ALLOW_TRANSFER| |69.41.170.223| || ||
}
Classless delegation
The rules mentioned above also apply to reverse DNS zones. You can see below full DNS zones with /24 /28 and /32 subnet mask.
4.3.2.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |36000| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|NS| |4.3.2.in-addr.arpa.| |ns1.name.com.| ||
|NS| |0/25.4.3.2.in-addr.arpa.| |ns.domain.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |zone.name.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom1.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom2.com.| ||
|PTR| |5.4.3.2.in-addr.arpa.| |dom3.com.| ||
|CNAME| |10.4.3.2.in-addr.arpa.| |10.0/25.4.3.2.in-addr.arpa.| ||
|TXT| |host.4.3.2.in-addr.arpa.| |value| ||
|TXT| |4.3.2.in-addr.arpa.| |sometext| ||
}
4/28.3.2.1.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |60480| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |7.8.9.10| || ||
|ALLOW_TRANSFER| |2002:a96:b95::a96f:b95| || ||
|NS| |4/28.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |zone.c.om.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.in-addr.arpa.| |text value| ||
|TXT| |4/28.3.2.1.in-addr.arpa.| |sometext| ||
}
4.3.2.1.in-addr.arpa.|master {
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |60480| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|SERIAL| |1271668821| || ||
|ALLOW_TRANSFER| |7.8.9.10| || ||
|ALLOW_TRANSFER| |2002:a96:b95::a96f:b95| || ||
|NS| |4.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |4.3.2.1.in-addr.arpa.| |zone.c.om.| ||
|TXT| |abc.4.3.2.1.in-addr.arpa.| |sometext| ||
}
$ORIGIN, @ and Blank Substitution
The "@" character is accepted when defining zones. It is substituted with:
The last $ORIGIN directive encountered in the file, or
If no $ORIGIN directive is present - it is generated automatically.
Blank Substitution - with the last valid name (or label) or $ORIGIN if there are no previous names (labels).
testdomain.com.|master {
|NS| |@| |ns.isdomain.com.| ||
|NS| || |new| ||
|MX| |@| |mail.testdomain.com.| |10|
|MX| |test| |mail1.testdomain.com.| |15|
|TXT| |@| |this is not a test| ||
|CNAME| |*.new| |newtest.com.| ||
}
Mask delimiter
Both "-" and "/" character are accepted when defining reverse zones. The zones are different!
4-28.3.2.1.IN-ADDR.ARPA.|master {
|NS| |4-28.3.2.1.IN-ADDR.ARPA.| |aa.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |zone.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |dom1.com.| ||
|PTR| |6.4-28.3.2.1.IN-ADDR.ARPA.| |dom2.com.| ||
|TXT| |a.4-28.3.2.1.IN-ADDR.ARPA.| |text value| ||
|TXT| |4-28.3.2.1.IN-ADDR.ARPA.| |sometext| ||
}
4/28.3.2.1.IN-ADDR.ARPA.|master {
|NS| |4/28.3.2.1.IN-ADDR.ARPA.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |zone.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.IN-ADDR.ARPA.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.IN-ADDR.ARPA.| |text value| ||
|TXT| |4/28.3.2.1.IN-ADDR.ARPA.| |sometext| ||
}
SOA records
If the SOA records are not found in the zone definition, they are inherited from the client preferences, if the client has SOA records defined. If the client has no SOA records defined, the system wide SOA settings defined by the administrator are used.
domain.ltd.|master {
|ALLOW_TRANSFER| |4.3.2.1| || ||
|ALLOW_TRANSFER| |2002:a96:b95::a96f:b95| || ||
|NS| |domain.ltd.| |ns1.domain.ltd.| ||
|NS| |aa.domain.ltd.| |ns.domain.ltd.| ||
|CNAME| |cname.domain.ltd.| |canonical.name.| ||
|CNAME| |somedir.domain.ltd.| |domain.ltd.| ||
|CNAME| |ftp| |domain.ltd.| ||
|A| |mail.domain.ltd.| |192.168.10.32| ||
|MX| |zone.domain.ltd.| |email.exchanger| |10|
|TXT| |txt.domain.ltd.| |v=spf1 exists:%{ir}.%{v}.arpa -all | ||
|TXT| |some-text.domain.ltd.| |any text| ||
|TXT| |private._domainkey.domain.ltd.| |k=rsa; p=MEwwDQYerwqEWwE| ||
|TXT| |domain.ltd.| |text value| ||
}
4/28.3.2.1.in-addr.arpa.|master {
|NS| |4/28.3.2.1.in-addr.arpa.| |aa.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |zone.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom1.com.| ||
|PTR| |6.4/28.3.2.1.in-addr.arpa.| |dom2.com.| ||
|TXT| |a.4/28.3.2.1.in-addr.arpa.| |text value| ||
|TXT| |4/28.3.2.1.in-addr.arpa.| |sometext| ||
}
E164.ARPA reverse zone
Check the below example of E.164 reverse zone that contains all the supported record types, NS and NAPTR:
1.2.3.1.E164.ARPA.|master {
|SERIAL| |1330507579| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|ALLOW_TRANSFER| |134.222.123.123/27| || ||
|ALLOW_TRANSFER| |2002:a96:b95::a96f:b95| || ||
|NAPTR| |2.3.4.5.1.2.3.1.E164.ARPA.| |!regex!replace!| |10| |20| || || |service| |S| |mydomain.tst.|
|NAPTR| |9.1.2.3.1.E164.ARPA.| |!^.*$!mailto:info@example.com!i| |10| |20| || || |email| |S| ||
|NS| |1.2.3.1.E164.ARPA.| |ns1.example.com.| |1|
|NS| |1.2.3.1.E164.ARPA.| |ns2.example.com.| ||
}
IP6.ARPA reverse zone
Check this example of IP6.ARPA reverse zone that contains both supported record types, NS and PTR:
1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.|master {
|SERIAL| |2018071302| || ||
|REFRESH| |10800| || ||
|RETRY| |3600| || ||
|EXPIRE| |604800| || ||
|MIN_TTL| |86400| || ||
|DEFAULT_TTL| |86400| || ||
|NS| |1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |ns1.bar.com.| ||
|NS| |1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |ns3.bar.com.| |1|
|PTR| |9.8.7.6.5.1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |foo.com.| ||
|PTR| |9.9.9.9.9.1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |bar.com.| ||
|PTR| |*.1.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.2.1.2.A.A.2.2.IP6.ARPA.| |newtest.tst.| ||
}
Primary NS
The primary NS record is marked with 1 in the dump file. If missing the NS order is random.
bar.com.|master {
|NS| |bar.com.| |ns1.first.co.uk.| ||
|NS| |bar.com.| |ns2.first.co.uk.| |1|
}
Dump export utilities
Command line utilities
The export command line utilities support the new dump file format. These utilities help you set the DNS Manager server to act as slave DNS for other servers.
The dump export utility should be copied on the primary server. To find out more details about how to configure Primary/Secondary Server Setup with DNS Manager read this KB article.
Dump scripts
New dump scripts are provided for major control panels on the market. The new dump scripts can export both master and slaves zones. Export settings are set as variables in the script or in the configuration file.
Use this command to find the DNSMANAGER_ROOT_D path:
#> grep DNSMANAGER_ROOT_D /etc/dnsmanager/dnsmanager.conf DNSMANAGER_ROOT_D /usr/local/dnsmanager
Below you can find the list of export scripts available:
Zones management software | Folder | DNS Manager Script |
|---|---|---|
| Bind generic | DNSMANAGER_ROOT_D/remote/bind | bind_export.sh |
| DNS Manager | DNSMANAGER_ROOT_D/remote/dnsmanager | dnsmanager_export.sh |
| Plesk Linux | DNSMANAGER_ROOT_D/remote/plesk | plesk_export.sh plesk_export.pl |
| Plesk Windows | DNSMANAGER_ROOT_D/remote/plesk_win | plesk_win_export.exe |
| PowerDNS | DNSMANAGER_ROOT_D/remote/powerdns | powerdns_export.sh |
| Helm Control Panel for Windows | DNSMANAGER_ROOT_D/remote/helm | helm_complete.exe helm_export.exe helm_zones.exe |
| InterWorx Hosting Control Panel | DNSMANAGER_ROOT_D/remote/iworx | iworx_complete.php iworx_zones.php |
| Ensim | DNSMANAGER_ROOT_D/remote/ensim | ensim_complete.sh ensim_zones.sh |
Services
Please find below a list of all services on a DNS Manager 4 server.
Web interface service
- Name:
dnsmanager - Short description: The service is responsible for running DNS Manager web interface
- Init script: Usually located in
/etc/init.d/dnsmanager
Zone management service
- Name:
zonemngd - Short description: The service synchronizes the bind configuration file with updates (received using any means)
- Init script: Usually located in
/etc/init.d/zonemngd
Remote import service
- Name:
updateurld - Short description: The service synchronizes DNS Manager local database with remote updates.
- Init script: Usually located in
/etc/init.d/updateurld
NAMED service
- Name:
named - Short description: BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols; BIND includes a DNS server (named), which resolves host names to IP addresses, a resolver library (routines for applications to use when interfacing with DNS), and tools to verify that the DNS server is operating properly.
- Init script: Usually located in
/etc/init.d/namedor/etc/init.d/named-chroot
Round robin service
- Name -
rrmonitd - Short description - Automates the DNS Round Robin disqualification and qualification when a resource associated with a resource record becomes unavailable/available again.
- Init script - Usually located in
/etc/init.d/rrmonitd
Interface access and disk location
DNS Manager comes with a dedicated web management interface, accessible in the browser at:
https://<your_server_ip>
To log in to the interface for the first time, you must supply the following login credentials:
user: admin password: welcome
The skin directory can be found in:
DNSMANAGER_ROOT_D/admin/htdocs/skins
The language pack directory can be found in:
DNSMANAGER_ROOT_D/admin/htdocs/language
All important paths are defined in /etc/dnsmanager/dnsmanager.conf
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 4.0 International.