[리눅스] BIND(named)에서 $GENERATE 지시어를 사용하는 방법

BIND(named)에서 $GENERATE 지시어를 사용하는 방법

BIND(named)에서 $GENERATE 지시어를 사용하여 여러 개의 DNS 레코드를 생성할 수 있습니다. $GENERATE 지시어는 특정 패턴을 기반으로 DNS 레코드를 생성하므로, DNS 서버를 구성하는 데 매우 유용합니다.

기본 파일 확장자: $GENERATE 지시어

$GENERATE first-last@interval pattern

• first : 생성될 첫 번째 레코드의 숫자
• last : 생성될 마지막 레코드의 숫자
• interval : 레코드 간의 간격
• pattern : 레코드의 이름 및 기타 속성을 지정하는 패턴

예를 들어,

172.20.0.0/24 역도메인(reverse domain) zonefile 생성

• named.conf(/etc/bind/named.conf) 편집

vim /etc/bind/named.conf

zone "0.20.172.in-addr.arpa" {
        type master;
        file "172.20.0.zone";
};

• 172.20.0.zone(/var/cache/bind/172.20.0.zone) 편집

vim /var/cache/bind/172.20.0.zone

$TTL	60
$ORIGIN 0.20.172.IN-ADDR.ARPA.
@				IN	SOA	localhost. root.localhost. (
		     			2022112307	; Serial
			 		    604800	; Refresh
			  		     86400	; Retry
					   2419200	; Expire
			 		    604800 )	; Negative Cache TTL
;
@				IN	NS		ns.mocha.scbyun.com.
;
$GENERATE 1-10 $ IN PTR $.

• zonefile 문법 검사

named-checkzone 0.20.172.IN-ADDR.ARPA 172.20.0.zone

$ named-checkzone 0.20.172.IN-ADDR.ARPA 172.20.0.zone
zone 0.20.172.IN-ADDR.ARPA/IN: loaded serial 2022112307
OK

$GENERATE 지시어 ↓↓↓↓↓

Syntax: $GENERATE range lhs [ttl] [class] type rhs [comment]

$GENERATE is used to create a series of resource records that only differ from each other by an iterator. $GENERATE can be used to easily generate the sets of records required to support sub /24 reverse delegations described in RFC 2317: Classless IN-ADDR.ARPA delegation.

$ORIGIN 0.0.192.IN-ADDR.ARPA.
$GENERATE 1-2 0 NS SERVER$.EXAMPLE.
$GENERATE 1-127 $ CNAME $.0

is equivalent to

0.0.0.192.IN-ADDR.ARPA. NS SERVER1.EXAMPLE.
0.0.0.192.IN-ADDR.ARPA. NS SERVER2.EXAMPLE.
1.0.0.192.IN-ADDR.ARPA. CNAME 1.0.0.0.192.IN-ADDR.ARPA.
2.0.0.192.IN-ADDR.ARPA. CNAME 2.0.0.0.192.IN-ADDR.ARPA.
...
127.0.0.192.IN-ADDR.ARPA. CNAME 127.0.0.0.192.IN-ADDR.ARPA.

 

range
This can be one of two forms: start-stop or start-stop/step. If the first form is used, then step is set to 1. All of start, stop and step must be positive.

 

lhs

This describes the owner name of the resource records to be created. Any single $ (dollar sign) symbols within the lhs string are replaced by the iterator value. To get a $ in the output, you need to escape the $ using a backslash \, e.g. \$. The $ may optionally be followed by modifiers which change the offset from the iterator, field width and base. Modifiers are introduced by a { (left brace) immediately following the $ as ${offset[,width[,base]]}. For example, ${-20,3,d} subtracts 20 from the current value, prints the result as a decimal in a zero-padded field of width 3. Available output forms are decimal (d), octal (o) and hexadecimal (x or X for uppercase). The default modifier is ${0,0,d}. If the lhs is not absolute, the current $ORIGIN is appended to the name.

For compatibility with earlier versions, $$ is still recognized as indicating a literal $ in the output.

 

ttl

Specifies the time-to-live of the generated records. If not specified this will be inherited using the normal TTL inheritance rules.

class and ttl can be entered in either order.

 

class

Specifies the class of the generated records. This must match the zone class if it is specified.

class and ttl can be entered in either order.

 

type

At present the only supported types are PTR, CNAME, DNAME, A, AAAA and NS.

 

rhs

rhs is a domain name. It is processed similarly to lhs.

 

The $GENERATE directive is a BIND extension and not part of the standard zone file format.

BIND 8 does not support the optional TTL and CLASS fields.

 

Additional File Formats

In addition to the standard textual format, BIND 9 supports the ability to read or dump to zone files in other formats. The raw format is currently available as an additional format. It is a binary format representing BIND 9's internal data structure directly, thereby remarkably improving the loading time.

For a primary server, a zone file in the raw format is expected to be generated from a textual zone file by the named-compilezone command. For a secondary server or for a dynamic zone, it is automatically generated (if this format is specified by the masterfile-format option) when named dumps the zone contents after zone transfer or when applying prior updates.

If a zone file in a binary format needs manual modification, it first must be converted to a textual form by the named-compilezone command. All necessary modification should go to the text file, which should then be converted to the binary form by the named-compilezone command again.
Although the raw format uses the network byte order and avoids architecture-dependent data alignment so that it is as much portable as possible, it is primarily expected to be used inside the same single system. In order to export a zone file in the raw format or make a portable backup of the file, it is recommended to convert the file to the standard textual representation.

 

참고URL

- readthedocs : https://bind9.readthedocs.io/en/v9_18_4/chapter3.html

- bind $GENERATE Directive : https://scbyun.com/384