README ¶
file
Name
file - enables serving zone data from an RFC 1035-style master file.
Description
The file plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists on disk. If the zone file contains signatures (i.e. is signed, i.e. DNSSEC) correct DNSSEC answers are returned. Only NSEC is supported! If you use this setup you are responsible for resigning the zonefile.
Syntax
file DBFILE [ZONES...]
- DBFILE the database file to read and parse. If the path is relative the path from the root directive will be prepended to it.
- ZONES zones it should be authoritative for. If empty, the zones from the configuration block are used.
If you want to round robin A and AAAA responses look at the loadbalance plugin.
file DBFILE [ZONES... ] {
transfer to ADDRESS...
no_reload
upstream [ADDRESS...]
}
transfer
enables zone transfers. It may be specified multiples times.To
orfrom
signals the direction. ADDRESS must be denoted in CIDR notation (127.0.0.1/32 etc.) or just as plain addresses. The special wildcard*
means: the entire internet (only valid for 'transfer to'). When an address is specified a notify message will be send whenever the zone is reloaded.no_reload
by default CoreDNS will try to reload a zone every minute and reloads if the SOA's serial has changed. This option disables that behavior.upstream
defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don't need or want to use this. ADDRESS can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv.conf. If no ADDRESS is given, CoreDNS will resolve CNAMEs against itself.
Examples
Load the example.org
zone from example.org.signed
and allow transfers to the internet, but send
notifies to 10.240.1.1
example.org {
file example.org.signed {
transfer to *
transfer to 10.240.1.1
}
}
Or use a single zone file for multiple zones:
. {
file example.org.signed example.org example.net {
transfer to *
transfer to 10.240.1.1
}
}
Documentation ¶
Overview ¶
Package file implements a file backend.
Index ¶
- Constants
- Variables
- type Apex
- type File
- type Result
- type Xfr
- type Zone
- func (z *Zone) All() []dns.RR
- func (z *Zone) ClosestEncloser(qname string) (*tree.Elem, bool)
- func (z *Zone) Copy() *Zone
- func (z *Zone) CopyWithoutApex() *Zone
- func (z *Zone) Delete(r dns.RR)
- func (z *Zone) Glue(nsrrs []dns.RR, do bool) []dns.RR
- func (z *Zone) Insert(r dns.RR) error
- func (z *Zone) Lookup(state request.Request, qname string) ([]dns.RR, []dns.RR, []dns.RR, Result)
- func (z *Zone) Notify()
- func (z *Zone) OnShutdown() error
- func (z *Zone) Print()
- func (z *Zone) Reload() error
- func (z *Zone) SOASerialIfDefined() int64
- func (z *Zone) TransferAllowed(state request.Request) bool
- func (z *Zone) TransferIn() error
- func (z *Zone) Update() error
- type Zones
Examples ¶
Constants ¶
const MaxSerialIncrement uint32 = 2147483647
MaxSerialIncrement is the maximum difference between two serial numbers. If the difference between two serials is greater than this number, the smaller one is considered greater.
Variables ¶
var TickTime = 1 * time.Minute
TickTime is the default time we use to reload zone. Exported to be tweaked in tests.
Functions ¶
This section is empty.
Types ¶
type Result ¶
type Result int
Result is the result of a Lookup
const ( // Success is a successful lookup. Success Result = iota // NameError indicates a nameerror NameError // Delegation indicates the lookup resulted in a delegation. Delegation // NoData indicates the lookup resulted in a NODATA. NoData // ServerFailure indicates a server failure during the lookup. ServerFailure )
type Zone ¶
type Zone struct { *tree.Tree Apex Apex TransferTo []string StartupOnce sync.Once TransferFrom []string Expired *bool NoReload bool Upstream upstream.Upstream // Upstream for looking up names during the resolution process // contains filtered or unexported fields }
Zone defines a structure that contains all data related to a DNS zone.
func Parse ¶
Parse parses the zone in filename and returns a new Zone or an error. If serial >= 0 it will reload the zone, if the SOA hasn't changed it returns an error indicating nothing was read.
func (*Zone) All ¶
All returns all records from the zone, the first record will be the SOA record, otionally followed by all RRSIG(SOA)s.
Example ¶
Output:
func (*Zone) ClosestEncloser ¶
ClosestEncloser returns the closest encloser for qname.
func (*Zone) CopyWithoutApex ¶ added in v1.0.5
CopyWithoutApex copies zone z without the Apex records.
func (*Zone) Lookup ¶
Lookup looks up qname and qtype in the zone. When do is true DNSSEC records are included. Three sets of records are returned, one for the answer, one for authority and one for the additional section.
func (*Zone) Notify ¶
func (z *Zone) Notify()
Notify will send notifies to all configured TransferTo IP addresses.
func (*Zone) OnShutdown ¶ added in v1.1.0
OnShutdown shuts down any running go-routines for this zone.
func (*Zone) Reload ¶
Reload reloads a zone when it is changed on disk. If z.NoRoload is true, no reloading will be done.
func (*Zone) SOASerialIfDefined ¶
SOASerialIfDefined returns the SOA's serial if the zone has a SOA record in the Apex, or -1 otherwise.
func (*Zone) TransferAllowed ¶
TransferAllowed checks if incoming request for transferring the zone is allowed according to the ACLs.
func (*Zone) TransferIn ¶
TransferIn retrieves the zone from the masters, parses it and sets it live.
func (*Zone) Update ¶
Update updates the secondary zone according to its SOA. It will run for the life time of the server and uses the SOA parameters. Every refresh it will check for a new SOA number. If that fails (for all server) it wil retry every retry interval. If the zone failed to transfer before the expire, the zone will be marked expired.