ns1 xfer to pdns

README.md

tl;dr

1. User creates zone (authorizing xfer from pdns server) and adds record
2. Ns1 site sends notify to pdns server
3. Listener service detects the notify
4. Listener creates the zone in pdns's db if not exists
5. Pdns detects it has a slave zone unsync'ed with the master's one (in ns1) and request a xfer update.
6. Pdns syncs the slave zone and applies future updates from then on.

create zone and record

NSONE_KEY=xxx
zone="packet.kappa"
curl -X PUT -H 'X-NSONE-Key: '$NSONE_KEY'' -d '{"zone":"'$zone'", "primary": {"enabled":true, "secondaries":[ {"ip":"147.75.104.249", "port":53, "notify":true,"networks": [0]} ]}}' https://api.nsone.net/v1/zones/$zone

serial=1 ; record=record${serial} ip=10.2.3.$serial
curl -X PUT -H 'X-NSONE-Key: '$NSONE_KEY'' -d '{"zone":"'${zone}'", "domain":"'$record'.'${zone}'", "type":"A", "answers":[{"answer":["'$ip'"]}]}' https://api.nsone.net/v1/zones/${zone}/${record}.${zone}/A

listener detects notify

DNS(id=47838, op=8448, qd=[Q(name='packet.kappa', type=6)])
new zone detected
packet.kappa

pdns syncs the zone with ns1

Dec 04 08:03:30 pdns1 pdns[30655]: Received NOTIFY for packet.kappa from 192.241.159.119 for which we are not authoritative
Dec 04 08:03:30 pdns1 pdns[30655]: Unable to find backend willing to host packet.kappa for potential supermaster 192.241.159.119. 0 remote nameservers:
Dec 04 08:03:30 pdns1 pdns[30655]: 1 slave domain needs checking, 0 queued for AXFR
Dec 04 08:03:30 pdns1 pdns[30655]: Received serial number updates for 1 zones, had 0 timeouts
Dec 04 08:03:30 pdns1 pdns[30655]: Domain 'packet.kappa' is stale, master serial 1480838607, our serial 0
Dec 04 08:03:30 pdns1 pdns[30655]: Initiating transfer of 'packet.kappa' from remote '192.241.159.119'
Dec 04 08:03:31 pdns1 pdns[30655]: AXFR started for 'packet.kappa'
Dec 04 08:03:31 pdns1 pdns[30655]: Transaction started for 'packet.kappa'
Dec 04 08:03:31 pdns1 pdns[30655]: AXFR done for 'packet.kappa', zone committed with serial number 1480838607

pdns is up to update

osvaldo@mbp:~ $ dig +short @147.75.104.249 record1.packet.kappa
10.2.3.1
osvaldo@mbp:~ $

dns_add_zones.py

#!/usr/bin/env python

import dnet, dpkt, pcap
import pprint
pp = pprint.PrettyPrinter(indent=4)

pc = pcap.pcap()
pc.setfilter('src host 192.241.159.119 and udp and dst port 53')

import psycopg2
try:
    conn = psycopg2.connect("dbname='pdns' user='pdns' host='localhost' password='xxx'")
except:
    print "I am unable to connect to the database"
cur = conn.cursor()


for ts, pkt in pc:
    # parse the packet
    eth = dpkt.ethernet.Ethernet(pkt)
    ip = eth.data
    udp = ip.data
    dns = dpkt.dns.DNS(udp.data)
    pp.pprint(dns)
    if dns.op == 8448:
        print 'new zone detected'
        name = dns.qd[0].name
        print name
        sql = "INSERT INTO domains(name,master,type) SELECT '"+name+"','192.241.159.119','SLAVE' WHERE NOT EXISTS (SELECT 1 FROM domains WHERE name='"+name+"');"
        try: 
	  cur.execute(sql) 
	  conn.commit()
        except psycopg2.DatabaseError, e:
            if conn:
                conn.rollback()
                conn.close()
            print 'Error %s' % e    
            sys.exit(1)
        #finally:
        #    if conn:
        #        conn.close()

ns1_pdns.png