HTTPS clone URL
Subversion checkout URL
- BIND zone file templates
- Export to BIND
- Export to BIND nsupdate
- Export to DynECT Managed DNS
- Export to PowerDNS
- Export to tinydns
- Install BIND on CentOS 6
- Install djbdns on CentOS
- Install djbdns on FreeBSD
- Install Knot
- Install MaraDNS
- Install Nameserver
- Install NicTool 2.25 on CentOS 6
- Install NicTool on CentOS
- Install NicTool on CentOS 7
- Install NicTool on FreeBSD 10
- Install NicTool on FreeBSD 10.1
- Install NicTool on OpenBSD
- Install NicTool on Ubuntu
- Install NicToolClient
- Install NicToolServer
- Install NSD
Clone this wiki locally
- What does NicTool need to run?
- What DNS servers does NicTool work with?
- What Resource Records does NicTool support?
- How does NicTool simplify DNS?
- Can I run the exports on the BIND nameserver?
- When does the nameserver re-read the config file?
- Do I have to set up an export for every nameserver?
- Can I specify a BIND zone template for each zone?
- Does NicTool support locations or views?
- Run two instances of NicTool Server on Apache
NicTool is written in perl. The client can be run on any platform that has perl and a web server. It has been tested under apache and lighttpd. NicToolServer requires MySQL and Apache. NicTool is known to run on Linux, FreeBSD, MacOS X, and other UNIX-like operating systems.
NicTool can export to DNS servers running tinydns, BIND, PowerDNS, MaraDNS, and NSD.
NicTool currently supports the following Resource Record types: A, NS, CNAME, SOA, PTR, MX, TXT, AAAA, LOC, SRV, NAPTR, DS, SSHFP, IPSECKEY, RRSIG, NSEC, DSNKEY, NSEC3, NSEC3PARAM, and SPF.
NicTool provides templates that ease adding a domain, or group of domains, that share a common set of records. The NicTool API allows users and admins to perform mass DNS updates without granting extraordinary privileges. All changes made via the API are logged and visible via NicToolClient.
You don't need to add or maintain NS records for your zones. NS records are automatically generated for every NS a zone is published to. SOA record creation is completely automated as well.
NicTool provides web forms that simplify DNS data entry. Sure, everyone that manages DNS frequently knows that 86,400 seconds is one day, but NicTool also provides handy popups with commonly used values. This is especially handy if one doesn't remember whether 1 or 2 is the correct value for a DSA fingerprint in an SSHFP record.
There are also BIND zone templates, which make it very easy to include zone specific information within the BIND configuration file.
Tinydns serves directly from the compiled data.cdb file. The instant that file is compiled (by tinydns-data), it is moved into place and tinydns is serving from it.
BIND rereads the config file when told (rndc reload).
PowerDNS has an expiration timer and rechecks if zone files have been updated, and if so, automatically re-reads them.
NSD serves from a compiled database (similar to tinydns)
Yes, but it is not the most secure way of doing so. It requires the BIND nameserver to have database access to the NicTool database on the NicTool Server. If the two systems are on different networks, use stunnel to encrypt the traffic between them. You will need to perform the following steps:
- Install NicToolServer on the BIND nameserver. You will need the mysql client libraries installed.
- Configure nictool/server/lib/nictoolserver.conf with the DSN settings.
- Make sure that the export directory (default /etc/namedb/nictool) you specified in the NicTool configuration for that name server is writable by the NicTool export user.
- Configure a BIND export per the normal instructions
You could just set up one export. Then, edit the Makefile (that is automatically created in the export directory) and manually insert the extra rsync targets. You would change the entry that looks like this:
remote: data.cdb rsync -az data.cdb firstname.lastname@example.org:/usr/local/tinydns-ns1/root/data.cdb
To look more like this:
remote: data.cdb rsync -az data.cdb email@example.com:/usr/local/tinydns-ns1/root/data.cdb rsync -az data.cdb firstname.lastname@example.org:/usr/local/tinydns-ns2/root/data.cdb rsync -az data.cdb email@example.com:/usr/local/tinydns-ns3/root/data.cdb
Yes, see the article on BIND zone file templates
See this post on the support forums.
Support exists for exporting tinydns locations in the database and export scripts. That support still needs to be added to NicToolServer and NicToolClient.
It is possible to run two instances of NicTool Server (on separate ports, of course) under one Apache 2 instance. The secret is adding the '+Parent' option in each vhost declaration. See this article on mod_perl OTRS