The Designate v2 API introduced functionality that allows Designate to act as a DNS slave, rather than a master for a zone. This is accomplished by completing a zone transfer (AXFR) from a DNS server managed outside of Designate.
Changes to secondary zones are managed outside of Designate. Users must make the changes they wish, and prompt a fresh zone transfer (AXFR) into Designate to make those changes live on any DNS servers Designate manages.
To add a secondary zone to Designate, there must be a DNS master for the zone, to which Designate can act as a slave. For this guide, we assume that you have already set this up.
The remaining Designate set up will be similar to a non-secondary zone setup. You’ll need a primary DNS server for Designate to manage and transfer secondary zones to.
In our examples we’ll use the following values:
Name - example.com.
Masters - 192.168.27.100
Skip this section if you have a master already to use.
For this it is assumed that you are running on Ubuntu.
For some reason there’s a bug with the nsd package so it doesn’t create the user that it needs for the installation. So we’ll create that before installing the package.
$ sudo apt-get install nsd
$ sudo zcat /usr/share/doc/nsd/examples/nsd.conf.sample.gz >/tmp/nsd.conf $ sudo mv /tmp/nsd.conf /etc/nsd/nsd.conf
Add the following to /etc/nsd/nsd.conf
If you’re wondering why we set notify to 192.168.27.100:5354 it’s because MDNS runs on 5354 by default.
$ sudo vi /etc/nsd/nsd.conf
Add the contents:
pattern: name: "mdns" zonefile: "%s.zone" notify: 192.168.27.100@5354 NOKEY provide-xfr: 192.168.27.100 NOKEY allow-axfr-fallback: yes
Create a new Zone in NSD called example.com.
$ sudo vi /etc/nsd/example.com.zone
And add the contents:
$TTL 1800 ;minimum ttl example.com. IN SOA ns1.example.com. admin.example.net. ( 2014111301 ;serial 3600 ;refresh 600 ;retry 180000 ;expire 600 ;negative ttl ) TXT "v=spf1 +a +mx ~all" SPF "v=spf1 +a +mx ~all" NS ns1.example.com. NS ns2.example.com. NS ns3.example.com. MX 0 mail1.example.com. MX 5 mail2.example.com. MX 10 mail3.example.com. A 10.0.0.1 A 10.0.0.2 A 10.0.0.3 ns1 A 172.16.28.100 ns2 A 172.16.28.101 ns3 A 172.16.28.103 mail1 A 10.0.10.1 mail2 A 10.0.10.2 mail3 A 10.0.10.3 google CNAME google.com.
$ sudo service nsd restart
Check that it’s working
$ sudo nsd-control status
Activate the zone in NSD
$ sudo nsd-control addzone example.com mdns
When you create a domain in Designate there are two possible initial actions:
In both cases the interaction between your master and Designate is handled by the MDNS instance at the Designate side.
Definition of values:
$ openstack zone create --type secondary --masters 192.168.27.100 example.com.