Web Development optimize

How to use RCS to maintain DNS files

Scott Reeves shows in this step-by-step how to use Revision Control Software (RCS) to control DNS files.

Looking after a site with a large number of servers can be complicated. There may be master and slave DNS servers, spread over several data centers. Tracking changes to DNS can be time consuming and error prone. Revision Control Software (RCS) can be a great aid in simplifying the process of tracking changes.

Setting up RCS is straightforward; simply create a directory called RCS in the /etc/bind directory. This directory will serve as the repository for the checked in files. The initial check in of files is done using ci -i. The -i option indicates that this is an initial check in. Below is the output from the initial check in of a new zone file called db.gudaring.

root@gudaring:/etc/bind# ci -i db.gudaring
RCS/db.gudaring,v  <--  db.gudaring
enter description, terminated with single '.' or end of file:
NOTE: This is NOT the log message!
>> Initial check in.
>> .
initial revision: 1.1
done
root@gudaring:/etc/bind#

Note that once files are checked in, they do not appear in the directory /etc/bind. The command that checks out the file and puts it back in the /etc/bind directory is co. The co command will place a read-only copy of the file in the /etc/bind directory. You will need the files back in the /etc/bind directory, otherwise named may not be able to start. The output below shows the checkout of the file db.gudaring.

root@gudaring:/etc/bind# co ./db.gudaring
./RCS/db.gudaring,v  -->  ./db.gudaring
revision 1.1
done
root@gudaring:/etc/bind# ls -l db.gudaring
-r--r--r-- 1 root bind 371 2012-05-18 23:25 db.gudaring
root@gudaring:/etc/bind#

This concludes the initial steps. Of course, you are likely to want to make changes over time. Extra zones may be added, servers added, etc. Making changes is simple with RCS. If you want to make a change to say a zone file, you use the command string co -l <zone file>. The -l option will lock the file and allow the user checking the file out to edit it. As per our example, we check out the db.gudaring file and add a host. This step is as per below.

root@gudaring:/etc/bind# co -l db.gudaring
RCS/db.gudaring,v  -->  db.gudaring
revision 1.1 (locked)
done
root@gudaring:/etc/bind#

Once you have finished editing the file, the ci command is used to check the file back in. The check in will prompt you to enter a summary. The summary could be a ticket number or a change number. Alternatively, it could be the name of the record or zone modified.

root@gudaring:/etc/bind# ci db.gudaring
RCS/db.gudaring,v  <--  db.gudaring
new revision: 1.2; previous revision: 1.1
enter log message, terminated with single '.' or end of file:
>> added in ns
>> .
done
root@gudaring:/etc/bind#

The next step is to check out the file using co with no options. This will put the zone file back into the /etc/bind directory as a read only file. The command and output are as per below.

root@gudaring:/etc/bind# co ./db.gudaring
./RCS/db.gudaring,v  -->  ./db.gudaring
revision 1.2
done
root@gudaring:/etc/bind#

The final step is to find the named process id and run kill -HUP <named process ID>. This will force the named process to reread the configuration files.

This completes the initial setup and shows how to use RCS for elementary revision control on DNS. There are two other useful commands. The first is the rlog command. This will give you all revisions of a file. The command string to run is rlog <file name>. For our example, it is as shown below.

root@gudaring:/etc/bind# rlog db.gudaring
RCS file: RCS/db.gudaring,v
Working file: db.gudaring
head: 1.2
branch:
locks: strict
access list:
symbolic names:
keyword substitution: kv
total revisions: 2;     selected revisions: 2
description:
initial check in
----------------------------
revision 1.2
date: 2012/05/18 13:09:38;  author: root;  state: Exp;  lines: +4 -2
added in ns
----------------------------
revision 1.1
date: 2012/05/18 13:03:39;  author: root;  state: Exp;
Initial revision
=============================================================================
root@gudaring:/etc/bind#

You want to know revision numbers for a reason. You may very well want to check what changed between revisions of a file. This leads into using the rcsdiff command. This command can be a lifesaver. The main option to use is the -r option, which is the revision number of a file. Simply use -r twice to compare two file versions. For our example, the command string is rcsdiff -r1.1 -r 1.2 db.gudaring. This will generate the output shown below.

root@gudaring:/etc/bind# rcsdiff -r1.1 -r1.2 ./db.gudaring
===================================================================
RCS file: ./RCS/db.gudaring,v
retrieving revision 1.1
retrieving revision 1.2
diff -r1.1 -r1.2
7c7
< @   IN    SOA   localhost. root.localhost. (
---
> @   IN    SOA   gudaring. root.gudaring. (
14c14,16
< @   IN    NS    localhost.
---
> @   IN    NS    gudaring.
> ns  IN    A     192.168.0.4
>
root@gudaring:/etc/bind#

From this output, we can see that a host was added in revision 1.2. If you have an issue after a change to a file, then rcsdiff will show you what changed in the configuration files. This makes backing out a change simple.

That is how to use RCS to control your DNS files. It is a useful tool, and for large sites, I have found it to be invaluable for tracking changes.

About

Scott Reeves has worked for Hewlett Packard on HP-UX servers and SANs, and has worked in similar areas in the past at IBM. Currently he works as an independent IT consultant, specializing in Wi-Fi networks and SANs.

0 comments