Welcome to zad’s documentation!

Introduction

zad is an OpenSource software tool, written in Python that is intended to handle the administration of DNS zone data of small zones (< 1000 RRs). “zad” stands for “zone administration”.

Supported features

Currently zad can:

  • starting with a configured domain zone, this and any referenced zones are loaded (via AXFR) and displayed via browsable tables.

  • delete, add or update resource records of these zones via dynamic update

  • check of semantic and syntax of entered resource record if OK clicked

  • to give the user a feedback, the modified zone is re-read and displayed

  • the graphical user interface has been designed to allow point and click

  • this tries to avoid the requirement to re-enter any data already displayed in the tables

  • to simplify maintenance of reverse zones (especially of IPv6 ones), containing networks can be configured, which allows to enter and modify host addresses, relative to the selected network

  • if no network has been configured for a reverse zone, default prefixes are used

  • report any transaction and errors in both the GUI and a logfile

  • optionally can display debug information

Features currently worked on

  • Check button to check current contents of form fields for correctness

  • Updating Host field from Name/Address field or vice versa on Check button.

  • On double clickeng, inserting values from upper three table browsers into Rdata of form:

    • From Domain zone take fqdn of double clicked OwnerName.

    • From IPv4 or IPv6 zone convert host address to a absolute address and take it as argument for form/RData

  • Searching resource sets by owner names

Motivation

In times of DNSsec, editing zone files by hand (e.g. with bind9 inline-signing) often interferes with resigning activities of the nameserver. To avoid inconsistencies, zones should be maintained by dynamic update (RFC 2136).

This project was started to help the administrator with transition from maintenance of zones in flat files to maintenance of zones via dynamic update.

_images/zad.png

Installation and Configuration

Installation

With python3.9 installed:

pip install zad

Or from repository:

git clone https://codeberg.org/ajr/zad

pip install -e zad

Requirements

ddns is currently tested only with bind9.16, but should work with other bind9 versions. For compatibility issues with other name servers, open an issue here zad issues.

Packages, installed from pypi.org are:

  • dnspython 2.1.0

  • PyQt5 5.15.4

  • qasync 0.17.0

For development, these additional packages are required:

  • build 0.5.1

  • qt5-applications 5.15.2.2.2

  • PyQt5-stubs 5.15.2.0

Also recommended is an IDE like PyCharm 2021.1.3 (Community Edition)

Portability

zad is developed and maintained on macos 10.15 and FreeBSD 13, but should run on all platforms, where python 3.9 is available and to which PyQt5 has been ported, like Linux and Windows.

Configuration

The preferences or settings panel (invoked from main menu) has 4 tabs:

  • General

    • Master Server: DNS server for dynamic updates (ddns). If no Server for Zone Transfer (AXFR) configured, then the master server is used for both ddns and AXFR. The latter is recommended to avoid confusing stale data being displayed after ddns because of AXFR delay.

      If no Master Server configured (as in the default configuration) then no ddns is possible.

    • ddns Key File: A bind9 TSIG keyfile, created with the ddns-confgen utility like so:

      ddns-keygen -a hmac-sha256 name

      where “name” is the key name, like “ddns-key”. For none-bind-users, the key file looks so:

      key “ddns-key” {

      algorithm hmac-sha256; secret “some-fancy-key”;

      };

    • Server for Zone Transfer: Zone data is pulled from this server.

    • Initial Domain: Initial AXFR done from this zone. Referenced zones are loaded thereafter. Zones with prefixes below /9 (IPv4) and /17 (IPv6) are ignored.

    • Default Prefix IPv4: Used for all reverse IPv4 zones, for which no net configured.

    • Default Prefix IPv6: Used for all reverse IPv6 zones, for which no net configured.

    • Logfile: All logging goes to this file.

    • Debug Log: Log debugging info into Logfile.

  • IPv4 Nets: Networks in prefix notation (192.168/16) into which related zones are divided.

  • IPv6 Nets: Networks in prefix notation (2a05:bec0:26:ff:1/80) into which related zones are divided.

  • Ignored Zones: These zones are not loaded (by AXFR) during initial zone walk.

Changelog

0.1.0 (2021-08-12)

  • Initial public release.

0.2.0 (2021-08-14)

  • Some fixes

  • zad displays referenced zones

0.3.0 (2021-08-25)

  • First beta release

  • Support of addition, removal and update of RRs via ddns

  • In the settings, ‘ignored nets’ has been replaced by ‘ignored zones’, to also ignore domain zones.

README

zad

A GUI tool for maintaining DNS zones via dynamic update

Copyright

Copyright (c) 2021 Axel Rau axel.rau@chaos1.de

License

GPLv3

Homepage

https://codeberg.org/ajr/zad

Documentation

https://zad.readthedocs.io

What

In times of DNSsec, edited zone files interfere with resigning activities of the nameserver. To avoid inconsistency, zones are maintained by dynamic update (RFC 2136). zad provides a GUI for dynamic updates and zone visualisation to make address and host name editing easy like zone file editing.

ABOUT THIS RELEASE

  • This is a beta release.

  • This version has initial support for dynamic updates.

  • Initial documentation written

Indices and tables