nsdiff
create an "nsupdate" script from DNS zone file differences
The nsdiff program examines the old and new versions of a DNS zone, and outputs the differences as a script for use by BIND's nsupdate program. It provides a bridge between static zone files and dynamic updates.
The nspatch script is a wrapper around nsdiff | nsupdate that checks and reports errors in a manner suitable for running from cron.
The nsvi script makes it easy to edit a dynamic zone.
I've fallen in <3 with nsdiff/nsvi - JP Mens
If you use BIND 9.7 or 9.8, you can use nsdiff as an alternative to the DNSSEC inline-signing feature which appeared in BIND 9.9. The server updates the DNSSEC records dynamically, but you can continue to manage the unsigned static zone file as before and use `nsdiff | nsupdate` to push changes to the server.
There are other situations where you have a zone which is partly dynamic and partly static, for example, a reverse DNS zone mostly updated by a DHCP server, which also has a few static entries. You can use nsdiff to update the static part of the zone.
Dependencies
To run nsdiff you need perl-5.10 or newer, and BIND version 9.7 or newer, specifically the dig, named-compilezone, and nsupdate utilities.
Install
To install, run:
perl Makefile.PL
make installTo install in a particular place, use something like
perl Makefile.pl PREFIX=${HOME}Downloads
- Documentation
-
The nsdiff homepage is https://dotat.at/prog/nsdiff/
Read the nsdiff manual: https://dotat.at/prog/nsdiff/nsdiff.html
Read the nspatch manual: https://dotat.at/prog/nsdiff/nspatch.html
Read the nsvi manual: https://dotat.at/prog/nsdiff/nsvi.html
- Code
-
Download the bare nsdiff perl source: https://dotat.at/prog/nsdiff/nsdiff
Download the source distribution:
- Source repositories
-
You can clone or browse the repository from:
Feedback
Please send bug reports or patches to me at <dot@dotat.at>.
You may do anything with nsdiff. It has no warranty. https://creativecommons.org/publicdomain/zero/1.0/