Documentation

User Tools

Site Tools

Trace:
extensions:teemip-zone-mgmt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
extensions:teemip-zone-mgmt [2023/07/04 15:15] cnaudextensions:teemip-zone-mgmt [2024/04/05 18:33] (current) – [Revision History] cnaud
Line 1: Line 1:
-{{ icons8-zone-48.png}}+{{ picto_dnszonemanagement.png}}
 ====== DNS Zone Management ====== ====== DNS Zone Management ======
 ---- dataentry summary ---- ---- dataentry summary ----
Line 6: Line 6:
 index_hidden        : yes index_hidden        : yes
 level_hidden        : 1 level_hidden        : 1
-version             : 3.1.0 +collector_hidden    : no 
-release_dt          : 2023-06-21 +version             : 3.1.1 
-TeemIp              : 3.x +release_dt          : 2023-12-11 
-iTop                : 3.x+TeemIp              : 3.1+ 
 +iTop                : 3.1+
 code                : teemip-zone-mgmt code                : teemip-zone-mgmt
 localization        : English, French localization        : English, French
Line 18: Line 19:
 keyword_tags        : dns, zone keyword_tags        : dns, zone
 dependencies_s      : teemip-framework, teemip-ip-mgmt, teemip-ipv6-mgmt, teemip-network-mgmt dependencies_s      : teemip-framework, teemip-ip-mgmt, teemip-ipv6-mgmt, teemip-network-mgmt
-download_wiki       : [[https://sourceforge.net/projects/teemip/files/teemip%20-%20extensions/DNS%20Zone%20management/3.1.0/teemip-zone-mgmt-3.1.0-706.zip/download|teemip-zone-mgmt-3.1.0-706.zip]]+download_wiki       : [[https://sourceforge.net/projects/teemip/files/teemip%20-%20extensions/DNS%20Zone%20management/3.1.1/teemip-zone-mgmt-3.1.1-707.zip/download|teemip-zone-mgmt-3.1.1-707.zip]]
 github_wiki         : [[https://github.com/TeemIp/teemip-zone-mgmt|teemip-zone-mgmt]] github_wiki         : [[https://github.com/TeemIp/teemip-zone-mgmt|teemip-zone-mgmt]]
 php-max             : 8.1 php-max             : 8.1
 ---- ----
 +
  
  
Line 30: Line 32:
 </note> </note>
 ===== Revision History ===== ===== Revision History =====
-^  Version  ^  Release Date  ^  Comments +^  Version  ^  Release Date   Status  ^  iTop \\ Min  ^  IPAM for iTop \\ Min   Comments  ^ 
-|  3.1.0  |  2023-06-21  | New records have been added: CAA, DS, OPENPGPKEY, SSHFP, TLSA as well as a generic record to accommodate other types of records. \\ Resource records attached to IPs may be automatically deleted when the IP become obsolete (released or unassigned, for instance). \\ A new dedicated background task, controlled be configuration parameters, may handle regular cleanup of such records. \\ Authoritative DNS servers can now be Application Solutions, Network Devices and Network Clusters next to Servers and Virtual Machines. | +|  3.1.2  |  2024-xx-yy  |  |  |  | - Long TXT records are supported. \\ - Audits have been grouped under the "DNS management" audit domain. \\ - DNS Views are taken into consideration when duplicate IPs are checked. \\ - Data samples have been added | 
-|  3.0.1  |  2022-09-09  | Adopt 3.x icon style \\ Enhance overview menu \\ Support classless delegation \\ Add audit rules | +|  **3.1.1**  |  2023-12-11  |  Supported  |  3.1.0  |  3.1.0  | - Add Chinese (simplified) translation \\ - Background task is not processed when activity status is checked | 
-|  3.0.0  |  2022-01-05  | TeemIp / iTop 3.x compatible version | +|  3.1.0  |  2023-06-21  Supported  |  3.0.0  |  3.1.0  | - New records have been added: CAA, DS, OPENPGPKEY, SSHFP, TLSA as well as a generic record to accommodate other types of records. \\ Resource records attached to IPs may be automatically deleted when the IP become obsolete (released or unassigned, for instance). \\ A new dedicated background task, controlled be configuration parameters, may handle regular cleanup of such records. \\ Authoritative DNS servers can now be Application Solutions, Network Devices and Network Clusters next to Servers and Virtual Machines. | 
-|  2.7.1  |  2021-04-01  | Allow @ in RRs associated to IPs with an empty short name \\ Wildcards can be set on RRs \\ Addresses like claude.monet@demo.com are handled in SOA records \\ Authoritative servers can now be servers or virtual machines \\ Details screen of a subnet displays a tab listing RRs associated to all subnet IPs \\ Align extension structure with new guidelines | +|  3.0.1  |  2022-09-09  Obsolete  |  2.7.0  |  3.0.1  | - Adopt 3.x icon style \\ Enhance overview menu \\ Support classless delegation \\ Add audit rules | 
-|  2.7.0  |  2020-12-11  | Move some DisplayBare methods to iApplicationUIExtension API | +|  3.0.0  |  2022-01-05  Obsolete  |  2.7.0  |  3.0.0  | - TeemIp / iTop 3.x compatible version | 
-|  2.6.2  |  2020-06-22  | Correct bug within data file generation | +|  2.7.1  |  2021-04-01  Obsolete    |  2.7.0  |  2.6.0  | - Allow @ in RRs associated to IPs with an empty short name \\ Wildcards can be set on RRs \\ Addresses like claude.monet@demo.com are handled in SOA records \\ Authoritative servers can now be servers or virtual machines \\ Details screen of a subnet displays a tab listing RRs associated to all subnet IPs \\ Align extension structure with new guidelines | 
-|  2.6.1  |  2020-05-08  | Correct Hostmaster DNS profile \\ Adapt handling of AAAA records to new IPv6 modelization | +|  2.7.0  |  2020-12-11  Obsolete  |  2.7.0  |  2.6.0  | - Move some DisplayBare methods to iApplicationUIExtension API | 
-|  2.6.0  |  2020-04-14  | Revision compatible with TeemIp 2.6 / iTop 2.7  | +|  2.6.2  |  2020-06-22  Obsolete  |  2.7.0  |  2.6.0  | - Correct bug within data file generation | 
-|  1.2.0  |  2019-12-10  | Update resource records from subnets \\ Allow @ in RRs \\ Document authoritative servers | +|  2.6.1  |  2020-05-08  Obsolete  |  2.7.0  |  2.6.0  | - Correct Hostmaster DNS profile \\ Adapt handling of AAAA records to new IPv6 modelization | 
-|  1.1.0  |  2019-09-24  | Management of IP addresses and resource records are now linked | +|  2.6.0  |  2020-04-14  Obsolete  |  2.7.0  |  2.6.0  | - Revision compatible with TeemIp 2.6 / iTop 2.7  | 
-|  1.0.0  |  2019-02-09  | Initial revision |+|  1.2.0  |  2019-12-10  Obsolete  |  2.6.0  |  2.4.0  | - Update resource records from subnets \\ Allow @ in RRs \\ Document authoritative servers | 
 +|  1.1.0  |  2019-09-24  Obsolete  |  2.6.0  |  2.4.0  | - Management of IP addresses and resource records are now linked | 
 +|  1.0.0  |  2019-02-09  Obsolete  |  2.6.0  |  2.4.0  | - Initial revision |
  
 ===== Features ===== ===== Features =====
Line 240: Line 244:
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | IPv4 Address | Foreign key to a(n) IPv4 Address | Yes | | IPv4 Address | Foreign key to a(n) IPv4 Address | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Details === === Details ===
Line 259: Line 263:
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | IPv6 Address | Foreign key to a(n) IPv6 Address | Yes | | IPv6 Address | Foreign key to a(n) IPv6 Address | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Update === === Update ===
Line 278: Line 282:
 | Tag | Possible values: Iodef, Issue, Issue Wild | | Tag | Possible values: Iodef, Issue, Issue Wild |
 | Value | Strings associated with tags | | Value | Strings associated with tags |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Creation === === Creation ===
Line 297: Line 301:
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | CNAME | Alphanumeric string | Yes | | CNAME | Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Creation === === Creation ===
Line 318: Line 322:
 | Digest Type | Cryptographic hash algorithm used to create the Digest value | No | | Digest Type | Cryptographic hash algorithm used to create the Digest value | No |
 | Digest | A cryptographic hash value of the referenced DNSKEY-record |Yes | | Digest | A cryptographic hash value of the referenced DNSKEY-record |Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Details === === Details ===
Line 337: Line 341:
 | Preference | Integer | No | | Preference | Integer | No |
 | Exchange Server | Alphanumeric string | Yes | | Exchange Server | Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Details === === Details ===
Line 355: Line 359:
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | Name Server | Alphanumeric string | Yes | | Name Server | Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Details === === Details ===
Line 362: Line 366:
  
 ==== OPENPGPKEY records ==== ==== OPENPGPKEY records ====
-FIXME+{{icons8-secured-mail.svg  }}  
 +This object is used to document the OPENPGPKEY record. Such record stores the OpenPGP public keys used to encrypt or sign email messages and files. 
  
 +=== Properties ===
 +^  Name  ^  Type  ^  Mandatory?  ^
 +| Organization | Foreign key to a(n) Organization | Yes |
 +| Zone | Foreign key to a(n) Zone | Yes |
 +| RR Name | Alphanumeric string | Yes |
 +| Overwrite zone TTL | Yes or No | No |
 +| TTL | d/h/m/s | N/A |
 +| OpenPGP Public Key | Multiline character string | Yes |
 +| Comment | Alphanumeric string | No |
 +
 +=== Creation ===
 +A new OPENPGPKEY record may be created from the specific "OPENPGPKEY" shortcut menu of the DNS Management module. 
 +{{ classcreate_openpgpkeyrecord3x.png }}
  
 ==== PTR Records ==== ==== PTR Records ====
Line 377: Line 395:
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | Hostname | Alphanumeric string | Yes | | Hostname | Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Details === === Details ===
Line 385: Line 403:
  
 ==== SSHFP Records ==== ==== SSHFP Records ====
-FIXME+{{icons8-fingerprint.svg  }}  
 +This object is used to document the Secure Shell fingerprint records, a type of resource record which identifies SSH keys associated with a host name. 
 + 
 +=== Properties === 
 +^  Name  ^  Type  ^  Mandatory? 
 +| Organization | Foreign key to a(n) Organization | Yes | 
 +| Zone | Foreign key to a(n) Zone | Yes | 
 +| RR Name | Alphanumeric string | Yes | 
 +| Overwrite zone TTL | Yes or No | No | 
 +| TTL | d/h/m/s | N/A | 
 +| Algorithm | Integer | No | 
 +| Digest Type| Integer | No | 
 +| Fingerprint | Alphanumeric string | Yes | 
 +| Comment | Alphanumeric string | No | 
 + 
 +=== Details === 
 +Details of a SSHFP record can be accessed from the specific "SSHFP" shortcut menu of the DNS Management module.  
 +{{ classdetails_sshfprecord3x.png }}
  
 ==== SRV Records ==== ==== SRV Records ====
Line 402: Line 437:
 | Port | Integer | No | | Port | Integer | No |
 | Target| Alphanumeric string | Yes | | Target| Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No |
  
 === Creation === === Creation ===
Line 409: Line 444:
  
 ==== TLSA Records ==== ==== TLSA Records ====
-FIXME+{{icons8-certificate.svg  }}  
 +This object is used to document the TLSA records which hold Certificate Association data. They specify the keys used in a domain's TLS servers.  
 + 
 +=== Properties === 
 +^  Name  ^  Type  ^  Mandatory? 
 +| Organization | Foreign key to a(n) Organization | Yes | 
 +| Zone | Foreign key to a(n) Zone | Yes | 
 +| RR Name | Alphanumeric string | Yes | 
 +| Overwrite zone TTL | Yes or No | No | 
 +| TTL | d/h/m/s | N/A | 
 +| Certificate Usage | Integer | No | 
 +| Selector | Integer | No | 
 +| Matching Type | Integer | No | 
 +| Certificate Association Data | Alphanumeric string | Yes | 
 +| Comment | Alphanumeric string | No | 
 + 
 +=== Details === 
 +Details of a TLSA record can be accessed from the specific "TLSA" shortcut menu of the DNS Management module.  
 +{{ classdetails_tlsarecord3x.png }} 
  
 ==== TXT Records ==== ==== TXT Records ====
Line 417: Line 471:
 === Properties === === Properties ===
 ^  Name  ^  Type  ^  Mandatory?  ^ ^  Name  ^  Type  ^  Mandatory?  ^
 +| **Zone** |||
 | Organization | Foreign key to a(n) Organization | Yes | | Organization | Foreign key to a(n) Organization | Yes |
 | Zone | Foreign key to a(n) Zone | Yes | | Zone | Foreign key to a(n) Zone | Yes |
 +| **RRs attributes** |||
 | RR Name | Alphanumeric string  (@ and *.<domain> accepted) | Yes | | RR Name | Alphanumeric string  (@ and *.<domain> accepted) | Yes |
 | Overwrite zone TTL | Yes or No | No | | Overwrite zone TTL | Yes or No | No |
 | TTL | d/h/m/s | N/A | | TTL | d/h/m/s | N/A |
 | Text| Alphanumeric string | Yes | | Text| Alphanumeric string | Yes |
-| Comment | Multiline character string  | No |+| Comment | Alphanumeric string | No | 
 +| **Chaining** ||| 
 +| Previous segment | Foreign key to a(n) TXT Record | No | 
 +| Next segment | Foreign key to a(n) TXT Record | No |
  
 === Update === === Update ===
-A TXT record may be updated from the detailed view of the object. +A TXT record may be updated from the detailed view of the object.
 {{ classupdate_txtrecord3x.png }} {{ classupdate_txtrecord3x.png }}
 +
 +=== TXT Records with a payload over 255 chars == 
 +A TXT record may have more than 255 characters of data, but **not** more than 255 characters in a single string, which is problematic for long chains like DKIM keys. RFC 4408 defines how to get around this limitation : a TXT record is allowed to contain multiple strings which should then be concatenated together by the reading application. TeemIP implements this concept through a chaining mechanism.
 +
 +<note tip>
 +When a segment is set in a given TXT record, its counter part is automatically updated.
 +  * If **Previous segment** of record R1 is set to R0, then TeemIP will set **Next segment** of record R0 to R1
 +  * If **Next segment** of record R1 is set to R2, then TeemIp will set **Previous segment** of record R2 to R1
 +</note>
 +<note warning>
 +In a chain, only the RR Name of the **first segment** is relevant. It is considered as the reference for the TXT Record when the db file is built. The name of the following records of the chain are just used to name the objects.
 +</note>
 +{{ classupdate_txtrecord3x-2.png }}
 +
 +The tool that generates Zone data files will take the chain into consideration and will create the proper entry in the db file as shown in the exemple below:
 +
 +{{ dbfile_long_txtrecord.png }}
  
 ==== Generic Records ==== ==== Generic Records ====
-FIXME+{{icons8-music-record.svg  }}  
 +Most popular or usefull DNS resource records have been documented in TeemIp. However, in the case where Hostmasters need to do document other types of records, a generic class has been created. It enables the raw edition of any type of records by opening to edition the whole payload of a DNS resource record. 
 + 
 +=== Properties === 
 +^  Name  ^  Type  ^  Mandatory? 
 +| Organization | Foreign key to a(n) Organization | Yes | 
 +| Zone | Foreign key to a(n) Zone | Yes | 
 +| RR Name | Alphanumeric string  (@ and *.<domain> accepted) | Yes | 
 +| Overwrite zone TTL | Yes or No | No | 
 +| TTL | d/h/m/s | N/A | 
 +| Type | Foreign key to a(n) Resource Record Type | Yes | 
 +| Payload | Alphanumeric string | No | 
 +| Comment | Alphanumeric string | No | 
 + 
 +=== Details === 
 +A Generic record may be displayed from the specific “GENERIC” shortcut menu of the DNS Management module.  
 +{{ classdetails_genericrecord3x.png }} 
 + 
 +Resource Record types are typological elements. They are managed from the "IP space typology configuration" section of the main "Data administration" menu. 
 +{{ classlist_resourcerecordtype.png }}
  
 ==== Link with IP Addresses ==== ==== Link with IP Addresses ====
extensions/teemip-zone-mgmt.1688476519.txt.gz · Last modified: 2023/07/04 15:15 by cnaud

Page Tools