Versions Compared

Version Old Version 1 New Version Current
Changes made by

Wei.Ruan

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Introduction:

Excerpt

There was a port scanner attack on the printers with external DNS which cause them to print random printouts. In order to prevent this from happening again, the external DNS addresses for printers are to be removed. The following are instructions for the procedure to create a CSV file for bulk updates.

Bluecat (Proteus) allows bulk DNS updates with a CSV file.  Each line in the comma-separated value (CSV) file represents a resource record. A line break must follow each line, and the file may contain up to 5000 lines. The comma-separated values represent columns of data, but the CSV file must not contain column headings.

EXAMPLE: action, recordname, TTL, recordtype, rdata, comment, user-defined field name=value, user-defined field name n=value,...


There is also an option to remove multiple DNS entries with XML file (sample provided below).

Instructions:

...

Expand

...

Resource:
Resource:

Here is the guide provided directly from BlueCat. This guide should be used as a reference

...

  • add creates a new resource record.
  • update changes only the TTL, comment, and user-defined fields for most resource record types. For CNAME records, update changes only the host record to which the CNAME record points. For A records, update ignores any change made to the record’s IPv4 address.
  • delete deletes resource records. If a record is not found in Proteus, a file-not-found error is logged in the server log. To delete records that contain multiple IP addresses, specify the address with an * asterisk.

RecordName:

The name of the resource record. This column must be present and may or may not contain a value:

  • When performing a bulk update at the zone level, this column can be blank to give the resource record the same name as the zone. The name of the record appears in Proteus as (Same as Zone).
  • When performing a bulk update at the view level, this column must contain a value. Bulk DNS Update cannot create records with (Same as Zone) for the record name from the view level.

How you specify record names depends on from where you want to perform the bulk update:

  • When performing the bulk update at the view level, specify FQDNs. Proteus assumes that all record names are not dot-separated.
    For example, add, host1.example.com., 3600, A, 192.168.0.2 adds the host record host1.example.com.
  • When performing the bulk update at the zone level, specify record names as relative names or FQDNs(Fully Qualified Domain Names). Names ending with a dot are considered as absolute names which should not contain dot-separated named. Names not ending with a dot are considered as relative names and can contain a dot.
    For example, add, host2, 3600, A, 192.168.0.3 adds the host record host2.example.com.
    For example, add, host3.example.com., 3600, A, 192.168.0.4 adds the host record host3.example.com.

TTL:

The time-to-live value, in seconds, for the resource record. This column must be present but may be left blank. To leave a column blank, leave a space between the commas that delimit the column.

Record Type:

The type of resource record. Valid values are A, CNAME, MX, SRV, HINFO, TXT, and NAPTR. The following generic record types are also valid: A6, AAAA, AFSDB, APL, CERT, DNAME, DNSKEY, DS, ISDN, KEY, KX, LOC, MB, MG, MINFO, MR, NS, NSAP, PX, RP, RT, SINK, SSHFP, WKS, or X25. This column must be present and must contain a value.

Rdata:

The data to define the resource record. Where multiple parameters are specified for the rdata, the values are separated with a space. This column must be present and must contain a value.

Comment:

User-Defined Field Name:

...

Creating the CSV File:

Additional Information:

...

for creating the CSV file with the proper functionality.

Expand
Deleting External DNS:
Deleting External DNS:

Creating the CSV File:

The rundown for how the columns are formatted:

1st – Action ; 2nd – RecordName ; 3rd – TTL; 4th – RecordType; 5th – Rdata

*Please refer to the guide to populate the fields with the proper information.

**Examples: delete, test.med.tufts.edu, , A, 130.64.64.64

                   delete, test2.med.tufts.edu, , A, 130.64.52.52

  1. Once the CSV file has been completed; navigate to the DNS tab in Proteus.
  2. Under Tufts Configuration Information, go to the Views tab.
  3. Select ‘external’ under DNS Views.
  4. This should navigate you to the Zones tab; click on Action and select Bulk DNS Updates.
  5. Click on Browse and select the CSV file; hit next and review the updates.
  6. Hit apply if there are no errors; the results will indicate how many entries have been updated/ignored.

Creating XML file:

It is possible to remove host records from the external view while leaving the internal view intact. Below is a sample xml file that will remove the three printer records specified. Note that the XML file specifies the view, the full domain, and a list of host names and IP addresses (the addresses are required) along with the directive "delete" for each host. You can add more <host> lines as needed.

Code Block
<?xml version="1.0" encoding="utf-8"?>

<\!DOCTYPE data PUBLIC "-//BlueCat Networks/Proteus Migration Specification 3.7.1//EN" "[http://www.bluecatnetworks.com/proteus-migration-3.7.1.dtd|http://www.bluecatnetworks.com/proteus-migration-3.7.1.dtd]">

<data>

<configuration name="Tufts">

<view name="external">

<zone name="edu" deployable="false">

<zone name="tufts" deployable="true" on-exist="ignore">

<zone name="med" deployable="true" on-exist="ignore">

<host name="bmedcidpr1" address="130.64.55.43" on-exist="delete"/>

<host name="bmedcidpr2" address="130.64.55.44" on-exist="delete"/>

<host name="bmedcidpr3" address="130.64.55.50" on-exist="delete"/>

</zone>

</zone>

</zone>

</view>

</configuration>

</data>
Warning

Ensure all entries have no errors; if there is an error, either modify the line with the proper information or remove it entirely.