The nsdiff program examines the old and new versions of a DNS zone, and outputs the differences as a script for use by BIND's nsupdate program. It provides a bridge between static zone files and dynamic updates.
The nspatch script is a wrapper around nsdiff | nsupdate
that checks and reports errors in a manner suitable for running from cron.
The nsvi script makes it easy to edit a dynamic zone.
I've fallen in <3 with nsdiff/nsvi - JP Mens
If you use BIND 9.7 or 9.8, you can use nsdiff as an alternative to the DNSSEC inline-signing
feature which appeared in BIND 9.9. The server updates the DNSSEC records dynamically, but you can continue to manage the unsigned static zone file as before and use `nsdiff | nsupdate`
to push changes to the server.
There are other situations where you have a zone which is partly dynamic and partly static, for example, a reverse DNS zone mostly updated by a DHCP server, which also has a few static entries. You can use nsdiff to update the static part of the zone.
To run nsdiff you need perl-5.10 or newer, and BIND version 9.7 or newer, specifically the dig, named-compilezone, and nsupdate utilities.
To install, run:
perl Makefile.PL
make install
To install in a particular place, use something like
perl Makefile.pl PREFIX=${HOME}
- Documentation
-
The nsdiff homepage is https://dotat.at/prog/nsdiff/
Read the nsdiff manual: https://dotat.at/prog/nsdiff/nsdiff.html
Read the nspatch manual: https://dotat.at/prog/nsdiff/nspatch.html
Read the nsvi manual: https://dotat.at/prog/nsdiff/nsvi.html
- Code
-
Download the bare nsdiff perl source: https://dotat.at/prog/nsdiff/nsdiff
Download the source distribution:
- Source repositories
-
You can clone or browse the repository from:
git://dotat.at/nsdiff.git
Please send bug reports or patches to me at <dot@dotat.at>.
Any contribution that you want included in `nsdiff` must be licensed under 0BSD and/or MIT-0, and must include a `Signed-off-by:` line to certify that you wrote it or otherwise have the right to pass it on as a open-source patch, according to the Developer's Certificate of Origin 1.1.
Copyright 2011-2024 Tony Finch <dot@dotat.at>
Permission is hereby granted to use, copy, modify, and/or distribute this software for any purpose with or without fee.
This software is provided 'as is', without warranty of any kind. In no event shall the authors be liable for any damages arising from the use of this software.
SPDX-License-Identifier: 0BSD OR MIT-0