Dear all, This is the newest version of the reverse delegation tool that we use at the RIPE NCC for checking your reverse delegation requests. A lot has been changed. The program is now split into functional components and a common output format has been defined to be able to let it work together with your own tool that can update your zone files. Still missing is a back-end that actually updates your zone files. Furthermore, it can not check if nameservers are at the same ethernet. The most recent version will always be available at our ftp server: ftp://ftp.ripe.net/tools/inaddrtool-DATE.tar.gz Of course comments and bug reports are welcome and can be send to: <inaddr@ripe.net> Kind regards, David Kessens RIPE NCC -------- README for the inaddrtool Date: 951130 Author: David Kessens, RIPE NCC NOTE: PLEASE USE THE NORMAL PROCEDURE AS DESCRIBED IN RIPE-105 IF YOU WANT TO DO A REVERSE DELEGATION REQUEST FOR A REVERSE DOMAIN MANAGED BY THE RIPE NCC, BUT SEND YOUR REQUEST TO <AUTO-INADDR@RIPE.NET> INSTEAD OF <HOSTMASTER@RIPE.NET> Reverse delegation checking tool -------------------------------- As of today the RIPE NCC offers an automated method for the submission of reverse zone delegations in 193.in-addr.arpa and 194.in-addr.arpa. The reverse delegation requests and the zone files on all nameservers will be checked automatically. The diagnostics generated by these checks will be returned to you automatically too. This will make you aware of any problems very quickly, so that you can correct them and re-submit your request. The most recent version of the tool is publicly available at: ftp://ftp.ripe.net/tools/inaddrtool-DATE.tar.gz The tool itself needs perl4/5 and uses some other external programs for gathering the information it needs for checking your zone files: ftp://ftp.ripe.net/tools/ping.tar.Z ftp://ftp.ripe.net/tools/dns/host.tar.Z ftp://ftp.ripe.net/pride/tools/prtraceroute-2.0beta3.shar.gz (perl4 only) Installing the software: - uncompress/unzip and untar the tool and the external programs - if needed, edit the variables in the source code (inaddrtool.config): $TESTMODE=1 for testing, 0 for normal use $CHECKCONNECTIVITY=1 will check the connectivity to the nameserver with ping & prtraceroute when the tool has problems gathering the zone info from a certain server. $HELPFILE="/ncc/ftp/ripe/docs/ripe-105.txt"; The help file $TMPDIR="Directory for storing temporary files"; $UPDLOGDIR="Directory for logging the incoming requests"; $ACKLOGDIR="Directory for logging the outgoing acknowledgements"; $FWLOGDIR="Directory for logging the outgoing approved requests"; $MSGQUEUEDIR="Directory for temporarily storing the requests"; $NSNAME="The name of your nameserver"; $NAMESERVERCHECK=; see for details the source code and discussion below about the NSNAME keyword $MAILCMD=; see for details the source code $NICECMD="Your nice program" or "" if you don't want to use this feature; $HUMANMAIL="The E-mail address of the human processing the approved requests and answering questions. When $TESTMODE=1, all mail will be send to this address"; $AUTOMAIL="The E-mail address of the mail box that will auto process incoming requests"; and finally you might want to change the limits we use for the timiing parameters defined at the end of the config file. Values that start with $too.* are the values that define the upper/lower limits of the timers. Values that start with $low|high define the limits wherein no warnings will be generated. - Put something like: "|/home/user/bin/inaddrtool 2>/dev/null" in the .forward file of user $AUTOMAIL Note: there is *NO* queuing mechanism yet, so beware of overloading your machine with a large number of requests. The input: The tool expects to read an E-mail message from standard input. It can be used from a .forward files as well as a stand-alone program. The E-mail message should contain a valid RIPE database object as described in the ripe-105 (ftp://ftp.ripe.net/ripe/docs/ripe-105) procedure. When the automated procedure does not detect any errors, the request is forwarded to the $HUMANMAIL role account person for some additional manual checks and the processing of the delegation itself. An acknowledgement of this fact is also sent to the people mentioned in the From:/Reply-To: and Cc: field in the E-mail message. The tool will return an error report if errors are found. If $TESTMODE=1 all mail will be send to $HUMANMAIL. You can use some keywords in the 'Subject:' line of your E-mail to control the checking process. The use of the LONGACK keyword is very recommended. HELP - will send you a (patched) ripe-105 document CHANGE - is needed if you want to change an existing reverse delegation LONGACK - will give you the most verbose output as possible TEST - do the checks, but sent only a report back to the user even if no errors are found You also might want to use the special keyword NSNAME that's documented in the source code itself (for experts only). This variable can be used to change the rules that we use for when our own $NSNAME is required/optional/not allowed as a secondary/primary nameserver. RIPE document ripe-105 requires you to send in a RIPE database 'inetnum' object with a 'rev-srv' attribute for each nameserver for single/multiple C's reverse delegation requests and for whole blocks 'domain' objects with 'nserver' attributes for each nameserver. I am neither a DNS expert or native English writer ;-) so all your comments are welcome! Please send them together with complaints, bug reports or special requests to <inaddr@ripe.net>.