diff options
Diffstat (limited to 'doc/handbook/chapters/user.texi')
-rw-r--r-- | doc/handbook/chapters/user.texi | 66 |
1 files changed, 57 insertions, 9 deletions
diff --git a/doc/handbook/chapters/user.texi b/doc/handbook/chapters/user.texi index 0703adafc..fb47150ef 100644 --- a/doc/handbook/chapters/user.texi +++ b/doc/handbook/chapters/user.texi | |||
@@ -1895,38 +1895,86 @@ option ``DISABLE'' to ``YES'' in section ``[namecache]''. | |||
1895 | @node Migrating an existing DNS zone into GNS | 1895 | @node Migrating an existing DNS zone into GNS |
1896 | @subsection Migrating an existing DNS zone into GNS | 1896 | @subsection Migrating an existing DNS zone into GNS |
1897 | 1897 | ||
1898 | Ascension is a tool to migrate existing DNS zones into GNS. | ||
1899 | |||
1900 | @xref{Migrating existing DNS zones into GNS} for installation instructions and | ||
1901 | further information about Ascension. | ||
1902 | |||
1903 | Compared to the gnunet-zoneimport tool it strictly uses AXFR or IXFR depending | ||
1904 | on whether or not there exists a SOA record for the zone. If that is the case it | ||
1905 | will take the serial as a reference point and request the zone. The server will | ||
1906 | either answer the IXFR request with a correct incremental zone or with the | ||
1907 | entire zone, which depends on the server configuration. | ||
1908 | |||
1898 | After installing the tool according to the README file you have the following | 1909 | After installing the tool according to the README file you have the following |
1899 | options: | 1910 | options: |
1911 | |||
1900 | @example | 1912 | @example |
1901 | Ascension | 1913 | Ascension |
1902 | 1914 | ||
1903 | Usage: | 1915 | Usage: |
1904 | ascension.py <domain> [-d] | 1916 | ascension <domain> [-d] [-p] |
1905 | ascension.py <domain> -p <port> [-d] | 1917 | ascension <domain> <port> [-d] [-p] |
1906 | ascension.py <domain> -ns <transferns> [-d] | 1918 | ascension <domain> -ns <transferns> [-d] [-p] |
1907 | ascension.py <domain> -ns <transferns> -p <port> [-d] | 1919 | ascension <domain> -ns <transferns> <port> [-d] [-p] |
1908 | ascension.py -h | --help | 1920 | ascension -p | --public |
1909 | ascension.py -v | --version | 1921 | ascension -h | --help |
1922 | ascension -v | --version | ||
1910 | 1923 | ||
1911 | Options: | 1924 | Options: |
1912 | <port> Port for zone transfer | ||
1913 | <domain> Domain to migrate | 1925 | <domain> Domain to migrate |
1926 | <port> Port for zone transfer | ||
1914 | <transferns> DNS Server that does the zone transfer | 1927 | <transferns> DNS Server that does the zone transfer |
1928 | -p --public Make records public on the DHT | ||
1915 | -d --debug Enable debugging | 1929 | -d --debug Enable debugging |
1916 | -h --help Show this screen. | 1930 | -h --help Show this screen. |
1917 | -v --version Show version. | 1931 | -v --version Show version. |
1918 | @end example | 1932 | @end example |
1919 | 1933 | ||
1934 | Before you can migrate any zone though, you need to start the GNUnet peer: | ||
1935 | @example | ||
1936 | $ gnunet-arm -s | ||
1937 | @end example | ||
1938 | |||
1920 | To migrate the Syrian top level domain - one of the few top level domains that | 1939 | To migrate the Syrian top level domain - one of the few top level domains that |
1921 | still supports zone transfers - use the following command: | 1940 | still supports zone transfers - into GNS use the following command: |
1941 | |||
1942 | @example | ||
1943 | $ ascension sy. -ns ns1.tld.sy. -p | ||
1944 | @end example | ||
1945 | |||
1946 | The -p flag will tell GNS to put these records on the DHT so that other users | ||
1947 | may resolve these records by using the public key of the zone. | ||
1948 | |||
1949 | Once the zone is migrated, Ascension will output a message telling you, that it | ||
1950 | will refresh the zone after the time has elapsed. You can resolve the names in | ||
1951 | the zone directly using GNS or if you want to use it with your browser, check | ||
1952 | out the GNS manual section. @ref{Configuring the GNU Name System}. To resolve | ||
1953 | the records from another system you need the zone PKEY. To get the zone key, | ||
1954 | you can run the following command: | ||
1955 | |||
1956 | @example | ||
1957 | $ gnunet-identity -d | grep ^sy | cut -d " " -f3 | ||
1958 | @end example | ||
1959 | |||
1960 | Where "sy" is the name of the zone you want to migrate. | ||
1961 | |||
1962 | As soon as the public flag is implemented, you can share the PKEY of the zone | ||
1963 | with your friends. They can then resolve records in the zone by doing a lookup | ||
1964 | replacing the zone label with your PKEY: | ||
1922 | 1965 | ||
1923 | @example | 1966 | @example |
1924 | $ ascension sy. -ns ns1.tld.sy. | 1967 | $ gnunet-gns -t SOA -u "@.$PKEY" |
1925 | @end example | 1968 | @end example |
1926 | 1969 | ||
1927 | The program will continue to run as a daemon and update once the refresh time | 1970 | The program will continue to run as a daemon and update once the refresh time |
1928 | specified in the zones SOA record has elapsed. | 1971 | specified in the zones SOA record has elapsed. |
1929 | 1972 | ||
1973 | The next step would be to add the PKEY record as a DNScurve style NS record | ||
1974 | into the existing DNS zone to enable clients to detect that this zone has | ||
1975 | already been migrated to GNS and to also have a means of distributing the PKEY | ||
1976 | seamlessly. | ||
1977 | |||
1930 | At this point you might want to write for example a systemd unit file to start | 1978 | At this point you might want to write for example a systemd unit file to start |
1931 | and enable the service, so that your zone is migrated automatically. | 1979 | and enable the service, so that your zone is migrated automatically. |
1932 | 1980 | ||