commit 3465336e39b8a4d991e11a5604e37cf009a759fa
parent c0e1c1d1cc7531130ba9de8e74520fd21c3aa574
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Fri, 21 Oct 2022 22:47:30 +0900
add zonefile
Diffstat:
| M | users/gns.rst | | | 60 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 60 insertions(+), 0 deletions(-)
diff --git a/users/gns.rst b/users/gns.rst
@@ -336,6 +336,16 @@ use of the bulk import functionality of the NAMESTORE API.
There is a :ref:`C API for bulk imports <NAMESTORE-Subsystem>`.
There is also a :ref:`REST API endpoint <namestore_rest_api>` which calls this API.
+Zones are published and signed by the ZONEMASTER service.
+In order to speed up this process for large zones, you can edit the number of
+spawned worker threads for the service:
+
+::
+
+ $ gnunet-config -s zonemaster -o WORKER_COUNT -V $COUNT
+
+It is reasonable to choose your number of CPUs as ``$COUNT``.
+
Application integration
~~~~~~~~~~~~~~~~~~~~~~~
@@ -710,6 +720,56 @@ not have a local gns service in use, it is thus advisable to disable the
namecache by setting the option *DISABLE* to *YES* in section
*[namecache]*.
+Zonefile
+""""""""
+
+In order to import DNS zones which are already defined in a
+`zone file <https://en.wikipedia.org/wiki/Zone_file>`_ in use
+with existing DNS daemons such as BIND you may try to import your DNS zones
+into DNS using ``gnunet-namestore-zonefile``.
+Assuming your zonefile is called ``myzonefile``, execute:
+
+::
+
+ $ gnunet-namestore-zonefile < myzonefile
+
+As you can see, the program reads the zonefile from standard input.
+Upon encountering an ``$ORIGIN`` directive a new ego will be created with that
+name unless it already exists.
+Note that ``$ORIGIN`` is a FQDN and ends with a ``.``, e.g. ``example.com.``.
+The ego will be called ``example.com`` (without the ``.``).
+All records following the directive will be imported into the zone identified by
+this origin.
+Multiple ``$ORIGIN`` directives within the same zone file are supported and
+egos will be created accordingly.
+If no ``$ORIGIN`` is explicitly specified in the beginning of the file
+(as is sometimes the case in BIND setups) or if you want to override the (first)
+occurence, you can provide an ego to use:
+
+::
+
+ $ gnunet-namestore-zonefile -z myorigin < myzonefile
+
+Note that in the conversion process some information found in the zone file
+is lost and other information is less precise than in GNS.
+For example, records stored in the ``$ORIGIN`` can be specified in multiple
+ways:
+
+.. code-block:: text
+
+ $ORIGIN example.com.
+ $TTL 3600
+ example.com. IN MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com
+ @ IN MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
+
+GNS will map the origin ``example.com.`` to the empty label ``@`` whenever possible.
+Further, ``$TTL`` is given in seconds. GNS record expirations are defined in
+microseconds. The seconds will be converted to their equivalent in microseconds.
+Note how this means that conversion of GNS records (in particular their expirations)
+to a DNS zone file cannot be done without loss of information.
+This also means that converting the GNS zone back into a zone file (a function
+currently not implemented) would not yield the same zone file that was imported.
+
Ascension
"""""""""
