nsdiff

create an "nsupdate" script from DNS zone file differences

The nsdiff program examines the old and new versions of a DNS zone, and outputs the differences as a script for use by BIND's nsupdate program. It provides a bridge between static zone files and dynamic updates.

The nspatch script is a wrapper around nsdiff | nsupdate that checks and reports errors in a manner suitable for running from cron.

The nsvi script makes it easy to edit a dynamic zone.

If you use BIND 9.7 or 9.8, you can use nsdiff as an alternative to the DNSSEC inline-signing feature which appeared in BIND 9.9. The server updates the DNSSEC records dynamically, but you can continue to manage the unsigned static zone file as before and use `nsdiff | nsupdate` to push changes to the server.

There are other situations where you have a zone which is partly dynamic and partly static, for example, a reverse DNS zone mostly updated by a DHCP server, which also has a few static entries. You can use nsdiff to update the static part of the zone.

Dependencies

To run nsdiff you need perl-5.10 or newer, and BIND version 9.7 or newer, specifically the dig, named-compilezone, and nsupdate utilities.

Install

To install, run:

    perl Makefile.PL
    make install

To install in a particular place, use something like

    perl Makefile.pl PREFIX=${HOME}

Downloads

Documentation

The nsdiff homepage is https://dotat.at/prog/nsdiff/

Read the nsdiff manual: https://dotat.at/prog/nsdiff/nsdiff.html

Read the nspatch manual: https://dotat.at/prog/nsdiff/nspatch.html

Read the nsvi manual: https://dotat.at/prog/nsdiff/nsvi.html

Code

Download the bare nsdiff perl source: https://dotat.at/prog/nsdiff/nsdiff

Download the source distribution:

Source repositories

You can clone or browse the repository from:

Feedback

Please send bug reports or patches to me at <dot@dotat.at>.

Any contribution that you want included in `nsdiff` must be licensed under 0BSD and/or MIT-0, and must include a `Signed-off-by:` line to certify that you wrote it or otherwise have the right to pass it on as a open-source patch, according to the Developer's Certificate of Origin 1.1.

Licence

Permission is hereby granted to use, copy, modify, and/or distribute this software for any purpose with or without fee.

This software is provided 'as is', without warranty of any kind. In no event shall the authors be liable for any damages arising from the use of this software.

SPDX-License-Identifier: 0BSD OR MIT-0