naming service | ShocKNetworK Blog

Automated backup of AWS route53 zones

cli53! It’s the coolest tool you can use for Amazon DNS route53! This is the posting I had tried to follow for backing up my zone files.

https://sysinfo.io/automated-backup-aws-route-53-record-sets/

I suspect that AWS changed the output of this command, so it no longer works. Here’s one that does:

cli53 list | awk '{print $2}' | grep -v Name | while read line; do cli53 export ${line} > ~/backup/${line}bk; done

With this command, it will grab all of the domains and back up each of the zone files.

DNS server not resolving external addresses – bind9 Ubuntu 16.

I ran into issues with Bind 9 on Ubuntu 16 very recently. I use an internal caching DNS server for a few reasons – try to protect myself from malware, log DNS requests on my network to have an idea of where all hosts are going – mainly searching for malware or bad websites, block some domains i.e. ad blocking and some others that I might not want to visit, even by accident, etc. Suddenly at some point, I could no longer resolve any addresses that were not in my zones. My forwarders were no longer working, etc. It turned out to be:

dnssec-validation auto;

This line is default in Ubuntu 16’s Bind 9. Why it worked before, I don’t know. I changed it to

dnssec-validation no;

Then everything magically started working again. Hope this saves someone else’s time. 🙂