Couple DNS Record to IPAM
Closed this issue · 6 comments
At the Moment the IPAM can create DNS-Records, the other Way around (create a DNS Entry and it is displayed under IPAM) doesn`t work out for me.
Describe the solution you'd like
If i create a DNS Record, where the Value is also present in the IPAM create the Entries in the IPAM as well.
Describe alternatives you've considered
Otherwise it would be necessary to create all Entries over the IPAM, if the Devices is Managed already. And to compare if the created Entry isnt already present in the managed Records.
Hi @Stathogon thanks for raising this!
As with many questions regarding IPAM coupling, the answer is unfortunately not that simple, and it's always for the same reason: There is no general solution that fits all use cases, and the current implementation of IPAM Coupling is experimental and somewhat limited.
The problem, as almost always, boils down to the use of VRFs in IPAM and Views in DNS. Neither is an IPAM IP Address necessarily unique, nor is an address or pointer record in DNS, and at the very least one would need some kind of agreement which Views and which VRFs are related to single out a specific relationship. Actually it goes even further down to prefix level in IPAM - think IPv4 and IPv6 address space within the same VRF.
But, again as almost always, this can be solved for the specific case when you add custom scripts and event rules to the picture.
Solution 1
- Create a custom script that determines the IP address for A, AAAA, and possibly PTR records (YMMV, if you create PTR automatically, don't have them be handled by the script)
- With this information, you can check whether there is a matching IPAddress object in NetBox IPAM
- If found, add the information (probably only the DNS name?) to the IPAddress object
You can have that script be triggered by registering an event rule for "NetBox DNS | record".
Note that this is not the same as with IPAM coupling - the DNS record is not a managed record because you have created it manually, so IPAM coupling would create a managed record if you enable it. Not ideal, but you have to have one leading system.
Solution 2
- Have a look at
examples/custom_scripts/DNS_IPAM_Updater.py
Actually, using solution 1 you could go a step further (when you know what you're doing, that is):
- Find the matching IPAM IPAddress object
- Set the
managedflag of the A record if you found one - Insert the Zone ID/Name attributes in the custom fields for the IPAddress object
That way, you could actually use the IPAM Coupling feature (at least I can't think of a reason why not), and have everything work as before. If you generate PTR records automatically, you can even link the whole mechanism to the PTR record, which is managed anyway.
Thanks for the fast response and i will take a look into the whole ordeal. I hadnt considered the VRFs, cause we dont use them atm. And the possibility for same IPs at different locations with different DNS names. thats right. Atleast for us that isnt a possibility and i will check a custom script out to update the IPAM accordingly. For me the issue is closed and if i find something useful for the Project i will create a Pull request for it.
If neither VRFs nor views are an issue for you the solution via custom script should be straightforward to implement. Let me know if I can help.
By the way, there is another reason why it's not easy to create an IP address from a DNS record. The DNS record doesn't know anything about the prefix length, but you need it for an IP address.
Thanks for the fast and insightful informations. I will get to work next week (hopefully) and have a look at it.