Reply
Highlighted
Accepted Solution

Example for querying DNS based on an IP address

joelcollinsdc
Techie
Posts: 6
8290     0

Sorry if i'm using the wrong terminology here...  

 

I'm trying to find the correct API call to identify all dns entries that point to a particular IP address.  In english, I'm trying to find out if there are any old DNS entries that are pointing to a particular server.  Sometimes the records show up under record:a, and but I'm pretty sure most are cnames (you can probably tell i'm not a DNS guy).  Is there a single query I can do for this?

 

 

Re: Example for querying DNS based on an IP address

GHorne Community Manager
Community Manager
Posts: 248
8291     0

A CNAME won't help you because it just points to another name, not an IP address.

 

If you want all the records for an address (using the WAPI) you would use the ipv4address and ipv6address objects:

  /ipv4address?ip_address=10.10.2.3

  /ipv5address?ip_address=2006:C0FE:CAFE::0099

 

That will get you a list of names (FQDNs) and references to those objects in the database.

 

To then do an extensive search you would have to:

 

   Search for all CNAMES that point to any of the FQDNs listed

       /record:cname?canonical=my.fqdn.for.address

   Get all the record:hosts in the _ref list and check if they have any aliases.

       /record_host/Li5pcHY0X2F...?_return_fields+=aliases

Re: Example for querying DNS based on an IP address

joelcollinsdc
Techie
Posts: 6
8291     0

Thanks @GHorne.  Its possible I'm doing something wrong...

 

I have an IP address (say, 1.2.3.4)

 

curl /ipv4address?ip_address=1.2.3.4 results in []

 

However, when I do a curl /allrecords/zone=whatever&name=~=myservername, i see

 

"_ref": "allrecords/......",
"comment": "",
"name": "myservername",
"type": "record:host_ipv4addr",
"view": "myview",
"zone": "myzone"
}

 

This is the name that I usually assign cnames too... and I dont even see this in the ipv4address query  (let alone see a list of domains that are cname'd to this).  Am I doing something wrong?

 

Thanks!

Re: Example for querying DNS based on an IP address

GHorne Community Manager
Community Manager
Posts: 248
8291     0

2 things:

 

1) you are correct, /ipv4address just returns references to other objects, but not the details, so you know if there is a HOST or A record, or Fixed address with that IP, but for name, etc, you should really interrogate the _ref that gets returned.

 

 

2) Well, you're seeing a bug in the WAPI with /allrecords.

 

You need to ignore the 'type' field ("type": "record:host_ipv4addr",) that is incorrect, what you are seeing is a 'record:host' object.

 

To get a more correct, detailed result add the 'address' and 'record' fields to the search:

 

    /allrecords/zone=whatever&name=~=myservername&_return_fields%2B=address,record

 

Then you will get something that looks more like this:

 

    {
        "_ref": "allrecords/ZG5zLnpvbmVfc2VhcmNoX2luZGV4JGRucy5ob3N0JC5fZGVmYXVsdC5vcmcudGVzdC53YXBp:wapi", 
        "address": "1.1.1.21", 
        "comment": "", 
        "name": "wapi", 
        "record": {
            "_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0Lm9yZy50ZXN0LndhcGk:wapi.test.org/default", 
            "ipv4addrs": [
                {
                    "_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQub3JnLnRlc3Qud2FwaS4xLjEuMS4yMS4:1.1.1.21/wapi.test.org/default", 
                    "configure_for_dhcp": false, 
                    "host": "wapi.test.org", 
                    "ipv4addr": "1.1.1.21"
                }
            ], 
            "name": "wapi.test.org", 
            "view": "default"
        }, 
        "type": "record:host_ipv4addr", 
        "view": "default", 
        "zone": "test.org"
    }, 

 

That should give you a clearer picture of what is going on in that zone/name

 

Re: Example for querying DNS based on an IP address

joelcollinsdc
Techie
Posts: 6
8291     0

I'm still pretty confused.  

 

Why doesn't /ipv4address?ip_address=1.2.3.4 return a reference to myservername?  How am I supposed to identify all records with an address of 1.2.3.4?

 

Also, based on your recommended approach, it sounds like there is no way to use a single API query to identify all records (a + cname) that point to a particular IP address.    The example you provided gives address -> ip, but I'm really trying to go the other direction... start with an IP and find all addresses based on that.

Re: Example for querying DNS based on an IP address

joelcollinsdc
Techie
Posts: 6
8291     0

What I have seemed to get working, which I'm hoping is a better way is to:

 

1) use /search?address=1.2.3.4

for each of the resulting responses:

2) query /search/fqdn=[answer from #1]

to see if there is a cname

 

This seems brittle...

Re: Example for querying DNS based on an IP address

joelcollinsdc
Techie
Posts: 6
8291     0

FWIW, i ended up doing searches on cname records and a records individually.

Showing results for 
Search instead for 
Do you mean 

Recommended for You