Add DNS entry to CoreDNS using nsupdate

Question

I am trying to setup/use CoreDNS for testing purpose.

Problem: How to add a DNS entry to CoreDNS using nsupdate.

So far, I am able to execute below steps

1. Running CoreDNS container using Docker CoreDNS.

2. Using dig command to verify ANSWER SECTION - Working

   dig @localhost -p 2053 gateway.example.com

   ; <<>> DiG 9.11.5-P1-1ubuntu2.6-Ubuntu <<>> @localhost -p 2053 gateway.example.com
   ; (1 server found)
   ;; global options: +cmd
   ;; Got answer:
   ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43649
   ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
   ;; WARNING: recursion requested but not available
   
   ;; OPT PSEUDOSECTION:
   ; EDNS: version: 0, flags:; udp: 4096
   ; COOKIE: b3198c49725db20b (echoed)
   ;; QUESTION SECTION:
   ;gateway.example.com.           IN      A
   
   ;; ANSWER SECTION:
   gateway.example.com.    3600    IN      A       192.168.1.1
   
   ;; AUTHORITY SECTION:
   example.com.            3600    IN      NS      a.iana-servers.net.
   example.com.            3600    IN      NS      b.iana-servers.net.
   
   ;; Query time: 0 msec
   ;; SERVER: 127.0.0.1#2053(127.0.0.1)
   ;; WHEN: Fri Feb 07 21:20:03 AEDT 2020
   ;; MSG SIZE  rcvd: 181
   

3. Trying to add an entry using nsupdate

   nsupdate -d
   > server localhost 2053
   > update add gateway1.example.com 86400 A 172.16.1.2
   > send
   Reply from SOA query:
   ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:   1844
   ;; flags: qr aa; QUESTION: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
   ;; QUESTION SECTION:
   ;gateway1.example.com.          IN      SOA
   
   ;; ANSWER SECTION:
   example.com.            3600    IN      SOA     sns.dns.icann.org. noc.dns.icann.org. 2018070500 7200 3600 1209600 3600
   
   ;; AUTHORITY SECTION:
   example.com.            3600    IN      NS      a.iana-servers.net.
   example.com.            3600    IN      NS      b.iana-servers.net.
   
   Found zone name: example.com
   The master is: sns.dns.icann.org
   Sending update to 127.0.0.1#2053
   Outgoing update query:
   ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  37199
   ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
   ;; UPDATE SECTION:
   gateway1.example.com.   86400   IN      A       172.16.1.2
   
   
   Reply from update query:
   ;; ->>HEADER<<- opcode: UPDATE, status: NOTIMP, id:  37199
   ;; flags: qr; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
   

4. Using dig command to verify added DNS enttry - Not Working

   dig @localhost -p 2053 gateway1.example.com

   ; <<>> DiG 9.11.5-P1-1ubuntu2.6-Ubuntu <<>> @localhost -p 2053 gateway1.example.com
   ; (1 server found)
   ;; global options: +cmd
   ;; Got answer:
   ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44362
   ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
   ;; WARNING: recursion requested but not available
   
   ;; OPT PSEUDOSECTION:
   ; EDNS: version: 0, flags:; udp: 4096
   ; COOKIE: 65143756198117f0 (echoed)
   ;; QUESTION SECTION:
   ;gateway1.example.com.          IN      A
   
   ;; AUTHORITY SECTION:
   example.com.            3600    IN      SOA     sns.dns.icann.org. noc.dns.icann.org. 2018070500 7200 3600 1209600 3600
   
   ;; Query time: 0 msec
   ;; SERVER: 127.0.0.1#2053(127.0.0.1)
   ;; WHEN: Fri Feb 07 21:24:25 AEDT 2020
   ;; MSG SIZE  rcvd: 142
   

4th step is not returning the ANSWER SECTION. I reckon its not getting added.

Do I have to add a different CoreDNS plugin in its Corefile?

Any hint/solution will help me to move forward!!

Thanks

Answer 1

I do not think coredns supports updating records in zones.

;; ->>HEADER<<- opcode: UPDATE, status: NOTIMP, id: 37199

I have been looking at coredns recently to see if can work as a shim between on prem BIND zones and GCP Clouddns. Unfortunately it doesn't seem to support this use case at the present time.