- Introduction
- Background
- Purpose
- Documentation
- Prerequisites
- Support of DNSKEY algorithms 15 and 16
- Translation
- Zonemaster and its components
- Installation
- Docker
- Versions
- Participation
- Bug reporting
- Notable bugs and issues
- Contact and mailing lists
Zonemaster is a software package that validates the quality of a DNS delegation. The ambition of the Zonemaster project is to develop and maintain an open source DNS validation tool, offering improved performance over existing tools and providing extensive documentation which could be re-used by similar projects in the future.
Zonemaster consists of several modules or components. The components will help different types of users to check domain servers for configuration errors and generate a report that will assist in fixing the errors.
DNSCheck from IIS and Zonecheck from AFNIC are two old software packages that validate the quality of a DNS delegation. AFNIC and IIS came together to develop a new DNS validation tool from scratch under the name Zonemaster. Zonemaster intends to be a major rewrite of Zonecheck and DNSCheck, and aims to implement the best parts of both.
The components developed as part of the Zonemaster project will help different types of users to check domain servers for configuration errors and generate a report that will assist in fixing the errors.
The ambition of the Zonemaster project is to develop and maintain an open source DNS validation tool, offering improved performance over existing tools and providing extensive documentation which could be re-used by similar projects in the future.
This is the main project repository. In this repository, documentation regarding the design, requirements and specifications for the Zonemaster implementation are available. We also have a brief user guide.
Zonemaster comes with documentation for and has been tested on the operating systems and processor architecture listed below.
- x86_64 / amd64
- CentOS Linux 7
- Debian 11
- Docker
- FreeBSD 13.0
- Ubuntu 22.04
- Rocky Linux 8.6
Only the latest long-term supported version of Debian, FreeBSD, Rocky Linux and Ubuntu, respectively, is supported. Support for CentOS Linux 7 will be dropped by Zonemaster release v2023.1.
Only the Docker images provided by the Zonemaster project on Docker Hub are supported. Currently only Zonemaster-CLI is supported on Docker. Docker itself can run on any of the Docker supported OSs (Linux, MacOS and Windows).
Rocky Linux has replaced CentOS in Zonemaster version v2021.2 since CentOS 8 is not supported anymore and CentOS 7 is old and does not support modern OpenSSL required by Zonemaster. Rocky Linux is also a Red Hat derivative and is available at large cloud providers.
| Operating System | MariaDB | PostgreSQL |
|---|---|---|
| CentOS Linux 7 | 5.5 | not supported |
| Debian 11 | 10.5 | 13.7 |
| Docker | n/a | n/a |
| FreeBSD 13.0 | 5.7 (*) | 13.6 |
| Ubuntu 22.04 | 10.5 | 14.2 |
| Rocky Linux 8.6 | 10.3 | 10.19 |
- (*) FreeBSD uses MySQL, not MariaDB.
- SQLite is bundled in Perl DBD::SQLite and loaded as a dependency to Zonemaster-Backend.
- Zonemaster Backend has been tested with the combination of OS and database engine version listed in the table above.
- Zonemaster depends on functionality introduced in PostgreSQL version 10, and earlier versions of PostgreSQL are as such not supported.
- Zonemaster Backend has not been published on Docker Hub.
| Operating System | Perl |
|---|---|
| CentOS Linux 7 | 5.16 |
| Debian 11 | 5.32 |
| Docker | (*) |
| FreeBSD 13.0 | 5.32 |
| Ubuntu 22.04 | 5.34 |
| Rocky Linux 8.6 | 5.26 |
- Zonemaster requieres Perl version 5.16 or higher.
- Zonemaster has been tested with the default version of Perl in the OSs as listed in the table above.
- (*) Perl is included in the Docker image published on Docker Hub.
Zonemaster GUI is tested against the combination and browser in the table below. The latest version of the browser at the time of testing is used.
| Operating System | Browser |
|---|---|
| Ubuntu 22.04 | Firefox |
| Ubuntu 22.04 | Chrome |
| Windows 10 | Firefox |
| Windows 10 | Chrome |
| MacOs | Firefox |
| MacOs | Chrome |
Zonemaster GUI is tested manually and with testing tools. See the Zonemaster-gui repository for more details.
To be able to support and process DNSKEY algorithms 15 (Ed25519) and 16 (Ed448)
for DNSSEC the underlying OS must
have a recent version of OpenSSL installed, and LDNS being linked against that
OpenSSL (see Zonemaster-LDNS-README for more details). Then
information below on support of the algorithms assumes that the
installation instructions given for Zonemaster have been followed. A test of the
domains ed25519.nl and superdns.nl will reveal if the Zonemaster
installation has the support or not for algorithms 15 and 16, respectively.
All supported OSs, except CentOS Linux 7, support algorithms 15 and 16 out of the box. To get the support in CentOS Linux 7 a newer version of OpenSSL has to be installed and Zonemaster-LDNS has to be installed following special instructions found in the Zonemaster-Engine installation instructions.
Zonemaster comes with translation to the following languages. Translation is
available as methods in Zonemaster::Engine, zonemaster-cli (i.e. the
Zonemaster-CLI interface to Zonemaster::Engine), Zonemaster-Backend
RPCAPI interface to Zonemaster::Engine) and the Zonemaster-GUI interface
to RPCAPI.
- Danish (da, da_DK.UTF-8)
- English (en, en_US.UTF-8)
- Finnish (fi, fi_FI.UTF-8)
- French (fr, fr_FR.UTF-8)
- Norwegian (nb, nb_NO.UTF-8)
- Spanish (es, es_ES.UTF-8)
- Swedish (sv, sv_SE.UTF-8)
The Zonemaster product consists of the main part and five components. The main part consists of specifications and documentation for the Zonemaster product, and is stored in the main Zonemaster Github repository.
All the software for the Zonemaster project belong to the five components, each component being stored in its own Github repository (listed below).
The software has not yet been packaged for any operating systems, and you have to install most of it from the source code. The recommended method is to install from CPAN (except for Zonemaster-GUI), but it is possible to install directly from clones of the Github repositories. Zonemaster-GUI has no Perl code, and is installed directly from its repository at Github.
The Zonemaster Product includes the following components:
- Zonemaster-LDNS - LDNS with a Perl frontend used by Zonemaster-Engine.
- Zonemaster-Engine - The Zonemaster test library.
- Zonemaster-CLI - A Command Line Interface (CLI) to the test library (Zonemaster-Engine).
- Zonemaster-Backend - A JSON/RPC interface with database to the test library (Zonemaster-Engine).
- Zonemaster-GUI - A web user interface to the test library via Zonemaster-Backend.
To install Zonemaster, start with installation of Zonemaster-Engine (which will draw in Zonemaster-LDNS) and then continue with the other parts. You will find installation instructions from the links above.
Zonemaster-CLI is available on Docker Hub, and can be conveniently downloaded and run without any installation. Through Docker Zonemaster-CLI can be run on Linux, MacOS and Windows. See USING Zonemaster-CLI for how to run Zonemaster-CLI on Docker.
To build your own Docker image, see the Docker Image Creation documentation.
Go to the release list of this repository to find the latest version of Zonemaster and the versions of the specific components. Be sure to read the release note of each component before installing or upgrading.
You can submit code by forking this repository and creating pull requests. When you create a pull request, please select the "develop" branch in the relevant Zonemaster repository.
See our contact and mailing lists page for information on mailing lists.
For bug reporting go to the relevant Zonemaster repository and create a GitHub issue there. Before creating the issue, please search for the problem in the issue tracker in the relevant repository. If you find an open issue covering your issue, please add a comment with any additional information.
- Issues in Zonemaster::LDNS
- Issues in Zonemaster::Engine
- Issues in Zonemaster::CLI
- Issues in Zonemaster::Backend
- Issues in Zonemaster::GUI
If you cannot determine which repository to create the issue in, please select the main Zonemaster repository (i.e. general issues in Zonemaster).
None.
See our contact and mailing lists page for contact information and information on mailing lists.