Had a fun one for a client recently whereby they were standing up some new DNS servers for a segment of their network.

The forward lookup zones were very easy, import csv and PowerShell them in without much fuss at all..

 

Next came the Reverse DNS Zones.

Now let’s just say that their documentation wasn’t as up-to-date as it could have been, so the fun began when trying to go about importing them without having a reliable source of truth to go by.

 

Luckily for me, we’d not long finished a DHCP upgrade from some dusty old Linux boxes (located somewhere under one of the network engineers desk) to a shiny new Server 2016 DHCP failover configuration, so we had a good source of truth there.

 

So, how to export all subnets from DHCP and import to DNS using PowerShell…?

 

I came up with the below.. Ok, not my best piece of work, not my worst, but in a few minutes of spamming my keyboard, I had a workable solution to achieve what was needed..

 

Important to note that the majority of their DHCP scopes were either a /23 or /21 so I had to get a little tricky with the subnet array builder..

$DNS1 = "dnsserver1.domain.corp"
$DNS2 = "dnsserver1.domain.corp"
$DNS1IP = "192.168.1.10"
$DNS2IP = "192.168.1.11"

# Get all DHCP scopes
$Scopes = Get-DhcpServerv4Scope -ComputerName "dhcpserver.domain.corp"


# Build array of subnets from DHCP scopes 
$revzones = @()
ForEach($scope in $Scopes){
    $segment = $scope.subnetmask.IPAddressToString.split(".")[2]
    $range = 255-$segment
    $ip = $scope.ScopeId.IPAddressToString.split(".")
    $revzones += $ip[0] + "." + $ip[1] + "." + $ip[2] + ".0" 
    DO{
        $ip[2] = 1+$ip[2]
        $range--
        $revzones += $ip[0] + "." + $ip[1] + "." + $ip[2] + ".0" 
    }WHILE($range -gt 1)
}

# Subnets to create on DNS servers
$revzones

#Add DNS reverse zones
ForEach($zone in $revzones){
    Write-Host -foregroundcolor CYAN "Working on subnet $($zone)"
    $zone = $zone + "/24"
    $zonefile = $zone.split(".")[2] +"."+ $zone.split(".")[1]+"."+$zone.split(".")[0] + ".in-addr.arpa.dns"
    Write-Host "Adding the following Primary Reverse Lookup Zone: $($zone) to DNS Server $($DNS1)"
    Add-DnsServerPrimaryZone -NetworkId $zone -ZoneFile $zonefile -DynamicUpdate NonsecureAndSecure
    Write-Host "Adding DNS Server $($DNS2) as a Name Server to Reverse Lookup Zone: $($zone)"
    Add-DnsServerResourceRecord -ZoneName $Zonefile.trimend(".dns") -ns -ComputerName $DNS1 -name $Zonefile.trimend(".dns") -NameServer $DNS2
    Write-Host "Adding the following Secondary Reverse Lookup Zone: $($zone) to DNS Server $($DNS2)"
    Add-DnsServerSecondaryZone -NetworkId $zone -ZoneFile $zonefile -MasterServer $DNS1IP -ComputerName $DNS2
}

# Show us our results on the Primary
Get-DNSServerZone -ComputerName $DNS1

# Show us our results on the Secondary
Get-DNSServerZone -ComputerName $DNS2


So there you go, a do what it says no warranty PowerShell script to query a DHCP server for all subnets and create corresponding Reverse Lookup Zones on two DNS servers.

 

Enjoy!
Dan

Leave A Comment