add a zone with nsupdate ?

Bill Larson wllarso at swcp.com
Thu Jul 12 15:50:37 UTC 2001


There are a couple of problems with the idea of using dynamic DNS to create a
new zone, the first is that it really won't work.  Dynamic DNS needs to obtain
the SOA record for the zone prior to updating it, but there isn't an SOA record
because you are trying to create it.  A chicken and egg situation.

The second problem is that all dynamic DNS can modify are the zone files.
Dynamic DNS does NOT make any aattempt to modify /etc/named.conf.  In fact, all
"named" needs to be able to do is read named.conf, and if you are using the
"-u" option to run as an unprivileged user, this is exactly what will happen.
There is no reason that the user than named is running under has to have write
capability to the configuration file, but this user MUST be able to write to
zone and log files - which implies the ability to write to the directories that
contain these files.

Sorry, you are stuck with using "vi" (or other editor of your choice) to edit
the named.conf configuration file itself.  There is a strong interest in having
a GUI based configuration editor, and there are some available, such as Webmin
(http://www.webmin.com/webmin/) and Gaymede
(http://www.arlut.utexas.edu/~broccol/gash2/), that attempt to assist in this
job.  But from what I hear they aren't perfect - but I haven't worried about
this either.  So check these tools out if you are interested.  A listing of
some DNS administration tools can be found at
http://www.dns.net/dnsrd/tools.html.

Bill Larson

Francois MARTIN wrote:

> Hi,
>
> I read some mailing lists but noboby really answer to this question which is
> to know if there is a dynamic way to add a zone to a DNS server.
>
> I mean by "adding a new zone", to have the possibility to insert the
> declaration of the zone in the /etc/named.conf automaticaly instead of using
> a text editor and to run "ndc reload".
>
> The nsupdate utility allows to add and remove RR but doesn't seem to allow
> the creation of zones.
>
> So if someone has informations about that or I someone can answer this
> question, it'd be very great because I'm sure I'm not the only one to wonder
> this.
>
> Thanks.
> François.



More information about the bind-users mailing list