Automatic Secondary NS

Kevin Darcy kcd at daimlerchrysler.com
Fri Jun 8 00:17:51 UTC 2001 

Mark.Andrews at nominum.com wrote:

> > I'm looking for a similar soft, it should just have the following extras:
> >
> > - dynamic update via a client included in the distribution for Linux &
> > Windows
> > - dynamic update protected by password/Signature different for every zone,
> > so that the client soft can be used by my users.
> >
> > Thanks
> >
> > Marc
>
>         The is a perfect example of why the IETF left the automatic
>         creation of zones on slave via dynamic update alone.  It's
>         all the other metadata that has to be transmitted, some of        it
> encrypted, that is the problem.

It's only a problem if one assumes that *everything* needs to be done within the
protocol, a mindset which seems all-too-common in the IETF. If there was protocol
support for signed NOTIFYs and creation/deletion of SOA records within Dynamic
Update, I'm sure implementors could figure out how to leverage that into
full-blown automatic zone-creation, i.e. create the zone via Dynamic Update on
the master, it sends out signed NOTIFYs to trigger the slaves to auto-create, and
any "metadata" is up to the implementation to manage.

Without protocol support, implementors and administrators are going to cobble
together solutions for doing this anyway (and have already done so). They'll just
probably be uglier, less efficient, harder to maintain, etc.


- Kevin

> > ----- Original Message -----
> > From: Chris Buxton <cbuxton at menandmice.com>
> > To: <comp-protocols-dns-bind at moderators.isc.org>
> > Sent: Thursday, June 07, 2001 2:17 AM
> > Subject: RE: Automatic Secondary NS
> >
> >
> > >
> > > There are such tools available. However, they tend to cost money.
> > >
> > > [warning: sales pitch ahead]
> > >
> > > I normally wouldn't make such a blatant commercial pitch, but it does
> > > directly address the question. If you're interested in a commercial
> > > solution, we make one, called QuickDNS. When using QuickDNS to manage
> > > your servers, when you create a zone, master and slave servers are
> > > all configured automatically. When you save a change to a zone, it is
> > > immediately reloaded on both master and slave servers, without going
> > > through a whole restart sequence.
> > >
> > > If you're interested in more details, please see the website
> > > referenced in my signature.
> > > ____________________________________________________________________
> > >
> > > Chris Buxton <cbuxton at menandmice.com>
> > >
> > > Men & Mice <http://www.menandmice.com/> offers:
> > >   - DNS training, including Active Directory
> > >   - QuickDNS, a DNS management system for servers on Linux & Mac OS
> > >     (Solaris support coming soon!)
> > >   - DNS Expert, a DNS analysis and troubleshooting utility
> > > ____________________________________________________________________
> > >
> > > At 12:48 PM -0400 6/5/01, Todd Snyder wrote:
> > > >in that case, are there any tools that will make the changes?
> > > >
> > > >Once I finish my current project, I'm going to start writing something
> > (been
> > > >on my todo list for a while) .. but if theres something out there, or if
> > > >someone has a script they've already written...
> > > >
> > > >I plan on using expect a bunch, unless someone else can beat me over the
> > > >head with something else (please!  I hate expect).
> > > >
> > > >It's a fairly obvious kind of thing - working at an ISP, whenever add a
> > > >domain, we have to update the secondary.  It would be much nicer if there
> > > >was one tool that would update both for provisioning.
> > > >
> > > >Todd.
> > >
> >
> >
> --
> Mark Andrews, Nominum Inc.
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list