Automatic Secondary NS

Kevin Darcy kcd at daimlerchrysler.com
Fri Jun 8 01:18:24 UTC 2001


For Linux at least, if you compile BIND, you get nsupdate, which can generate
crypto-signed Dynamic Updates, named (of course), which can restrict Dynamic
Updates based on signing key, and you get the necessary tools to generate the
keys that they use. Doesn't this meet your requirements?

Note that this doesn't really have anything to do with automatic
slave-creation.


- Kevin

Marc C Storck wrote:

> I don't need auto-creating of zone, just hosts (... IN A ....)
>
> Marc
>
> > > Hello,
> > >
> > > I'm looking for a similar soft, it should just have the following
> extras:
> > >
> > > - dynamic update via a client included in the distribution for Linux &
> > > Windows
> > > - dynamic update protected by password/Signature different for every
> zone,
> > > so that the client soft can be used by my users.
> > >
> > > Thanks
> > >
> > > Marc
> >
> > The is a perfect example of why the IETF left the automatic
> > creation of zones on slave via dynamic update alone.  It's
> > all the other metadata that has to be transmitted, some of
> > it encrypted, that is the problem.
> >
> > Mark
> > >
> > > ----- Original Message -----
> > > From: Chris Buxton <cbuxton at menandmice.com>
> > > To: <comp-protocols-dns-bind at moderators.isc.org>
> > > Sent: Thursday, June 07, 2001 2:17 AM
> > > Subject: RE: Automatic Secondary NS
> > >
> > >
> > > >
> > > > There are such tools available. However, they tend to cost money.
> > > >
> > > > [warning: sales pitch ahead]
> > > >
> > > > I normally wouldn't make such a blatant commercial pitch, but it does
> > > > directly address the question. If you're interested in a commercial
> > > > solution, we make one, called QuickDNS. When using QuickDNS to manage
> > > > your servers, when you create a zone, master and slave servers are
> > > > all configured automatically. When you save a change to a zone, it is
> > > > immediately reloaded on both master and slave servers, without going
> > > > through a whole restart sequence.
> > > >
> > > > If you're interested in more details, please see the website
> > > > referenced in my signature.
> > > > ____________________________________________________________________
> > > >
> > > > Chris Buxton <cbuxton at menandmice.com>
> > > >
> > > > Men & Mice <http://www.menandmice.com/> offers:
> > > >   - DNS training, including Active Directory
> > > >   - QuickDNS, a DNS management system for servers on Linux & Mac OS
> > > >     (Solaris support coming soon!)
> > > >   - DNS Expert, a DNS analysis and troubleshooting utility
> > > > ____________________________________________________________________
> > > >
> > > > At 12:48 PM -0400 6/5/01, Todd Snyder wrote:
> > > > >in that case, are there any tools that will make the changes?
> > > > >
> > > > >Once I finish my current project, I'm going to start writing
> something
> > > (been
> > > > >on my todo list for a while) .. but if theres something out there, or
> if
> > > > >someone has a script they've already written...
> > > > >
> > > > >I plan on using expect a bunch, unless someone else can beat me over
> the
> > > > >head with something else (please!  I hate expect).
> > > > >
> > > > >It's a fairly obvious kind of thing - working at an ISP, whenever add
> a
> > > > >domain, we have to update the secondary.  It would be much nicer if
> there
> > > > >was one tool that would update both for provisioning.
> > > > >
> > > > >Todd.
> > > >
> > >
> > >
> > --
> > Mark Andrews, Nominum Inc.
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com
> >





More information about the bind-users mailing list