standardized maintenance tool

Kevin Darcy kcd at daimlerchrysler.com
Fri Jun 8 20:28:35 UTC 2001


I'm not a big fan of using RDBMS'es as the primary source of DNS data. Seems
like massive overkill to me.
Why not just use Dynamic Update to maintain the DNS data directly? If you
have other data associated with those entries, e.g.
asset/inventory/software-distribution/contact information or whathaveyou,
you could use something more lightweight to maintain that information in
parallel with DNS, like LDAP. That's what we're developing here (the Dynamic
Update part is done, we're still working on migrating the adjunct data to
LDAP).

One of the big benefits of using Dynamic Update for DNS maintenance (besides
instant publication on the master, of course) is that you can delegate
chunks of your namespace to different nameservers without having to
implement a whole lot of RDBMS API crud on each one. Just generate TSIG keys
for security, and any one of those nameservers can be updated remotely from
a central maintenance console (or distributed consoles, if you want).

Another benefit is that in the foreseeable future you'll probably be wanting
to enable your zones for Dynamic Update _anyway_, for DHCP dynamic clients
and/or Win2K/AD. Trying to mix Dynamic Update with an RDBMS-based
maintenance solution sounds pretty painful to me...


- Kevin

Brian Noecker wrote:

> We're looking at implementing a zone file maintenance tool.  We'd like to
> integrate it with existing database backends, namely, Oracle or Postgres.
> We'd also like to have a web interface, preferribly one with different
> levels of access for subdomains, etc.
>
> We have 30 - 35 zones, but plan to handle more.  We'd like to implement a
> free version if possible.
>
> Does anyone have any suggestions?
>
> Thanks in advance.





More information about the bind-users mailing list