really large zone files
Steve Price
steve at havk.org
Sat Jul 27 03:29:06 UTC 2002
On Fri, Jul 26, 2002 at 10:29:07PM +0100, Simon Waters wrote:
>
>> Does anyone have any experience with using BIND with really large
>> (in the millions or ten of millions of A records) zone files? I'm
>> in the process of building a bogus zone file so that I can test
>> things out but if anybody has been there and done that I'd really
>> appreciate hearing from them.
>
> The real question is why?
Well I had an HBI (hair-brained idea) and was wondering if one
could setup something like Vipul's razor but skip writing all
of the extra software for propogating all of the MD5 checksums,
figuring out how to cache entries on the client, etc. All of
what's needed as far as I can tell is already in BIND's named
implementation. The only dent in the armor is whether one could
handle potentially huge zone files without requiring a couple of
dozen really schnazzy computers.
If the checksums were a part of a DNS zone like md5.example.org
with an A record for each checksum then using procmail one could
determine if a message was U[BC]E with the following:
CHECKSUM=| formail -I '' | tail -n+2 | md5
IPADDR=`nslookup -timeout=5 -retry=2 ${CHECKSUM}.md5.example.org`
:0
* $ IPADDR ?? 127\.0\.0\.9
bulk
Look maw no special client software. Adhering to the long-standing
Un*x tradition of reusing/refactoring instead of rewriting. Okay
so I might be mad but I thought it was a novel idea anyway. :)
-steve
More information about the bind-users
mailing list