administering 1,000 zone files
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Thu Dec 30 13:22:22 UTC 2004
Mariano Cunietti <mcunietti at enter.it> wrote:
> Hi,
> I work for an italian ISP and I manage two Bind 9.2.1 servers whhich
> serves 1,000 zones. Currently we use a master and a slave bind 9.2.1. A
> simple perl script adds new zone statements to the master named.conf
> (locally) and to the slave one (mounted via NFS, shame on me). Zone
> files are obviously transfered via bind features.
> Considering security issues I think there should be another way to do
> that. What I'm actually looking for is a way to synchronize named.conf
> on both servers: each time I add a new zone to the master, I want the
> correspondig slave statement to be created on the slave server.
> This could be accomplished through a (perl?) script, maybe using a
> shared SQL database which is populated via web.
> My questions are:
> a) can you suggest me such a tool to perform these tasks?
perl + ssh / rsync to distribute the resulting file. A few
hours of work si all you need.
Also look into using a "hidden" master , it will simplify things
whenever you encounter an error during reload of your master.
> b) does bind 9 support such a built-in feature (automatic sync of
> master->slave named.conf)?
No.
> TIA
> Mariano
> --
> -----------------------------
> Mariano Cunietti
> System Administrator
> Enter S.r.l.
> Via Stefanardo da Vimercate, 28
> 20128 - Milano - Italy
> Tel. +39 02 25514319
> Fax +39 02 25514303
> mcunietti at enter.it
> www.enter.it - www.enterpoint.it
> -----------------------------
> Gruppo Y2K - www.gruppoy2k.it
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list