rndc reconfig causing long timeouts

Kevin Darcy kcd at daimlerchrysler.com
Mon Oct 3 21:42:31 UTC 2005


Sami Kerola wrote:

>01.10.2005 07:53, Brad Knowles <brad at stop.mail-abuse.org>:
>
>  
>
>>At 11:19 PM -0400 2005-09-30, Dave Clark wrote:
>>
>>    
>>
>>>I would be interested in learning if the BIND developers are
>>>making any plans towards a version of BIND that asyncronously
>>>replies to queries while reconfiging/reloading.
>>>      
>>>
>
>[snip]
>
>  
>
>>>It would be ideal if there was some way to use rndc to have
>>>BIND add or remove a single zone, but I have not thought of a
>>>practical implementation for this, so I have not made a formal
>>>feature suggestion.
>>>      
>>>
>>Yeah, that's a much tougher problem.  It's hard enough just to 
>>get it to reload a given zone, or to do a "reconfig", or 
>>whatever. Trying to use rndc to actually distribute the 
>>configuration changes is going to be quite a challenge.
>>    
>>
>
>I have experience of being administrator for master / secondaries 
>of 14 000 zones. That's almost nothing compared to 171 000 zones. 
>One of the problems is that secondaries has five different hidden 
>masters, and that causes small configuration issues which perl 
>scripts has solved. I admit that perl scripts & scp is not pretty 
>solution, but they do the job.
>
>Is there even theoretical possibility, that zone configuration 
>clause would be zone file alike? Basicly I need to transfer this 
>kind of configurations to multiple hosts.
>
>zone "foobar.com" {
>         type slave;
>         file "/zones/foobar.com";
>         masters { 123.123.123.123; };
>};
>
>If zone statement would be zone file alike axfr and ixfr could 
>send right configuration to secondaries. Something like this.
>
>~ cat named.conf
>[...]
>zone secondary.config bind {
> 	type slave;
> 	file "/etc/zones.config";
> 	master { 123.123.123.123; };
>};
>[...]
>~ cat /etc/secondary.config
>secondary.config.	BIND SOA hidden-ns.foobar.com hostmaster.foobar.com. (
>                                 2005100301 ; serial
>                                 28800      ; refresh (8 hours)
>                                 7200       ; retry (2 hours)
>                                 604800     ; expire (1 week)
>                                 86400      ; minimum (1 day)
>                                 )
>foobar.com.		BIND	type	slave
>foobar.com.             BIND    file	/zones/foobar.com
>foobar.com.             BIND    master	123.123.123.123
>[...]
>
>There should be possiblity to specify multiple sources of 
>secondary config. If there's syntax errors or same secondary zone 
>in more than one config zones the secondary zone should make 
>normal error log entry and ignore the secondary zone, ie zone 
>would drop but it's admins fault.
>
>Is this completely stupid idea?
>
I don't think ISC would ever go for that. They seem to consider the 
RFC-defined master-file format a sacred cow. If I recall, they're 
waiting for someone to work on some sort of Holy Grail "provisioning" 
protocol for BIND to hook into as far as zone adds/deletes, etc. Until 
then, all BIND users are stuck either buying an expensive, 
enterprise-class "IP management system" with a DNS component, e.g. 
Lucent's QIP or Nortel's NetID, or cobbling together their own 
"provisioning" system, using Perl scripts and whatnot.

- Kevin




More information about the bind-users mailing list