seperate static and dynamic update zone files?

Tue Jun 26 22:52:28 UTC 2007

How is this really any better than just using rndc freeze/edit/rndc thaw?

Granted, you run the risk of losing any interim updates, but you 
*always* run that risk when you mix static and dynamic in the same zone 
(any static updates that are made might take time to load back in, and 
during that time, named can't accept Dynamic Updates for the zone, since 
there could be conflicts with the newly-loaded data, e.g. CNAME and 
other data).

For those that can't tolerate *any* possibility of lost Dynamic Updates, 
then Dynamic Update must become the *sole* method for updating 
information in the zone. All of the tools and utilities must be adapted 
to use Dynamic Update. This is the route we've taken with our legacy DNS 
infrastructure (the full implementation of Lucent's QIP product will 
change that paradigm).

What I *do* agree with, is that writing zonefile parsers is a pain in 
the butt, especially since the zonefile syntax is so flexible, and 
there's no telling what features or formatting choices the BIND 
implementors may adopt in any given release, so the parser has to 
understand *everything* that's legal in a zone file, and that's quite a 
bit of non-trivial coding. Perhaps the solution to the problem is to 
provide more formatting control within the BIND configuration. Or, then 
again, maybe the solution is just a standard library for parsing zone 
files, e.g. a Net::DNS::Zonefile Perl module (I'll get around to that in 
my Copious Free Time)...

                  - Kevin

Clenna Lumina wrote:
> I have a (hypothetical) question, which I am curious about (I may some 
> day use the answers I get here in the real world, who knows :) )
>
> Lets say I have a local zone for a large corporate or whatever LAN. Say 
> local.corp.com is the local-only domain.
>
> Ok, so a hostname of a client system can be mapped to it's assigned IP 
> via DHCP (dynamic update.)
>
> Lets say there are some servers on the LAN (mail, dns, http, etc) that 
> have static IPs.
>
> In the Bind setup, you would have a zone "local.corp.com" and a 
> corresponding zone files (say: type master; file "db.local.corp.com) and 
> dynamic updates allowed for the specific IP pool the DHCP'ed clients 
> use.
>
> My question is this. Is it possible to have separate files for the main 
> static part of the zone, and one for all the dynamic updates? That way 
> one could edit the static zone file without having to freeze/thaw, as 
> noted in DNS & Bind.
>
> Actually as I was typing this, one possible solution popped into my 
> mind, though I'm not sure how well it would work:
>
>    zone "local.corp.com" {
>       type master;
>       file "local.corp.com";
>       ...
>    };
>
>    zone "clients.local.corp.com" {
>       type master;
>       file "clients.local.corp.com";
>       update-policy { grant dhcp.local.corp.com name 
> "clients.local.corp.com"; };
>    };
>
> This would effectively give separate files, but only if I want the 
> dhcp'ed clients in a subdomain (ie: 10-10-21.clients.local.corp.com) but 
> would not work if you wanted, say, dhcp-10-10-21.local.corp.com, which 
> is what I want to achieve.
>
> What I'd really find useful is something like:
>
>
>    zone "local.corp.com" {
>       type master;
>       file "local.corp.com";
>       dynamic-file "clients.local.corp.com";
>       update-policy { grant dhcp.local.corp.com name 
> "clients.local.corp.com"; };
>       ...
>    };
>
> (And slaves would perhaps just get full end resultant zone when 
> transfering.)
>
> Maybe this could be an idea for the next version? (Unless theres already 
> a way to do this.)
>
> Thank you.
>
>   