seperate static and dynamic update zone files?

Clenna Lumina savagebeaste at yahoo.com
Wed Jun 27 19:22:29 UTC 2007


David Nolan wrote:
> --On Tuesday, June 26, 2007 15:48:08 -0700 Chris Buxton
> <cbuxton at menandmice.com> wrote:
>>
>> - You can use some kind of management system that allows you to edit
>> dynamic zones as if they were static zones. There are commercial
>> solutions out there, such as one made by my company; there may also
>> be FOSS solutions available.
>
> There definitely are FOSS solutions, like the one made by my company.
> :)
>
> I haven't posted about it to the list for a while, but Carnegie
> Mellon's NetReg system handles this.  It issues dynamic updates to
> the zone for records that it owns, and ignores the records that were
> inserted by the dhcp server or any other dynamic dns updating system.
> (As an added bonus, NetReg builds the config files for both ISC dhcpd
> and bind, complete with TSIG keys, etc...  And you get an IP address
> management system too.)

Been meaning to check out TSIG maybe deploy it with my setup, though I'm 
not sure if this will be doable for the domains I slave via 
ZoneEdit.com.

> Check out my previous posts on this list for more details, such as
> this one:
> <http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/threa
> d/1859cdb39ad7f6d9/6b695beab712012e?lnk=st&q=&rnum=12#6b695beab712012e>

Thank you. Will do.

>> - You can use nsupdate instead of freeze/thaw to manage your static
>> entries. Just make sure to tune your update-policy statement to allow
>> what you want.
>
> Similar to that approach, I have a perl script that parses a
> named.conf file to extract the TSIG key for a zone, and uses the
> Net::DNS perl libraries to issues a TSIG signed update to a zone.
> (If anyone wants a copy, I'm happy to put it up on the CMU netreg
> website.)

Sure, would be nice to check out.

-- 
CL 




More information about the bind-users mailing list