Experience with DDNS (RFC 2136)

JINMEI Tatuya / 神明達哉 jinmei at isc.org
Thu Oct 13 19:34:53 UTC 2011

At 11 Oct 2011 13:57:38 +0100,
Chris Thompson <cet1 at cam.ac.uk> wrote:

> >> Maybe an off topic in this thread, but out of curiosity, is there any
> >> specific reason you don't use the database as the direct source of the
> >> zone with BIND 9's dlz or PowerDNS?  In general it will be slower, and
> >
> >I can't speak for Chris but here, we rejected DLZ and similar because:
> >
> >  1. DNSSEC
> >  2. Speed
> >  3. Impedance mismatch between database schema and DNS
> >  4. Perceived second-class status of DLZ
> >  5. Loss of various things that are automatic if using zones (IXFR)
> >  6. Too-tight coupling between the SQL DB and DNS
> I have kept an eye on DLZ developments over the years, and thought quite
> seriously about using it for the re-implementation of the hidden master
> for our "managed zone service" (for vanity domains, although that's not
> how we describe them to the punters), but even there it didn't work out,
> primarily for Phil's reasons #5 and #6.

I see, thanks.  I think #6 is the most critical reason - other things
can be solved via development/release engineering improvements, but
this one seems to be about the system design policy, which wouldn't
(easily) be changed due to a feature set or the quality of
implementation.  Since there appears to be a class of operators who
prefer the "coupling" of DNS server and the database (from the fact
that there are a non negligible number of users of DLZ and PowerDNS(+
database backend), this is probably a matter of operational

JINMEI, Tatuya
Internet Systems Consortium, Inc.

More information about the bind-users mailing list