allow-update in global options (was Re: bind and certbot with dns-challenge)
Stephan von Krawczynski
skraw.ml at ithnet.com
Mon Mar 18 17:07:06 UTC 2019
On Mon, 18 Mar 2019 12:06:57 -0400
Bob Harold <rharolde at umich.edu> wrote:
>>[...]
> Thanks for the explanation, and for asking for input.
> And thanks for maintaining BIND, we depend on it.
>
> My group manages about 3000 zones.
> In my opinion, 'everything' should be inherited, to make the configuration
> as simple as possible. And it should be possible to override any setting
> at a lower level, for the exceptions. It would be even better if I could
> 'group' zones and set configurations on the group. Repeating the same
> configuration thousands of times seems like a waste. I would even set
> "masters" and 'type' at the top level if I could, since 90% of my zones
> come from the same hidden master. And if the file name could have a
> default or a pattern, that could be set at the top also, leaving only a
> list of zones names for most zones.
>
> If you make the change, I can live with it, but it is not my preference,
> and does not seem like an improvement.
>
> --
> Bob Harold
Thank you very much. It seems I am not alone with my way of using BIND.
Exactly such a setup is the cause for my suggestion of a "zone-default"
statement in another post. This would allow the grouping that you are looking
for.
--
Regards,
Stephan von Krawczynski
More information about the bind-users
mailing list