allow-update in global options (was Re: bind and certbot with dns-challenge)

Stephan von Krawczynski skraw.ml at ithnet.com
Mon Mar 18 17:07:06 UTC 2019


On Mon, 18 Mar 2019 12:06:57 -0400
Bob Harold <rharolde at umich.edu> wrote:
>>[...]
> Thanks for the explanation, and for asking for input.
> And thanks for maintaining BIND, we depend on it.
> 
> My group manages about 3000 zones.
> In my opinion, 'everything' should be inherited, to make the configuration
> as simple as possible.  And it should be possible to override any setting
> at a lower level, for the exceptions.  It would be even better if I could
> 'group' zones and set configurations on the group.  Repeating the same
> configuration thousands of times seems like a waste.  I would even set
> "masters" and 'type' at the top level if I could, since 90% of my zones
> come from the same hidden master.  And if the file name could have a
> default or a pattern, that could be set at the top also, leaving only a
> list of zones names for most zones.
> 
> If you make the change, I can live with it, but it is not my preference,
> and does not seem like an improvement.
> 
> -- 
> Bob Harold

Thank you very much. It seems I am not alone with my way of using BIND.
Exactly such a setup is the cause for my suggestion of a "zone-default"
statement in another post. This would allow the grouping that you are looking
for.

-- 
Regards,
Stephan von Krawczynski



More information about the bind-users mailing list