Am 2005-07-14 09:55:10, schrieb /dev/rob0:
> A couple other tips, in case you've not managed a dynamic zone before:

Right.

> 1. ALL zone changes will have to be done using nsupdate(8), unless you 
> stop named and delete the zone's journal file (/var/named/*.jnl or the 
> *.jnl in whatever directory you are using.) Do not attempt manual edits 
> of your dynamic zone's file without doing this. Also, understand that 
> deletion of the journal inhibits IXFR; slaves will have to transfer the 
> whole zone, not just the changed data.
> 
> 2. Comments in your nicely-edited zone file are gone. I had made mine 

I was already thinking on this issue.
My curent zonefiles are autogenerated by a script from a postgresql.
There will be no problem to change the script to use 'nsupdate', ok,
the script will be much bigger and slower, but it schould work too.

> such a pretty one, with human-friendly sorting of records, and comments; 

Me too.  :-)

> named and nsupdate ate them. :) $INCLUDE's and $GENERATE's will be 
> included and generated into the zone file. named will do its own simple 
> dictionary sort of records by name.

So 'nano', 'mc' and #brain' are obsolete!  :-/

> 3. Notify is your friend, and so is BIND 9. I use Zoneedit service for 
> the parent domain, and I tried setting them up as slave of the dynamic 
> subzone. But they don't work with notifies, and they only do AXFR. I 
> deleted that out of zoneedit and switched to a network of BIND 9 slaves. 
> The slaves get their notifies and start their IXFR immediately. Changes 
> are propagated in 2 seconds (when network lag is bad) or less.

OK.

> Wouldn't you also use a variable in place of the RR name? I do. Will 

Yes, I have around 30 Workstations, Laptops and servers to update

> there only be one user? I've offered mine to friends, so I've got a 
> handful of users. I started this because a paying customer was on a 
> dynamic IP (PPPoE), and we needed to be able to find that host.

Me too.

> I use TXT records in mine. I generate a UTC string of update and store 
> as a TXT record. I think that's a useful feature, because it tells me 
> when a user last updated his/her record.

I do logging too.  And I recommend it to all peoples which do such
scripting.  Recording the source IP with timestamp is essential.

Maybe you/me will get hack attempts

> 86400 is a bit long for a TTL, if this is truly a dynamic IP. My own is 

Yes its 100% dynamic IP.

> dynamic in form but not in practice, so I can use longer TTL's, but even 
> so I choose to keep it no more than 3600. I use 900 for a friend on 
> dialup, 1800 for IP's which change occasionally, and 3600 for mostly 

I think, I will use this values too.

> static IP's. (TTL value is set in the user record which the CGI script 
> uses for authentication, and I use a variable for that, too.)

OK

> > This is easier as I was thinking...
> 
> Indeed. Have fun with it.

:-)

Now I am working since 6 years and 4 month with Linux
(since 2.0.36) and each day I have more fun.  :-)

Greetings
Michelle

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack   Apt. 917                  ICQ #328449886
                   50, rue de Soultz         MSM LinuxMichi
0033/3/88452356    67100 Strasbourg/France   IRC #Debian (irc.icq.com)

-- Attached file included as plaintext by Ecartis --
-- File: signature.pgp
-- Desc: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFC1pyLC0FPBMSS+BIRAn98AKCTK8oJyCDbL2FzEaJ6jhOCLHxBaQCgpb1n
oGz014em6MKezQlv+pSAktI=
=jzNx
-----END PGP SIGNATURE-----