[bind10-dev] DNS server use cases and BIND 9 compatibility
fujiwara at jprs.co.jp
fujiwara at jprs.co.jp
Fri Aug 19 11:28:48 UTC 2011
Hi,
I think that we need to consider DNS server use cases and BIND 9
compatibility on BIND 10.
BIND 9 supports all use cases in one program "named".
Will BIND 10 support all use cases in one configuration ?
I classified DNS server use cases and made some consideration.
Do we need to discuss such topic in next meeting ?
-----------------------------------------------------------------------
DNS server use cases:
There are several user categories: Small scale users, DNS Hosting,
TLDs, ISPs.
1. Small scale users
* Characteristics
- Number of zones is small. ( < 1,000 ? )
- Each zone size is small. ( < 1,000,000 ? owner names )
- Number of slave DNS servers is small. ( < 10 ?)
- Zones are not changed frequently. (A few times par day ?)
- They operates some resolvers.
* Includes
- Most organizations (enterprises, universities, ...)
- Indivisuals
* Use cases
- Most of them operates three types of DNS servers.
(a): Master server
- loads zone information from local files
- acts as an authoritative DNS server
- transfers zone information to their Slave DNS servers using *XFR.
(b): Slave servers
- receive zone information from their Master DNS server using *XFR.
- act as an authoritative DNS server
(c): Resolvers
- act as full-resolvers.
(c1): Resolvers with static zone
- it has the organizations' zone information which
may be received by *XFR or loaded from zone files.
(c2): VIEW function sometimes used
to separate authoritative function and resolver function.
(c3) Some users operate authoritative function and resolver function
in one IP address.
2. DNS Hosting
* Characteristics
- Number of zones is large. ( > 10,000 ? )
- Each zone size is unknown (small ?)
- Number of slave DNS servers is large. ( > 10 ?)
- Zones may change frequently.
* Use cases
- (d): Special authoritative DNS server
They may not use AXFR/IXFR/NOTIFY to transfer their zone
information to their slave DNS servers.
They may use RDB backend. (DLZ in BIND 9?)
Or, They may use file copy (over SSH/RSYNC/file system)
and reload their slave servers.
3. TLD
* Characteristics
- Number of zones is small. ( < 10 or 1000? )
- Each zone size is large. ( > 1,000,000 owner name)
- Number of slave DNS servers is large. ( > 20 ?)
- Zones may change frequently. ( each 1 or 5 or 15 minutes )
* Use cases
- Most TLDs use three types of DNS servers.
- (e) ZONE master (Manages TLD zones, transfers TLD data
to Transfer servers. using AXFR/IXFR/NOTIFY out)
- (f) Transfer servers (Trasnfer TLD data to Authoritative DNS servers.
using AXFR/IXFR/NOTIFY in/out)
- (g) Authoritative DNS servers (offer DNS service,
transfer using AXFR/IXFR/NOTIFY in)
== (b)?
4. ISPs
* Operate many resolvers.
-----------------------------------------------------------------------
BIND 9 offers all function in one binary "named".
It offers all use cases: (a)(b)(c)(e)(f)(g)
BIND 10 auth with RDB backend may support (d).
BIND 10 auth with in-memory db may support (a)(b)(f)(g).
BIND 10 full-resolver may support (c).
NSD supports (a)(b)(f)(g) without IXFR-out function.
Unbound supports (c) without (c2)(c3).
Unbound can offer static zone written in configuration file.
Unbound cannot retrieve zone information via *XFR. (BIND 9 can do).
-----------------------------------------------------------------------
--
Kazunori Fujiwara, JPRS <fujiwara at jprs.co.jp>
More information about the bind10-dev
mailing list