On Sep 25 2008, Jeffrey Collyer wrote: >Is there a best practices guide anywhere for Dynamic DNS? Basically I'm >looking for information about how folks have rolled out Dynamic DNS in a >large ISP like environment (University).
By "Dynamic DNS", many people assume one means "updates by DHCP servers", but technically all it means is updating DNS zones incrementally rather than by complete replacement. You might want to clarify your requirements. A few years ago, we started doing all (well, nearly all) our DNS changes using DNS update operations. When we announced this to our users, a lot of them thought we were going to have some sort of University-wide DHCP service. Urr, no, we didn't mean that ... :-( >Are there tools to take the place of the "edit config"->"rndc reload" >cycle for non dynamic changes or is everything pushed through scripts to >be dynamic? Do whatever you can via DNS updates, e.g. the nsupdate(1) utility, or something scripted using the Net::DNS Perl modules, or whatever. If you absolutely need to get in at the mangle-master-files level, then you can use "rndc freeze [zone]", edit the master file (not forgetting to update the SOA serial), "rndc thaw [zone]". But this will lock out DNS updates during the interval. >Or have folks moved to a database backend on a hidden master? If so >what database? LDAP? > >Is the LDAP sdb stuff even viable anymore, as the bind9-ldap.bayour.com >site doesn't resolve any more. (probably not relevant to this list, but >maybe someone would know). > >And does any of the database backend stuff integrate with DNSSec? Can't comment on any of that. Our back-end database feeds into processes that do DNS updates as above: it isn't used to drive BIND directly. -- Chris Thompson Email: [EMAIL PROTECTED]
