Il 04/ago/2014 18:33 "John Anderson" ha scritto:
>
> Greetings Bind-Users List,
>
> I've recently inherited a project that is going to require some method of
automatically disseminating zone information to slave DNS servers running
BIND. While searching for an industry standard method of accompli
>
> Personally I'd like to extend UPDATE
>
> allow-addzone { acl; };
> allow-delzone { acl; };
> e.g.
> nsupdate
> new zone
> server addresss [port]
> key name:secret
> [masters ]
> [allow-query ]
> [allow-transfer ]
> [allow-update ]
Mark,
That looks like a nice format for it.
I'd still like to see named.conf mark some zones as
uneditable via rdnc, just in case I want to allow a
peer institution to add/remove zone where I'm the
secondary, I want some mechanism to prevent them from
accidently deleting zones I'm actually the
Personally I'd like to extend UPDATE
allow-addzone { acl; };
allow-delzone { acl; };
e.g.
nsupdate
new zone
server addresss [port]
key name:secret
[masters ]
[allow-query ]
[allow-transfer ]
[allow-update ]
On 05.08.14 11:43, Brian Cuttler wrote:
The slave trusts the master, for zone files, but creating
a new zone?
hmmm, when a meta-zone is signed by trusted key, why not? :-)
using notifies and IXFR would be even more great...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
On Tue, Aug 05, 2014 at 09:41:14AM -0500, /dev/rob0 wrote:
> On Tue, Aug 05, 2014 at 09:31:31AM -0400, Brian Cuttler wrote:
> > On Tue, Aug 05, 2014 at 09:21:07AM -0400, Brian Cuttler wrote:
> > > rndc addzone sounds like a very interesting tool, but
> > > if you want an automated sync, will requir
On Tue, Aug 05, 2014 at 09:31:31AM -0400, Brian Cuttler wrote:
> On Tue, Aug 05, 2014 at 09:21:07AM -0400, Brian Cuttler wrote:
> > rndc addzone sounds like a very interesting tool, but
> > if you want an automated sync, will require something to
> > read the source config of the master and then wr
On Tue, Aug 05, 2014 at 09:21:07AM -0400, Brian Cuttler wrote:
>
> rndc addzone sounds like a very interesting tool, but
> if you want an automated sync, will require something to
> read the source config of the master and then write the
> requisit slave zone information for the dns slave server(s
rndc addzone sounds like a very interesting tool, but
if you want an automated sync, will require something to
read the source config of the master and then write the
requisit slave zone information for the dns slave server(s).
Offsite slave servers will require a lot of trust.
Rsync solution fo
>There's currently no supported way to perform in-band zone provisioning
>via the DNS itself. I do have access to the metazone implementation
>that Vixie wrote his paper about, and I can send it to you if you like,
>but I'm not sure how useful you'll find it. There might also be some
>intere
On 08/04/2014 09:33 AM, John Anderson wrote:
I've recently inherited a project that is going to require some method of
automatically disseminating zone information to slave DNS servers running BIND.
The traditional solution to this problem is rsync, although I realize
that's not very sexy. :)
-Original Message-
From: Evan Hunt
Date: Monday, August 4, 2014 at 1:26 PM
To: John Anderson
Cc: "bind-users@lists.isc.org"
Subject: Re: Metazones or Something Else?
>> So to the best of your knowledge this functionality is still on drawing
>> board, unless i
> So to the best of your knowledge this functionality is still on drawing
> board, unless implemented out-of-band? (i.e. a perl script to parse
> metazone.zone, and create /etc/named.d/*.conf files)
Or run "rndc addzone".
There's currently no supported way to perform in-band zone provisioning
vi
> Some such ideas have been discussed on various lists. See this thread for
> example:
>
>http://www.ietf.org/mail-archive/web/dnsext/current/msg13475.html
>
> Mukund
Mukund,
So to the best of your knowledge this functionality is still on drawing board,
unless implemented out-of-b
ubject: Re: Metazones or Something Else?
John,
Zone information? As in the named.conf file and not the zone files?
Brian
On Mon, Aug 04, 2014 at 04:33:24PM +, John Anderson wrote:
> Greetings Bind-Users List,
>
> I've recently inherited a project that is going to require some me
Hi John
On Mon, Aug 04, 2014 at 04:33:24PM +, John Anderson wrote:
> Has this metazone idea gained any traction? Is there a distributable
> implementation? If not, has another technology emerged which
> essentially injects restart-persistent zone SOA record information
> into BIND so that it
Greetings Bind-Users List,
I've recently inherited a project that is going to require some method of
automatically disseminating zone information to slave DNS servers running BIND.
While searching for an industry standard method of accomplishing this task, I
came across this rather dated docum
17 matches
Mail list logo
