[Q] Create/update zones by program/API ?

Wed Aug 16 23:21:06 UTC 2000

Here's an explanation I just gave a few hours ago:

> RFC 2136 explains Dynamic Update in detail, but simply put, it just consists
> of special "queries" which a client can send to cause the nameserver to
> (conditionally) change its master zone data. The "nsupdate" program provided
> with BIND is a utility which is capable of forming Dynamic Updates and
> sending them to the appropriate server(s).
>
> To allow Dynamic Updates for a particular zone, use the
> "allow-update" statement, which can specify addresses, TSIG key names, or a
> combination of both. If you want to use crypto-authenticated Dynamic Update
> using TSIG, then your client will also need to have access to the relevant
> key (e.g. the "-k" option to nsupdate) so that it can properly sign the
> update requests.
>
> One gotcha is that once you've changed over to use Dynamic Update for a
> zone, then it's very difficult to reliably make non-Dynamic Update changes
> to the zone, since "named" will periodically overwrite the zone file. This
> also precludes the use of directives like $INCLUDE or $GENERATE. So, once
> you switch a zone to using Dynamic Update, count on doing *all* of your
> maintenance for that zone via Dynamic Update unless you switch back.
>
>
> - Kevin
>
> John Smith wrote:
>
> > can someone explain me what's dynamic update in DNS and how do i setup my
> > DNS so they'll support that? thanks
>

The only other things I'd add:

 1.   It is not currently possible to create or add a zone using Dynamic
Update. This is because RFC 2136 explicitly forbids addition or deletion
of SOA records. I don't really know why; Paul Vixie is being very
tight-lipped about the rationale behind this restriction. So you'll still
have to create the zones manually, but once they're created, you could use
Dynamic Update for everything else.

2.    In addition to the "nsupdate" program, there are also various API's
available if you want to write your own Dynamic Update utilities. You
might look and see if there's one available in Java.

- Kevin

Michel Szybist wrote:

> Hi Kevin.
>
> I didn't find it --sorry for bugging you.
>
> Could you be a little more precise, you would be of a great help !
>
> Michel
>
> In article <398EED7D.422ABB38 at daimlerchrysler.com>,
>   Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> >
> > You could do this through Dynamic Update. See the current thread with
> > subject "DYnamic DNS".
> >
> > - Kevin
> >
> > Michel Szybist wrote:
> >
> > > Hi to all happy DNS players!
> > >
> > > I'm facing a pretty problem about our Web offer.
> > > Maybe you could point me to some docs ?
> > >
> > > We would like to offer our customers subdomains and domains to
> create,
> > > email, and all this online instant (or schedule) updatable.
> > > (approximatively like ml.org did and dyndns.org does, but with
> static
> > > IP addresses) --I did not find any interresting doc on dyndns.org.
> > >
> > > So... I would like to be able to call an API to update the zones
> and MX
> > > in my app or in a CGI script. (Our Web application runs in Java
> 1.1.8
> > > on Solaris 2.7 with Bind 8.1.2 and Apache 1.3.9)
> > >
> > > Thank you for any docs or links you could have,
> > > and happy bind!
> > >
> > > Michel.
> > >
> > > --
> > > Michel Szybist
> > > msz at email.com
> > > Fax: +44 8701 3737 30
> > >
> > > Sent via Deja.com http://www.deja.com/
> > > Before you buy.
> >
> >
>
> --
> --
> Michel Szybist
> msz at email.com
> Fax: +44 8701 3737 30
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.