nsupdate/DNS mgmt tool
Michael Fuhr
mfuhr at dimensional.com
Wed Feb 7 05:42:11 UTC 2001
I wrote the disclaimers about Net::DNS when it was still young and
untested. While I still recommend thorough testing before putting
anything into production, Net::DNS has been used on production networks
for several years now without any major problems reported. I know of
one large company that has used Net::DNS to make hundreds of dynamic
updates per day for the past three years and I'm not aware of anything
going wrong.
I'm still working on Net::DNS, though development often goes through
long dormant phases (as do I in general -- a certain author probably
thinks I've died because I haven't been getting back to him). I've
just uploaded the latest development version (0.19) to the page
mentioned below. The most significant recent change is partial TSIG
support (queries & updates are signed, but responses aren't checked).
I've tested TSIG-signed dynamic updates against BIND 8 and BIND 9
and they appear to work. Developers concerned about the security
of dynamic updates may wish to investigate the new TSIG functionality.
On Mon, Feb 05, 2001 at 11:20:02AM -0700, Bill Larson wrote:
>
> You might want to look at "The Perl Journal", Issue 16, Winter 1999.
> There is an article "Dynamic DNS Updates with Perl" by Jon Drukman.
>
> This article is available on-line at http://www.perljournal.com, IF you
> are a subscriber. Or you might have a friend with a copy of the
> article, or a university library.
>
> This article is a fairly nice description of the dynamic DNS update
> mechanism available inside Perl. It uses the Net::DNS Perl resolver
> module written by Michael Fuhr. This is available from
> http://www.fuhr.org/~mfuhr/perldns/.
>
> Note that Michael includes LOTS of disclaimers about this module, but
> many people are using is successfully.
>
> Bill Larson
>
> > Does anyone here have experience with such a thing or advice regarding the
> > usability of nsupdate like this? Is there more complete nsupdate
> > information available other than the man page?
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
More information about the bind-users
mailing list