One Domain; Multiple IPs.

[Robert Gahl]

At 10:16 PM 7/17/2001 +0100, Jim Reid wrote:

>In a heterogeneous environment, the IXFR protocol is the sure way of
>doing incremental zone transfers because every DNS implementation is
>expected to support it. Except yours of course. As I said before not
>every platform has rsync and SSH. Some organisations even have their
>name servers under different administrative control which makes SSH an
>administrative nightmare. Imagine an ISP providing slave DNS service
>for say a few thousand customer zones, each under the control of a
>different customer. Now manage that with rsync-over-SSH with a few
>thousand discrete UIDs and SSH keys so each customer can only change
>their zone file. It's do-able but practically unworkable in the real
>world. And let's not forget the non-trivial problem of key management
>too.

Not to add too much fuel to the fire, but since we all want to remain 
legal, and as most of us are probably commercial establishments, the SSH 
server costs $475 per unix system, $99 per NT/Linux workstation, and $565 
for Windoze servers (which I find as a new first where the PC version 
actually costs more than the Unix version) -- at least from ssh.org it does.

I do lots of things using rsync over ssh, but DNS is not one of them. Oh, 
and don't try and play the "support" card on me for free products. I've 
gotten more immediate support for sendmail, procmail, DNS/BIND, analog, 
apache, jserv and mrtg (not necessarily in that order) than I ever did for 
my pay-for-support stuff.

If this alternate product bundles an SSH license with it, well, then great. 
If not, then it is a "hidden" cost. :(

Just one man's opinion. Your mileage may vary.


===
Bob Gahl Bicycle (Ryan Vanguard) Mobile ||     @
     ARPA/Internet: bgahl at bawcsa.org     ||  !_ \
    URL: http://www.bawcsa.org/bgahl/    ||  (*)-~--+--(*)
"Sahn joong moe low ful how jee yah ching wong" - "When the
mountain has no tigers, the monkey will also declare himself
king." Chinese Proverb