DNS WORKSTIONS ENTRIES

Kevin Darcy kcd at daimlerchrysler.com
Thu Nov 29 02:48:46 UTC 2001 

L Skidmore wrote:

> Good day
>
> We have a wide are network with 8 Unix servers, 12 NT servers and approx 300
> NT workstations.  All IP addresses are static, mail is pop3 from the Unix
> boxes and web and ftp sites reside on the NT servers.  We have one DNS
> server, two wins servers running and all devices on the network are wins
> clients or are manually entered into the wins data base
>
> Our DNS server has an entry for each and every server, workstation, and
> printer.  I have attempted to have our DNS purged of non important entries
> such as workstations and printers to reduce the work load of keeping it up
> to date as well typo's.  Management however feels there is value added
> having the entries.  The network has evolved from a Unix network and when NT
> workstations were added the IP's were added to the DNS.  The DNS was also
> used to find free IP addresses on the network however this has also changed
> to a more efficient method.
>
> I believe I understand that DNS allows the mail servers to find servers as
> well for the workstations to find web and ftp sites.  Is there a reason that
> the workstations should be entered in the DNS?  Would the DNS be quicker
> responding if it had to search through 20 addresses instead of 320?

BIND uses a hashing algorithm to fetch database entries, so it is quite
efficient and I wouldn't expect any kind of noticeable difference between 20
entries and 320, assuming the box has a relatively modern CPU. At about 100
bytes (roughly) per entry, I don't imagine that the impact on RAM will be much
either. The biggest risk, as you point out, is the risk of typos and/or
"collisions". Instead of concentrating on slimming down your DNS database,
maybe your time would be better spent scripting the way updates are made to
your zone files, preferably coming up with something that's easy to use yet
contains a lot of failsafes and/or sanity-checks. I started down this road a
number of years ago, and now I have a fairly capable system with a web/CGI
frontend (I don't do Java or Javascript) and a Dynamic-Update-based backend.
The system is mostly written in Perl and I'd like to eventually convert it
*all* to Perl (for reasons of maintainability and platform-independence). Even
if you don't want to go all of the way to Dynamic Update for your backend,
I know many folks adapt some sort of source-code- or version-control system
like CVS to ensure the consistency of their zonefiles.


- Kevin

More information about the bind-users mailing list