converting to a dynamic zone

[Mike Shannon]

Thanks, Simon.

I think I left out some details, but this is very useful and informative, thanks for your quick response.

I've done some testing with this and it appears if there is an already existing zone and you change it to allow updates, then you can't easily change entries that *existed before* you allowed updates.  For instance, if I had 10.10.1.10 associated with www.somefakehost.com and wanted to change its IP address or maybe switch it to a CNAME or whatever, this proves difficult.  I've had to stop named, edit the zone file by hand, delete the .jnl file and restart named.  In bind 8, the zone files were updated hourly and the log files were deleted, making it fairly safe on a slow name server to stop named, make manual changes and then restart named without loosing your dynamic updates (this was a feature as far as I'm concerned).  I'm sure this would never make it to a best practices book, but it works.

The network I'm using DDNS on is a private network with no access to the real world and has very little as far as 'real production' goes, i.e. if the name server gets hacked or goes down, we wont loose any money.  

Mike


"Simon Waters" <Simon at wretched.demon.co.uk> wrote in message news:3C7AB68B.AE46E8E4 at wretched.demon.co.uk...
> 
> Mike Shannon wrote:
> >  
> > We have a couple of existing subdomains here that I'd like to convert to dynamic, is there an easy way to migrate?  I'm afraid if I just start allowing dynamic updates then I'll need to delete an old entry then the journals getting outta whack, then I'd have to delete the .jnl file to get named to run, not a good approach.
> 
> You just use nsupdate to delete entries.
>  
> > Are there any tools available for ddns that would tell me the last IP address used in a range?  I know I could just document as I go, but it seems like there might be someone out there that has gone through this.
> 
> Since you normally use DDNS with DHCP, all you need do is avoid
> allocating addresses from the DHCP scope, otherwise you can
> allocate static addresses as normal.
>  
> > Sorry if this has been addressed before, I tried searching the archives but didn't really find what I was looking for.  I've also read 'dns and bind' and didn't find much useful information there.  Starting from scratch isn't really an option, nor is creating a new subdomain - so I need to have a tool that will look through my existing zone file and create a file that nsupdate understands, then maybe I can get rid of the old zone file?
> 
> You just add "allow-update" to the zone, and when the first
> update arrives it creates the journal file.
>  
> > Also, is there anyway to see what changes have been made in like the last 24 hours or last 1 month?  I'm guessing this would be some sort of log analyzer, but hopefully someone on this list will have something better than a guess.
> 
> The only thing I know of is "ixfr" you can request updates from
> a specific period, if the journal covers it.
> 
> Why are you making zones dynamic? How are you securing updates?
> How will you handle downtime of the primary master? Should be
> your first questions, not the mechanics of zone changes.
> 
>