Bind9 + db(any) + split dns (views)

[Kevin Darcy]

Ben Habing wrote:

>Does anyone have any experience with setting up bind9 with a db backend?
>Good or bad? (We can use pretty much anything for the database, except
>for Oracle.) I had heard on some lists that some work has been done with
>the Berkeley DB, getting very good performance results. I know of other
>products (i.e. PowerDNS) but nothing that we can find that will do a
>good implementation of the db connection and heavy use of "views".=20
>
>System config
>Multihomed systems running OpenBSD 3.5
>Bind 9.2.3
>Both NICs are inside a DMZ (10.0.0.x/24)  ; no we can't put one outside
>the DMZ, 							;(crazy
>firewall admin)
>Lots of disk space.
>256MB of RAM ; we can upgrade
>The db will be hosted on a separate system, (most likely win2k3 server)
>Not sure what other information you'd need, we're building these things
>from the ground up so anything goes (pretty much).
>
>The main reason we want to have a db is we are going to be giving client
>access to  edit zones, and sign up for new or transfer existing domains.
>And if I told them we'd be giving them ssh access they'd say, "What's
>SSH?", "You mean I have to type it?"
>
I don't know that you need a db backend for BIND. The actual zone data 
"editing" can be backended by Dynamic Update, the zone creation/deletion 
can be handled any number of ways, including having an "index" zone that 
contains one record per zone hosted (and the index zone could also be 
maintained via Dynamic Update if you want). You might want a database of 
administrative zone information (for billing purposes if nothing else), 
but that could run in parallel with the DNS database _per_se_, and maybe 
some off-the-shelf bookkeeping package might be more cost-efficient for 
this purpose than trying to build something yourself from scratch (don't 
forget, these days there are things like Sarbanes-Oxley you have to be 
aware of when writing a program to maintain financial data).

- Kevin