nsupdate and round robin

Kevin Darcy kcd at daimlerchrysler.com
Wed Jan 3 00:03:19 UTC 2007 

Victor Hugo dos Santos wrote:
> 2006/12/14, Mark Andrews <Mark_Andrews at isc.org>:
>
> hello,
>
>   
>>> i need setup dns with option of "round robin" and this is my actual
>>> zone file (only relevant lines):
>>>       
>
> [...]
>
>   
>>> www     60      IN      A       200.200.200.201
>>> www     60      IN      A       200.200.200.202
>>> www     60      IN      A       200.200.200.203
>>> --------------------------------------------
>>>       
>
> [...]
>
>   
>>> but, i don't know how delete/update the specific host (www 60 IN A
>>> DINAMIC_IP) and not other www hosts for this zone with round robin
>>> options !!!
>>>       
>> nsupdate
>> update delete www.<zone> A <oldaddress>
>> update add www.<zone>. 60 A <newaddress>
>> send
>>     
>
> but.. the "oldaddress" is dynamic !!!
> or you know one secure alternative for get the host with dynamic
> "oldaddress" in middle of other hosts/registers ???
>
>   
I'm not sure what you're saying here. nsupdate doesn't care whether an 
address is "dynamic" or not, it treats all of the records it manipulates 
as "dynamic" in the sense that they are subject to change. Any given 
invocation/instance of nsupdate doesn't inherently know about any other 
processes or subsystems that might be trying to update the same data.

If what you're saying is you have a mixture of "static" entries and 1 
"dynamic" entry associated with a particular domain name, then the 
algorithm I'd follow would be:
1. do a lookup of the name and enumerate all of the addresses
2. identify the "dynamic" one through process of elimination (i.e. it's 
the only one not from the "static" list)
3. submit a record-specific (as Mark described above) Dynamic Update of 
that record with also a _prerequisite_ that the old "dynamic" record 
exists with the value determined from Step #2.
4. If the  Dynamic Update fails because the prerequisite  is not met, 
then presumably this is because the record is being updated by some 
other process or subsystem while you are trying to make your update. 
Repeat the sequence at Step #1, but you might want to put a limit on the 
number of such "restarts" so as not to get in an "infinite" loop.
5. Otherwise, if the update is successful, then you're done.

Alternatively, you might potentially be able to co-ordinate these 
disparate processes/subsystems by using some sort of "flag" record to 
control update access. But I don't know the capabilities of these other 
processes/subsystems in your environment, so I don't know if that's even 
feasible.

                                                                         
                              - Kevin

More information about the bind-users mailing list