seperate static and dynamic update zone files?
David Nolan
vitroth+ at cmu.edu
Wed Jun 27 15:20:02 UTC 2007
--On Tuesday, June 26, 2007 15:48:08 -0700 Chris Buxton
<cbuxton at menandmice.com> wrote:
>
> - You can use some kind of management system that allows you to edit
> dynamic zones as if they were static zones. There are commercial
> solutions out there, such as one made by my company; there may also
> be FOSS solutions available.
There definitely are FOSS solutions, like the one made by my company. :)
I haven't posted about it to the list for a while, but Carnegie Mellon's
NetReg system handles this. It issues dynamic updates to the zone for
records that it owns, and ignores the records that were inserted by the
dhcp server or any other dynamic dns updating system. (As an added bonus,
NetReg builds the config files for both ISC dhcpd and bind, complete with
TSIG keys, etc... And you get an IP address management system too.)
Check out my previous posts on this list for more details, such as this one:
<http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/threa
d/1859cdb39ad7f6d9/6b695beab712012e?lnk=st&q=&rnum=12#6b695beab712012e>
> - You can use nsupdate instead of freeze/thaw to manage your static
> entries. Just make sure to tune your update-policy statement to allow
> what you want.
Similar to that approach, I have a perl script that parses a named.conf
file to extract the TSIG key for a zone, and uses the Net::DNS perl
libraries to issues a TSIG signed update to a zone. (If anyone wants a
copy, I'm happy to put it up on the CMU netreg website.)
-David Nolan
Network Software Designer
Computing Services
Carnegie Mellon University
More information about the bind-users
mailing list