Experience with DDNS (RFC 2136)
Phil Mayers
p.mayers at imperial.ac.uk
Fri Oct 7 22:40:32 UTC 2011
On 10/07/2011 06:43 PM, JINMEI Tatuya / 神明達哉 wrote:
> Maybe an off topic in this thread, but out of curiosity, is there any
> specific reason you don't use the database as the direct source of the
> zone with BIND 9's dlz or PowerDNS? In general it will be slower, and
I can't speak for Chris but here, we rejected DLZ and similar because:
1. DNSSEC
2. Speed
3. Impedance mismatch between database schema and DNS
4. Perceived second-class status of DLZ
5. Loss of various things that are automatic if using zones (IXFR)
6. Too-tight coupling between the SQL DB and DNS
Of all of them, #1 and #6 were probably the most important. Using a
decent programming language to map your SQL into DNS means you get
arbitrary flexibility. Having to shoehorn it into a small set of SQL
queries denies you that.
Personally, even if bind were to use SQL for its own zone storage, I'd
still separate the two. Loosely coupled systems are good.
> DNSSEC signing might be an issue in that setup, but on the other hand
> updates will be reflected immediately, (at least in theory) no need
It's pretty trivial to use triggers to push updates via DDNS if you're
so inclined.
> for worrying about consistency, no need for additional script or DDNS
> setups, and (although this may not be an issue with 58 zones w/ max 50K
> RRs/zone) no need for waiting on reload.
There are no reloads with DDNS zones, so I'm not sure I follow you.
More information about the bind-users
mailing list