At 06 Oct 2011 20:26:48 +0100, Chris Thompson <c...@cam.ac.uk> wrote:
> >Are you willing to share the stories of your DDNS deployments, maybe > >including approximate number of zones, records, update frequencies, > >etc.? > > We converted all our regular DNS updating operations to use dynamic > updates in May 2005, for those zones for which we[*] are master. > That's currently 58 zones (many of them small, the largest is cam.ac.uk > with c. 50000 non-DNSSEC RRs) but would have been a few more then > before our reverse zone consolidation exercise. > > We have never regretted this. We did have some Windows 2000 DNS Server > stealth slaves that had to be given "provide-ixfr no" settings because > they ****ed up applying incremental transfers, but they've all gone now > (thank $DEITY). We already had most of the input to our DNS zone content > generated from an external database (even more so now), but I don't > think that was critical. Deciding to write a "compare two zone files > and generate nsupdate input to convert one to the other" Perl script > was. Maybe an off topic in this thread, but out of curiosity, is there any specific reason you don't use the database as the direct source of the zone with BIND 9's dlz or PowerDNS? In general it will be slower, and DNSSEC signing might be an issue in that setup, but on the other hand updates will be reflected immediately, (at least in theory) no need for worrying about consistency, no need for additional script or DDNS setups, and (although this may not be an issue with 58 zones w/ max 50K RRs/zone) no need for waiting on reload. --- JINMEI, Tatuya Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
