On Thu, 21 Nov 2002 17:53, Toni Mueller wrote: > > I DO NOT WANT TO CONVERT MY ZONE FILES. I WANT TO USE THEM AS-IS. > > There is only one Unix way to use them (fortunately), and that's BIND.
There is also nsd. I've spent about 10 minutes playing with nsd and it looks very promising, I've put in some bind zone files and they work. It was written with the sole aim of making a secure authoritative name server that uses bind zone files. I expect I'll be running all my primary servers on nsd in the next few weeks, and maybe all my secondaries too. > No, all other Unix DNS software I am aware of can't do it as well. > There could be a reason in _that_. How do you think about the > multitude of SQL- and LDAP-backed DNS- (or anything-) servers out > there? That's all crap because they don't work with BIND zone files > and sendmail.cf? LDAP or SQL backed DNS isn't an option unless performance is not required. A LDAP or SQL query takes far longer than I want my DNS lookups to take. However writing a script that does an SQL or LDAP query to produce name server config files is easy enough. For big zones using the BIND format of zone file allows using rsync instead of zone transfers to transfer zones. > Then you know the value of a lab, and if you're worth your money, you > have one, too. No need to break production systems. Take your time to > check it out beforehand... Of course that plan doesn't work so well if you are hired by a company that doesn't see the value of a lab and provides no decent resources for testing. There was one time I was setting up some fully loaded E4500 machines as LDAP servers and I had to use my Thinkpad for some tests because there was nothing else that I could use. A Thinkpad running Linux is not much good for testing the client and server sides of an operation that will be deployed on an E4500, but it was the best I had. > Me too. So you've tested all things thoroughly in your lab, then > roll the change out. What's the problem? The problem for me is that I have only twice worked for compies which had a lab (AFAIK - some of the companies were big enough that they must have had a lab somewhere, but I wasn't given access to it). Of the two times I worked for companies that had a lab, only once was I allowed to use it, and on that occasion I had no machines other than my Thinkpad for simulating client access. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
