Questions about BIND export

[rainer_d]

Hi,

can someone describe, how the bind export works in practice?
Does it put everything in one file, like for tinydns? If I read the code correctly, it puts each zone in its own file, right?
Does it only reload the changed zones, or does it reload the complete database? If I read the code correctly, it doesn't do either of those. currently - is there an ETA for that?



Best Regards,
Rainer

[matt]

Each zone is exported to it's own file, and a named.conf.nictool include file is created. It's up to you to add an entry to named.conf to include the named.conf.nictool, which will in turn include all the zones active in NicTool.

There is currently no code within Export/BIND.pm to restart named. Look for this:

# TODO:
#   validate it?
#   restarted named

Replace it with whatever you think the exports should do. And then suggest it as The Right Way to handle named reloads after an export has made a change.

I don't use BIND, and haven't since about 2002. I'm open to suggestions on how best to implement this. IIRC, the ndc allows for BIND to just reload single zones, which is often, the right thing to do. But to drop a zone, a full reload is required. There's probably other cases where the reload can be smarter than a full reload.

[rainer_d]

Thanks, Matt.
I just wanted to make sure if I read your code correctly.
Currently, I also don't see any need for BIND, either. We have an aging BIND9 installation that needs replacing, in addition to a tinydns+nictool setup that is also due for a refresh, too.
The main "problem" with tinydns is the inability to work together with BIND in a master-slave setup (it does work - or is supposed to, but it's not something I want to do).

[matt]

tinydns works just fine as a BIND master. You set up the axfr daemon and let BIND slave off it. You can also configure tinydns as a BIND slave, by using axfr-get, as part of the tinydns compile process. Add the commands to fetch the zones in the tinydns Makefile, incorporate the fetched results into the data file, and compile as normal.

Another option is to run nictool + BIND, with all your secondaries defined in named.conf, and all your authoritives automatically generated and listed in the named.conf.nictool. There's plenty of ways to skin that cat with the new, more flexible exports. :-)

[matt]

As an update to this, the BIND exports have been significantly improved lately in the 2.18 release. Support for pushing the exported zone files to a remote via rsync, reloading the remote named, and many other improvements were made.

If you are [considering] using NicTool and BIND, you'll be very happy with the newer version.