Configure BIND with database backend and DLZ support
Solution 1
Maybe be not really an answer to your question, but anyway. (I was also investigating this issue recently, and here's my conclusions):
DLZ support in BIND9 looks more like a "patch". It is not well documented - not a single word about it in BIND ARM. It seems to be not widely used. Query performance is terrible - according to this benchmark, PostgreSQL is going to be 30 times (!) slower than the normal in-memory operation. (the benchmark is old, but there's no reason to assume that things improved drastically).
I don't think it's a "most popular solution".
Other options:
BIND9 supports dynamic updates. It's well documented, widely used and is easy to implement. No performance penalty - all the queries still answered from memory. Setup is simplier as no database required. You perform updates programmatically using DNS protocol libraries (which probably exist for most languages, I myself use PHP) or via command line nsupdate tool. This is the solution I'd recommend.
If you really want database - PowerDNS seems to be designed to be used with database backend. It have features that may help not completely sacrifice the performance when using database, like it can cache database queries for some while instead of querying database each time. Some decent DNS hostings use PowerDNS.
More exotic option - BIND10, while still work in progress, yet developers claim that people actually use it in production. Currently BIND10 uses SQLITE backend.
Solution 2
For completeness, to address the original requirement ("dynamically update zone files without having to restart bind"): edit the zone file(s), send SIGHUP to named. The daemon will re-read the zone files.
Solution 3
It's a bit late, but I have made a tutorial here.
DLZ support is fully integrated into bind9, you just need to enable it when running ./configure.
It's not difficult, in fact, it's quite simple, but it's very badly documented.
My tutorial changes that.
Now it shouldn't take you longer than 30 minutes (including compilation time) to get it up and running.
Unfortunately, I can't copy the tutorial here, it's too large.
Solution 4
you can use bind-sdb module, but unfortunately its just support ldap and pgsql
# yum install -y bind bind-sdb
Related videos on Youtube
20 : 45
33 : 29
20 : 32
01 : 46
03 : 20
bwight
Updated on September 18, 2022Comments
-
bwight over 1 year
Decided to move my windows based DNS servers to linux. The problem is I need to be able to dynamically update zone files without having to restart bind. It seems the most popular solution is to install bind drivers for a database server ( postgresql, sqlite, mysql ) and then update the zone file. Seems simple enough but I can't get it to work for the life of me.
I'm currently using Amazon Linux distribution but I've tried everything in RHEL 6.2 as well with no more luck.
I've tried a few different methods. The first one was to compile bind with the source code changes for mysql support http://pbraun.nethence.com/doc/net/bind-mysql.html. This compiles fine with the changes and I get no errors but after running
make installall the binaries get copied to /usr/local/sbin but I can't seem to start the daemon process I runservice named startand it just tells me there's no service named named ( no pun intended ). Secondly none of the configuration files are generated. So I created a file named.conf and put it in /etc/named.conf then ran/usr/local/sbin/named-checkconfand it told me it couldn't find the file /etc/named.conf so i have no idea.Next thing I tried was to install the package bind-sdb and use postgresql. Packages installed
yum -qy bind bind-sdb bind-utils postgresql postgresql-serverFollowing the steps on http://bind-dlz.sourceforge.net/postgresql_example.html I created a new postgre database and table etc. Below is my current named.conf// // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; dlz "my.zone" { database "postgres 1 {host=localhost port=5432 dbname=bind user=postgre password=****} {select zone from dns_records where zone = '%zone%'} {select ttl, type, mx_priority, case when lower(type)='txt' then '\"' || data || '\"' when lower(type)='soa' then data || ' ' || resp_person || ' ' || serial || ' ' || refresh || ' ' || retry || ' ' || expire || ' ' || minimum else data end from dns_records where zone = '%zone%' and host = '%record%'}"; }; include "/etc/named.rfc1912.zones";Output from my database table
zone | host | ttl | type | mx_priority | data | resp_person | serial | refresh | expire | minimum ------------+-------------+--------+------+-------------+------------------------+----------------------+--------+---------+--------+--------- my.cloud | my.cloud. | 259200 | SOA | 0 | dns01.my.cloud. | it.cloud.com. | 1 | 28800 | 86400 | 28800 my.cloud | my.cloud. | 259200 | NS | 0 | dns01.my.cloud. | | 0 | 0 | 0 | 0 my.cloud | dns01 | 259200 | A | 0 | 127.0.0.1 | | 0 | 0 | 0 | 0 (3 rows)Open to any solutions really if someone could point me in the right direction. I'd prefer to use MySQL as the database because I have 0 experience using postgresql or sqlite.
-
bwight over 12 yearsI noticed that the database table was missing the RETRY column so i added that, but still the same result. I try to start the service and it fails with no errors.
-
-
bwight over 12 yearsI'll investigate a few of these options. Really performance is not a big problem for my scenario. I have 2 zones with maybe 20 hosts if that. I need a database or a good API to add / remove records because the environment is dynamic and each server is responsible for updating the dns server when its created. I had another solution which edits the text files but that just gets messy i'd prefer to store it in a db or have an api command i can run remotely.
-
bwight over 12 yearsCan you link me to where you found the PHP api to perform these updates programmatically. That could solve the problem for me as I plan on having a php webservice that's responsible for updating dns. The original plan was to update the database but if i can update bind directly using an api that will work too.
-
Sandman4 about 12 yearsIt's on PEAR. NET_DNS and NET_DNS2. I use 2.
-
bwight about 12 yearsI think all these solutions would work but I was able to get powerDNS running without any problems yesterday with a MySQL database. Thanks for your help.
-
Thomas Ward about 4 yearsBIND10 was abandoned by ISC by the way.
