On Sunday, October 11, 2015 02:48:23 PM Alan McKinnon wrote: > On 11/10/2015 11:33, J. Roeleveld wrote: > > On Sunday, October 11, 2015 10:43:01 AM Alan McKinnon wrote: > >> On 11/10/2015 10:18, J. Roeleveld wrote: > >>> On Sunday, October 11, 2015 09:35:39 AM Alan McKinnon wrote: > >>>> On 11/10/2015 04:13, James wrote: > >>>>> Howdy, > >>>>> > >>>>> So I now have (5) statics and a fiber feed, with lots of room to grow. > >>>>> > >>>>> I need to setup DNS primary/secondary systems on gentoo. So right now > >>>>> I'm > >>>>> looking for a suggested list of packages to install with Bind, > >>>>> iptables > >>>>> and > >>>>> DNSSEC-tools as these (2) gentoo dns servers will only run the minimum > >>>>> packages to operate securely? > >>>> > >>>> auth or cache? > >>>> > >>>> First of all, bind is a pain to use. Reason: it's actually a reference > >>>> implementation that as usual got forced into production use. It's > >>>> slower > >>>> than it could be because it deals with every possible corner case per > >>>> RFC. > >>>> > >>>> As an auth server (few queries) it's OK > >>>> As a cache (many queries), there are better servers out there. I prefer > >>>> unbound. > >>> > >>> As it is related to this thread, which server would people recommend > >>> when > >>> the DNS records are to be found in a database? > >>> Reason I am asking: > >>> I want to set up a lab environment with VMs coming and going. > >>> These all need to have hostname/mac/ip stored and configured correctly. > >> > >> I don't understand. > > > > <snipped part about ARP tables> > > > >> Perhaps detail more what you are trying to accomplish? > > > > What I do currently: > > > > Edit Bind zone-files and enter IP / Hostname combinations > > Edit DHCP config file and enter MAC / IP / Hostname combinations > > (And hope these actually match and not contain typos) > > > > What I want to do: > > > > In a database I have a table with the following fields: > > MAC, IP, Hostname, domain > > xx:xx:xx:xx:xx , 1.2.3.4 , vmobi1114node1 , vm1.lab.example.com > > > > I want the DNS server to use the IP, Hostname and domain fields for the > > resolving. > > I want the DHCP server to use all the fields for the DHCP assignments. > > OK, that makes sense. You'd think all decent DNS and DHCP servers out > there would support any old arb db backend (very useful, no?) but it > seems not. I've gotten used to independently vi'ing two files and > HUP/reload two daemons over the years :-)
Same here. Works for the most part, but I'm not the only one using the system. Which means I prefer to have it easier to use and not end up having to do all the work myself. > Bind can use a mysql backend, so can most auth servers. Need to check how difficult/easy it is to make it listen to PostgreSQL. I'm not overly attached to Bind. Having a DNS server that's easier to configure and maintain would be appreciated. > The only dhcp > server easily available on gentoo seems to be dhcp from ISC which does > not support mysql. But both support ldap, maybe you can use that? > There's lots of ldap frontends so getting your info into it should be > easy enough. That's one option, but that would mean maintaining 2 databases. One with the config for the VMs and OpenLDAP. > You could also look into kea (https://www.isc.org/kea/), a better dhcp > server from ISC. The blurb says it supports SQL backends. I'll have a look at that one. -- Joost
