BIND DLZ
Browsing around in the source tree of ISC's BIND 9.4.1 name server, I notice a directory called dlz/ in the contrib directory. That contains a patch named Bind DLZ, or Dynamically Loadable Zones, a feature richt implementation sponsored by NLnet, that allows data (including new zones!) served by a BIND name server to be modified without reloading or restarting it (something that many people who serve a large amount of zones hate to do because of BIND's rather long startup time).
Bind DLZ supports a number of backends including Berkeley DB, PostgreSQL, MySQL and LDAP, and it doesn't impose a schema to the LDAP backend; theoretically I can use almost any schema, as long as I observe some rules. Quite interesting is the possibility to limit zone transfers (AXFR) by adding an object to the directory:
dn: dlzrecordid=0,dlzZoneName=mens.de,o=dns dlzrecordid: 0 objectclass: dlzxfr dlzIPAddr: 127.0.0.1 dlzIPAddr: 192.168.1.173
Bind DLZ comes with an impressive set of performance tools including a data set with 2,697,736 domains which can be used to test the configuration. I used dnsCSVDataReader.pl to convert those to an LDIF with which I could load my slapd. This config file did the job:
inputfile: dns_data-1.0.csv writer: binddlz::writers::ldap::file file: dnsin.ldif base: o=dns
I was aware of the LDAP SDB back-end patch for BIND 9, which works very well, but that only allows individual zones to be retrieved from an LDAP directory.
BIND DLZ looks very interesting indeed.
DNS Server bind mit Zonen in LDAP via bind-dlz | leo34.net wrote on 13-Jun-08 at 8:49 pm
[...] des alten Maintainers und das LDAP-Schema sind recht nett. Auf eine weitere Möglichkeit wies mich Jan-Piet Mens hin. Bind DLZ (dynamic loadable zones) ist eine API, die verschiedenste Datenquellen für bind9 [...]