a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt<?xml version="1.0" encoding="utf-8"?>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt<sect1 id="dyndb-info">

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <title>DynDB (Dynamic Database)</title>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt DynDB is an extension to BIND 9 which, like DLZ

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt (see <xref linkend="dlz-info"/>), allows zone data to be

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt retrieved from an external database. Unlike DLZ, a DynDB module

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt provides a full-featured BIND zone database interface. Where

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt DLZ translates DNS queries into real-time database lookups,

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt resulting in relatively poor query performance, and is unable

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt to handle DNSSEC-signed data due to its limited API, a DynDB

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt module can pre-load an in-memory database from the external

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt data source, providing the same performance and functionality

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt as zones served natively by BIND.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt A DynDB module supporting LDAP has been created by Red Hat

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt and is available from

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <ulink url="https://fedorahosted.org/bind-dyndb-ldap/"

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt >https://fedorahosted.org/bind-dyndb-ldap/</ulink>.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt A sample DynDB module for testing and developer guidance

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt is included with the BIND source code, in the directory

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <filename>bin/tests/system/dyndb/driver</filename>.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <sect2>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <title>Configuring DynDB</title>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt A DynDB database is configured with a <command>dyndb</command>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt statement in <filename>named.conf</filename>:

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt dyndb example "driver.so" {

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <replaceable>parameters</replaceable>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt };

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt The file <filename>driver.so</filename> is a DynDB module which

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt implements the full DNS database API. Multiple

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <command>dyndb</command> statements can be specified, to load

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt different drivers or multiple instances of the same driver.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt Zones provided by a DynDB module are added to the view's zone

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt table, and are treated as normal authoritative zones when BIND

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt is responding to queries. Zone configuration is handled internally

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt by the DynDB module.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt The <replaceable>parameters</replaceable> are passed as an opaque

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt string to the DynDB module's initialization routine. Configuration

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt syntax will differ depending on the driver.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </sect2>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <sect2>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <title>Sample DynDB Module</title>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt For guidance in implementation of DynDB modules, the directory

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <filename>bin/tests/system/dyndb/driver</filename>.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt contains a basic DynDB module.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt The example sets up two zones, whose names are passed

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt to the module as arguments in the <command>dyndb</command>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt statement:

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt dyndb sample "sample.so" { example.nil. arpa. };

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt In the above example, the module is configured to create a zone

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt "example.nil", which can answer queries and AXFR requests, and

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt accept DDNS updates. At runtime, prior to any updates, the zone

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt contains an SOA, NS, and a single A record at the apex:

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt example.nil. 86400 IN SOA example.nil. example.nil. (

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt 0 28800 7200 604800 86400

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt )

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt example.nil. 86400 IN NS example.nil.

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt example.nil. 86400 IN A 127.0.0.1

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </screen>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt <para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt When the zone is updated dynamically, the DynDB module will determine

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt whether the updated RR is an address (i.e., type A or AAAA) and if

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt so, it will automatically update the corresponding PTR record in a

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt reverse zone. (Updates are not stored permanently; all updates are

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt lost when the server is restarted.)

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </para>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt </sect2>

a00f9e2f50675bd43cc6a9fe2669709162a2ccb4Evan Hunt</sect1>