• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 360
  • Last Modified:

ddns configuration and maintanence

Dear Experts:

Have configured ddns using dhcp and bind packages for ubuntu server, now static zones and dynamic zones are working perfectly:
 pwd
/var/cache/bind/dynamic
indar@lampsrv:/var/cache/bind/dynamic$ ls -la
total 248
drwxrwsr-x 2 bind bind    4096 2011-10-07 17:35 .
drwxrwsr-x 3 bind dhcpd   4096 2011-10-07 10:20 ..
-rw-r--r-- 1 bind bind    1333 2011-10-07 17:32 db.dyn.shriramdb.com
-rw-r--r-- 1 bind bind  159360 2011-10-07 17:36 db.dyn.shriramdb.com.jnl
--rw-r--r-- 1 bind bind    1043 2011-10-07 17:35 rev.1.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind   61817 2011-10-07 17:36 rev.1.168.192.in-addr.arpa.jnl
-------------------------------------------------------------------------------------------

I got know from the the experts that
Having the zone name, zone file, and parent directory all named the same thing has several advantages , as of now my dynamic zones are located under /var/cache/bind/dynamic.Please help me with the best practice and maintanence of ddns , like jounal file sizes growing.




0
D_wathi
Asked:
D_wathi
  • 2
1 Solution
 
PapertripCommented:
The main advantages I can think of all have to do with keeping the directory structure clean, keeping all files associated with a zone together yet separate from each other, and making it easy to scale.  To answer your second question, you do not have to worry about journal file sizes, they are periodically flushed and committed to the zone file, unless of course you are running out of disk space for that partition.

Before I go into detail, I should say that you aren't required to do any of this.  This is just a nice clean approach that scales very well.  When your zone name and zone file name match, this will help avoid confusion and can make parsing your zones via scripts easier to do.  You can see in each subdirectory there is the zone file, journal file, and DNSSEC keys -- all nice and separated from other domains' files.
[root@broken dynamic]# pwd
/var/named/dynamic
[root@broken dynamic]# ls
domain.com/  domain.name/  domain.org/ domain.net/
[root@broken dynamic]# ls domain.com/
./   domain.com      Kdomain.com.+005+29596.key      Kdomain.com.+005+58308.key
../  domain.com.jnl  Kdomain.com.+005+29596.private  Kdomain.com.+005+58308.private

Open in new window

options {
        directory       "/var/named";
}
zone "domain.com" IN {
        type master;
        file "dynamic/domain.com/domain.com";
        update-policy local;
        auto-dnssec maintain;
        key-directory "dynamic/domain.com";
};

Open in new window


Personally I wouldn't use /var/cache/bind for any of your zones, only because 'cache' makes it sound temporary.  I prefer to use something like /var/named/, which is actually the default when installing via yum on a RHEL/CentOS box.  I do believe I pasted my named.conf in a previous question you asked, so you can reference that as well.
[root@broken named]# pwd
/var/named
[root@broken named]# ls
./  ../  chroot/  data/  dynamic/  logs/  named.ca  named.empty  named.localhost  named.loopback  slaves/

Open in new window




0
 
D_wathiAuthor Commented:
Sir, thank you very much sir. Request you to please provide me your email account like to send a greeting. Also you were mentioning about training please provide me the details. Please sir do not ignore this is my request please.
0
 
PapertripCommented:
I would rather not share my personal email address on here -- just saying thanks to my answers is sufficient.

The training I mentioned before has absolutely nothing to do with any of this.  All I was saying was that I couldn't reply to your question right away because I was training my co-workers.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now