[Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

Nikolaos Milas nmilas at admin.noa.gr
Sat Oct 2 12:20:11 UTC 2010


  First, the question why use ldap as dns backend tends to be more or 
less philosophical, but in two words, (at least) when you have medium 
sized zones and organizations, LDAP is *a very convenient central 
repository of all organizational information* and is easily administered 
using e.g. phpldapadmin and other ldap browsers. Openldap is fast and 
has cached indexes, which speeds up queries. It also has extended 
access-control capabilities and fast real-time replication mechanism 
(syncrepl) which can be used to run dns queries from a local slave 
("consumer"). Especially when expected number of authoritative queries 
in not extremely high, pdns/ldap can handle them nicely.

One could argue that you can do all that quite well with mysql, and I 
can't argue against that. I would say only that when data in the 
repository does not change very often (i.e. is not "transactional"), 
LDAP is very well suited (also standards-based, well-defined and 
supported by all modern software for authentication etc.). There is a 
good discussion in all major LDAP textbooks. One can also find a good 
discussion on why use bdb as openldap database against relational db (at 
the openldap pages).

In any case, returning to pdns/ldap notify support, I thought of filing 
a bug, but this simply is not a bug, but rather expected behavior, 
athough we ldap-backend users have a hard time with it!

All the best,
Nick

On 2/10/2010 1:49 ΌΌ, Nils Breunese (Lemonbit) wrote:
> I have no experience with using LDAP as a backend myself (I don't even 
> know why you'd want to use LDAP as a backend), but have you actually 
> filed a request ticket in the bug tracker?



More information about the Pdns-users mailing list