[Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

Nikolaos Milas nmilas at admin.noa.gr
Wed Sep 29 12:08:45 UTC 2010 

  Dennis,

Thanks for the reply.

In order to achieve quick sync (max 5 min), this would require a cron 
job to run every, say, 5 minutes (this is not bad). A simple text file 
would be used to record the latest retrieved SOA serials (for all zones 
concerned), and then ldapsearch would find and compare the current SOA 
serial with the one in the text file, and, if different, it would send 
such a notify using pdns_control (and it would update the SOA serial 
number in the text file).

BUT, if I understand the documentation correctly, "pdns_control notify" 
for ldap backend is NOT supported. pdns_control only gives instructions 
to the backend to send a NOTIFY message, but the ldap_backend does not 
support master operation and notify.

So the best solution I have found up to now would be to use a second 
pdns slave server instance (e.g. on the same box, on another port, or on 
another box) with a different backend (e.g. BIND) that supports notify 
operations and then configure it, with a cron job or with SOA short 
refresh intervals, to sync with the master and also send notify to other 
slaves.

This will probably work, but I am not very satisfied with this setup; 
simplicity - always a key parameter - is sacrificed. NOTIFY (Master 
operation) should be available on the pdns/ldap master server (which 
currently cannot behave as a true master).

Please correct me if I am wrong.

Thanks,
Nick

On 29/9/2010 2:33 ΌΌ, Dennis Roos wrote:
> Hi,
>
>
> I guess a simple shell script can do the job for you:
> * ldapsearch SOA records that changed today (provided your SOA 
> numbering is using dates)
> * for each entry pdns_control notify domainname
>
> Just my $.02
>
> Dennis Roos
>
>
> Nikolaos Milas wrote:
>>  Hi,
>>
>> I didn't receive any replies on this.
>>
>> As we are deploying a new DNS server infrastructure in our 
>> organization and we have planned to use pdns/ldap on our primary 
>> master (already in operation), it would be important to us to know 
>> whether NOTIFY from pdns/ldap ("master operation") will be offered as 
>> a feature in upcoming authoritative server releases or not, or if a 
>> patch or (Lua or other) script is available by pdns 
>> developers/community to provide such NOTIFY functionality (I haven't 
>> been able to find something).
>>
>> This would affect to some extent our deployment architecture (type of 
>> slaves, type of remote slaves, etc.), because, unfortunately, we 
>> can't use ldap backend on all slaves, and we don't want those slaves 
>> to remain not-synchronized for long, nor we can use very short 
>> refresh times.
>>
>> Please, could you give a hint?
>> Thanks,
>> Nick
>>
>>
>> On 25/9/2010 12:54 πΌ, Nikolaos Milas wrote:
>>> So, can we hope for such a feature to be included in the next 
>>> official release or, if you deem this is undesirable due to whatever 
>>> specs, could it be offered as a patch, as the BIND/sdb one, or even 
>>> as a Lua script ? ...
>>>
>>> If not, can you suggest any other good solution(s) to trace ldap 
>>> record changes and force AXFRs to slaves?
>>>
>> _______________________________________________
>> Pdns-users mailing list
>> Pdns-users at mailman.powerdns.com
>> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
>

More information about the Pdns-users mailing list