I think there are two quite independent questions here, which are:

1. Is LDAP a good database to store DNS information in? I mean,

2. How is the support for LDAP as a backend database in various DNS server

Talking about question #1:

What are the alternatives available?

- files ?
- relational databases?

IMO the good old zone files are not really up to the task unless you are
editing them manually in vi. Whenever you are looking for some kind of
automation, you need to write way more complex scripts than you want to.
And you always risk that any manual edits of the zone files break your
parser or anything. So zone files are really not an option if you ask me.

Wether you use LDAP or relational databases for some people is a question
of taste or what you are used to. If you have never worked with LDAP but
you are very confident with MySQL, then you may for sure prefer a
relational database as backend storage. But this is a bit of the good old
"if the only tool you have is a hammer, ..." kind of thing.

LDAP is different from relational databases in a number of aspects. To
name a few:

- LDAP is query optimized while relational databases are optimized for
OLTP. In other words, LDAP's perforamance on updates may be a lot worse
than that of a relational database. But it's query performance should be a
lot better. I do admit though that given today's processing power
available, in many cases it will be hard to measure the difference here.
- LDAP stores tree like structures, not tables. LDAP is really nice if you
want to have one tree with different branches which different people,
groups, organizations have access to. LDAP ACLs are very fine graine. Many
SQL databases (especially the "cheaper" ones; cheaper in the sense of
resources, not money) have nothing at all or very black / white ACL schemas
- LDAP has been designed for replication, which is a major plus in many
setups. Yes, you can replicate relational databases as well, but this is a
quite complex process. See also the last remark.
- If one understands how LDAP schemas work, one can very easily attrach
attributed needed by DNS to exsting LDAP objects describing your systems.

So IMO LDAP *is* the best suited backend storage for DNS database data
that I know of. (I am always open to new ideas I may not yet have heared or
though of.)

Talking about question #2:

I never used PowerDNS, we always went with BIND. Fortunately the DLZ parts
made it into the code and the version which has them built in made it into
the standard Linux distros in the meanwhile.

AFAIK there are no plans to drop LDAP backend support from BIND. So maybe
you should just consider to switch there.

What does PowerDNS to what BIND doesn't do for you?


