Re: DNS service with a SQL backend
Bruno Gallant wrote: Hello, We are redesigning our DNS infrastructure, which has been running on BIND with the regular flat files for years, and there would be a need for the data to be in a database. (postgresql or mysql, of course) On a similar thread, does anyone know of any dns server software that would serve different IPs depending on where the query/request comes from? i.e., - resolve www.mydomain.com to the IP of my server in AU for all clients querying from AU,JP and HK. Everyone else should get the IP for my server in US. Akamai provide this service (amongst other cool services of course :) ) I think ultradns may do this too. Both use, AFAIK, proprietary solutions. TIA, Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS service with a SQL backend
On Thu, 21 Jul 2005 15:20:11 +0800, Norberto Meijome [EMAIL PROTECTED] wrote: Bruno Gallant wrote: Hello, We are redesigning our DNS infrastructure, which has been running on BIND with the regular flat files for years, and there would be a need for the data to be in a database. (postgresql or mysql, of course) On a similar thread, does anyone know of any dns server software that would serve different IPs depending on where the query/request comes from? i.e., - resolve www.mydomain.com to the IP of my server in AU for all clients querying from AU,JP and HK. Everyone else should get the IP for my server in US. Akamai provide this service (amongst other cool services of course :) ) I think ultradns may do this too. Both use, AFAIK, proprietary solutions. TIA, Beto It may be possible to use BIND9 feature of allowing certain IP ranges to only query certain zone files. The only issue I foresee is having to have slightly different zone names that you wish to serve for each IP range. Daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS service with a SQL backend
Daniel Marsh wrote:
On Thu, 21 Jul 2005 15:20:11 +0800, Norberto Meijome
On a similar thread, does anyone know of any dns server software that
would serve different IPs depending on where the query/request comes
from?
i.e., - resolve www.mydomain.com to the IP of my server in AU for all
clients querying from AU,JP and HK. Everyone else should get the IP
for my server in US.
It may be possible to use BIND9 feature of allowing certain IP ranges
to only query certain zone files.
ah yes, i had forgotten of this feature... but...
The only issue I foresee is having to have slightly different zone
names that you wish to serve for each IP range.
I think that having different zone names would defeat the purpose of
what I have in mind.
The way I can imagine this working is that in the function (object?)
where BIND resolves name to IP, it'd do a IP-to-country lookup, match
that to a country-to-dns table and serve the appropiate IP. A fallback
for all records should be provided so that only the special cases
('geotargetted' DNS resolutions) would have to be defined.
I hope it makes sense.
Beto
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS service with a SQL backend
Quoting Bruno Gallant who wrote on Wed, Jul 20, 2005 at 03:02:55PM -0400: We are redesigning our DNS infrastructure, which has been running on BIND with the regular flat files for years, and there would be a need for the data to be in a database. (postgresql or mysql, of course) I looked around the ports to find powerdns, but I don't know if it's good or not. It's different from bind (this can be good or bad depending on your perspective). It has a good track record in performance, especially for large setups where database use would make for easier administration. I know there are a lot of happy powerdns users and an active developer community. On a similar thread, does anyone know of any dns server software that would serve different IPs depending on where the query/request comes from? i.e., - resolve www.mydomain.com to the IP of my server in AU for all clients querying from AU,JP and HK. Everyone else should get the IP for my server in US. Powerdns can do that using the geo backend. Wikipedia uses powerdns with geo backend. Koos -- Koos van den Hout, PGP keyid DSS/1024 0xF0D7C263 via keyservers [EMAIL PROTECTED]or RSA/1024 0xCA845CB5-?) Fax +31-30-2817051 Visit the site about books with reviews/\\ http://idefix.net/~koos/http://www.virtualbookcase.com/ _\_V pgp8oHTX7xkEO.pgp Description: PGP signature
Re: DNS service with a SQL backend
On Thursday 21 July 2005 02:25, Daniel Marsh wrote:
The only issue I foresee is having to have slightly different zone names
that you wish to serve for each IP range.
Not true. Zone *files*, yes. Because of the wonderfulness that is NAT, my
LAN's nameserver gives different answers based on whether the query comes
from the LAN or the Internet. My named.conf looks similar to:
view private {
match-clients {
!127.0.0.1;
!::1;
localhost;
lan;
};
zone honeypot.net {
type master;
file internal/db.honeypot.net;
};
};
view public {
match-clients { any };
zone honeypot.net {
type master;
file external/db.honeypot.net;
};
};
Then, my zone files looks like:
internal/db.honeypot.net:
$INCLUDE ../common-stuff
www IN A 10.5.0.32
external/db.honeypot.net:
$INCLUDE ../common-stuff
www IN A 12.34.56.78
common-stuff:
@ IN SOA ...
www IN A 2001:470:1f01:224:1::2
and so on
So, the Internet and my LAN see mostly the same data, except for a few
records that get answered with different values.
--
Kirk Strauser
pgpDEh7WPyUP4.pgp
Description: PGP signature
Re: DNS service with a SQL backend
Kirk Strauser wrote:
On Thursday 21 July 2005 02:25, Daniel Marsh wrote:
The only issue I foresee is having to have slightly different zone names
that you wish to serve for each IP range.
Not true. Zone *files*, yes. Because of the wonderfulness that is NAT, my
LAN's nameserver gives different answers based on whether the query comes
from the LAN or the Internet. My named.conf looks similar to:
view private {
match-clients {
!127.0.0.1;
!::1;
localhost;
lan;
};
right - but for a setup where u want to filter by country, setting up a
different zone file for each country and keeping it up to date is far
more complex than powerdns' solution. BUT it is definitely an option
I'll keep in mind (periodically generating the zones based on the data
from RIR) in case i need to use bind for other reasons.
thanks!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS service with a SQL backend
On 20/07/05, Bruno Gallant [EMAIL PROTECTED] wrote: I looked around the ports to find powerdns, but I don't know if it's good or not. There is also dns/bind9-dlz (http://bind-dlz.sourceforge.net/). Supports many database backends. (I never used it, though.) Is there a port or something already available that can convert DNS data stored in sql into the proper format for BIND, or another software with all included? Don't you mean the other way (BIND - SQL)? -- (nil) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS service with a SQL backend
On Wed, 20 Jul 2005, Gustavo De Nardin wrote: On 20/07/05, Bruno Gallant [EMAIL PROTECTED] wrote: I looked around the ports to find powerdns, but I don't know if it's good or not. There is also dns/bind9-dlz (http://bind-dlz.sourceforge.net/). Supports many database backends. (I never used it, though.) We do, fantastic thing, but so far, there is no user interface to using it that I've been able to find :( Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: [EMAIL PROTECTED] Yahoo!: yscrappy ICQ: 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
