Re: administering 1,000 zone files

Mariano Cunietti <mcunietti@enter.it> wrote:
> Hi,
> I work for an italian ISP and I manage two Bind 9.2.1 servers whhich
> serves 1,000 zones. Currently we use a master and a slave bind 9.2.1. A
> simple perl script adds new zone statements to the master named.conf
> (locally) and to the slave one (mounted via NFS, shame on me). Zone
> files are obviously transfered via bind features.

> Considering security issues I think there should be another way to do
> that. What I'm actually looking for is a way to synchronize named.conf
> on both servers: each time I add a new zone to the master, I want the
> correspondig slave statement to be created on the slave server.

> This could be accomplished through a (perl?) script, maybe using a
> shared SQL database which is populated via web.

> My questions are:
> a) can you suggest me such a tool to perform these tasks?

perl + ssh / rsync to distribute the resulting file. A few
hours of work si all you need.

Also look into using a "hidden" master , it will simplify things
whenever you encounter an error during reload of your master.

> b) does bind 9 support such a built-in feature (automatic sync of
> master->slave named.conf)?
No.

> TIA

> Mariano


> --
> -----------------------------
> Mariano Cunietti
> System Administrator
> Enter S.r.l.
> Via Stefanardo da Vimercate, 28
> 20128 - Milano - Italy
> Tel. +39 02 25514319
> Fax +39 02 25514303
> mcunietti@enter.it
> www.enter.it - www.enterpoint.it
> -----------------------------
> Gruppo Y2K - www.gruppoy2k.it



--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.