[SATLUG] djbdns slave to bind

[Justizin]

On 10/2/06, John Pappas <j at jvpappas.net> wrote:
> On Wed, 2006-09-27 at 20:20 -0500, Justizin wrote:
> > Yeah, I totally get this.  What I'm saying is, it sucks that there is
> > no standard way to participate as a "normal" DNS slave unless you
> > control all the servers.
>
> This is true.  I have not tried to slave a BIND server to a server I do
> not control.  Seems that as long as there is no access control (or one
> falls under said access control) and the axfr is available, then setting
> up a slave should be possible.
>
> <<SNIP>>
>

Yeah, it's possible, but the djbdns package itself does not provide a
means of accepting NOTIFY requests, so you've got to string it
together or cron it, which both stink.

> > The stuff is pretty solid, it just so happens that _most_ people in
> > the world do not happen to slave their servers to a server they are
> > not in control of, and that is precisely what I am trying to do this
> > week. ;)
>
> Agree, this is atypical, and as such pretty interesting.
> Can you `dig` an axfr from the master or a slave on the domain?
>

Oh, I can do better than that.  there is a zone transfer tool, and it
works like so:

tcpclient master.ns.server.com 53 afxr-get mydomain.com

so, the solution i have found is more or less this:

pipe tinydns' log into a perl script which pipes to multilog, instead
of direct to multilog, and watch each log line for NOTIFY.  when
NOTIFY comes, take paramaters from the NOTIFY request, which tinydns
logs, and launch axfr-get, then push that to tinydns-data, which,
fortunately, is designed to take updated data at runtime.

-- 
Justizin, Independent Interactivity Architect
ACM SIGGRAPH SysMgr, Reporter
http://www.siggraph.org/