DynDNS
When adding records to a zone right now it relies on iDNS.cgi ProcessJobQueue? nsX to be executed. Surely this could run every minute although this could possibly cause different issues. BIND has for a long time had support for DynDNS updates. This only applies for RR not entire zones. There's support for dynamic loading of zones with DLZ but in that case all data has to be in a MySQL database and the performance is poor.
When using DynDNS with BIND a journaling file is created, this file contains all the latest changes which has been produces since the file was checked out. DynDNS allows updates to zones with TSIG(0) and RSIG encryption. The permission can be very fine grained as in user X can only change A record abc.domain.com and nothing else.
The process would be something like this:
- A new record is submitted via the UI.
- The record is written to the DB
- The record is propagated via nsupdate to named
- iDNS.cgi on ns1 triggers iDNS.cgi on ns2 to do the same
- The database contect relies on MySQL replication to be replicated to the slave for further updates
The record will now be available within 10-20 seconds after the submit has been done.
As for "dynamic" load of zones rndc could be utilized. When "rndc reconfig" is run, it reloads the config and all new zones available.
It is recommended to use keys (RSIG works the best right now) when using rndc and dyndns so this would also mean that some kind of keymanagement would need to be introduced with iDNS.
