[Opendnssec-user] OpenDNSSEC 2.x roadmap - dynamic updates?
Kevin Thompson
sysadmin at antiduh.com
Mon Oct 6 17:15:09 UTC 2014
Howdy all,
I was reading the release plan[1], and I saw mentioned 'Signer - Dynamic
updates'. Could you elaborate on that?
Currently, the best method I've found for integrating ODS with a dynamic
zone on one server is the CentralNIC pattern[2] - the unsigned zone is
served by a master from a private view, injected into ODS by a DNS input
adapter, signed file goes out, and finally the signed file is served
statically by the master on a public view. This method works, but is a
little cumbersome.
I'm really hoping that what is meant by 'dynamic updates' is that ODS
would take notifies to know when the dynamic zone is changed, would
download the updates via IXFR, and then directly add/update/delete
records as needed via dynamic updates. If so, this would be huge, since
it would greatly ease integration of ODS into dynamic zones. I imagine
the similarly mentioned "Database input and output adapter" would work
the same way, but would directly update a database storing the zone.
Is my understanding of the release plan correct? If so, I'm really
excited for the future of OpenDNSSEC.
Thanks for all of the great work!
--Kevin Thompson
[1]: https://www.opendnssec.org/about/release-plan/
[2]:
https://london50.icann.org/en/schedule/mon-tech/presentation-signed-zones-23jun14-en.pdf
More information about the Opendnssec-user
mailing list