[Opendnssec-user] OpenDNSSEC 2.x roadmap - dynamic updates?

Kevin Thompson sysadmin at antiduh.com
Mon Oct 6 17:15:09 UTC 2014

Howdy all,

I was reading the release plan[1], and I saw mentioned 'Signer - Dynamic 
updates'. Could you elaborate on that?

Currently, the best method I've found for integrating ODS with a dynamic 
zone on one server is the CentralNIC pattern[2] - the unsigned zone is 
served by a master from a private view, injected into ODS by a DNS input 
adapter, signed file goes out, and finally the signed file is served 
statically by the master on a public view. This method works, but is a 
little cumbersome.

I'm really hoping that what is meant by 'dynamic updates' is that ODS 
would take notifies to know when the dynamic zone is changed, would 
download the updates via IXFR, and then directly add/update/delete 
records as needed via dynamic updates. If so, this would be huge, since 
it would greatly ease integration of ODS into dynamic zones. I imagine 
the similarly mentioned "Database input and output adapter" would work 
the same way, but would directly update a database storing the zone.

Is my understanding of the release plan correct? If so, I'm really 
excited for the future of OpenDNSSEC.

Thanks for all of the great work!
--Kevin Thompson

[1]: https://www.opendnssec.org/about/release-plan/

More information about the Opendnssec-user mailing list