Need someone to integrate DA with external DNS

handegard

Verified User
Joined
Aug 25, 2006
Messages
5
Location
Solna, Sweden
Hi!

We have a couple of DA-servers, and a Windows hosting enviroment. We are looking for someone that can help us with an integration between our DirectAdmin servers and our Windows-based DNS (SimpleDNS).

Basicly, what we want is this:

When a customer (or a reseller/admin) in DA creates a new account or adds another domain to an existing account, we want to add a call to the SimpleDNS API (see www.simpledns.com for documentation of the API) and add the same domain in the SimpleDNS Servers domainlist, and create a dummy zonefile with a serial number lower than the one that DA creates on the local DA server.

This is because we don't want to use the local DNS server on each DA-box. We want to centralize the DNS to our SimpleDNS servers.

After the domain is added via API to SimpleDNS we can just transfer all the DA-boxes zonefiles with a cronjob once every 15 minutes or so, and the domain DNS settings will be loaded to our centralized SimpleDNS server.

If you can fix this, please send me a PM with your price.

Regards,
Lars
Sweden
 
Are you really asking one of us to study the API documentation so we can help you? Or are you looking for someone here with SimpleDNS experience? If the latter, then you may be better off asking on a support forum for SimpleDNS; it's more likely you'll find someone who uses SimpleDNS who knows how to work with BIND nameservers than vice-versa.

While I'm not trying to learn SimpleDNS just to respond to your question, I did find this page which seems to indicate that SimpleDNS can be a slave to a master nameserver. If that's true, I'd suggest you just use the API (if necessary) to add zones, and let SimpleDNS handle the master/slave relationship.

Jeff
 
That (making our simpledns server slaves collecting zonedata from bind on the da-boxes) is just what I want. But I looked for someone with experience in perl and directadmin custom-scripting to build the call to SimpleDNS API to add those zones (for that I guess this forum is better then a SimpleDNS forum)

But I learned enough Perl myself today to be able to build a script on the DA-boxes that's called by the custom/dns_post_write.sh script to add the zones and tell simpledns the IP of the "master" every time a new domain is added on DA.

So I no longer need any help with this.

Regards.
Lars
Sweden
 
May i do a suggestion ? Skip SimpleDNS and use PowerDNS (Pdns) it works with MySQL server and resolves easier, we made a script that add automatic the DNS zones from DA into Pdns.
 
We have three SimpleDNS servers with about 10.000 domains on them, plus a couple of DA-servers with BIND serving maybe 1.000 domains, so changing DNS servers doesn't feel like an option.

However, after learning some simple Perl I was able to build a script that DA runs every time a new domain is added to DNS, who adds the domain to our SimpleDNS servers, so now we have a working solution for centralized DNS management on our Windows based SimpleDNS servers also for our DirectAdmin customers.

Regards,
Lars
Sweden
 
Hi Lars,

We are in the same boat. We are using SimpleDNS and would like to start using DirectAdmin. Are you willing to share your script?

Thanks!

Richard
 
It's still experimental, so I'm not sure I want to use it. I want to wait and see if it adds any insecurities to bind and DNS.

But I must say I'm happy to see that the Internet Systems Consortium, maintainers of BIND, have finally agreed with a report I made on their mailing list somewhere around ten years. At that time they simply told me it was an intentional design decision and we (BIND users) should write our own functionality.

So I did (rather I paid someone else to write it); it's called Master2Slave DNS Replicator and it's discussed on these forums. It's available at no charge from my website (nobaloney.net).

I'll be happy to use the new functionality as soon as it's marked stable, though, and I'll stop updating and supporting my project, as BIND will enable additions without the delays inherent in my solution.

If anyone cares to test it before it's marked as stable, please let us know how it works.

Jeff
 
I've googled a bit and it looks like you need DNSSEC implemented first. It's probably not too hard, at the last 3 pages of this pdf document (ics.org) there are the needed settings in named.conf and bash scripts to automatically generate keys for the domains.

Related:
http://jpmens.net/2010/10/04/dynamically-add-zones-to-bind-with-rndc-addzone/
http://serverfault.com/questions/60360/automatically-sync-all-zones-between-bind-9
http://www.omnisecu.com/gnu-linux/redhat-certified-engineer-rhce/rndc-remote-name-daemon-control.htm

I think when it's stable, it should be implemented in DA :)
 
Since you've already done the research, Arieh:

Should this be done by DirectAdmin staff? A plugin? An option?

Jeff
 
Well the FR for DNSSEC is already here for quite some time (http://www.directadmin.com/forum/showthread.php?t=36133) from that point on it looks like little work to make it work with a bind slave server.

I'm not sure how much work it would be for DA staff and how high the priority would be, but it makes sense to have this done from DA itself. As customer you could then choose to use a bind slave connection, but DNSSEC is always a +.

And like Maniak said, the current secondary DNS setup is far from ideal, and if this is a good official way out of it, I'd say go for it.
 
Back
Top