Well, at least we're finally seeing some interest.
My only responses to thoroughfare would be that I'd appreciate it if he'd show me the security holes rather than just allude to them, and also that I don't leave any ports open at all, contrary to his suggestion that I did.
To everyone else, I point out that there's nothing wrong with scripts, and there's nothing wrong with programs written in C.
The reason we (here) write scripts is severalfold:
(1) They're easier to write than C, and there's a larger base of people who know how to write them.
(2) It's easier for people to accept them, as most people can read through and understand a script a bit more easily than a C program, and many admins don't want to run 3rd party C programs unless they understand them well, so it's easier to get scripts accepted in the general community.
(3) Modern scripting languages work well, and work quickly, with little system load.
You'd be surprised how much of your linux/unix systems are implemented as various scripts in various scripting languages. For example, Majordomo is written entirely in perl scripts. Mailman is written entirely in Python scripts.
I apprceciate all the work John and Mark do for us, but I know they have a limited number of hours available every day, just as we do. I'm willing to take some of that load off them by creating Open Source solutions they, you and I can all use.
It may sometimes sound as if I'm arrogant; I often am, but I don't mean to be, and I don't mind being taken to task for it.
But please, when doing so, give me concrete examples of what you think is wrong with my ideas as well as my presentation, so we can all learn from them.
existenz said:
What I have not figured out from all these posts is I personally don't care about entering the new zones manually. Its great if it did it automatically but I want to make sure that you don't need to enter a primary zone to make this work.
Of course you (or DA) must create a primary zone on the master server.
Thousands of BIND admins currently use scripts to replicate the information to the slave server so they don't have to create new zones on the slave server; all my small project is, is an attempt to create a small Open Source solution anyone can use.
The other question to Jeff would be how does it reload the zone file if the master is down. Does it assume that the server is down and does not destroy the existing zone file?
My sripts don't touch existing zone files at all; BIND updates them automatically according to the times in the SOA record in the master zone, and that's set up automatically by DA using values which are generally reasonable.
My scripts will create a new include file for /etc/named.conf, and that new include file will contain a list of all the domains mastered on all the servers it's set up (once) to slave.
If during any one of the update cycles it can't get a copy of the list from a server that's down, it uses the last list it has. It will do that forever, until you, as admin, remove the server from the list of servers it's set up to slave.
My only thought from this entire thread is that we are worried about how to make this interact with other control panels and other DA servers. Screw it, currently we don't do anything else between two servers so why start now? When a version of DA comes out that can admin multiple DA servers then we can worry about this but lets keep it simple.
I still think my solution is simple. The fact that it works with all nameservers, not just DA servers, is just icing on the cake, considering many of us have multiple servers and not all of them are DA servers.
All we need to do is have a place to enter the domain, and the ip of the master servers. That would make it easy for everyone.
Note quite, for several reasons:
1) If your resellers or clients set up new domains or if you have automatic domain setup (Whois.Cart, ModernBill) then you may not know when a domain is set up.
2) If you do know, then do you really want to have to go to your slave server and set up domains manually?
If both of these conditions work for you, then yes, and if your slave server runs DA, then yes, a simple addition to the DA DNS screens would suffice for you.
And frankly, I do hope they set up such an addition.
And may I offer another suggestion if these conditions work: You can probably buy a Cobalt RaQ3 or a RaQ4 for in the neighborhood of us$250 - us$300, rebuild it with a RaQ4 restore CDROM, and do exactly what you want.
But for those of us who don't want to have to manually enter anything, my solutions appears to me to be quite simple, and elegant.
if you disagree, please give me some constructive criticism.
Thanks.
Jeff
. My guess is that most webhosting systems already use an FTP daemon, and the purpose of my proposed system is to allow users of hosting control panels to to do slave DNS "automagically". I believe most hosting panels also run FTP daemons.
.