managing DNS
Tom Metro
tmetro-blu-5a1Jt6qxUNc at public.gmane.org
Wed Dec 30 14:55:31 EST 2009
Greg Rundlett (freephile) wrote:
> At work I have over 700 domains to manage.
> GoDaddy is apparently ill-equipped to handle a large number of zone
> transfers...
I don't have specific suggestions for a service provider to handle that
quantity of domains, but I personally wouldn't even consider GoDaddy.
They're a mass-market cookie-cutter operation that isn't likely to
accommodate any special requirements you have, and is probably optimized
for customers with a few domains. Then there is their business
practices... (I stopped using GoDaddy several years ago.)
> I'm still looking for pointers on how people manage large sets of DNS
> zones: querying, testing, migrating etc.
>
> Not being a DNS expert, I am supposing that I should be able to export
> a zone file for every one of the domains, and then clean them up
> manually before importing them into a new ... DNS management
> system.
> ...
> It seems that I can use a Zone Transfer (AXFR ACL) to copy
> configuration to another name server.
Yes.
One strategy I'd explore is setting up local DNS management tools. Find
a DNS server that uses a database (or LDAP) back-end and has good
management tools so you can clean up and maintain your zones.
Then find a DNS service provider that specializes in DNS, like
DynDNS.org, which is also capable of acting as a secondary, and can
obtain the zones from your private server using a zone transfer
(AXFR[1]) or similar mechanism.
1. http://en.wikipedia.org/wiki/DNS_zone_transfer
I'd be surprised if GoDaddy could do this. Your existing provider,
dnsmadeeasy, may even be adequate if you only use them as a secondary,
and not as a management GUI.
> Or maybe it's easier to just transfer and clean up using
> (GoDaddy's) DNS management application.
My guess is that if you need to do a lot of cleanup work, working with
local text files or a database is going to be far more efficient than
editing one record at a time through a web GUI.
> One small nicety with DNS Made Easy is that you can configure
> internal addresses, so for example 'xerox1.example.com' can point to
> an internal address like 192.168.1.10 if that is the IP of your Xerox
> printer.
Any DNS provider should permit you to do this kind of thing, unless they
implement some sort of "I know better than you" validation rules on IP
addresses.
Though the better way to do this is to create a separate zone for
internal addresses, or just override a subset of the host names using a
split-horizon DNS setup. That way you keep private DNS records inside
your LAN. (Dnsmasq is optimized for this sort of thing.)
Dnsmasq probably is not optimal for this quantity of domains, as I think
only unofficial patched versions support database (LDAP) back-ends, but
it may be worth while to post your query to its mailing list and/or to
the lists of a few other popular DNS tools.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list