I’ve now switched to PowerDNS, running on a MySQL backend, and controllable using the pretty-damn-good .
Reasons for switching:
- I am sick and fucking tired of editing and backing up countless arcane zone files. It might be “hard core” and “old school” but it’s also annoying as hell, and I can never remember the syntax or forget something stupid like updating the serial, or whatever.
- A database is the natural storage container for numerous data files of the same syntax and consistent references, and is far more convenient. I can take snapshots of my entire DNS setup, one file, ready to import at a moment’s notice elsewhere.
- Furthermore, a database is amenable to controlling with a web interface, which is far more convenient (and less prone to error) than ssh’ing in and editing files manually
- I have one less thing to back up (actually, about 30 less things)
- BIND has a terrible security record
- PowerDNS has some neat other features such as dynamic lookup that I am eager to start playing with.
I’ve been considering this for a while, decided to make the jump today. First I got it set up and running perfectly on an unprivileged port; then turned off BIND and turned on PowerDNS. Total downtime: under 5 seconds.
Here are the steps to install on RHEL5:
$ yum install pdns pdns-backend-mysql pdns-backend-pipe pdns-backend-sqlite # create a mysql user & db "powerdns" # edit /etc/pdns/pdns.conf to increase port, add gmysql backend and add db credentials # create the dir to put powerdns-on-rails in, go to it $ git clone git://github.com/kennethkalmer/powerdns-on-rails.git # enter DB creds into config/database.yml and create the DB $ rake db:migrate $ rake db:seed # import zone files # note: you may need to temporarily cp them to /var/named/ $ zone2sql --named-conf=/var/named/chroot/etc/named.conf --gmysql > zones.sql # import the sql into MySQL via whatever means customary # start and test powerdns at this point, see the docs # then revert the port # add the web app in Apache or whatever you use, log in, bingo $ service named stop $ service pdns start $ chkconfig named off $ chkconfig pdns on # make sure mysqld is on too ...
There are some more tips if you want to have a look.
June 25th, 2009 at 5:37 am
Hi Sho
Thanks for the promo, and glad you made the switch. We’ve been running PowerDNS for several years now, and grew tired of the old crappy PHP frontends, so we built PowerDNS to fulfill a big need.
Now to just get the PHP guys to start using PowerDNS on Rails.
Ciao !
June 25th, 2009 at 2:59 pm
Well, thanks for the project! Actually I did have one small suggestion, i will put that on lighthouse though.
I’d played with PowerDNS on and off for a couple of years but never really had a “business case” for pushing into production, despite a couple of embarrassing mishaps with manual edits of zone files. Never really considered BIND DLZ, seemed like a bit of a hack to me, unsupported and obscure.
However, recently I need to do some things with dynamic DNS and I am buggered if I am going to be making changes to text files and then restarting BIND to implement that. A DB is necessary, and even more interesting, PowerDNS has a feature called pipe-backend which would allow me to implement transient DNS completely outside MySQL. I saw an interesting talk a few months ago by the guys behind chi.mp who were using a ruby script to do regex-based DNS lookups while still sitting behind PowerDNS; that is *very* interesting. Even more so, it passes the IP of the requesting NS to the backend, raising the intriguing possibility of playing games with geography.
So while I think PowerDNS on Rails is kind of overkill for what I need (not an ISP!) it’s really made adopting pdns a lot easier, and it’s lovely to be able to edit DNS again using a web interface. Next up – a generic ruby stub file to act as a pipe-backend coprocess for pdns, suitable for connecting to, say, an EM-based DynDNS server, which might be running on daemon_kit, lol.