DNS Management Software
   HOME

TheInfoList



Click Here for Items Related To - DNS Management Software
OR:
DNS Management Software on:   [Wikipedia]   [Google]   [Amazon]

DNS management software is
computer software Software is a set of computer programs and associated documentation and data. This is in contrast to hardware, from which the system is built and which actually performs the work. At the lowest programming level, executable code consists ...
that controls
Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned t ...
(DNS) server clusters. DNS data is typically deployed on multiple physical servers. The main purposes of DNS management software are: *to reduce
human error Human error refers to something having been done that was " not intended by the actor; not desired by a set of rules or an external observer; or that led the task or system outside its acceptable limits".Senders, J.W. and Moray, N.P. (1991) Human ...
when editing complex and repetitive DNS data *to reduce the effort required to edit DNS data *to validate DNS data ''before'' it is published to the DNS servers *to automate the distribution of DNS data


Background

In 1995, there were only 70,000 domains in existence. The way to register them was by email and the way to publish them was
BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name daemon''), performs both of the main DNS server roles, acting as an authoritative ...
. By mid-1997, the domain count was 1.3 million. As the number of domains an
internet hosts skyrocketed
so too did the quantity of DNS data and the time required to manage it. Sysadmins responded by writing
Perl Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was offic ...
or
Shell Shell may refer to: Architecture and design * Shell (structure), a thin structure ** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses ** Thin-shell structure Science Biology * Seashell, a hard o ...
scripts that helped automate DNS changes. These scripts were mostly in-house tools. The closest thing to widely available DNS management software was the BIND module in
webmin Webmin is a powerful and flexible web-based server management control panel for Unix-like systems. Webmin allows the user to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify an ...
, which provided web tools for editing BIND zone files. During the late 1990s, the sheer quantity of DNS data was overwhelming the tools available to manage it. The cost of managing the data instigated the birth of DNS management software. The costs can best be explained by illustration. In 1998, three of the largest web hosting companies (HostPro, Interland, and Vservers) each hosted about 100,000 DNS zones. DNS changes were made by telnetting to a BIND master and editing zone files with a text editor. A staff of several DNS admins performed this task all day, every day. Their changes would only take effect after a BIND reload. Because disks were slow, it took several hours for BIND to do a full reload. If a DNS admin made a typo in a zone file, BIND would fail to parse that file and die. Often after hours of processing. Whomever noticed BIND wasn't running would have to read the logs, find the zone file with the error, manually review the file, fix the error, and then try starting BIND back up. Once up, the changes could propagate to the DNS slaves via zone transfers. Changes often took more than 24 hours to fully propagate.


DNS and databases

While struggling with the challenges of editing zone files, more than a few sysadmins noticed that SQL is a terrific place to store DNS data. By moving the
Single Source of Truth In information science and information technology, single source of truth (SSOT) architecture, or single point of truth (SPOT) architecture, for information systems is the practice of structuring information models and associated data schemas su ...
from text files into SQL, DNS data could be validated and constrained before acceptance into the database. Export scripts could convert the SQL to zone files. Rsync could replace named-xfer for distribution, increasing security and reducing propagation time. Among large hosting providers, it became fashionable to store DNS data in SQL and build a custom interface for managing it. mysqlBind is one such DNS manager. It provides a web interface for data input and exports the data to BIND zone files. In 2000, Daniel J Bernstein released
Djbdns The djbdns software package is a DNS implementation. It was created by Daniel J. Bernstein in response to his frustrations with repeated security holes in the widely used BIND DNS software. As a challenge, Bernstein offered a $1000 prize for th ...
. One of the novel features was that tinydns, the included authoritative DNS server, served DNS directly from a CDB database. The cdb had to be compiled from a plain text file whose format was designed to be edited by scripts
Tinydns quickly became the second most popular DNS server
and a number of DNS managers were released for it, including
VegaDNSSuaveDNS
an
NicTool
In 2005,
PowerDNS PowerDNS is a DNS server program, written in C++ and licensed under the GPL. It runs on most Unix derivatives. PowerDNS features a large number of different ''backends'' ranging from simple BIND style zonefiles to relational databases and lo ...
was released. One of its features was the ability to serve DNS data directly out of the SQL database, bypassing the export step entirely. PowerDNS also spawned a number of DNS managers that provide web interfaces to its SQL data store.


DDNS

Using the RFC2136 DDNS update protocol, it is possible to change DNS zones without accessing the zone files. Management tools known to work that way are Admin4 and NicTool via its nsupdate export mechanism.


Service Providers

DNS service providers often deploy different types of DNS servers in their networks. In addition, different answers may be provided to DNS clients based on the clients' geographic location, as determined by their IP address (
GeoIP In computing, Internet geolocation is software capable of deducing the geographic position of a device connected to the Internet. For example, the device's IP address can be used to determine the country, city, or ZIP code, determining its geogra ...
). The most practical way to manage such critical Internet infrastructure has been to rely on databases and complex DNS management software to ensure homogeneity and avoid single points of deployment errors.


DNS management software comparison


DNS Server Support


BIND zone file format

The BIND zone file format is a widely used industry standard documented in RFC 1035. Several other DNS servers, including PowerDNS,
NSD In Internet computing, NSD (for "name server daemon") is an open-source Domain Name System (DNS) server. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server (i.e., not imple ...
,
Knot DNS Knot DNS is an open-source authoritative-only server for the Domain Name System. It was created from scratch and is actively developed by CZ.NIC, the .CZ domain registry. The purpose of this project is to supply an alternative open-source impl ...
, Microsoft DNS Server, and Micetro by MEn&Mice have the ability to read BIND zone files and serve from them.


Resource Record Types Supported

* Microsoft DNS manager supports DNSSEC from Windows Server 2012 onwards. Some of the DNSSEC records can not be directly added but are generated during zone signing and managed as such.


DNS software homogeneity

Primary reasons for DNS providers (especially root operators) to use different DNS servers is code diversity and application performance. Code diversity makes it less likely that a performance or security bug in one DNS server could be exploited to inflict a Denial of Service attack upon an organization. It is for this reason that NSD and Knot DNS are frequently used by root and TLD operators. DNS management software can greatly simplify publishing DNS data to varying DNS servers.


See also

*
Comparison of DNS server software This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software. Servers compared Each of these DNS servers is an independent implementat ...
* IP address management (IP, DNS and DHCP Management systems) * DNSbox - DNS management software from
ApplianSys ApplianSys, founded in 2000, is a privately held venture capital-backed technology company based in Coventry, United Kingdom. It designs, builds and markets Internet server appliances that are deployed in more than 150 countries. Forrester Resea ...
. * Nominum - DNS software company founded by
Paul Mockapetris Paul V. Mockapetris (born 1948 in Boston, Massachusetts, US) is an American computer scientist and Internet pioneer, who invented the Internet Domain Name System (DNS). Education Mockapetris graduated from the Boston Latin School in 1966, rec ...
*
Secure64 Secure64 Software Corporation is a software development company headquartered in Fort Collins, Colorado, Fort Collins, Colorado, CO, USA, building server applications. History Secure64 was founded in 2002 and began full-scale development in 200 ...
- DNS management software. * Ganymede - GPL licensed network directory management software that can manage DNS/DHCP. * unxsVZ::unxsBind (was mysqlBind) - GPL Licensed DNS management software part of unxsVZ private cloud software suite.


References


External links

* *{{dmoz, Computers/Software/Internet/Servers/Address_Management, Address Management DNS software