[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Questions about Debian-Edu, GOsa2, DNS and DHCP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 21. des. 2010 00:30, Alejandro wrote:
> 
> 
> 2010/12/20 Holger Levsen <holger@layer-acht.org
> <mailto:holger@layer-acht.org>>
> 
>     Hi Alejandro,
> 
>     On Sonntag, 19. Dezember 2010, Alejandro wrote:
>     > I'm a developer of GOsa2 and i'm doing the plugin for PowerDNS and
>     have
>     > some questions

greetings ! great to have you here.

> 
>     > I tell about BUG 602863
>     > 1.- Why need Debian-Edu PowerDNS and not BIND-DLZ-ldap?
> 
>     we want immediate updates to dns from ldap. also we just switched to
>     powerdns
>     in lenny and we are not too keen to switch back to bind now.
> 
> 
> The most complete solution is Bind-DLZ-ldap, but is slow, and no debian
> package...
> Support updates from DHCP and Samba4
> (http://sourceforge.net/mailarchive/message.php?msg_id=26749018)

no debian package is a showstopper for us.
Also some of our users will scale quite large so "slow" is not good
altho i do not know if you mean slow in resolving queries. or slow in
propagating changes... so "slow" may or may not apply.

> 
> 
>     (personally I woudlnt mind switching back to bind...)
> 
>     > 2.- PowerDNS don't support DNSSEC, TSIG and updates from DHCP.  The
>     > debian-edu project need DHCP updates?
> 
>     I'm not sure what you mean with dchp updates here. Can you explain
>     please?
> 
> 
> Dynamic Updates from ISC-DHCP.
> When ISC-DHCP give you a lease, ISC-DHCP can send a nsupdate to the BIND
> server to add your ip and name to the direct and inverse zone.
> You surely know it, but my english is so poor ;-)

no we do not use updates from dhcp.
we give machines names by registering them in dns. and machines learn
this when they boot.
That is why registering dns names and mac addresses in ldap is very
important for us. they are fundamental for a functioning network. and
gosa hopefully will make this easier.

personally i do not think we want to change such a fundamentalt
architecture design at this time in the release cycle. or if we even
want to change it at all..



>     We dont use dnssec atm.
> 
>     > I read
>     >
>     http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerD
>     >NS_and_ISC_DHCP_in_LDAP.htmland need to know the schema used by
>     debian-edu
>     > and any other ldap related issues to implement the plugin.
> 
> 
> Is really neccesary the auxiliary schema? Is neccesary to join DHCP
> Objects with DNS Objects?

we are thinking of them more like machine objects that should contain
all information needed by the machine. (hence dns and dhcp) while i
agree that it does give us headache atm.


kind regards
Ronny Aasen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk0QYGQACgkQdjPGjuyRrjqoPQCguqkF2AJOILM/fxIRQJm3b1GY
PSQAoMuR4WVn3E91+WeHgizLn30ZHtM0
=PYM+
-----END PGP SIGNATURE-----
Reply to: