Bug#740916: ITP: dms -- DNS Management System
On Fri, Mar 7, 2014, at 9:21, Matt Grant wrote:
> I am afraid the string 'dms' is very deeply buried through out all the
> code....
>
> Quite happy to describe it as the "bind9 DNS Management System" though.
Thank you very much. I would be even happier if the upstream lost the
tight coupling to bind, but that's in my daydreaming box :).
> Have to be careful to as 'BIND' may be a trademark of DNSco and the
> ISC...
DNSco is just a organization for support contracts. I am not aware that
ISC holds the trademark over BIND name nor enforce it. I am looking at
several ISC people right at this moment :)), so I can ask them quickly
when dnsop WG is over.
O.
> On Fri, 2014-03-07 at 08:01 +0000, Ondřej Surý wrote:
> > The "DNS = Bind" mindset makes me really sad. There is a couple of
> > excellent authoritative standard-adhering modern DNS servers (Knot
> > DNS, NSD, PowerDNS) out there that beat the hell out of Bind in one
> > way or another and still when you say DNS people will just say Bind.
> > (Well same for the tasksel job...)
> >
> > I know that I am biased being upstream for Knot DNS and maintainer for
> > NSD even longer, but could we call this a Bind9 Management System in
> > Debian? Since this is what it really is.
> >
> > O.
> > --
> > Ondřej Surý <ondrej@sury.org>
> > Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
> >
> > On 6. 3. 2014, at 7:55, Matthew Grant <matt@mattgrant.net.nz> wrote:
> >
> >
> > > Package: wnpp
> > > Severity: wishlist
> > > Owner: Matthew Grant <matt@mattgrant.net.nz>
> > >
> > > * Package name : dms
> > > Version : 1.0
> > > Upstream Author : Matthew Grant <matt@mattgrant.net.nz>
> > > * URL : http://mattgrant.net.nz/software/dms
> > > * License : GPL3
> > > Programming Lang: Python
> > > Description : DNS Management System
> > >
> > > DNS Management System using bind9 and PostgresQL 9.2+. Uses Dynamic
> > > Updates to update and manage the Zones in Bind9. Has a daemon which
> > > uses a State Machine for publishing zones from the DB. There is a
> > > command line/shell program zone_tool for operation on the Zones,
> > > including running an editor, and a JSON RPC over http interface via
> > > Apache and mod_wsgi.
> > >
> > > o Master can have DR Failover
> > >
> > > o IPv6 fully supported in back end and front end
> > >
> > > o IPv6 DNS RRs (AAAA)
> > >
> > > o Dynamic DNS configuration of Master server reduces need for
> > > reconfig and reload operations.
> > >
> > > o DNS RRs supported include SOA NS A AAAA MX PTR TXT SPF RP SSHFP
> > > SRV
> > > NSAP NAPTR LOC KX IPSECKEY HINFO CERT DS. DNSSEC handled by
> > > bind9 master
> > >
> > > o Auto DNSSEC via Bind9 dynamic DNS. Bind9 master server auto
> > > maintains zone DNSSEC operations records and signing. NSEC3 and
> > > NSEC
> > > supported. DNSSEC key management on Master server file system
> > > pending
> > > write of key management module. Key material directory is
> > > replicated via
> > > DR protocol (rsync) though. DMS is fully enabled to use DNSSEC
> > > for
> > > securing our core domains.
> > >
> > > o Apex resource record (SOA and NS) management across all zones -
> > > can
> > > be turned off per zone.
> > >
> > > o Auto reverse PTR generation
> > >
> > > o Customer control of their own automated reverse DNS. Individual
> > > PTR
> > > records, and complete reverse zones. Useful for business IPv6 and
> > > IPv4
> > > blocks. Enables on site use of IP PABX, intranet and email for
> > > SMBs on
> > > XDSL/Fibre.
> > >
> > > o zone_tool command line administrative tool on master servers
> > >
> > > o IPSEC secured communications between each of DR master replicas
> > > and slaves
> > >
> > > o Modular design. For example, Racoon IPSEC can be replaced if
> > > needed.
> > >
> > > o Multiple Slave DNS server software implementations. NL Netlabs
> > > nsd3
> > > can be used as a slave server once backend code is completed, and
> > > a
> > > simple configuration monitoring/HUP daemon implemented to run on
> > > each
> > > slave.
> > >
> > > o slave server/Server Groups (SG) support. Live migration of
> > > zones.
> > >
> > > o Private SGs for internal zones.
> > >
> > > o Retention of deleted zones in database for aged auto-deletion
> > > later.
> > >
> > > o Multiple Zone Instances per Zone. Roll forward and roll back
> > > changes. Again old ZIs aged for auto deletion above a threshold
> > > number.
> > >
> > > o Templates used for generating name server configuration includes
> > > -
> > > master, replicas and slaves.
> > >
> > > o Rsync to distribute name server configuration to servers.
> > >
> > > o Central distribution of name server configuration segments.
> > >
> > > o Hot standby master replica for DR purposes with manually
> > > controlled
> > > fail over. Includes automatic replica/slave server
> > > reconfiguration.
> > >
> > > o WSGI JSON RPC over HTTPS API for mulitple front ends
> > >
> > > o Security tags to control what front ends can see
> > >
> > > o Zone reference metadata to tag the zone with the owner/customer
> > > entity ID. Set by DMI when a zone is created. Tag out of table in
> > > DB via
> > > foreign key for easy reference renaming.
> > >
> > > o zone_tool has built in pager support and editor support via
> > > standard
> > > shell environment variables.
> > >
> > > o zone_tool has a configurable restricted shell mode for Help Desk
> > > use
> > >
> > > o RR Groups and RR comments supported in DB for use in text editor
> > > and
> > > in Web Admin DMI (DNS Management Interface)
> > >
> > > o zone_tool has colourised diff support to display changes between
> > > different ZIs for a zone
> > >
> > > o Vim can be used as zone tool editor, giving DNS colourised Zone
> > > file
> > > syntax high lighting.
> > >
> > >
> > > --
> > > To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> > > with a subject of "unsubscribe". Trouble? Contact
> > > listmaster@lists.debian.org
> > > Archive:
> > > [🔎] 20140306075515.5154.49732.reportbug@sid-dev.internal.anathoth.net">https://lists.debian.org/[🔎] 20140306075515.5154.49732.reportbug@sid-dev.internal.anathoth.net
> > >
> > >
>
>
--
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Reply to: