[82392] in North American Network Operators' Group
Re: Customer DNS records best practices
daemon@ATHENA.MIT.EDU (Daniel Golding)
Thu Jul 14 18:49:23 2005
Date: Thu, 14 Jul 2005 15:48:21 -0700
From: Daniel Golding <dgolding@burtongroup.com>
To: Peter Kranz <pkranz@unwiredltd.com>, <nanog@nanog.org>
In-Reply-To: <200507142145.j6ELj6it002841@nudoubt.darkersun.com>
Errors-To: owner-nanog@merit.edu
There are a couple possibilities.
Mice and Men and INS both make software that can "front-end" BIND servers
via a secure web interface. You can also utilize a secure DNS appliance to
serve your customer DNS - Infoblox, Bluecat, and INS all make these. They
generally have a pretty rich multi-user security model, can use RADIUS for
authentication, etc.
There are lots of good reasons to keep your customer DNS separate from your
own DNS if you are going to allow customers to remotely administer their
zone records.
I would ensure you have a good idea of your requirements before you jump
into this - do you want the software to validate changed records? Just
accept changes? Do you plan to support a subset of Resource Records, or the
whole enchilada?
- Dan
On 7/14/05 2:45 PM, "Peter Kranz" <pkranz@unwiredltd.com> wrote:
>
> I am looking for any suggestions on tool/utilities that you are using to
> allow customers to manager their forward/reverse DNS records that reside on
> your DNS servers. Linux/Unix based preferred.
>
> Peter Kranz
> Founder/CEO - Unwired Ltd
> Mobile: 510-207-0000
> pkranz@unwiredltd.com
>
>
-
