Is it possible to define a block in a zone file as constant in Dynamic DNS (using bind)?

Question

bind mangles my zone file every time a DNS update is done. If defining a block as constant isn't possible, is it possible to have 2 or more zone files describing one domain? The intent being one zone file is for fixed RR's and the other for dynamic RR's.

Lastly, if none of the above is possible, is it possible to revert to the original zone file every time DNS starts?

As a last resort, I'm going to have to write a script to manually copy or create a base zone file then start bind. But this doesn't seem like the right way to do it.

Answer 1

Yes, you can have two files for a single zone. In addition suggest doing all dynamic updates in a subdomain. Combining both of these you can keep all the machine edits isolated.

Add this to the end of your zone file:

$INCLUDE dynamic-zone-file.conf dyn.example.com

All dynamic updates would then go to dynamic-zone-file.conf. This file should exist and be writable by the named user.

Answer 2

At my place we keep dynamic updates contained in their own zones. I can't think of any way to keep a zone file tidy if it receives dynamic updates. I am not sure what you are trying to say with "is it possible to revert to the original zone file". Are you saying you don't need the dynamic updates to be persistent between BIND restarts? If so, just write a script that copies the master zone file you store and edit somewhere before BIND is started.

Answer 3

Define "mangle". If you mean "rewrite", well then yeah, BIND needs to rewrite the zone file every time you make an update. My policy was always that once a zone file was open for dynamic updates, it was never manually modified ever again, and you had to use the automatic update mechanism to do anything (lots of nsupdate calls, or just use the web interface API we setup).

To answer your other questions:

• "is it possible to have 2 or more zone files describing one domain?" -- the correct term for "domain" in BIND is "zone", so if we rewrite your question to be "is it possible to have 2 or more zone files describing one zone?", the answer becomes pretty obvious. Have two separate zones, as mghocke described, if you need something like that.

• "is it possible to revert to the original zone file every time DNS starts?" -- Sure, just have your DNS startup script copy the base zone file into place. There isn't a better way to do it because it isn't something that anyone would ever want to do -- accept dynamic updates and then throw them away every time you restart the DNS server. One caveat with this method is that you'll need to update the serial when you copy the base zone file, otherwise your slaves won't do a zone transfer.

My psychic powers are suggesting that you're trying to mix manual (direct) edits to a zone file with dynamic updates. Just so you know, that won't work (in the naive case) -- sooner or later you're going to get in a race between a dynamic update and a manual file edit, and the dynamic update will win, resulting in the loss of your manual update. You'll need to freeze and unfreeze the zone every time you want to edit (good luck universally enforcing that one). This is the reason for my "all edits to dynamic zones must be done via the DDNS interface" policy.