MysqlBind

Last updated

mysqlBind/unxsBind is a DNS management software system. It supports Internet Systems Consortium BIND Domain Name System (DNS) and is distributed as open source software under the GNU General Public License.

Contents

mysqlBind/unxsBind has been in use since the late 1990s. It initially was designed to replace perl/bash based sets of maintenance scripts that made deployment and upkeep of large DNS systems time-consuming and prone to human error. [1]

Design

mysqlBind (now unxsBind) centralizes all data in a replicated SQL database and limits any DNS configuration errors to one software package failure point. unxsBind is a BIND9+ server management system only, not a DNS server, and generates DNS server specific configuration files so that the DNS server does not have to rely on a live SQL database. The unxsBind used SQL server is only needed to be operational for administration and deployment of new zones, new resource records, resource records changes and zone SOA changes. This non-reliance on a live SQL database has been a major point for reliable deployment of large scale DNS services. [2]

unxsBind is based on a "Company/Organization-Contact-Role" login and permissions model, such that end user organization contacts can manage their own DNS data from a shared infrastructure. This unxsBind shared infrastructure supports an unlimited number of organizations that can then administrate their own DNS resources, such as IP blocks, zones and resource records. unxsBind provides for the centralized management of multiple independent name servers across data center boundaries.

The unxsBind system consists of a back end (unxsBind/iDNS) interface, and several example end user interfaces: The idnsAdmin admin interface, and the end user idnsOrg and vdnsOrg interfaces. All provided interfaces run on SQL originated HTML/CSS/JavaScript templates organized in types and sets for on the fly interface "skin" changes and new interfaces. This along with the backend/DNS-configuration-engine and front-end interface model used in unxsBind is meant to provide the DNS service provider with a simple path to provision their own custom interfaces with advanced functionality. For example, a DNS service provider branded AJAX based interface with punycode hostname conversion for IDNA support.

Secondary and master zones, secondary-only zones, forward zones, hidden masters and hidden external master zones are all supported. Recent versions allow unlimited split horizon configurations (multiple BIND 9.3+ views). NAPTR, AAAA, and many other complex resource records are supported with input validation and contextual glossary based help. Wizards are provided for error prone complex DNS configuration management operations, e.g. in-addr.arpa reverse dns NS delegation using CIDR and $GENERATE directives. LDAP login support is provided for the vdnsOrg interface.

A CentOS 5.2+ yum installable version is available. Advanced features such as HA and LDAP single sign-on require that the system be configured and installed from source.

See also

Related Research Articles

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services. Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services.

The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

BIND is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named, performs both of the main DNS server roles, acting as an authoritative name server for DNS zones and as a recursive resolver in the network. As of 2015, it is the most widely used domain name server software, and is the de facto standard on Unix-like operating systems. Also contained in the suite are various administration tools such as nsupdate and dig, and a DNS resolver interface library.

<span class="mw-page-title-main">MySQL</span> SQL database engine software

MySQL is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database organizes data into one or more data tables in which data may be related to each other; these relations help structure the data. SQL is a language that programmers use to create, modify and extract data from the relational database, as well as control user access to the database. In addition to relational databases and SQL, an RDBMS like MySQL works with an operating system to implement a relational database in a computer's storage system, manages users, allows for network access and facilitates testing database integrity and creation of backups.

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

PowerDNS is a DNS server program, written in C++ and licensed under the GPL. It runs on most Unix derivatives. PowerDNS features a large number of different backends ranging from simple BIND style zonefiles to relational databases and load balancing/failover algorithms. A DNS recursor is provided as a separate program.

Microsoft DNS is the name given to the implementation of domain name system services provided in Microsoft Windows operating systems.

DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g. an IP address. This results in traffic being diverted to any computer that the attacker chooses.

This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software.

<span class="mw-page-title-main">ISPConfig</span>

ISPConfig is a widely used open source hosting control panel for Linux, licensed under BSD license and developed by the company ISPConfig UG. The ISPConfig project was started in autumn 2005 by Till Brehm from the German company projektfarm GmbH.

DNS management software is computer software that controls Domain Name System (DNS) server clusters. DNS data is typically deployed on multiple physical servers. The main purposes of DNS management software are:

MaraDNS is an open-source Domain Name System (DNS) implementation, which acts as either a caching, recursive, or authoritative nameserver.

<span class="mw-page-title-main">Opsi</span> Software distribution and management system for Microsoft Windows clients

Opsi is a software distribution and management system for Microsoft Windows clients, based on Linux servers. Opsi is developed and maintained by uib GmbH from Mainz, Germany. The main parts of Opsi are open-source licensed under the GNU Affero General Public License.

Cisco Prime Network Registrar (CNR) is a Cisco software product that includes components for Domain Name System (DNS) services, Dynamic Host Configuration Protocol services, Trivial File Transfer Protocol (TFTP) services, and Simple Network Management Protocol functions. CNR provides a regional and local management structure and is supported on server hardware and software based on 32-bit and 64-bit architectures. This product is now called Cisco Prime Network Registrar.

<span class="mw-page-title-main">Knot DNS</span>

Knot DNS is an open-source authoritative-only server for the Domain Name System. It was created from scratch and is actively developed by CZ.NIC, the .CZ domain registry. The purpose of this project is to supply an alternative open-source implementation of an authoritative DNS server suitable for TLD operators to increase overall security, stability and resiliency of the Domain Name System. It is implemented as a multi-threaded daemon, using a number of programming techniques and data structures to make the server very fast, notably Read-copy-update or a special kind of a radix tree.

<span class="mw-page-title-main">Response policy zone</span> Internet firewall mechanism for DNS

A response policy zone (RPZ) is a mechanism to introduce a customized policy in Domain Name System servers, so that recursive resolvers return possibly modified results. By modifying a result, access to the corresponding host can be blocked.

<span class="mw-page-title-main">Windows Server 2016</span> Eighth version of Windows Server, released in 2016

Windows Server 2016 is the eighth release of the Windows Server operating system developed by Microsoft as part of the Windows NT family of operating systems. It was developed alongside Windows 10 and is the successor to the Windows 8.1-based Windows Server 2012 R2. The first early preview version became available on October 1, 2014 together with the first technical preview of System Center. Windows Server 2016 was released on September 26, 2016 at Microsoft's Ignite conference and broadly released for retail sale on October 12, 2016. It was succeeded by Windows Server 2019 and the Windows Server Semi-Annual Channel.

<span class="mw-page-title-main">Octopussy (software)</span> Log analysis software

Octopussy, also known as 8Pussy, is a free and open-source computer-software which monitors systems, by constantly analyzing the syslog data they generate and transmit to such a central Octopussy server. Therefore, software like Octopussy plays an important role in maintaining an information security management system within ISO/IEC 27001-compliant environments.

References

  1. Gary Wallis, Website, April 2004, "unxsBind", May 2010
  2. Dilva Garmendia, Website, May 2008, "unixservice.com", May 2010