Well, if you are willing to look into BIND alternatives, please take a look also at tinydns which is part of the djbdns package.
Dead simple format for dns configuration and on-the-fly zone updating are some of its features. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Feizhou,
I'm more than willing to look into alternatives, especially when recommended by those more knowledgeable than I (which is *most* of this list, I might add)
So, thank you *very* much for that. The machine is slated to go live this weekend so i've clearly got some reading and evaluating to do (on my testbed machine, of course).
Thanks again...and again, ~Ray
I'm coming in late to this thread. We too are a hosting provider (small time), hosting approximately 1600 live domains.
Not to say tinydns is a bad alternative, as it has it's strengths, but we moved away from [outgrew] it 2 years ago.
If you were already running Bind, CentOS 5 is a great platform. I run a few multi-domain (3-10) slaves using a chrooted Bind for a couple offsite clients. Fine for small number of domains. Short term, I'd recommend just getting another Bind install up and running to fix your issue, THEN look at alternatives.
I've personally used PowerDNS, TinyDNS, MyDNS, nsd, Bind 8/9, and MS DNS. PowerDNS is phenomenal. Look into the proprietary "supermaster/superslave" functionality. To manage the 1600+ domains, we have our primary server setup using a MySQL backend. This allows simple integration of our accounting and support systems. The slaves are using sqlite3 backends. One word of caution, while a "superslave" may automatically add a new domain, it will not remove domains deleted at the master. I've solved this by removing all non NS/SOA records from that domain and updating the serial on the master - so changes propagate to slaves. Then have a cronjob running that purges empty domains from the databases on the master and slaves.
Also, I've found the PowerDNS RPM's located at the EPEL repo to be completely stable. They even have the backends broken out separately.
Lastly, I don't know about you, but I hate giving shell access where it's not needed ... especially to support staff under a Tier3 level. So I use Pure-FTPD running virtual users and an FTPS (not SFTP) client like lftp or filezilla for transfers. If I need a higher level of security then I use rsync over SSH.
Forgive me for being so verbose. :-)
-ken