Please enhance bind9 to use forwarder addresses from resolvconf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bind9 (Debian) |
Fix Released
|
Unknown
|
|||
bind9 (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
It is requested that the bind9 package be enhanced such that named uses forwarder addresses obtained from resolvconf's database.
Such a feature would normally be implemented by means of a resolvconf update hook script, in this case /etc/resolvconf
There are various ways to implement this proposal.
1. Write out a forwarders{} statement
The script writes out a forwarders{} statement in the format of named.conf(5) to /var/run/
To activate this, the admin has to edit /etc/bind/
The script /etc/resolvconf
2. Write a list of forwarder addresses and enhance named to read this
The script writes out a simple list of IP addresses to /var/run/
This approach requires that the command-line option in question be added to named but it has a number of advantages over the first approach. (1) It allows the script to be much simpler. (2) It allows the use of the resolvconf-based forwarders list to be enabled and disabled via a variable in, e.g., /etc/default/bind9. (3) Some machines are still using an old script written for bind8 which works as in #1 except that it writes out a whole options{} statement instead of just a forwarders{} statement; the present approach upgrades such machines cleanly.
3. Enhance rndc to send, and named to receive, forwarder addresses
This has the advantages of approach #2 and also eliminates the need to write out a file. The disadvantage is that it would be a significant amount of extra work to extend the syntax of rndc.
--- BACKGROUND INFORMATION ---
As of Ubuntu 12.04, nameserver information is handled by resolvconf in both the Server and Desktop editions of Ubuntu. Resolvconf maintains a database of nameserver information, filed by interface name and configuration agent. This is the information that is needed if named is to be used in whole or in part as a forwarding nameserver.
BIND 9.7.x manual section 1.4.5.1: "__Forwarding__. Even a caching name server does not necessarily perform the complete recursive lookup itself. Instead, it can forward some or all of the queries that it cannot satisfy from its cache to another caching name server, commonly referred to as a forwarder. There may be one or more forwarders, and they are queried in turn until the list is exhausted or an answer is found. Forwarders are typically used when you do not wish all the servers at a given site to interact directly with the rest of the Internet servers. A typical scenario would involve a number of internal DNS servers and an Internet firewall. Servers unable to pass packets through the firewall would forward to the server that can do it, and that server would query the Internet DNS servers on the internal server’s behalf."
Changed in bind: | |
status: | Unknown → New |
Changed in bind9 (Ubuntu): | |
status: | New → Opinion |
importance: | Undecided → Wishlist |
status: | Opinion → Confirmed |
no longer affects: | bind |
description: | updated |
description: | updated |
summary: |
- Please add resolvconf hook script to generate dynamic forwarders list + Please enhance bind9 to use forwarder addresses from resolvconf |
Changed in bind9 (Debian): | |
status: | Unknown → New |
Changed in resolvconf (Debian): | |
status: | Unknown → Fix Released |
Changed in bind9 (Debian): | |
status: | New → Fix Released |
To anyone else who wants this feature: You are cordially invited to add your voice here. :-) Please explain how you intend to use the feature.