directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Enrique Rodriguez <>
Subject DNS zones in the LDAP namespace
Date Fri, 30 Sep 2005 22:53:14 GMT

I am looking for help designing a default LDAP-DNS namespace.  I have 
the DNS protocol provider largely working with basic record types SOA, 
A, NS, CNAME, PTR, MX, and SRV.  I am currently serving zones using the 
Active Directory-style ",ou=forward lookup 
zones,ou=dns,ou=system."  This has been fine for testing, but I'm 
wondering if anyone out there has experience in this area and would like 
to provide feedback.

I am wondering if it doesn't make more sense to put zones under domain 
components [1] such as the suffix "dc=example,dc=com" or under 
"ou=Zones,dc=example,dc=com" if that keeps things cleaner.  The 
advantages I see here are a more intuitive layout and better support for 
ACI and repl if the zone layout matches the DIT layout.  Sometimes I 
think M$ does things specifically to make you buy more servers.  Imagine 

So, to phrase this as a tighter question, let's say you have two DNS 
zones, and  What would the LDAP namespace look 
like and where/how would you place the SOA and A records?

If I'm missing common knowledge, in books or RFCs, please feel free to 
point that out.  I'm almost done "Understanding and Deploying LDAP 
Directory Services" and I just started "LDAP Directories Explained: An 
Introduction and Analysis" and I read 5 or so relevant RFCs.

Of course I plan to make the zone layout configurable so both styles 
above are supported using a configurable layer-of-indirection, but we 
still need to ship something default.


[1] RFC 2247 - Using Domains in LDAP/X.500 Distinguished Names

View raw message