Bdns - a WEB interface to manage a BIND DNS server and its zones

FRANÇAIS

Éric Boucher, september 07, 2004 (thebutch@videotron.ca)

 

So, what is Bdns ?


Bdns is a system written in PHP to maintain DNS data. I wrote it to maintain the large intranet DNS data at work, on my spare time. I included features that were needed to maintain a large set of zones with multiple user accounts right from the start. Those features are:

- DNS data is kept in an MySQL database: data is available easily with the benefits of a database engine to manipulate it. Reports, searches, sorts and massive updates are easy;

- User accounts: many users can update the DNS data at the same time. Better: three types of users are available, so you can create user accounts that can do all (administrators), or accounts that can update dns data in the entire database but cannot manage zones or users (operators), or accounts that can manage only one zone or a set of zones that you specify (responsibles). For administrators of large DNS, it is a relief to delegate the managment of sub-zones to responsible users.

- Updates to the DNS are kept in a log in the database which states who, when, and what was changed.

- Dynamic updates: updates to the database via the GUI are replicated instantly and dynamically in the DNS cache via BIND's nsupdate interface. No need to manually reload the DNS server.

- Entire DNS data can be browsed by DNS domain names, DNS zones, or IP networks: it is easier for ordinary users to browse through domain names/host names and IP networks, instead of searching for that "3.45.199.in-addr.arpa" zone... or is it "45.199.in-addr.arpa" ? Arg !

- The system validates data before updating the database and the DNS: this prevents users from creating duplicate entries or orphan records in the DNS. For hard core DNS administrators, it also means less headache, because the correct syntax of, say, less often done tasks such as creating a zone delegation is done right by the scripts, so you don't break your DNS service when modifying it.

- Bdns operates in english or french for now (other languages can be added easily; there is only one central messages file to translate). An administrator can choose the default language of the system, and each user can choose his preferred language in his preferences page.

 

What is needed to run it ?

Bdns has been installed successfully on Solaris 2.6, Solaris 8, MacOS X, and one of my colleagues installed it on Windows NT (he had to tweak a bit, I think, and I doubt that everything worked OK); It should run on any unix OS where you can install the following software:

- BIND version 8.x, Bind 9.x or later. Bdns has been tested with BIND 8 and 9 with no problems, since it uses only "nsupdate" and "ndc reload" to talk to BIND. The configuration files are compatible from BIND 8 to BIND 9.

- Apache 2.x, PHP 4.x, MySQL 4.x, sudo 1.x. Bdns is written in PHP, runs in a WEB environment, stores its data in a MySQL database, runs as a non-privileged user, and uses sudo to send signals as root to BIND (ndc reload).

 

Where can I get it ?

- The software can be obatined here on sourceforge.

As of september 7, 2004, the documentation is still incomplete and only in french (for now). I update it almost daily. An english version will be available before Christmas, promised ! Still, the hardest part is to install the software. After that, Bdns is a piece of cake to use.

- The documentation can be accessed online here, or, it can be downloaded from here (*.tar.gz file, HTML format with images).

 

Well, what else ?

Users of Bdns are asking for enhancements. I'm currently working on these and will release version 2.1 around november 2004. New features will include facilities to sync the DNS from the primary to slaves and cache servers, along with the ability to send commands and signals to remote DNS/DHCP servers.

Another feature I am contemplating is modifying the way BDNS updates BIND's config and zones data to better acomodate simultaneous dynamic updates from other sources such as Win2K AD servers or DHCP servers.

Finally, developing Bdns took me a lot of time, and I'm giving it for free because I believe in the open source philosophy. I would just apreciate to know that I didn't do all that for nothing (altough I know it is used in my company's intranet, at least). Please, if you download it, install it, use it, find it great or crappy, send me an EMail at thebutch@videotron.ca. I'll be very happy (gratified, indeed) to know that someone somewhere uses it, and receiving comments will help me improve Bdns.

 

Éric Boucher