[nsd-users] NSD patching without a temporary file

[Shane Kerr]

All,

I noticed that a lot of time for us to do our continual NSD patching is
spent writing the text version of the zone file. I had a brief Jabber
chat with Wouter and he explained how this worked.

Basically, nsd-patch produces a new text version of the zone file, and
then zonec compiles that, so the text zone file is quite important. :)

I mentioned this to a colleague, and he suggested that we use a Unix
pipe rather than a temporary file for the patched zone. This would save
a significant amount of disk IO, which is usually quite slow. The
disadvantage is the administrator no longer has a text version of the
zone file to look at.


Looking at the code, it seems fairly straightforward, but I wanted some
input from NSD folks before hacking.

I think the full set of changes would be:

     1. Add an option to patch a single zone by "nsd-patch". (This is
        necessary because if you are going via a pipe, the zonec program
        can only work on a single zone at a time.)
     2. Add an option to specify the output file if you are using a
        single zone in "nsd-patch" (including treating "-" as stdout).
     3. Change "nsdc" to loop across zones in a configuration file and
        patch each one via "nsd-patch $zone -o - | zonec -z -" (or the
        equivalent).


Assuming this actually results in a speed increase, I don't know whether
the behavior should be made default or not. I think it should be. After
all, the text zone files do not represent the "actual" state of the zone
at any given time, and one can always use "dig" to AXFR the zone if one
needs such a thing.

--
Shane