[Unbound-users] Issuing multiple commands over the control channel
alex at digriz.org.uk
Mon Mar 8 16:08:34 UTC 2010
Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> I am wondering if it's possible to issue >1 command over the SSL control
> channel? Specifically "flush" commands for >1 host. I might want to
> flush anything from 1-1000 specific hosts from the cache (most commonly
> 2-10) every few minutes.
...well if all your DDNS stuff is not in your 'main' zone then you
could just use 'flush_zone' instead.
> I am considering a move away from this model, and was initially
> reluctant to look at unbound because of the difficulty of maintaining
> this stealth slave. However it then occurred to me that I could simply
> "flush" the changed names inside the master update process, since I
> know what they are.
We use BIND9 (pulling from LDAP) for our hidden primary, and shovel our
external view zone to...well yourself and the internal view to two
internal instances of NSD3. These run on the same boxes as unbound,
they give our internal clients recursive action, fronted by some Cisco
IOS SLB action.
The NSD3 daemons are IXFRing so always have the latest copy of
hosts.soas.ac.uk and unbound has a bunch of 'stub-zone' steering them at
localhost (also to deal with the DNS view issue for our regular zones
See me at Networkshop 38 showing just this! :)
I'm yet to start calling regularly 'flush_zone', but it is on my todo
 we have no DDNS entries in 'soas.ac.uk', however we do use it for
.sigmonster says: This PIZZA symbolizes my COMPLETE EMOTIONAL RECOVERY!!
More information about the Unbound-users