Well, if you are willing to look into BIND alternatives, please take a
look also at tinydns which is part of the djbdns package.
Dead simple format for dns configuration and on-the-fly zone updating
are some of its features.
CentOS mailing list
I'm more than willing to look into alternatives, especially when
recommended by those more knowledgeable than I (which is *most* of this
list, I might add)
So, thank you *very* much for that. The machine is slated to go live
this weekend so i've clearly got some reading and evaluating to do (on
my testbed machine, of course).
Thanks again...and again,
I'm coming in late to this thread. We too are a hosting provider
(small time), hosting approximately 1600 live domains.
Not to say tinydns is a bad alternative, as it has it's strengths, but
we moved away from [outgrew] it 2 years ago.
If you were already running Bind, CentOS 5 is a great platform. I run
a few multi-domain (3-10) slaves using a chrooted Bind for a couple
offsite clients. Fine for small number of domains. Short term, I'd
recommend just getting another Bind install up and running to fix your
issue, THEN look at alternatives.
I've personally used PowerDNS, TinyDNS, MyDNS, nsd, Bind 8/9, and MS
DNS. PowerDNS is phenomenal. Look into the proprietary
"supermaster/superslave" functionality. To manage the 1600+ domains,
we have our primary server setup using a MySQL backend. This allows
simple integration of our accounting and support systems. The slaves
are using sqlite3 backends. One word of caution, while a "superslave"
may automatically add a new domain, it will not remove domains deleted
at the master. I've solved this by removing all non NS/SOA records
from that domain and updating the serial on the master - so changes
propagate to slaves. Then have a cronjob running that purges empty
domains from the databases on the master and slaves.
Also, I've found the PowerDNS RPM's located at the EPEL repo to be
completely stable. They even have the backends broken out separately.
Lastly, I don't know about you, but I hate giving shell access where
it's not needed ... especially to support staff under a Tier3 level.
So I use Pure-FTPD running virtual users and an FTPS (not SFTP)
client like lftp or filezilla for transfers. If I need a higher level
of security then I use rsync over SSH.
Forgive me for being so verbose. :-)