DNS management software

The rapid expansion of the internet in the mid-1990s exposed the limitations of manual DNS management. Between 1995 and mid-1997, the number of registered domains grew from 70,000^[1] to over 1.3 million.^[2] Early administration relied on the BIND software, where registration was often handled via email^[3] and zone files were edited manually using text editors. As hosting providers began managing hundreds of thousands of zones,^[4] several critical inefficiencies emerged:

• Manual Error & Server Downtime: Syntax errors in manually edited zone files could cause BIND to fail during reloads, leading to service outages.
• Scalability Bottlenecks: On contemporary hardware, full BIND reloads for large datasets could take several hours.
• Propagation Delays: The combination of manual edits and slow processing often resulted in DNS changes taking more than 24 hours to propagate across the network.

To address these hurdles, administrators first developed in-house Perl and Shell scripts for automation. This eventually led to the birth of dedicated DNS management software, designed to provide data validation, reduce human error, and automate distribution across server clusters.

While struggling with the challenges of editing zone files, more than a few sysadmins noticed that SQL is a terrific place to store DNS data. By moving the Single Source of Truth from text files into SQL, DNS data could be validated and constrained before acceptance into the database. Export scripts could convert the SQL to zone files. Rsync could replace named-xfer for distribution, increasing security and reducing propagation time. Among large hosting providers, it became fashionable to store DNS data in SQL and build a custom interface for managing it. mysqlBind is one such DNS manager. It provides a web interface for data input and exports the data to BIND zone files.

In 2000, Daniel J. Bernstein released Djbdns. One of the novel features was that tinydns, the included authoritative DNS server, served DNS directly from a CDB database. The cdb had to be compiled from a plain text file whose format was designed to be edited by scripts. Tinydns quickly became the second most popular DNS server^[5] and a number of DNS managers were released for it, including: VegaDNS, SuaveDNS, and NicTool.

In 2005, PowerDNS was released. One of its features was the ability to serve DNS data directly out of the SQL database, bypassing the export step entirely. PowerDNS also spawned a number of DNS managers that provide web interfaces to its SQL data store.

Using the RFC2136 DDNS update protocol, it is possible to change DNS zones without accessing the zone files. Management tools known to work that way are Admin4 and NicTool via its nsupdate^[6] export mechanism.

DNS service providers often deploy different types of DNS servers in their networks. In addition, different answers may be provided to DNS clients based on the clients' geographic location, as determined by their IP address (GeoIP). The most practical way to manage such critical Internet infrastructure has been to rely on databases and complex DNS management software to ensure homogeneity and avoid single points of deployment errors.

The BIND zone file format is a widely used industry standard documented in RFC 1035. Several other DNS servers, including PowerDNS, NSD, Knot DNS, Microsoft DNS Server, and Micetro by MEn&Mice have the ability to read BIND zone files and serve from them.

• Microsoft DNS manager supports DNSSEC from Windows Server 2012 onwards. Some of the DNSSEC records can not be directly added but are generated during zone signing and managed as such.