The corporation in which you work runs and maintains a DNS server which it uses to offer DNS services to customers. Until recently, requested changes to the DNS database from your customers has been minimal and handled via a simple request system:
• The customer asks for a change to the database
• You stop the DNS server
• The zone database files are updated
• The DNS server is restarted
Update requests have recently increased to the point where this system has become unmanageable. Your boss has asked to you to investigate a system that allows the database to be updated dynamically:
• The DNS server does not need to be stopped
• Updates can be performed via a scripted and/or web-page approach
• Access can be given to customers to update their own entries
To accomplish this task, you have been assigned to deploy and configure a BIND server with dynamic update capability, along with a series of scripts and CGI based web pages to update the database contents.
Once your basic plan has been considered, you will now be required to build your DNS dynamic update system. This will involve configuring and deploying BIND on your (highest or middle)-numbered RULE host along with Apache and any scripts you develop. Depending upon which scripting language you choose to use, you may need to install and configure your system with other software via the ports tree.
Your BIND server should be configured to:
• Support dynamic updates to any zone files managed by your company and any virtual clients you support
• Support dynamic updates to reverse-lookup zones for the 136.186.230.*/24 network
• Allow public queries for lookups
Accounts should be created for each of your virtual customers. Each customer should have:
• Login details (to be provided in your final assignment)
• A forward lookup zone created and allocated to them
• Access to scripting facilities below to update their entries
Note: Creating accounts for and managing restricted database access for individual users is an optional part of the assignment for bonus marks
Both command-line based and CGI based scripts should be developed to allow updating of information in the zone database files.
Hint: A backend script that actually updates information could be called by both the command-line and CGI based scripts
to perform the actual updates
The scripts should check user authentication details (if applicable), and provide a list of current zone database entries that user can change before allowing the user to manage their allocated entries.
This will require your script to:
• Poll the DNS server to retrieve the current database entries
• Provide a means for the user to select an entry to update/delete
• Provide a means for adding a new entry
If an IP address is given in the [login to view URL] network, then all updates must also be performed to the reverse-lookup zone for this network as well.