1*00b67f09SDavid van MoolenbroekCopyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") 2*00b67f09SDavid van MoolenbroekCopyright (C) 2000, 2001 Internet Software Consortium. 3*00b67f09SDavid van MoolenbroekSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms. 4*00b67f09SDavid van Moolenbroek 5*00b67f09SDavid van MoolenbroekUsing the BIND 9 Simplified Database Interface 6*00b67f09SDavid van Moolenbroek 7*00b67f09SDavid van MoolenbroekThis document describes the care and feeding of the BIND 9 Simplified 8*00b67f09SDavid van MoolenbroekDatabase Interface, which allows you to extend BIND 9 with new ways 9*00b67f09SDavid van Moolenbroekof obtaining the data that is published as DNS zones. 10*00b67f09SDavid van Moolenbroek 11*00b67f09SDavid van Moolenbroek 12*00b67f09SDavid van MoolenbroekThe Original BIND 9 Database Interface 13*00b67f09SDavid van Moolenbroek 14*00b67f09SDavid van MoolenbroekBIND 9 has a well-defined "back-end database interface" that makes it 15*00b67f09SDavid van Moolenbroekpossible to replace the component of the name server responsible for 16*00b67f09SDavid van Moolenbroekthe storage and retrieval of zone data, called the "database", on a 17*00b67f09SDavid van Moolenbroekper-zone basis. The default database is an in-memory, red-black-tree 18*00b67f09SDavid van Moolenbroekdata structure commonly referred to as "rbtdb", but it is possible to 19*00b67f09SDavid van Moolenbroekwrite drivers to support any number of alternative database 20*00b67f09SDavid van Moolenbroektechnologies such as in-memory hash tables, application specific 21*00b67f09SDavid van Moolenbroekpersistent on-disk databases, object databases, or relational 22*00b67f09SDavid van Moolenbroekdatabases. 23*00b67f09SDavid van Moolenbroek 24*00b67f09SDavid van MoolenbroekThe original BIND 9 database interface defined in <dns/db.h> is 25*00b67f09SDavid van Moolenbroekdesigned to efficiently support the full set of database functionality 26*00b67f09SDavid van Moolenbroekneeded by a name server that implements the complete DNS protocols, 27*00b67f09SDavid van Moolenbroekincluding features such as zone transfers, dynamic update, and DNSSEC. 28*00b67f09SDavid van MoolenbroekEach of these aspects of name server operations places its own set of 29*00b67f09SDavid van Moolenbroekdemands on the data store, with the result that the database API is 30*00b67f09SDavid van Moolenbroekquite complex and contains operations that are highly specific to the 31*00b67f09SDavid van MoolenbroekDNS. For example, data are stored in a binary format, the name space 32*00b67f09SDavid van Moolenbroekis tree structured, and sets of data records are conceptually 33*00b67f09SDavid van Moolenbroekassociated with DNSSEC signature sets. For these reasons, writing a 34*00b67f09SDavid van Moolenbroekdriver using this interface is a highly nontrivial undertaking. 35*00b67f09SDavid van Moolenbroek 36*00b67f09SDavid van Moolenbroek 37*00b67f09SDavid van MoolenbroekThe Simplified Database Interface 38*00b67f09SDavid van Moolenbroek 39*00b67f09SDavid van MoolenbroekMany BIND users wish to provide access to various data sources through 40*00b67f09SDavid van Moolenbroekthe DNS, but are not necessarily interested in completely replacing 41*00b67f09SDavid van Moolenbroekthe in-memory "rbt" database or in supporting features like dynamic 42*00b67f09SDavid van Moolenbroekupdate, DNSSEC, or even zone transfers. 43*00b67f09SDavid van Moolenbroek 44*00b67f09SDavid van MoolenbroekOften, all you want is limited, read-only DNS access to an existing 45*00b67f09SDavid van Moolenbroeksystem. For example, you may have an existing relational database 46*00b67f09SDavid van Moolenbroekcontaining hostname/address mappings and wish to provide forvard and 47*00b67f09SDavid van Moolenbroekreverse DNS lookups based on this information. Or perhaps you want to 48*00b67f09SDavid van Moolenbroekset up a simple DNS-based load balancing system where the name server 49*00b67f09SDavid van Moolenbroekanswers queries about a single DNS name with a dynamically changing 50*00b67f09SDavid van Moolenbroekset of A records. 51*00b67f09SDavid van Moolenbroek 52*00b67f09SDavid van MoolenbroekBIND 9.1 introduced a new, simplified database interface, or "sdb", 53*00b67f09SDavid van Moolenbroekwhich greatly simplifies the writing of drivers for these kinds of 54*00b67f09SDavid van Moolenbroekapplications. 55*00b67f09SDavid van Moolenbroek 56*00b67f09SDavid van Moolenbroek 57*00b67f09SDavid van MoolenbroekThe sdb Driver 58*00b67f09SDavid van Moolenbroek 59*00b67f09SDavid van MoolenbroekAn sdb driver is an object module, typically written in C, which is 60*00b67f09SDavid van Moolenbroeklinked into the name server and registers itself with the sdb 61*00b67f09SDavid van Moolenbroeksubsystem. It provides a set of callback functions, which also serve 62*00b67f09SDavid van Moolenbroekto advertise its capabilities. When the name server receives DNS 63*00b67f09SDavid van Moolenbroekqueries, invokes the callback functions to obtain the data to respond 64*00b67f09SDavid van Moolenbroekwith. 65*00b67f09SDavid van Moolenbroek 66*00b67f09SDavid van MoolenbroekUnlike the full database interface, the sdb interface represents all 67*00b67f09SDavid van Moolenbroekdomain names and resource records as ASCII text. 68*00b67f09SDavid van Moolenbroek 69*00b67f09SDavid van Moolenbroek 70*00b67f09SDavid van MoolenbroekWriting an sdb Driver 71*00b67f09SDavid van Moolenbroek 72*00b67f09SDavid van MoolenbroekWhen a driver is registered, it specifies its name, a list of callback 73*00b67f09SDavid van Moolenbroekfunctions, and flags. 74*00b67f09SDavid van Moolenbroek 75*00b67f09SDavid van MoolenbroekThe flags specify whether the driver wants to use relative domain 76*00b67f09SDavid van Moolenbroeknames where possible. 77*00b67f09SDavid van Moolenbroek 78*00b67f09SDavid van MoolenbroekThe callback functions are as follows. The only one that must be 79*00b67f09SDavid van Moolenbroekdefined is lookup(). 80*00b67f09SDavid van Moolenbroek 81*00b67f09SDavid van Moolenbroek - create(zone, argc, argv, driverdata, dbdata) 82*00b67f09SDavid van Moolenbroek Create a database object for "zone". 83*00b67f09SDavid van Moolenbroek 84*00b67f09SDavid van Moolenbroek - destroy(zone, driverdata, dbdata) 85*00b67f09SDavid van Moolenbroek Destroy the database object for "zone". 86*00b67f09SDavid van Moolenbroek 87*00b67f09SDavid van Moolenbroek - lookup(zone, name, dbdata, lookup) 88*00b67f09SDavid van Moolenbroek Return all the records at the domain name "name". 89*00b67f09SDavid van Moolenbroek 90*00b67f09SDavid van Moolenbroek - authority(zone, dbdata, lookup) 91*00b67f09SDavid van Moolenbroek Return the SOA and NS records at the zone apex. 92*00b67f09SDavid van Moolenbroek 93*00b67f09SDavid van Moolenbroek - allnodes(zone, dbdata, allnodes) 94*00b67f09SDavid van Moolenbroek Return all data in the zone, for zone transfers. 95*00b67f09SDavid van Moolenbroek 96*00b67f09SDavid van MoolenbroekFor more detail about these functions and their parameters, see 97*00b67f09SDavid van Moolenbroekbind9/lib/dns/include/dns/sdb.h. For example drivers, see 98*00b67f09SDavid van Moolenbroekbind9/contrib/sdb. 99*00b67f09SDavid van Moolenbroek 100*00b67f09SDavid van Moolenbroek 101*00b67f09SDavid van MoolenbroekRebuilding the Server 102*00b67f09SDavid van Moolenbroek 103*00b67f09SDavid van MoolenbroekThe driver module and header file must be copied to (or linked into) 104*00b67f09SDavid van Moolenbroekthe bind9/bin/named and bind9/bin/named/include directories 105*00b67f09SDavid van Moolenbroekrespectively, and must be added to the DBDRIVER_OBJS and DBDRIVER_SRCS 106*00b67f09SDavid van Moolenbroeklines in bin/named/Makefile.in (e.g. for the timedb sample sdb driver, 107*00b67f09SDavid van Moolenbroekadd timedb.c to DBDRIVER_SRCS and timedb.@O@ to DBDRIVER_OBJS). If 108*00b67f09SDavid van Moolenbroekthe driver needs additional header files or libraries in nonstandard 109*00b67f09SDavid van Moolenbroekplaces, the DBDRIVER_INCLUDES and DBDRIVER_LIBS lines should also be 110*00b67f09SDavid van Moolenbroekupdated. 111*00b67f09SDavid van Moolenbroek 112*00b67f09SDavid van MoolenbroekCalls to dns_sdb_register() and dns_sdb_unregister() (or wrappers, 113*00b67f09SDavid van Moolenbroeke.g. timedb_init() and timedb_clear() for the timedb sample sdb 114*00b67f09SDavid van Moolenbroekdriver) must be inserted into the server, in bind9/bin/named/main.c. 115*00b67f09SDavid van MoolenbroekRegistration should be in setup(), before the call to 116*00b67f09SDavid van Moolenbroekns_server_create(). Unregistration should be in cleanup(), 117*00b67f09SDavid van Moolenbroekafter the call to ns_server_destroy(). A #include should be added 118*00b67f09SDavid van Moolenbroekcorresponding to the driver header file. 119*00b67f09SDavid van Moolenbroek 120*00b67f09SDavid van MoolenbroekYou should try doing this with one or more of the sample drivers 121*00b67f09SDavid van Moolenbroekbefore attempting to write a driver of your own. 122*00b67f09SDavid van Moolenbroek 123*00b67f09SDavid van Moolenbroek 124*00b67f09SDavid van MoolenbroekConfiguring the Server 125*00b67f09SDavid van Moolenbroek 126*00b67f09SDavid van MoolenbroekTo make a zone use a new database driver, specify a "database" option 127*00b67f09SDavid van Moolenbroekin its "zone" statement in named.conf. For example, if the driver 128*00b67f09SDavid van Moolenbroekregisters itself under the name "acmedb", you might say 129*00b67f09SDavid van Moolenbroek 130*00b67f09SDavid van Moolenbroek zone "foo.com" { 131*00b67f09SDavid van Moolenbroek database "acmedb"; 132*00b67f09SDavid van Moolenbroek }; 133*00b67f09SDavid van Moolenbroek 134*00b67f09SDavid van MoolenbroekYou can pass arbitrary arguments to the create() function of the 135*00b67f09SDavid van Moolenbroekdriver by adding any number of whitespace-separated words after the 136*00b67f09SDavid van Moolenbroekdriver name: 137*00b67f09SDavid van Moolenbroek 138*00b67f09SDavid van Moolenbroek zone "foo.com" { 139*00b67f09SDavid van Moolenbroek database "acmedb -mode sql -connect 10.0.0.1"; 140*00b67f09SDavid van Moolenbroek }; 141*00b67f09SDavid van Moolenbroek 142*00b67f09SDavid van Moolenbroek 143*00b67f09SDavid van MoolenbroekHints for Driver Writers 144*00b67f09SDavid van Moolenbroek 145*00b67f09SDavid van Moolenbroek - If a driver is generating data on the fly, it probably should 146*00b67f09SDavid van Moolenbroek not implement the allnodes() function, since a zone transfer 147*00b67f09SDavid van Moolenbroek will not be meaningful. The allnodes() function is more relevant 148*00b67f09SDavid van Moolenbroek with data from a database. 149*00b67f09SDavid van Moolenbroek 150*00b67f09SDavid van Moolenbroek - The authority() function is necessary if and only if the lookup() 151*00b67f09SDavid van Moolenbroek function will not add SOA and NS records at the zone apex. If 152*00b67f09SDavid van Moolenbroek SOA and NS records are provided by the lookup() function, 153*00b67f09SDavid van Moolenbroek the authority() function should be NULL. 154*00b67f09SDavid van Moolenbroek 155*00b67f09SDavid van Moolenbroek - When a driver is registered, an opaque object can be provided. This 156*00b67f09SDavid van Moolenbroek object is passed into the database create() and destroy() functions. 157*00b67f09SDavid van Moolenbroek 158*00b67f09SDavid van Moolenbroek - When a database is created, an opaque object can be created that 159*00b67f09SDavid van Moolenbroek is associated with that database. This object is passed into the 160*00b67f09SDavid van Moolenbroek lookup(), authority(), and allnodes() functions, and is 161*00b67f09SDavid van Moolenbroek destroyed by the destroy() function. 162*00b67f09SDavid van Moolenbroek 163*00b67f09SDavid van Moolenbroek 164*00b67f09SDavid van MoolenbroekFuture Directions 165*00b67f09SDavid van Moolenbroek 166*00b67f09SDavid van MoolenbroekA future release may support dynamic loading of sdb drivers. 167*00b67f09SDavid van Moolenbroek 168*00b67f09SDavid van Moolenbroek 169*00b67f09SDavid van MoolenbroekId: sdb,v 1.6 2004/03/05 05:04:54 marka Exp 170