As the subject suggests, I just wrote an opensource DNS daemon in PHP. I already know what any sane person is thinking right now:
[18:25:06] <Derick> MT`AwAy: you’re mad
Now that it’s said, let’s move on ; if you want to tell me I’m crazy, you can post it in a comment here, it makes me happy. I had some reasons to dislike bind9 which finally made me write my own DNS daemon, and I’ll explain that here.
My need was to have a stable dynamic DNS server working in most environnements, with an easy to configure master/slave relationship (with realtime synchronisation), and a way to change records instantly from PHP…
For those who already played with bind9, there’s a feature called dlz which basically allows to ask bind to get data from an SQL server. I could just configure another MySQL per slave, and put replication there, but it’s not that fast and I had some stability issues (both with MySQL replication, and with bind crashing in some weird cases).
So, instead of trying to fix bind9′s code (which would also include fixing MySQL replication – or trying newer MySQL’s row-based replication) or searching for another solution (there are zillions of dns servers around there, but they all have features I’ll never need), I decided to write my own DNS server (built on top of PInetd, my PHP networking framework for PHP 5.3.0), with only the features I needed.
So here are some of the features of this DNS daemon:
- Supports RFC 1035, and some others too (IPv6 AAAA records, and DNS OPT, with the goal of supporting DNSSEC at some point).
- Does NOT support AXFR nor IXFR, I have no need for the standard zone transfer protocol
- Data can be updated realtime with a provided client class, connecting to the server via a shared secret authentication (client computes checksum of his name, timestamp and secret, server replies with the same kind of data). Once authentication is finished data is sent cleartext, but adding SSL encoding wouldn’t be that hard (just need to create a “STARTTLS” function, that’s on the TODO list).
- Slave stays connected to master (keepalive packet sent every 15 minutes), and gets updates realtime.
- On first connection, slave will get all zones/domains/records from the master. If it gets disconnected later and reconnect, it will search for his last update, and will ask only for newer data from the master.
- Slave synchronisation is done in a separate process, meaning that even when processing a lot of updates, service is available.
As a test, I ran AFNIC’s zonecheck on a virtual zone I created on the server, and it works!
dig @dyndns1.ookoo.org version.dnsd ch txt
If you want to test this, I got a test domain with a record creation page, however I won’t post it here (or it might get abused) so if you want to test, feel free to contact me.
And finally the conclusion is simple: php can do anything you want to do, and even things you never wanted to.
PS: I’m looking for someone to look after PInetd‘s website, like removing this lipsum news, etc… (I don’t have time for that).