1 2ldapdns / ldapaxfr 3 4 5welcome to LDAPDNS. 6 7 8i wrote LDAPDNS simply because there is no other LDAP<->DNS gateway that 9I found useful, and infact, there are/were only two others that I am/was 10aware of: 11 1. Microsoft Active Directory 12 2. BIND+LDAP (patch) 13 14If you need to know why these are completely wrong, go elsewhere, 15because I'm not going to explain it in this README. 16 17Still here? 18 19LDAPDNS is a fast, rhobust, and powerful content DNS server. 20 21It does not do: 22 recursive resolving 23 proxying 24 caching 25 26or anything else but serve DNS content. 27 28The first version of LDAPDNS was written as a patch to DJBDNS - a very 29fine DNS server. However, OpenLDAP was unstable at the time, and had 30lots of bugs in the client-side code. It also blocked frequently, and 31even sometimes disappeared completely. 32 33LDAPDNS 2 is a rewrite that primarily addresses problems with OpenLDAP, 34and also succeeds the original: It is faster than other nameservers, and 35can scale above and beyond any other nameserver. <README.comparison> 36 37LDAPDNS does some things that other nameservers don't -- a kind of 38innovation if you will -- and AFAIK, is the only nameserver that 39supports generic records AND still compresses domain-names inside of 40them <README.generic-rr> 41 42Like DJBDNS, it supports "split-horizon" DNS, and also puts in some 43offensive programming tactics that make LDAPDNS safe to use. 44 a remote user cannot write to the LDAP server (permissions) 45 a remote user cannot trash the filesystem 46 a remote user cannot gain access to a "shell" 47some of the should-not's :) 48 a remote user should not be able to crash LDAPDNS 49 50that's a hard one. I'm not as good a programmer as DJB -- but his 51tactics have changed my code - and continue to. One day, I'll be able to 52make a guarantee :) 53 54Like BIND, you can make binary packages of LDAPDNS, and unlike the ISC, 55I will actually try and help you with it! Redistribution of LDAPDNS is a 56good thing... 57 58If you have any questions at all about LDAPDNS, feel free to contact me 59directly; all my relevent contact information is on my website. 60