The journey after a breaking change: rewriting bind-dyndb-ldap for modern BIND

bind-dyndb-ldap is a dynamic database plugin that allows the BIND DNS server to store and retrieve all DNS zone and record data directly from an LDAP directory server. This deep integration is essential for centralized identity management solutions, particularly in FreeIPA setups.

To achieve its function, bind-dyndb-ldap must utilize BIND's internal, lower-level APIs. When a recent major BIND release introduced significant breaking changes, what began as a simple compilation bug because of a missing header quickly escalated into a massive technical challenge. The core problem: adapting years of legacy code to the new BIND server architecture.

This talk will cover the challenges of planning the redesign, how we faced the technical challenges when adapting old code to modern APIs and the lessons learned through the journey.

https://pagure.io/bind-dyndb-ldap https://github.com/freeipa/freeipa https://www.isc.org/bind/