this is obsolete doc -- see http://doc.nethence.com/ instead

Configuring BIND9 with DLZ MySQL on NetBSD version 6 

Requirements 

Install the mysql daemon, the version 5.5.28 as binary will be just fine, 

echo $PKG_PATH

pkg_add mysql-server

cd /etc/rc.d/

cp /usr/pkg/share/examples/rc.d/mysqld .

cd ../

grep mysql passwd

grep mysql group

cat >> rc.conf <<EOF9

mysqld=yes

EOF9

rc.d/mysqld start

export PATH=$PATH:/usr/pkg/bin:/usr/pkg/sbin

#mysqladmin -u root -p password 'new-password'

#mysqladmin -h `hostname` -u root -p password 'new-password'

mysql_secure_installation

Install the latest bind package from pkgsrc (bind-9.9.2pl2 here). Compiling it from source is required to enable dlz-mysql, 

cd /etc/

vi mk.conf

like, 

.ifdef BSD_PKG_MK

        PKG_OPTIONS.bind99=mysql

.endif

and proceed, 

cd /usr/pkgsrc/net/bind99/

unset PKG_PATH

make install

cd /etc/rc.d/

cp /usr/pkg/share/examples/rc.d/named9 .

#cp /usr/pkg/share/examples/rc.d/lwresd .

Hide the system named binaries from your environment, 

cd /usr/sbin/

mv named named.dist

mv named-checkzone named-checkzone.dist

mv named-journalprint named-journalprint.dist

mv named-checkconf named-checkconf.dist

mv named-compilezone named-compilezone.dist

Now check that you've got dlz-mysql enabled, 

which named

named -V

Preparing the database 

Create a database and a user to access it, 

mysql -p

create database named;

grant all on named.* to named identified by 'PASSWORD_HERE';

check, 

show databases;

select user,host from mysql.db where db = "named";

^D

Connect to the 'named' database with the 'named' user and create the 'records' table for use by the name daemon, 

mysql -unamed -p

use named;

create table records (

  id int(10) unsigned not null auto_increment,

  zone varchar(255) not null,

  ttl int(11) not null default '86400',

  type varchar(255) not null,

  host varchar(255) not null default '@',

  mx_priority int(11) default null,

  data text,

  primary_ns varchar(255) default null,

  resp_contact varchar(255) default null,

  serial bigint(20) default null,

  refresh int(11) default null,

  retry int(11) default null,

  expire int(11) default null,

  minimum int(11) default null,

  primary key  (id),

  key type (type),

  key host (host),

  key zone (zone)

);

check that the tables have been created, 

show tables;

Configure your zone, here e.g. 'example.local', 

insert into records values (100, 'example.local', 86400, 'SOA', '@', NULL, NULL, 'named.example.local.', 'hostmaster.example.local.', 1365882768, 10800, 7200, 604800, 86400);

insert into records values (101, 'example.local', 86400, 'NS', '@', NULL, 'named.example.local.', NULL, NULL, NULL, NULL, NULL, NULL, NULL);

insert into records values (103, 'example.local', 86400, 'MX', '@', 5, 'mx.example.local.', NULL, NULL, NULL, NULL, NULL, NULL, NULL);

insert into records values (104, 'example.local', 86400, 'A', '@', NULL, 'IP_ADDRESS', NULL, NULL, NULL, NULL, NULL, NULL, NULL);

insert into records values (105, 'example.local', 86400, 'A', 'SOME_SHORT_HOSTNAME', NULL, 'IP_ADDRESS', NULL, NULL, NULL, NULL, NULL, NULL, NULL);

check that the records have been insered, 

select * from records;

Note. Change the serial number accordingly, here 1365882768 (date +%s). 

Note. Change the domain, the mx and named hosts, the example short hostname (not fqdn on A records) and IP addresses accordingly. 

Preparing the name daemon 

See if the init scripts already created some RNDC key, 

ls -l /etc/rndc.key

ls -l /var/chroot/named/etc/rndc.key

create the key file using the automatic feature (no chroot here, no -t), 

rndc-confgen -a

ls -l /etc/rndc.key

Note. The file has 600 permissions. 

Configure the name daemon for caching and a local zone, 

cd /var/chroot/named/etc/

mv -i /etc/named.conf .

cd /etc/

ln -s ../var/chroot/named/etc/named.conf

cp named.conf named.conf.dist

vi named.conf

change options and zone "." paragraphs, 

options {

        directory "/etc/namedb";

        version "get lost";

};

include "/etc/rndc.key";

controls {

      inet 127.0.0.1 allow { localhost; } keys { rndc-key; };

};

zone "." IN {

        type forward;

        forwarders {

                212.27.40.240;

                212.27.40.241;

        };

};

Note. Change your prefered world wide DNS servers accordingly (for caching). 

add the e.g. 'example.local' zone, 

dlz "example.local" {

   database "mysql

   {host=localhost dbname=dns user=dns pass=PASSWORD_HERE}

   {select zone from records where zone = '$zone$'}

   {select ttl, type, mx_priority, IF(type = 'TXT', CONCAT('\"',data,'\"'), data) AS data from records where zone = '$zone$' and host = '$record$' and type <> 'SOA' and type <> 'NS'}

   {select ttl, type, data, primary_ns, resp_contact, serial, refresh, retry, expire, minimum from records where zone = '$zone$' and (type = 'SOA' OR type='NS')}

   {select ttl, type, host, mx_priority, IF(type = 'TXT', CONCAT('\"',data,'\"'), data) AS data, resp_contact, serial, refresh, retry, expire, minimum from records where zone = '$zone$' and type <> 'SOA' and type <> 'NS'}";

};

Ready to go 

Enable and start all the freaking daemons, 

cd /etc/

grep named passwd

grep named group

cat >> rc.conf <<EOF9

#lwresd=yes

named9=yes

#named_chrootdir=/var/chroot/named

EOF9

cd /etc/

#rc.d/lwresd restart

rc.d/named9 restart

watch the logs (I am assuming everything goes to this file, check your syslog.conf and fix perms), 

tail -F /var/log/messages

References 

Bind with DLZ, MySQL and replication -- http://en.gentoo-wiki.com/wiki/Bind_with_DLZ,_MySQL_and_replication 

Configuration basique du BIND fourni dans NetBSD -- http://wiki.orgrim.net/netbsd/named 

Running BIND9 in a chroot cage using NetBSD 1.6.2 -- http://othyro.freeshell.org/bind.html