[quicksilver03]

This looks interesting, I run PTRDNS https://www.ptrdns.net/ and some of the features I offer overlap with DynIP's.

I decided to use MariaDB as backend and replicate the data with Galera, I also built a proxy that sits in front of PowerDNS and allows per-account API keys (and hopefully someday per-zone API keys).

I'm curious to understand the rationale behind your architecture choices.

[dynip]

Your stuff also looks interesting for sure, you have some things that I have on my backlog. regarding my API keys I use python for the per-account access in bearer style and the TSIG keys work as per zone directly to PowerDNS. I only use the powerdns api on the hidden primary setup so the secondaries can run individual zone cleanup, tsig replicatio, axfr meta data etc as sidecars and forward replication for dns updates.

was there anything in particular you were thinking?

[quicksilver03]

I'm interested to know the rationale behind the choice of AXFR to replicate zones, as opposed to database replication. Has this been always reliable enough for you?

Also, is the AXFR latency an issue or it stays always within your acceptable parameters?