Handling of zone transfers and notify messages

[Måns Nilsson]

--On fredag 15 oktober 2004 17.14 +0200 Erik Rozendaal <erik at NLnetLabs.nl>
wrote:

> Robert E.Seastrom wrote:
>> One problem I've noticed (hopefully fixed in newer versions) is that
>> "nsdc update" does not deal gracefully with having an expired or
>> non-transferable zone.  To my way of thinking it should either build
>> nsd.db including the expired data but unset the authority bit in
>> replies or simply leave the zone out of nsd.db rather than refusing to
>> update the database for the other zones.
> 
> I actually wasn't aware of this problem. So this has not been fixed in
> any version of NSD. Whatever the fix (if any) may be of course.

It is probably a side effect of the same issue that hit me with one of my
NSD boxen, where the inability of zonec (and perhaps nsd) to grok AFSDB
records led to all updates being suspended. The fix was, of course, more
straightforward; simply support AFSBD. Until that was in, I had to leave
out that zone from my nsd.zones file, which was crude yet necessary to be
able to continue serving the other zones.

However, I (like Robert) feel a need for more graceful handling of partial
master b0rkenness from the slave perspective; if a zone can't be compiled
(for whatever reason) deal with it and continue to build the database,
including the working zones and signal (some way) that there are things
missing. I'm not certain about the "no AA bit" vs "no zone at all" choice.
"No zone at all" looks cleaner on the outside, but one might benefit
(albeit in a dirty, tainted way) from non-AA answers from a server you'd
expect to hand out trusty AA's. 

-- 
Måns Nilsson         Systems Specialist
+46 70 681 7204         KTHNOC
                        MN1334-RIPE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20041017/6d63703e/attachment.bin>