nsd-notify *from* specified IP?

Wouter Wijngaards wouter at NLnetLabs.nl
Thu Sep 28 07:55:28 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thomas Hühn wrote:
>> So, IMHO, not feature creep, but basic functionality.
> 
> At least as soon as you allow binding nsd to an IP address (via -a)
> which is sensible in any case. Sometimes it's not easy to control which
> IP is deemed "default" by the system.
> 

Hi,

I see this feature is much wanted. I'll put it on the TODO list, and
will get around to it for a later release. Right now I am considering
some sort of 'src: <ipaddress [@port]>' that you can put in a zone. This
would make zone transfers and notifies for that zone (sent by nsd
process) come from that interface.

People also asked for nsd-xfer and nsd-notify to be changed, with
similar -a flags to bind an interface. But these are marked deprecated
as the functionality moved to the secondary process inside the server.
So the nsd-xfer and nsd-notify tools are marked obsolete and will be
removed from the package in some later release.

I will not be able to do this right away as I am investigating a more
pressing bug (bugzilla #147). The zone transfer system was designed to
handle memory in a way that now turns out to be very impractical. It
leaks memory about the size of the combined sizes of all zone transfers
(incoming). The memory is not really leaked, it is released when nsd
reads a new database file (nsdc patch). The design is simple and safe,
but in reality some people run into operational problems. You can tell
you suffer from this problem if the log entries 'memory churn .. bytes
wasted' show large values. Fixing this is my priority.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFG3/vkDLqNwOhpPgRAsKKAKCmiVlmDbtSQk8vmfC1+zawPBv5eACeOMvn
oz4x0Mg866XXAJLyqFt7PHc=
=iK/t
-----END PGP SIGNATURE-----



More information about the nsd-users mailing list