[nsd-users] allow-notify SUBNET and request-xfr inconsistency
Ilya_Bakulin at genua.de
Tue Jul 24 11:52:39 UTC 2012
On Monday 23 July 2012 21:49:21 Yuri Schaeffer wrote:
> Hi Ilya,
> >>>> RFC-1996, Section 3.11
> >> says:
> >>>>> Because a deep server dependency graph may have multiple paths
> >>>>> from the primary master to any given slave, it is possible that
> >>>>> a slave will receive a NOTIFY from one of its known masters
> >>>>> even though the rest of its known masters have not yet updated their
> >>>>> copies of the zone. Therefore, when issuing a QUERY for the zone's
> >>>>> SOA, the query should be directed at the known master who was the
> >>>>> source of the NOTIFY event, and not at any of the other known masters
> This is in fact what NSD does. I took a look at it today and it seems
> that there is a bug when allow-notify specifies a subnet. The notifier
> is than not properly matched with the request-xfr entries.
> Tomorrow I will spend some time fixing it. Untested, but as a work
> around specify all hosts separately in allow-notify exactly like in
> Yuri Schaeffer
I have tested suggested workaround and it works as expected.
We will now wait for your fix.
Thank you for looking into this!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part.
More information about the nsd-users