[nsd-users] "update failed (acquired: 1406646354), restarting transfer (notified zone)"

Anand Buddhdev anandb at ripe.net
Wed Oct 1 10:07:04 UTC 2014

On 01/10/2014 11:27, Michael Braunoeder wrote:

Hi Michael,

> Is there a recommendation how often the nsd-patch job should run? What
> happens if the jobs runs during an active IXFR? I noticed that the
> ixfr.db gets merged into the nsd.db but the transfer is still running
> and starts a new ixfr.db. Is the nsd.db now in an inconsitent state
> (with an incompleted zonetransfer applied)? Wouldn't it be better to
> trigger the patch-job after a successful transfer rather then time based?

It is indeed quite possible for nsd-patch to interfere with an incoming
IXFR or AXFR. I have never been a fan of this model.

In NSD 4, things work quite differently. The daemon itself manages the
nsd.db file, so there's no nsd-patch needed. This allows the daemon to
keep the file consistent, as there is no external interference.
Furthermore, there is even a mode to tell NSD not to write a single
nsd.db, but to save zones in plain text. This has the added benefit of
using less RAM.

I have put NSD 4 through a lot of testing myself, and the NLNetLabs guys
(especially Wouter) were fantastic in working with me to iron out
various bugs and issues. We're using NSD 4 in production on some RIPE
NCC servers, and I am very happy with it. I suggest that if you are able
to, switch to NSD 4.


Anand Buddhdev

More information about the nsd-users mailing list