[nsd-users] NSD 4.2.0rc1 pre-release available
sca at andreasschulze.de
Fri Jun 7 08:35:06 UTC 2019
> At the long tail it would be helpful if updated certificates,
> private keys and ocsp-data would only require a reload.
reload of unprivileded, maybe chrooted processes is hard or even impossible.
There is an other model (for example used in postfix):
A master process starts worker with a limited livetime or number of
requests they handle.
Every now and then the master process starts a new worker and
use current/fresh configuation read from disk.
This way no reload is required.
No idea if this is/could be implemented in nsd/unbound.
More information about the nsd-users