[nsd-users] NSD reload and restart : in-memory data

[Vaga LT]

Hi,

I'm new to NSD and would really appreciate if someone can point me to the
right direction.

I have like 8 NSD servers (secondary) serving around 30,000 zones.
Zone updates are transferred from the primary DNS servers by AXFR/IXFR.

The 8 NSD servers do not save the zones file on disk but are only held in
memory.
Therefore after NSD service is restarted zone transfer requests are being
send to the master DNS servers.

My questions are as follows
1) When zone data is not saved on file and only held in memory NSD
initiates zone transfer after NSD service is restarted.

Would like to know if there is a time limit from when zone transfer is
requested until data gets saved in memory.

2) When NSD service is 'reloaded' for example by running 'systemctl reload
nsd' does NSD check the serial number (SOA) for each record and tries to
initiate a zone transfer?

After performing a service reload the following entries are logged.

nsd[1704236]: error: xfrd: zone testnsdexp01.tk received error code SERVER
NOT AUTHORITATIVE FOR ZONE from xx.xx.xx.xx
nsd[1704236]: error: xfrd: zone testnsdexp01.tk, from xx.xx.xx.xx: no tsig
in first packet of reply
nsd[1704236]: info: xfrd: zone testnsdexp01.tk bad transfer 0 from
xx.xx.xx.xx

The zone records for testnsdexp01.tk is not present on the master DNS
servers therefore it returns error but it seems like NSD is doing some sort
of checks during the reload process hence its trying to get the records for
'testnsdexp01.tk'.


Best Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20230626/4b995bc3/attachment.htm>