[Unbound-users] NOTIFY implementation to unbound
Marcus Alves Grando
marcus at sbh.eng.br
Tue Oct 6 22:22:02 UTC 2009
On 10/06/2009 06:39 PM, Peter Koch wrote:
> On Tue, Oct 06, 2009 at 03:10:21PM -0300, Marcus Alves Grando wrote:
>
>> This idea doesn't break anything, it just implement an easy way to keep
>> your info fresh into your recursives dns. The principle of RFC-1996.
>
> RFC 1996 deals with messages from a master to its slave(s), so only on the
> authoritative side. Resolvers are zone agnostic, so this can only work
> partly and, more importantly, in a controlled environment where the master
> knows which resolvers to inform. Now, in an enterprise environment this
> might be the case, but distributing the zone content close to the resolvers
> and not caching there might be a better option.
That's my point. In an enterprise enviroment we need to resolve our
locals zones and external zones too. With notify I can use only unbound
as resolver, pointing our zones to dns master with fast zone update.
Your approach to take zone and put close to unbound have problems, like:
1. If you use unbound as recursive and put nsd/bind in another port, you
have protocol overhead.
2. If you use unbound with local-zone and local-data you need some
script to publish and take care.
Why do not take advantage of unbound cache?
My point of view :)
--
Marcus Alves Grando
marcus(at)sbh.eng.br | Personal
mnag(at)FreeBSD.org | FreeBSD.org
More information about the Unbound-users
mailing list