Re: [DNS] DNS problems

Re: [DNS] DNS problems

From: Bruce Campbell <bruce.campbell§>
Date: Fri, 15 Mar 2002 11:32:52 +0100 (CET)
On Thu, 14 Mar 2002, Nick Andrew wrote:

> On Thu, Mar 14, 2002 at 04:31:33PM +1100, Chris Disspain wrote:
> > * At 7am Melbourne IT generated an incomplete zone file (it was
> >   missing lots of domains), with a version serial number of 2002031407.
> If the receiver ( did a simple sanity check on the count
> of domains in the new versus the old files, the receiver could have
> ignored the new file and sent a warning. For example if the new file
> is more than 1000 domains smaller than the old file, then ignore and
> raise an error.

urm, how, exactly, are you proposing to have this implemented?  (or, do
you really understand the mechanics behind DNS secondaries? )

Most name servers that are configured as secondaries (as is
(from a hidden master), as is (for, retrieve the zone
data via AXFR, based on a difference on SOA serial numbers.  The actual
retrieval is done via a helper application called (under BIND) named-xfer.

Your proposal, noble as it is, indicates that named-xfer must be replaced
by something which applies business rules on a given zone and possibly on
a per source basis as well.

Who is going to implement this?  Is it expected to keep state itself or
does it require hand feeding?  I'd love to see something like this exist,
but until I have the tarball in my virtual hands, I'll treat it as a nifty


