Faster zone transfer/less traffic
Brad Knowles
brad.knowles at skynet.be
Sat Sep 8 11:41:20 UTC 2001
At 8:53 AM +0200 9/8/01, Terrence Koeman wrote:
> This zone needs to be transferred between the master in the USA and a slave
> in The Netherlands, and the connection between them is not ideal. At the
> moment the transfer takes about 40 minutes, so the slave is pulling the zone
> almost all the time. In many cases the transfer times out and is restarted
> from the beginning.
>
> How can I improve this with BIND (master and slave both running BIND)?
Well, if you're running a recent version of BIND on both ends,
you should already be making use of the NOTIFY protocol, so that the
secondary/slave servers should be informed pretty much as soon as
there are any changes on the primary/master, and they can begin
pulling a copy of the zone immediately. At least you wouldn't have
to wait the entire refresh interval.
> I saw something about IXFR, but I can hardly find any documentation about
> it. I'm guessing that IXFR only transfers the changes in the zone instead of
> the whole zone. Is this true? And if yes, what versions of BIND support it
> and how is it turned on?
You would need to turn on support for Dynamic Updates, and give
up editing the zone files by hand. With that, and very recent copies
of BIND on both ends, they should be able to automatically take
advantage of the IXFR protocol.
However, there is probably a lot of additional work you'd need to
do to modify your procedures to switch to using Dynamic Updates as
opposed to manually editing the zone files.
> Another thing, I tried compressing the zone and it compresses down to less
> than a Mb. Does BIND have support for compressed zone transfers?
There is already a fair amount of compression that is used
internally within DNS protocol exchanges. This is not on the scale
of using "compress", "gzip", or "bzip2", but it is still pretty
significant for most operations. However, it probably doesn't buy
you a whole lot on zone transfers, because it only works on a
per-domain basis.
Right now, there is no method I know of to specify a compressed
zone transfer. If you want to make an addition to the protocol and
provide this to the IETF, I'm sure that they would be more than
willing to take a look at whatever you may have.
If you really want to compress the file down and copy it over,
you could always use methods that are outside the DNS protocol, such
as rsync over ssh, scp, ftp over ssh, etc....
--
Brad Knowles, <brad.knowles at skynet.be>
H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA
More information about the bind-users
mailing list