cTLD and DNS upgrade
Mark Andrews
Mark_Andrews at isc.org
Wed Jul 6 00:24:04 UTC 2005
> Mark Andrews writes:
> >> On Tue, Jul 05, 2005 at 05:44:24PM +1000,
> >> Mark Andrews <Mark_Andrews at isc.org> wrote
> >> a message of 29 lines which said:
> >>
> >> > Well authoritative servers still need their own resolver if
> >> > they are to support NOTIFY.
> >>
> >> They could call getaddrinfo() like anyone else.
>
> > You must be kidding.
>
> Can you elaborate? Are you worried about bootstrapping issues or what?
getaddrinfo() is a synchronous (it waits) library call that
depends upon another nameserver. You don't want those sorts
of library calls inside a nameserver. On top of that there
are views which may return different answers etc.
You have a perfectly good asynchronous full service resolver
inside of named. Why would you want to use a synchronous
stub resolver which usually also links in NIS and /etc/hosts.
For an authoritative only server you want the following in
named.conf.
9.4
allow-query-cache { none; };
recursion no;
9.3 and earlier
allow-query { none; };
recursion no;
and in each zone
allow-query { any; };
That doesn't require a configure option. I just requires
a little reading.
> I must say that Stephane's suggestion makes sense to me: Add a
> compile-time configuration option to suppress all caching/resolving
> code for an authoritative-only nameserver, and use getaddrinfo() to
> resolve names where necessary (finding implicit NOTIFY destinations).
>
> For setups with distributed (anycast) recursive nameservers and/or
> "notify explicit" this looks very feasible to me.
> --
> Simon.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list