NS also in SOA doesn't get NOTIFY
Kevin Darcy
kcd at chrysler.com
Thu Oct 27 16:42:24 UTC 2011
On 10/27/2011 11:02 AM, Jonathan Stewart wrote:
> Hello,
>
> Recently I set up a group of nameservers using a hidden master,
> visible slaves configuration.
>
> ns0 - hidden master
> ns1, ns2, ns3 - visible slave servers
>
> So I set the SOA and NS records like this
>
> zone.example IN SOA ns1.zone.example. hostmaster.example.com (
> 1 ; serial number
> 3600 ; refresh [1h]
> 600 ; retry [10m]
> 86400 ; expire [1d]
> 3600 )
>
> IN NS ns1.zone.example
> IN NS ns2.zone.example
> IN NS ns3.zone.example
>
>
> Thus, the hidden master, ns0, does not appear in the SOA or NS records.
>
> The problem is that NOTIFY messages do not get delivered to ns1,
> because it's the primary server in the SOA record. If i change the
> SOA to have ns0, then NOTIFYs work, ns1 updates immediately. I don't
> like this solution because my hidden master is no longer hidden when
> I'm publishing it in the SOA.
>
> Also, is this normal/expected behaviour? How can i get ns0 (and the
> others) to NOTIFY ns1 when the serial is incremented? Must i use an
> explicit {also-notify} ?
Why not put something completely different -- i.e. neither the hidden
master nor any of the published NSes -- in the SOA.MNAME? Besides
NOTIFY, about the only other thing that cares about SOA.MNAME is Dynamic
Update, and that usually requires special handling in a hidden-master
scenario anyway...
- Kevin
More information about the bind-users
mailing list