slave zone files unreadable
Evan Hunt
each at isc.org
Sat Jul 12 00:49:22 UTC 2014
On Fri, Jul 11, 2014 at 08:23:34PM -0400, Barry Margolin wrote:
> BIND already assumes mtime is reliable -- if you do "ndc reload", it
> only reloads zone files whose mtimes are newer than when the zone was
> previously loaded.
Of course, but it *checks them for validity* when it loads them.
If the file's corrupt, it logs an error and carries on serving the
previous version.
With map files, we had a choice:
a) check validity during load (which takes a bit time),
b) mmap() into memory without validating, and hope really hard that
the file isn't corrupt (which gives you near-instant server startup,
but could cause assertion failures or serve bad data if there was a
problem), or
c) mmap() the file into memory without validating, and rewrite named
to cope robustly with zone database corruption if it's detected
later on (which turns out to be Hard).
We decided to spend the time and validate map files before serving
data from them.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list