FW: NOTIFY-triggered Auto-slaving
bert hubert
ahu at ds9a.nl
Fri Oct 4 13:55:56 UTC 2002
On Thu, Oct 03, 2002 at 09:48:26PM -0400, Kevin Darcy wrote:
> Dave,
> To be perfectly honest, I think the things most likely to fly
> here, in descending order, are:
>
> 1. not touching the protocol and just enhancing implementation-specific
> handling of NOTIFY or some other protocol feature (as I have proposed)
Just to document what we do - it should work fine for all implementations as
it does not touch the protocol.
1) An auto-slave receives an UDP (possibly spoofed) NOTIFY from an IP
address that is on its list of supermasters.
2) The auto-slave checks if that remote indeed has a SOA for that domain.
3) It retrieves the NS records for the domain from that remote and checks
if its own name is in there,
4) An AXFR attempt is launched which, if succesful, leads to the addition
of the domain to the list of slave domains.
With proper random IDs and source ports, this is as secure as it is going to
be without having PKI or TSIG in place.
This interoperates fine with all NOTIFY sending nameservers out there.
> auto-slaving, it's just that I doubt any new non-DNSSEC protocol-change
> proposal will ever make it out of the Working Group, given the current
> membership thereof and their predilections. Therefore I choose the path I
> view as most likely to succeed.
Agreed.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
http://www.tk the dot in .tk
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
More information about the bind-users
mailing list