cTLD and DNS upgrade

[Mark Andrews]

> Mark Andrews writes:
> >> On Tue, Jul 05, 2005 at 05:44:24PM +1000,
> >> Mark Andrews <Mark_Andrews at isc.org> wrote 
> >> a message of 29 lines which said:
> >> 
> >> > 	Well authoritative servers still need their own resolver if
> >> > 	they are to support NOTIFY.
> >> 
> >> They could call getaddrinfo() like anyone else.
> 
> > 	You must be kidding.
> 
> Can you elaborate? Are you worried about bootstrapping issues or what?

	getaddrinfo() is a synchronous (it waits) library call that
	depends upon another nameserver.  You don't want those sorts
	of library calls inside a nameserver.  On top of that there
	are views which may return different answers etc.

	You have a perfectly good asynchronous full service resolver
	inside of named.  Why would you want to use a synchronous
	stub resolver which usually also links in NIS and /etc/hosts.

	For an authoritative only server you want the following in
	named.conf.

	9.4
		allow-query-cache { none; };
		recursion no;

	9.3 and earlier

		allow-query { none; };
		recursion no;
		and in each zone
		allow-query { any; };

	That doesn't require a configure option.  I just requires
	a little reading.

> I must say that Stephane's suggestion makes sense to me: Add a
> compile-time configuration option to suppress all caching/resolving
> code for an authoritative-only nameserver, and use getaddrinfo() to
> resolve names where necessary (finding implicit NOTIFY destinations).
> 
> For setups with distributed (anycast) recursive nameservers and/or
> "notify explicit" this looks very feasible to me.
> -- 
> Simon.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org