Slave nameserver question

Barry Margolin barmar at alum.mit.edu
Fri Oct 3 21:55:26 UTC 2008 

In article <gc4nf4$i97$1 at sf1.isc.org>,
 Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:

> > > On 01.10.08 22:03, Barry Margolin wrote:
> > > > Maybe what he's really planning on doing is listing two masters: the 
> > > > real master and itself.  Pointing to the real master causes updates to 
> > > > propagate, pointing to itself prevents expiration.
> > >              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> > In article <gc22q7$omh$1 at sf1.isc.org>,
> >  Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
> > > Does it? I'd expect that expiration status only depends on setting in
> > > named's config, not content of the SOA record.
> > 
> On 02.10.08 16:23, Barry Margolin wrote:
> > There's no expiration setting in the named.conf.  Expiration depends on 
> > the EXPIRE field of the SOA record, and occurs if the slave is unable to 
> > query the master for the SOA record for that length of time.  If the 
> > master is itself, these SOA queries should always succeed, so the zone 
> > won't expire.
> 
> but why should named think the zone is master and should not be expires,
> when the config clearly says it's slave? I doubt bind would trust SOA that
> much...

Here's how a slave works:

Periodically, or when it receives a NOTIFY message, it queries the 
master for the SOA record.  If this is successful, it compares the 
serial number in the SOA with the serial number in its memory.  If 
they're the same, the zone is good and the expiration timer is set to 0.  
If the SOA serial number is higher, it performs a zone transfer; if this 
is successful it updates its memory and also sets the expiration timer 
to 0.

If the SOA query fails, the serial number is lower than what it has in 
memory, or the zone transfer fails, it updates the expiration timer.  If 
the expiration timer exceeds the value in the EXPIRE field of the SOA 
record, the zone expires and the server stops responding for the zone.

If the master is itself, the SOA query will always be successful and the 
serial number will always be the same as what's in its memory.  So every 
time it does this, it will reset the expiration timer back to 0 and the 
zone will never expire.

Ihave a feeling you're thinking of something else, like maybe the 
frequency of performing the SOA checks.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list