Slave nameserver question

Barry Margolin barmar at alum.mit.edu
Sun Oct 5 12:33:02 UTC 2008 

In article <gcaa1k$1sfo$1 at sf1.isc.org>,
 Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:

> > In article <gc4nf4$i97$1 at sf1.isc.org>,
> >  Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
> > > but why should named think the zone is master and should not be expires,
> > > when the config clearly says it's slave? I doubt bind would trust SOA that
> > > much...
> 
> On 03.10.08 17:55, Barry Margolin wrote:
> > Here's how a slave works:
> [deleted]
> 
> You described how NOTIFy mechanism works. If bind is master (has a "master"
> option inthe zone file", it doesn't do anything but logs a record.

But BIND is *not* a master.  We're talking about a slave that points to 
itself as its master.  You're allowed to use another slave as your 
master.

And nothing I said was specific to the NOTIFY mechanism.

> 
> > If the master is itself,
> 
> Bind is the master when it has the "master" option in the config file.

I meant the master that the slave pulls from.

> If BIND's config tells that the domain is "slave", then it's slave and the
> masters are servers configured in config file.

That's what I meant.  It has a statement like:

zone "mydomain.com" {
  type slave;
  master { x.x.x.x; };
  ...
};

where x.x.x.x is its own IP.  This is what the OP was asking about.  If 
you do this, the zone will never expire, because when performs its 
periodic serial number checks, they'll always succeed.

> 
> I have no informations about BIND using SOA to decide who is the master and
> who is not. afaik, id only uses config file for that. Can you confirm BIND
> does that?

I never said anything like that.  I said that the Expire time is in the 
SOA record.

> 
> > Ihave a feeling you're thinking of something else, like maybe the 
> > frequency of performing the SOA checks.
> 
> No. I mean what I wrote already twice (and now for the third time, see
> above). Do you tell me that I'm wrong and BIND ignores its config file when
> the SOA tells something different?

You kept saying that expiration is controlled by the config file, but 
there's nothing in the config file about expiration.  Expire time comes 
from the SOA record.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list