(use-)alt-transfer-source deprecated

Matthijs Mekking matthijs at isc.org
Wed Feb 1 09:45:15 UTC 2023 

Hi,

On 2/1/23 09:57, Gasoo wrote:
> Hello
> 
> I recently updated to 9.18.x and noticed the deprecation warning in the 
> logs for the option use-alt-transfer-source.
> After reading the manual and checking my configuration, I am confused on 
> how this is going to work in future releases.
> 
> My configuration includes the following statements:
> 
> options {
>    listen-on { 1.1.1.1; 2.2.2.2; 3.3.3.3; };
>    transfer-source  3.3.3.3;
>    query-source  3.3.3.3;
>    notify-source  3.3.3.3;
>    use-alt-transfer-source no;
>    ...
> }

Looking at your configuration, you actually don't use 
alt-transfer-source: there is no such option in your example and 
'use-alt-transfer-source' is set to no anyway.

> 1.1.1.1 and 2.2.2.2 are only used for incoming DNS queries from clients 
> and can not be used for zone transfers.
> If I remove the option use-alt-transfer-source, in some cases (e.g. 
> SERVFAIL from primary), additional zone transfers are tried via 
> 0.0.0.0#0, which the OS then sends via the best matching interface / IP 
> address. >
> For this reason the option use-alt-transfer-source is in my configuration.

>  From the manual.
> 
> use-alt-transfer-source:
> This indicates whether the alternate transfer sources should be used. If 
> views are specified, this defaults to no; otherwise, it defaults to yes.
> alt-transfer-source:
> This indicates an alternate transfer source if the one listed in 
> transfer-source fails and use-alt-transfer-source is set.
> 
> 
> How will this be handled in future releases, if transfer-source is 
> specified, no views are defined and an error occurs?
> Is there any other solution to disable transfers from 0.0.0.0#0 in my case?

I guess in your 9.18 configuration if you don't set 
'use-alt-transfer-source', it defaults to yes. Since 
'alt-transfer-source' defaults to 0.0.0.0#0', you still need the 
configuration despite it is being deprecated.

 From 9.20.0 the feature will be gone, the options 
'use-alt-transfer-source' and 'alt-transfer-source' will no longer 
exist, and thus alternate transfer source will no longer be tried.

In other words, from 9.20.0 it will be as if 'use-alt-transfer-source' 
was set to 'no'.

Best regards,

Matthijs


> 
> 
> Kind Regards
> Stephan
>

More information about the bind-users mailing list