Correlation between NOTIFY-Source and AXFR-Source
Grant Taylor
gtaylor at tnetconsulting.net
Sat Mar 11 17:15:39 UTC 2023
Hi Paul,
Thank you for explaining.
On 3/10/23 12:21 AM, Paul Stead wrote:
> Imagine that 1.1.1.1 has lost network connectivity recently. A notify
> comes from 2.2.2.2 - if I understand correctly Bind will try 1.1.1.1
> first, time out and then try 2.2.2.2 - even though we know given the
> situation that 2.2.2.2 has the latest copy of the zone we want.
I guess what I don't understand is why it's a problem for BIND to follow
the configuration that's on the system where it's running.
N.B. I am quite certain that I've sent notifications from a system that
wasn't a DNS server before. I don't remember if it was dig or something
else.
I only see a loose suggestion that BIND can do a zone transfer from the
system that it received notifications from.
I could see having a hierarchy with multiple public secondaries which
transfer from the hidden private mname as well as multiple public
tertiaries which transfer from the secondaries and configuring the
hidden private mname to send notifications to all servers.
Perhaps the larger spirit of this thread is if that association can be
made hard or not.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230311/0846fe88/attachment.bin>
More information about the bind-users
mailing list