[dns-operations] Minimalistic DNS server for SOA and AXFR
Peter Koch
pk at DENIC.DE
Mon Jul 16 16:25:31 UTC 2012
On Mon, Jul 16, 2012 at 04:49:08PM +0200, Anand Buddhdev wrote:
> 1a. return REFUSED responses for any zones I haven't loaded;
I'd make a difference between zones supposed to be loaded but not
available (SERVFAIL) vs zones intentionally absent (REFUSED).
> 1c. return a NOERROR response for zones I have, with the SOA record in
> the answer section, setting the AA bit. Do I need to fill the authority
> section too?
In this particular case the NS RRSet might not be needed.
However, you may have to echo the OPT RR.
> 2. Listen on TCP/53, and:
>
> 2a. return REFUSED responses for any zones I haven't loaded; and
>
> 2b. return NOTIMP responses to queries other than AXFR; and
>
> 2c. return the zone in response to AXFR.
The SOA/AXFR may come over the same TCP connection.
> Have I missed anything obvious?
What if the client asks with CD and/or DO=1?
Also, you need to ignore all clesses !=IN (or not ;-)
-Peter
More information about the dns-operations
mailing list