[dns-operations] Recommended zone serial number format for over 100 changes / day

Mark Andrews marka at isc.org
Sun Apr 3 02:00:12 UTC 2016 

In message <718AE16F-903C-495C-847F-5F3C957475A2 at snark.net>, Matthew Ghali writes:
> I think we're agreeing here- my point was that evaluating records during
> a transfer seems like extra complexity that's bound to add fragility.
> Accept the axfr/ixfr then inspect after it succeeds. I would be surprised
> to see an transfer fail based on such a content policy for a
> legally-formatted rrtype/rdata tuple. Is there even an rcode appropriate
> for that failure mode?
>
> Matt

The first thing named does with a received message is verify it is
well formed including the record rdata content to the best of its
ability.  This is for both queries and responses.  Bad queries get
a error code returned.  Bad responses get logged and dropped (includes
AXFR / IXFR responses).

If AXFR we build the new zone in memory as it is transferred in.
Named can be configured to not write slave zones to disk.  For IXFR
we commit each delta as we go.  We already have to support reversing
updates to a zone for UPDATE and the post processing for DNSSEC can
potentially fail and we need to revert to a known good state.  Also
while UPDATE changes are processed a record at a time they only
become externally visible once the last record is processed.

Processing each message as it comes in also smooths out the processing
load of a zone transfer.

Mark

> > On Apr 2, 2016, at 6:32 AM, Mark Andrews <marka at isc.org> wrote:
> >
> > In message <BF8042CC-96E5-4F51-90B8-2AA94CAEAE17 at snark.net>, Matthew
> Ghali writes:
> >>
> >> Why would you want a nameserver to try parsing/evaluating zone records
> as
> >> its transferring? That seems remarkably more fragile than simply
> >> performing the transfer, then parsing the data as the zone is
> >> subsequently loaded. What happens to your partially-loaded data if the
> >> transfer eventually fails?
> >
> > You don't commit the delta / new zone.  If you are serving a
> > partial (partially updated - you can commit at the end of a delta
> > in a ixfr stream) zone you are not RFC compliant.
> >
> >>> On Apr 1, 2016, at 3:56 PM, Colm MacCárthaigh <colm at stdlib.net> wrote:
> >>>
> >>> It's a really bad idea to accept unknown RRTYPEs. RRTYPEs have been
> >> defined in backwards incompatible ways in the past - such as DNAME
> having
> >> a side-effect of occluding below the DNAME cut.
> >
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list