[dns-operations] Recommended zone serial number format for over 100 changes / day

Colm MacCárthaigh colm at stdlib.net
Mon Apr 4 15:08:53 UTC 2016

On Mon, Apr 4, 2016 at 7:02 AM, Andrew Sullivan <ajs at anvilwalrusden.com>
> > just ignore the expire time; it's better to serve a stale zone than to
> > expire it; deletes should be explicit.
> I think I disagree that ignoring the protocol in two different ways is
> "better" than just doing what the protocol says to do.

It's not ignoring the protocol to  implement some basic safety checking,
it's completely valid to refuse a zone transfer because it may result in
expected behavior; a slave shouldn't accept  DNSSEC records if it doesn't
have the ability to serve them correctly either. Otherwise the zone may end
up black-holed.  Much better to ask an administrator to intervene and fix
 the situation.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160404/76215874/attachment.html>

More information about the dns-operations mailing list