[dns-operations] Recommended zone serial number format for over 100 changes / day
Colm MacCárthaigh
colm at stdlib.net
Mon Apr 4 15:08:53 UTC 2016
On Mon, Apr 4, 2016 at 7:02 AM, Andrew Sullivan <ajs at anvilwalrusden.com>
wrote:
>
> > just ignore the expire time; it's better to serve a stale zone than to
> > expire it; deletes should be explicit.
>
> I think I disagree that ignoring the protocol in two different ways is
> "better" than just doing what the protocol says to do.
>
It's not ignoring the protocol to implement some basic safety checking,
it's completely valid to refuse a zone transfer because it may result in
expected behavior; a slave shouldn't accept DNSSEC records if it doesn't
have the ability to serve them correctly either. Otherwise the zone may end
up black-holed. Much better to ask an administrator to intervene and fix
the situation.
--
Colm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160404/76215874/attachment.html>
More information about the dns-operations
mailing list