Reasons why BIND isn't being upgraded

• Previous message (by thread): [NANOG] Re: Reasons why BIND isn't being upgraded
• Next message (by thread): [NANOG] Re: Reasons why BIND isn't being upgraded
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ On Friday, February 2, 2001 at 12:48:50 (+0100), Pim van Riezen wrote: ]
> Subject: Re: [NANOG] Re: Reasons why BIND isn't being upgraded
>
> > [snip serving borken zones is bad]
> 
> I am near to agreeing with you if it were about not picking up a
> zone-change when the zonefile has turned bogus. However, the effect of a
> zone no longer being authoritative on the primary is not really what I'd
> define as fun either :).

Well, strictly speaking not dropping the zone when any error is
encountered during its load is contrary to the requirements of RFC 1035.
(section 5.2, which gives very much the reasons I did, but without
mentioning zone transfers explicitly since of course any errant record,
or missing record, can be propogated for its TTL or negative TTL)

It might not be fun to have your primary be lame for one or zillions of
zones (even if it's an unadvertised primary), but it's not dangerous (at
least not unless you're already violating dozens of other DNS
requirements).  The "non-fun" should merely be incentive to get you to
correct your procedures and process so that future errors are caught
before they're loaded.  :-)

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods at acm.org>      <robohack!woods>
Planix, Inc. <woods at planix.com>; Secrets of the Weird <woods at weird.com>

• Previous message (by thread): [NANOG] Re: Reasons why BIND isn't being upgraded
• Next message (by thread): [NANOG] Re: Reasons why BIND isn't being upgraded
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]