[Opendnssec-develop] Re: [OpenDNSSEC] #31: keepcounter serial option

OpenDNSSEC owner-dnssec-trac at kirei.se
Fri Oct 2 11:40:52 UTC 2009

#31: keepcounter serial option
Reporter:  opendnssec.simon at arlott.org  |        Owner:  matthijs
    Type:  enhancement                  |       Status:  closed  
Priority:  minor                        |    Component:  Signer  
 Version:  trunk                        |   Resolution:  fixed   
Keywords:                               |  

Comment(by opendnssec.simon at arlott.org):

 Replying to [comment:6 matthijs]:
 > Replying to [comment:5 opendnssec.simon at arlott.org]:
 > > If a slave nameserver misses the updates when this happens, it'll look
 like the master has an old serial.
 > If all the NOTIFY stuff works, the slave nameserver would not miss it.
 If it does miss it (what are the odds?),
 NOTIFY doesn't actually imply an immediate zone transfer... the slave (if
 BIND) may have limits on concurrent transfers (transfers-per-ns).
 > it will eventually expire and stop serving it's old dns data. According
 to the specification, the secondary has to discard the obsoleted zone and
 do a fresh transfer.
 Ok, but the zone keys are likely to expire before the data does.

Ticket URL: <http://trac.opendnssec.org/ticket/31#comment:7>
OpenDNSSEC <http://www.opendnssec.org/>

More information about the Opendnssec-develop mailing list