[Opendnssec-develop] Re: [OpenDNSSEC] #31: keepcounter serial option
OpenDNSSEC
owner-dnssec-trac at kirei.se
Fri Oct 2 11:40:52 UTC 2009
#31: keepcounter serial option
----------------------------------------+-----------------------------------
Reporter: opendnssec.simon at arlott.org | Owner: matthijs
Type: enhancement | Status: closed
Priority: minor | Component: Signer
Version: trunk | Resolution: fixed
Keywords: |
----------------------------------------+-----------------------------------
Comment(by opendnssec.simon at arlott.org):
Replying to [comment:6 matthijs]:
> Replying to [comment:5 opendnssec.simon at arlott.org]:
> > If a slave nameserver misses the updates when this happens, it'll look
like the master has an old serial.
>
> If all the NOTIFY stuff works, the slave nameserver would not miss it.
If it does miss it (what are the odds?),
NOTIFY doesn't actually imply an immediate zone transfer... the slave (if
BIND) may have limits on concurrent transfers (transfers-per-ns).
> it will eventually expire and stop serving it's old dns data. According
to the specification, the secondary has to discard the obsoleted zone and
do a fresh transfer.
Ok, but the zone keys are likely to expire before the data does.
--
Ticket URL: <http://trac.opendnssec.org/ticket/31#comment:7>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list