> On Sat, Feb 15, 2003 at 05:10:46PM +1100, Mark.Andrews@isc.org wrote: > > Your software (and BIND 8) causes operational problems by not > > preserving zone contents. > [...] > > Senario 1. > > In order to understand your claim about the operational problems while > using djbdns, could you tell us how Scenario 1 is accomplished with > tinydns/axfrdns? Could you give us a URL pointing at a webpage that > contains the output of your experiments? > > > You update example.com adjusting > > its serial. > > In particular, could you tell us what is the relevance of the serial > number to tinydns's update procedures? > > > > Senario 2. > > [...] > > > This is a common implemention error caused by trying to > > stuff all zones into a common database. BIND 4 got it > > wrong. BIND 8 got it wrong. > > > > You want us all to keep repeating this mistake. > > But I thought djbdns did _not_ get it wrong. Or if you think it did, > could you show us the experiment that verifies the claim, that is, it > accomplishes Scenario 2 with tinydns/axfrdns servers? > > Mate > > Mate Wierdl | Dept. of Math. Sciences | University of Memphis > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: <http://ops.ietf.org/lists/namedroppers/> It's easy enough to demonstate. The master server is 10.53.0.2. 10.53.0.1 is dbj's software. I used the FreeBSD port system to install it. djbdns-1.05_2 A collection of secure and reliable DNS tools tcpclient 10.53.0.2 53 axfr-get child.example.net zone.child.example.net zone.child.example.net.tmp tcpclient 10.53.0.2 53 axfr-get example.net zone.example.net zone.example.net.tmp sort -u zone.* > data make You will note that it actually *merges* the records. ns2.child.example.net doesn't exist due to a typo in child.example.net. I was taking Dan's word that it took the child data. Merges are just as bad as taking data just from the child zone. In both cases slaves off 10.53.0.1 will be left with data that was not in the original master files. I presume for a real world server that you would need to call tcpclient periodically and remake data if the zone files have changed. It looks like they axfr-get is designed to be called independently of the database make. I suspect no-one would run tinydns in the senarios described. It's designed for a collection of servers that all serve a identical set of zones from a single master. Trying to use it in any other configuration is just cumbersome. There really is no incoming zone maintanence. You have to roll your own from what I can see. axfr-get will check the serial but that is far short of full zone maintenance. axfr-get get need to be called with the right periodicity. Mark ; <<>> DiG 9.3.0s20021115 <<>> axfr child.example.net @10.53.0.2 ;; global options: printcmd child.example.net. 10 IN SOA . . 1 3600 1200 360000 10 child.example.net. 10 IN NS ns1.child.example.net. child.example.net. 10 IN NS ns2.child.example.net. ns1.child.example.net. 10 IN A 10.53.0.1 ns1.child.example.net. 10 IN A 10.53.0.2 child.example.net. 10 IN SOA . . 1 3600 1200 360000 10 ;; Query time: 43 msec ;; SERVER: 10.53.0.2#53(10.53.0.2) ;; WHEN: Tue Feb 18 11:50:46 2003 ;; XFR size: 7 records (messages 1) ; <<>> DiG 9.3.0s20021115 <<>> axfr child.example.net @10.53.0.1 ;; global options: printcmd child.example.net. 10 IN SOA . . 1 3600 1200 360000 10 child.example.net. 10 IN NS ns1.child.example.net. child.example.net. 10 IN NS ns2.child.example.net. ns1.child.example.net. 10 IN A 10.53.0.1 ns1.child.example.net. 10 IN A 10.53.0.2 ns2.child.example.net. 10 IN A 10.53.0.2 child.example.net. 10 IN SOA . . 1 3600 1200 360000 10 ;; Query time: 5 msec ;; SERVER: 10.53.0.1#53(10.53.0.1) ;; WHEN: Tue Feb 18 11:51:02 2003 ;; XFR size: 8 records (messages 7) ; <<>> DiG 9.3.0s20021115 <<>> axfr example.net @10.53.0.2 ;; global options: printcmd example.net. 10 IN SOA . . 1 3600 1200 360000 10 example.net. 10 IN NS ns1.example.net. example.net. 10 IN NS ns2.example.net. child.example.net. 10 IN NS ns1.child.example.net. child.example.net. 10 IN NS ns2.child.example.net. ns1.child.example.net. 10 IN A 10.53.0.1 ns2.child.example.net. 10 IN A 10.53.0.2 ns1.example.net. 10 IN A 10.53.0.1 ns2.example.net. 10 IN A 10.53.0.2 example.net. 10 IN SOA . . 1 3600 1200 360000 10 ;; Query time: 3 msec ;; SERVER: 10.53.0.2#53(10.53.0.2) ;; WHEN: Tue Feb 18 11:52:04 2003 ;; XFR size: 11 records (messages 1) ; <<>> DiG 9.3.0s20021115 <<>> axfr example.net @10.53.0.1 ;; global options: printcmd example.net. 10 IN SOA . . 1 3600 1200 360000 10 child.example.net. 10 IN NS ns1.child.example.net. child.example.net. 10 IN NS ns2.child.example.net. example.net. 10 IN NS ns1.example.net. example.net. 10 IN NS ns2.example.net. ns1.child.example.net. 10 IN A 10.53.0.1 ns1.child.example.net. 10 IN A 10.53.0.2 ns1.example.net. 10 IN A 10.53.0.1 ns2.child.example.net. 10 IN A 10.53.0.2 ns2.example.net. 10 IN A 10.53.0.2 example.net. 10 IN SOA . . 1 3600 1200 360000 10 ;; Query time: 5 msec ;; SERVER: 10.53.0.1#53(10.53.0.1) ;; WHEN: Tue Feb 18 11:51:30 2003 ;; XFR size: 12 records (messages 11) ; <<>> DiG 9.3.0s20021115 <<>> ns child.example.net @10.53.0.1 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56624 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3 ;; QUESTION SECTION: ;child.example.net. IN NS ;; ANSWER SECTION: child.example.net. 10 IN NS ns1.child.example.net. child.example.net. 10 IN NS ns2.child.example.net. ;; ADDITIONAL SECTION: ns1.child.example.net. 10 IN A 10.53.0.1 ns1.child.example.net. 10 IN A 10.53.0.2 ns2.child.example.net. 10 IN A 10.53.0.2 ;; Query time: 1 msec ;; SERVER: 10.53.0.1#53(10.53.0.1) ;; WHEN: Tue Feb 18 12:11:45 2003 ;; MSG SIZE rcvd: 119 ; <<>> DiG 9.3.0s20021115 <<>> ns child.example.net @10.53.0.2 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12751 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; QUESTION SECTION: ;child.example.net. IN NS ;; ANSWER SECTION: child.example.net. 10 IN NS ns2.child.example.net. child.example.net. 10 IN NS ns1.child.example.net. ;; ADDITIONAL SECTION: ns1.child.example.net. 10 IN A 10.53.0.1 ns1.child.example.net. 10 IN A 10.53.0.2 ;; Query time: 1 msec ;; SERVER: 10.53.0.2#53(10.53.0.2) ;; WHEN: Tue Feb 18 12:12:02 2003 ;; MSG SIZE rcvd: 103 -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org