To:
"dnsop@cafax.se" <dnsop@cafax.se>
From:
Bruce Campbell <bruce.campbell@apnic.net>
Date:
Mon, 14 May 2001 10:45:49 +1000 (EST)
In-Reply-To:
<Pine.BSF.4.30.0105122204290.12107-100000@spider.nic-se.se>
Sender:
owner-dnsop@cafax.se
Subject:
Checks performed during delegation.
( ok, this is diverging somewhat )
On Sat, 12 May 2001, Mats Dufberg wrote:
> On Fri, 11 May 2001, Kenneth Porter wrote:
>
> > > non-authoritative
> > > SOA mismatches across supplied nameservers
> > > NS listing mismatches across supplied nameservers (both what they
> > > supply and whats in the actual zone file)
> >
> > How tolerant are you of transient mismatches? One would expect them
> > during zone updates.
During zone updates you would expect tansient mismatches, but why is the
zone being updated whilst the zone is being delegated ? That implies that
the zone is not stable, and we dislike non-stable zones (tends to cause
excessive traffic back on our nameservers).
In an idealised world, we'd generate a caution back to the requestor, and
keep trying the nominated nameservers for the nominated domain until we're
happy, or an arbitary timeout (a day?) is exceeded.
> Speaking of the SE TLD, we always reject updates where we find any
> difference in SOA serial, SOA mail address, NS records or A records
> corresponding to necessary glue records between any of the nameservers.
We error out on SOA serial mismatch, and simply warn on any other SOA
mismatch (mail address, timeout values etc) due to some oddities in the
perl DNS module.
--
Bruce Campbell <bruce.campbell@apnic.net> +61-7-3367-0490
Systems Administrator APNIC