IETF Logo Mail Archive

Checks performed during delegation.

Bruce Campbell <bruce.campbell@apnic.net> Mon, 14 May 2001 01:17 UTC

Received: from nic.cafax.se ([192.71.228.17]) by ietf.org (8.9.1a/8.9.1a) with SMTP id VAA16077 for <dnsop-archive@odin.ietf.org>; Sun, 13 May 2001 21:17:28 -0400 (EDT)
Received: by nic.cafax.se (8.12.0.Beta5/8.12.0.Beta5) id f4E0k4o5027171 for dnsop-outgoing; Mon, 14 May 2001 02:46:04 +0200 (MEST)
Received: from guardian.apnic.net (guardian.apnic.net [203.37.255.100]) by nic.cafax.se (8.12.0.Beta7/8.12.0.Beta5) with ESMTP id f4E0k0Lt027166 for <dnsop@cafax.se>; Mon, 14 May 2001 02:46:02 +0200 (MEST)
Received: (from mail@localhost) by guardian.apnic.net (8.9.3/8.9.3) id KAA14680 for <dnsop@cafax.se>; Mon, 14 May 2001 10:45:57 +1000 (EST)
Received: from julubu.staff.apnic.net(192.168.1.37) by int-gw.staff.apnic.net via smap (V2.1) id xma014672; Mon, 14 May 01 10:45:47 +1000
Received: from localhost.staff.apnic.net ([127.0.0.1]) by julubu.staff.apnic.net with esmtp (Exim 3.22 #2) id 14z6Uf-0002Zu-00 for dnsop@cafax.se; Mon, 14 May 2001 10:45:50 +1000
Date: Mon, 14 May 2001 10:45:49 +1000
From: Bruce Campbell <bruce.campbell@apnic.net>
X-Sender: bc@julubu.staff.apnic.net
To: "dnsop@cafax.se" <dnsop@cafax.se>
Subject: Checks performed during delegation.
In-Reply-To: <Pine.BSF.4.30.0105122204290.12107-100000@spider.nic-se.se>
Message-ID: <Pine.BSF.4.21.0105141032480.1293-100000@julubu.staff.apnic.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-dnsop@cafax.se
Precedence: bulk

( ok, this is diverging somewhat )

On Sat, 12 May 2001, Mats Dufberg wrote:

> On Fri, 11 May 2001, Kenneth Porter wrote:
> 
> > >	non-authoritative
> > >	SOA mismatches across supplied nameservers
> > >	NS listing mismatches across supplied nameservers (both what they
> > >		supply and whats in the actual zone file)
> >
> > How tolerant are you of transient mismatches? One would expect them
> > during zone updates.

During zone updates you would expect tansient mismatches, but why is the
zone being updated whilst the zone is being delegated ?  That implies that
the zone is not stable, and we dislike non-stable zones (tends to cause
excessive traffic back on our nameservers).

In an idealised world, we'd generate a caution back to the requestor, and
keep trying the nominated nameservers for the nominated domain until we're
happy, or an arbitary timeout (a day?) is exceeded.

> Speaking of the SE TLD, we always reject updates where we find any
> difference in SOA serial, SOA mail address, NS records or A records
> corresponding to necessary glue records between any of the nameservers.

We error out on SOA serial mismatch, and simply warn on any other SOA
mismatch (mail address, timeout values etc) due to some oddities in the
perl DNS module.

-- 
  Bruce Campbell <bruce.campbell@apnic.net>                +61-7-3367-0490
                      Systems Administrator                          APNIC

v2.23.0 | Report a Bug | By Email