[Unbound-users] NOTIFY implementation to unbound

Aaron Hopkins lists at die.net
Mon Oct 19 17:30:57 UTC 2009


On Mon, 19 Oct 2009, Greg A. Woods wrote:

> The key concept here is that notify says something has changed with the
> given zone.

It means "whoever sent you the NOTIFY has updated data for this zone".
However, unbound won't just query whoever sent it the NOTIFY; it will query
any authoritative server, many of which probably have stale data since they
received NOTIFY at the same time as unbound and have more work to do before
they are updated.

Unbound would either have to limit itself to only querying the server that
sent the NOTIFY for that zone or to query SOA serial numbers and see which
authoritatives are up-to-date.

Or you can require the unbound admin to make sure that any time any
authoritative server that is updated sends a NOTIFY to all instances of
unbound.  This isn't feasible in many topologies, and is particularly
error-prone.

None of these is "simple".

                                     -- Aaron



More information about the Unbound-users mailing list