[Dnssec-deployment] SOA serial number changes on resigning thoughts
Florian Weimer
fweimer at bfk.de
Thu Feb 3 08:38:32 EST 2011
* Joe Abley:
> On 2011-02-03, at 06:47, Florian Weimer wrote:
>
>> but many DNS providers
>> currently need non-IETF protocols to deal with secondaries anyway.
>
> They do? ("need")
>
> I know a couple of significant DNS provides who choose to do this,
> e.g. because they use RDBMS replication, but I also know of many
> large TLD zones for which NOTIFY and AXFR/IXFR works just fine. If
> there's a *need* for a new standard, interoperable method of
> propagating zone changes to slave servers, it would be helpful to
> understand why.
The challenge is here not so much large zones (but they certainly have
their own). It's large number of zones, with the implied change rate
in master/slave relationships. There is no DNS protocol standard for
telling a DNS server that it should begin working as a slave for a
particular zone, or cease serving that zone.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the Dnssec-deployment
mailing list