[Pdns-users] Zone Transfers
Curtis Maurand
curtis at maurand.com
Thu Aug 8 10:19:18 UTC 2019
On 8/8/19 3:26 AM, Mike wrote:
> On 8/5/19 5:48 AM, Curtis Maurand wrote:
>> I scripted it. I can't rely on pdns replication. The supermaster
>> won't tell a slave to delete a zone for instance. Adding a new zone
>> may or may not happen properly or in a timely manner. Sometimes
>> transfers just don't happen and even if they do, the signed zones
>> won't work until they're rectified. Don't get me started on dnsdist.
> On the subject of supermasters not being able to tell slaves to delete
> zones:
>
> This may not be too critical - for a slave server to have knowledge
> of a zone for which it should no longer be authoritative for.
> Ultimately, if the internet roots don't point at your servers, nobody
> will be asking your servers for data from these zones anyways, so all
> you really are losing is some disk space. I wrote a script to do this
> which essentially walks the whole list of zones on a slave server and
> asks my (hidden) master whether it has an SOA for each one. If it
> doesn't, meaning that zone has been removed, then the script removes it
> from the slave. The necessity or required frequency of doing so, is
> debatable. My script can blast thru ~500 zones in about 8 seconds flat
> depending on latency from that slave to the hidden master.
>
> Mike-
Good idea. I didn't think of doing it that way. Conversely, a good way
to check to see if a zone has actually transferred, too.
Thanks for the idea,
--Curtis
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
--
Best Regards Curtis Maurand
mailto:curtis at maurand.com
More information about the Pdns-users
mailing list