Comments (7)
miekg
commented on July 22, 2024
Let's take an example from my current setup:
zone "rikribbers.nl" {
type slave;
masters { 92.63.172.25; 2a00:f10:121:400:252b:5421:6ba3:3d10; };
file "/var/lib/bind/rikribbers.nl";
zone-statistics yes;
};
So, this means a couple of things
- be able to receive and act on incoming notifies
- requery the master at intervals specified in the SOA parmeters
- dropping the zone; SERVFAIL when expire is expired
- ability to configure masters
- where to put the zone (use assets path by default? ~/.caddy)
Looking at https://www.knot-dns.cz/docs/1.6/html/configuration.html, need idea: no concept of slave zone (per se). It is just a keyword in the configuration. Rought idea for config syntax (btw: supermaster is also a cool idea).
rikribbers.nl {
transfer db.rikribbers.nl master_ip/name...
}
transfer itself will have some more options
transfer {
file db.rikribbers.nl
from master_ip/names...
<options 'n stuff>
}
from coredns.
miekg
commented on July 22, 2024
transfer can work, it only need to point to a zonefile, or should we use some kind of abstraction that it allows to query other middleware what their zone looks like. The latter is nice, but I have no idea how this will look. As a first pass, using a file as an intermediate way of communicating should suffice.
from coredns.
miekg
commented on July 22, 2024
otoh, slaving a zone (i.e. responding to axfr/ixfr) is highly middleware specific; not sure if this can be done as a generic middleware and should just be done in the (e.g.) file middleware. It boils down to sending notifies and then responding to transfer requests.
slaving zones might be diff., but (as said) not sure yet.
from coredns.
miekg
commented on July 22, 2024
This will be an option in the file middleware.
If we ever get something that will read from a database, we'll revisit. Or maybe the whole read from thing must be abstracted and shared between middlewares?
from coredns.
vavrusa
commented on July 22, 2024
Slaving zones is highly middleware specific and needs a better abstraction. For example a SOA serial strategy needs more thought before supporting more than 100 zone changes a day. Here is some light reading on that problem: https://lists.dns-oarc.net/pipermail/dns-operations/2016-March/014623.html
from coredns.
miekg
commented on July 22, 2024
LOL ;-)
from coredns.
miekg
commented on July 22, 2024
See the secondary middleware - not perfect yet, but working. Closing for now. Once all this stuff is functional we'll do another passover and make it perfect.
from coredns.
Related Issues (20)
- Listen tcp :53: bind: permission denied ERROR!! HOT 2
- Question: Does CoreDNS support plugins to retrieve the original DNS requests containing mixed-case domain names? HOT 4
- data-race: `filterRRSlice` function mutates original which it got from the shared cache
- crun: chdir to `/home/nonroot`: Permission denied: OCI permission denied
- Can I use default system dns in Android ?
- DNS requests to coreDNS container are not making it back to client machine HOT 1
- Q: How to share context between dnsserver.Server instances in a plugin?
- Vulneribilities reported for multiple deplendencies in cordns HOT 1
- local dns records don't go into effect HOT 1
- local: coredns incorrectly marks `any.localhost` as `dns.RcodeNameError`
- Pods are not receiving a balanced load
- Failed to download CoreDNS on a IPv6-only server HOT 3
- Panic on /miekg/dns/labels
- How to restart forward plugin after updating nameserver inside resolve.conf
- coredns secondary received notify can not use udp.is use tcp.
- error getting ClusterInformation: connection is unauthorized: Unauthorized HOT 1
- Coredns forward upstream nameserver is invalid when policy is round_robin HOT 2
- Question about truncate and compress
- When is v1.11.3 going to get released? Need it for security fixes HOT 2
- DNS rate limit to 8.8.8.8, as over 300K (before only 5k) requests per 30-minute interval HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coredns.