Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 12 Feb 2001 23:48:31 -0500 (EST)
From:      Mitch Collinsworth <mitch@ccmr.cornell.edu>
To:        James Housley <jim@thehousleys.net>
Cc:        Corey Ralph <corey.ralph@datafast.net.au>, freebsd-isp@FreeBSD.ORG
Subject:   Re: Bind problems
Message-ID:  <Pine.LNX.4.10.10102122343100.22516-100000@ruby.ccmr.cornell.edu>
In-Reply-To: <Pine.LNX.4.10.10102122324000.22516-100000@ruby.ccmr.cornell.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Mon, 12 Feb 2001, Mitch Collinsworth wrote:

> On Mon, 12 Feb 2001, James Housley wrote:
> 
> > I might be seeing a similar problem.  Since I upgraded to 8.2.3 via
> > CVSup in 4.2-STABLE some of my secondaries are suddenly saying my
> > unpublished master is no longer authorative for some of my domains.  I
> > am getting "Received NOTIFY answer (!AA)" messages in my notify log.
> 
> Well this one seems to be addressed in the CHANGES file.  Entry 1025,
> prior to the 8.2.3-T6B release says:
> 
>   1025.   [proto]         NOTIFY messages should have AA.
> 
> Not much to go on there.  Sounds like somebody didn't like the idea
> of sending NOTIFY's if you aren't authoritative.  I don't know if
> this is stated in an RFC somewhere or if it was a developer decision.
> I think there may be a case for arguing this is unnecessarily
> restrictive, though there might also be a case for arguing it's a
> security issue or potential DOS.  The place to take it up is probably
> bind-users.

Replying to myself here, it seems I should have finished reading the
CHANGES file before firing this off.  Further along are these entries:

1037.   [support]       soften #1025 -- continue to accept !AA notify req's.

1055.   [bug]           aa was being cleared on notify "queries" prior to
                        testing.

1037 seems to support my argument that 1025 was a mistake.  But your
logs seem to indicate the reversal of 1025 didn't take.  Not sure what
1055 is trying to say.  Probably time to write to bind-users.  

-Mitch



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10102122343100.22516-100000>