Notify and Also-notify option

[Barry Margolin]

In article <7tevhu$bqb$1 at nnrp1.deja.com>,  <mr_leneuf at my-deja.com> wrote:
>I have a question about BIND 8.1 options Notify and Also notify.
>If I enable the notify option who is automatically notify ? When must I
>use the also notify option ?

By default all the servers listed in the NS records are notified, except
that it doesn't notify itself.  You need to use also-notify if there are
slave servers that aren't listed in NS records.  Here's a real-world
example:

Part of our service includes running slave servers for domains that our
customers run their own masters for.  Our slave servers are
dnsauth1.sys.gtei.net, dnsauth2.sys.gtei.net, and dnsauth3.sys.gtei.net.
Rather than having all of them do zone transfers from the customer's
primary, we have a single machine, dnssec.sys.gtei.net, that does this for
all of them.  Then the dnsauth* machines do their zone transfers from
dnssec.  Dnssec is not supposed to be advertised -- the dnsauth* machines
are the ones that we want to be listed in NS records, InterNIC
registrations, etc, as they're configured properly to handle large numbers
of queries, whereas dnssec is just engineered to handle zone transfers (I
don't know offhand if there are currently any significant differences in
their configurations, but the point is that we want to allow for this).

Since dnssec.sys.gtei.net is not listed in NS records, the master server
doesn't know by default that it should send notifies to it.  Our customers
can add "also-notify { 4.2.49.1; }" to their configurations to support
this.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.