FW: NOTIFY-triggered Auto-slaving

bert hubert ahu at ds9a.nl
Fri Oct 4 13:55:56 UTC 2002

On Thu, Oct 03, 2002 at 09:48:26PM -0400, Kevin Darcy wrote:

> Dave,
>           To be perfectly honest, I think the things most likely to fly
> here, in descending order, are:
> 1. not touching the protocol and just enhancing implementation-specific
> handling of NOTIFY or some other protocol feature (as I have proposed)

Just to document what we do - it should work fine for all implementations as
it does not touch the protocol.

 1) An auto-slave receives an UDP (possibly spoofed) NOTIFY from an IP
    address that is on its list of supermasters.

 2) The auto-slave checks if that remote indeed has a SOA for that domain.

 3) It retrieves the NS records for the domain from that remote and checks
    if its own name is in there,

 4) An AXFR attempt is launched which, if succesful, leads to the addition
    of the domain to the list of slave domains.

With proper random IDs and source ports, this is as secure as it is going to
be without having PKI or TSIG in place.

This interoperates fine with all NOTIFY sending nameservers out there.

> auto-slaving, it's just that I doubt any new non-DNSSEC protocol-change
> proposal will ever make it out of the Working Group, given the current
> membership thereof and their predilections. Therefore I choose the path I
> view as most likely to succeed.




http://www.PowerDNS.com          Versatile DNS Software & Services
http://www.tk                              the dot in .tk
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO

More information about the bind-users mailing list