Q. IXFR client behavior
Nobumichi Ozoe
Nobumichi.Ozoe at jp.yokogawa.com
Thu Jan 12 10:30:26 UTC 2006
Thank you. I understood IXFR client behavior of BIND.
Mark Andrews wrote:
>>Hi,
>>
>>Now I'm trying to test Increment Zone Transfer (IXFR) using bind 9.3.2
>>as following enviroment. And I have a question about IXFR mechanizm on BIND9.
>>
>>Q1. Why does an IXFR client make an IXFR query using TCP rather than UDP at f
>>irst?
>
>
> Because it is easier to do it this way. There is no
> requirement to initiate IXFR over UDP. We also don't support
> sending responding to IXFR over UDP except to send back the
> SOA record which the client interprets as "up-to-date" or
> "use-tcp" depending apon the serial value.
The reason to use UDP is written in paragraph 6 Chapter 2 of RFC1995.
And it said that "a client should first make an IXFR query using UDP."
However the description is "should", I think that BIND behavior is acceptable
though IXFR client should use UDP if the size of updated information is small
when thinking about the purpose of IXFR.
>>Q2. Why does an IXFR client ignore query response's SOA REFRESH time?
>> An IXFR server set 180sec as REFRESH time, but an IXFR client sends query
>> QTYPE=SOA every aroud 300sec.
>> (I put capture file at http://www.tahi.org/~ozoe/dns/ixfr_inclement.pcap)
>
>
> Look at min-refresh and min-retry. These are sanity checks to
> ensure a ISP can't be swamped by clients setting these values to
> too small values. Similarly max-refresh and max-retry ensures
> a slave will make periodic queries with a reasonable frequency
> even is there are riduculous values in the SOA record.
Thanks, I will use it parameter.
Best regards,
More information about the bind-users
mailing list