Q. IXFR client behavior

Nobumichi Ozoe Nobumichi.Ozoe at jp.yokogawa.com
Thu Jan 12 10:30:26 UTC 2006


Thank you. I understood IXFR client behavior of BIND.

Mark Andrews wrote:
>>Hi,
>>
>>Now I'm trying to test Increment Zone Transfer (IXFR) using bind 9.3.2
>>as following enviroment. And I have a question about IXFR mechanizm on BIND9.
>>
>>Q1. Why does an IXFR client make an IXFR query using TCP rather than UDP at f
>>irst?
> 
> 
> 	Because it is easier to do it this way.  There is no
> 	requirement to initiate IXFR over UDP.  We also don't support
> 	sending responding to IXFR over UDP except to send back the
> 	SOA record which the client interprets as "up-to-date" or
> 	"use-tcp" depending apon the serial value.

The reason to use UDP is written in paragraph 6 Chapter 2 of RFC1995.
And it said that "a client should first make an IXFR query using UDP."

However the description is "should", I think that BIND behavior is acceptable
though IXFR client should use UDP if the size of updated information is small
when thinking about the purpose of IXFR.

>>Q2. Why does an IXFR client ignore query response's SOA REFRESH time?
>>    An IXFR server set 180sec as REFRESH time, but an IXFR client sends query
>>    QTYPE=SOA every aroud 300sec.
>>    (I put capture file at http://www.tahi.org/~ozoe/dns/ixfr_inclement.pcap)
> 
> 
> 	Look at min-refresh and min-retry.   These are sanity checks to
> 	ensure a ISP can't be swamped by clients setting these values to
> 	too small values.  Similarly max-refresh and max-retry ensures
> 	a slave will make periodic queries with a reasonable frequency
> 	even is there are riduculous values in the SOA record.

Thanks, I will use it parameter.

Best regards,



More information about the bind-users mailing list