DS record update via nsupdate

Mark Andrews marka at isc.org
Mon Jun 13 12:19:35 UTC 2016


In message <7966c1a9-a930-b748-7e09-531304b4d59f at rotld.ro>, Catalin Leanca writes:
> 
> Hello,
> 
> When using nsupdate command to update DS records for subdomains
> without NS delegation, no error code is returned by command and also
> no errors appear in BIND logs (and DS is not updated in the zone).
> Is this a normal behavior?

Yes.  It is consistent with other UPDATE (RFC 2136) behaviours which
maintain zone consistancy.  UPDATE is silent about lots of things
w/o explict prerequisites.

> How to make BIND to issue errors when this happen ?

Add a prerequisite that a NS rrset exists at the name.  It the
prerequiste fails you will get a error.
 
> Best regards,
> 
> -- 
> 
> *CS Catalin LEANCA*
> ICI ROTLD - Serviciul Tehnic
> Bd. Maresal Averescu 8-10,
> Sector 1, Bucuresti
> Mobil: +40 744 777781
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the bind-users mailing list