Handling expired domains

Niall O'Reilly niall.oreilly at ucd.ie
Fri Jun 29 19:03:30 UTC 2018

On 28 Jun 2018, at 23:48, rohan.henry cwjamaica.com wrote:

> If all zones on a slave server expire because the slave could not reach the master shouldn't the slave start working again once the master becomes reachable without having to tweak anything like the serial?

The slave should start working again once it discovers that the master has become reachable.  According to the circumstances, this moment may differ, either grossly or subtly, from the moment when the master actually becomes reachable.

For example, if the master itself has failed, been recovered, and been restarted, it will likely send NOTIFY messages to the slaves, which will then be aware of restored reachability, and will be able to resume service directly.

On the other hand, if the reachability failure is due to a network fault, the master will have continued running, and will have no reason to send NOTIFY on restoration of reachability.  In this case, resumption of normal service will depend on how the slave server software implements recovery from an expiry event.   I  expect, but have never had occasion to confirm, that this would depend on the REFRESH and RETRY timers.  this might involve a delay of some, or even many, hours.

In any recovery situation, I would be minded to check slave status within a few minutes of restoration of reachability, and to force the master to send NOTIFY messages in case any slaves had not yet resumed service.

Niall O'Reilly
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 903 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180629/73291041/attachment.bin>

More information about the bind-users mailing list