Allow only temporary zone updates without making them permanent

Grant Taylor gtaylor at tnetconsulting.net
Wed Jun 26 14:39:40 UTC 2019


On 6/25/19 9:25 PM, Lefteris Tsintjelis via bind-users wrote:
> Is it possible to apply temporary only update policy and never save or 
> modify anything to a zone file?

What would this functionally do?

Or are you wanting to update the zone contents without actually updating 
the zone file on disk?

I'm guessing that you want the change to the zone for at least long 
enough for the ACME challenge to pass.  And then possibly remove the 
necessary record.

Both the act of adding (changing) the requisite resource record, and 
then subsequently removing it from the zone are changes to the zone. 
Both of which should change (increment) the zone's serial number.  So, 
even if you didn't commit the change to the zone's file, the in memory 
zone's serial number in memory would now be out of sync with the on disk 
zone's serial number.

I'm guessing I'm not understanding your use case.

I feel like a judiciously crafted update policy to allow something to 
update it's specific resource record(s) is probably what you want.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20190626/34d06a78/attachment.bin>


More information about the bind-users mailing list