On Tue, Mar 15, 2005 at 08:00:00AM +1100, Mark Andrews wrote: > > > On Tue, Mar 15, 2005 at 05:49:12AM +1100, Mark Andrews wrote: > > > > > > Upgrade aludra.usc.edu. It clearly is not running an up to date > > > version of named which has had its cache detuned to handle this > > > sort of mismanagement by the zone administator. > > > > > > The old servers for nakos.net should have been configured to serve > > > the new zone content then decommissioned once all the old references > > > to the them have expires or been decommissioned immediately rather > > > than being abandoned. The first of these allows for a orderly > > > transition from one set of servers to the next. > > > > > > 1429. [bug] Prevent the cache getting locked to old servers. > > Aha! I suspected it wasn't the desired behavior. Thanks! > > If we could trust the administators of zones to do the correct > thing we would remove it. The "fix" puts additional load on > the parent servers. While I understand the load concern, it seems like the proper behavior. The delegation from the parent servers /has/ a TTL, that TTL specifically means (unless I greatly misunderstand the RFC) "this record shouldn't be trusted after X"... so after X, that record should be refreshed. Depending on people to the right thing is certainly nice to the parent servers, however, as far as I can tell, it's noncompliant - you're trusting a record after it's expired. Or am I missing something? -- Phil Dibowitz Systems Architect and Administrator Enterprise Infrastructure / ISD / USC UCC 174 - 213-821-5427 -- Attached file included as plaintext by Ecartis -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCNf357lkZ1Iyv898RAqVoAKDck07fcel09uP/duT9/uzhwVXBAQCghUew dMvfm3Kpr58ko44FEg5V/pY= =mB/O -----END PGP SIGNATURE-----