[bind10-dev] Forwarding from auth, was ddns
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Tue Nov 29 03:06:22 UTC 2011
At Mon, 28 Nov 2011 14:14:55 +0100,
Shane Kerr <shane at isc.org> wrote:
> > > - - I think we should pass off DDNS messages from auth to ddns
> > > module similarly to how we do it for xfrin
> >
> > I believe this current state is broken by design. Because:
> > • Auth needs a hardcoded list of things to forward somewhere. It should be
> > generic, so new type can be added without changing the Auth code.
> > • Auth needs to handle case when the recipient module doesn't exist.
> > • Now we would need yet another unix domain socket for sending sockets over.
> > • We can't turn off auth.
> > • It doesn't solve resolver+auth very well either.
[...]
> It seems like what you're asking for is the receptionist.
I'm not so sure about this. A receptionist would be the most
obvious solution (if not the only one) for the resolver+auth problem,
but (for example) "hardcoded" can be a problem for any solution. I
also suspect even if we have a receptionist we may still want to use
FD passing for xfrout. Generally the issues seem to be a bit broad
and I guess we should clarify the problem/solution spaces a bit.
Among the above problems I personally think the second one is crucial
(including cases where the recipient hangs and the write operation on
the UNIX domain socket would block) to be "production ready" and
should be solved sooner anyway. Maybe we can handle this particular
issue in a bit larger context that would cover some of the other
topics (but right now I don't have any concrete idea).
---
JINMEI, Tatuya
More information about the bind10-dev
mailing list