[bind10-dev] XfrIn validation failure handling in bind9

[Michal 'vorner' Vaner]

Hello

On the #2439, there was a point raised. Jinmei thinks (by reading code) that
when there's IXFR and the resulting zone doesn't have NS at the origin, the zone
is dropped from in-memory image (so it is not served), but it is still stored
into the DB. I didn't manage to confirm it by reading the code, I got lost. The
version of code in the branch in bind10 rolls back to the previously known
version (if there's any) and serves the old one.

So, I'd like to ask, if Jinmei's understanding of what's happening is right and
what was the motivation for a) dropping the zone, b) inconsistency between the
in-memory and DB.

I believe it is easier for bind10 to act the current way (returning to previous
version), as we don't have a way to mark zone as „don't serve“ currently and
wiping the data completely seems wrong. Do you think it would be problematic in
some way?

Thank you

-- 
All flame and insults will go to /dev/null (if they fit)

Michal 'vorner' Vaner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.isc.org/pipermail/bind10-dev/attachments/20130125/dce90604/attachment.bin>