[BALUG-Admin] NOTIFY should only ever come from

Rick Moen rick@linuxmafia.com
Wed Jun 5 05:35:58 UTC 2024


Quoting Michael Paoli (michael.paoli@berkeley.edu):

> Many will, by default, issue NOTIFY from all authoritative nameservers.
> At first that might seem odd, but, I believe the logic goes about like this:
> the overhead is low clients that don't care can/will (mostly) ignore
> authoritative (whether primary or secondary) has no way of knowing how
> other authoritatives downstream of it are configured, so, e.g.  some
> authoritatives may only get their data via other secondary(/ies), and
> not direct from master, etc.

Yes, as I was saying, I had a faint recollection that the matter of
Aaron T. Porter's ns.primate.net issuing NOTIFY for domains on which
it's secondary, not primary, had come up in some of my earlier efforts
to puzzle out strange nameserver behaviour.  I just couldn't remember
exactly how that had unfolded -- other than my obviously having decided
to take no action.

Obviously it's at worst harmless, and I can/should just add another
"ignore" line to the logcheck configuration so I stop being told about
it.  I just was taking a moment to try to figure out whether this is 
deliberate behaviour and why it's there.  Your answer will serve
splendidly.  Although, I'm bothered that the usual information sources
don't seem to cover this.

On the third hand, I didn't look _too_ closely, e.g,, maybe it's covered
in the Zytrax's "DNS for Rocket Scientists" or the related dead-tree
book _Pro DNS and BIND_.

Slightly weird, anyway.





More information about the BALUG-Admin mailing list