Maintained by: NLnet Labs

[Unbound-users] NOTIFY implementation to unbound

Greg A. Woods
Mon Oct 19 20:32:57 CEST 2009


At Mon, 19 Oct 2009 19:27:02 +0200, Ondœô ùej Surý <ondrej at sury.org> wrote:
Subject: Re: [Unbound-users] NOTIFY implementation to unbound
> 
> So if I send you NOTIFY . (the root), you flush the whole cache?  And
> if I send you a notify for .cz, you will walk through the whole cache
> and flush everything which ends in .cz or .com? I don't know exact
> design of unbound cache, but I guess it's more hash like table then
> tree like table, so how would you do that and not lock down whole
> resolving meanwhile?

Exactly -- and as you say in your subsequent reply, the table will be
locked.  For me, in this scenario, performance is secondary.

Note that _you_ cannot send any valid NOTIFY to my nameserver(s) -- only
my own authorized authoritative nameservers can send NOTIFY messages
that will be honoured.  Or at least that's the goal of a correct
configuration.  :-)

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20091019/f8f57d38/attachment.pgp>