At Mon, 19 Oct 2009 19:27:02 +0200, Ondœô ùej Surý <ondrej at sury.org> wrote: Subject: Re: [Unbound-users] NOTIFY implementation to unbound > > So if I send you NOTIFY . (the root), you flush the whole cache? And > if I send you a notify for .cz, you will walk through the whole cache > and flush everything which ends in .cz or .com? I don't know exact > design of unbound cache, but I guess it's more hash like table then > tree like table, so how would you do that and not lock down whole > resolving meanwhile? Exactly -- and as you say in your subsequent reply, the table will be locked. For me, in this scenario, performance is secondary. Note that _you_ cannot send any valid NOTIFY to my nameserver(s) -- only my own authorized authoritative nameservers can send NOTIFY messages that will be honoured. Or at least that's the goal of a correct configuration. :-) -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack <woods at robohack.ca> Planix, Inc. <woods at planix.com> Secrets of the Weird <woods at weird.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20091019/f8f57d38/attachment.pgp>