You can do what BGP implementations have been doing for decades and
just put a count in that allows for some growth. Named and I presume
other servers already has the ability to track records during a zone
transfer (AXFR and IXFR) and abort if the count becomes too large.
The following allows for a ~4x growth.
zone “.” {
type slave;
max-records 100000;
…
};
;; XFR size: 22541 records (messages 22541, bytes 2758345)
That said, I agree with Evan, a in zone count is a “nice to have” feature.
Mark
> On 31 Jul 2018, at 3:29 am, Evan Hunt <[email protected]> wrote:
>
> On Mon, Jul 30, 2018 at 09:19:14AM +0200, Ondřej Surý wrote:
>> I know some people have 40Gbps at mothers house, but for general
>> usefulness you want to prevent downloading fake (or otherwise invalid)
>> zone before you start downloading it.
>
> While this does seem like a potentially useful feature, I don't think it's
> essential to the problem of verifiable root mirroring. "Nice to have",
> but not a requirement.
>
> --
> Evan Hunt -- [email protected]
> Internet Systems Consortium, Inc.
>
> _______________________________________________
> DNSOP mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dnsop
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [email protected]
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
