Hi Anand, I fully understand your argument, but this was our decision in the past. Every outgoing DNS message from Knot is over TCP. We didn't want to wait or deduce whether a slave got the message.
Best, Daniel On 06/08/2018 02:59 PM, Anand Buddhdev wrote: > Hi Daniel, > > I don't run Knot DNS as a master, so I don't see this issue. Even if I > ran Knot DNS as a master, I'm not terribly bothered with NOTIFY over TCP. > > Having said that, I don't think it's very fair to say that UDP is > unreliable, and there are various reasons for it: > > 1. NOTIFY is a hint, and if it gets lost, it's not the biggest disaster > in the world. > > 2. NOTIFY is just like any other query, so Knot could send the NOTIFY > over UDP and wait for the response. If the response doesn't arrive, it > could retry the NOTIFY. At least BIND and NSD both do this. They allow > for the fact that one NOTIFY might get lost sometimes. > > However, if you can't easily modify Knot to use UDP instead of TCP for > NOTIFY, it doesn't bother me personally, because a NOTIFY receiver > should also be able to accept TCP (TCP is required by DNS). But I can > see Klaus's viewpoint. However, I'll leave him to tell us his opinion on > this matter. > > Regards, > Anand > > On 08/06/2018 14:11, Daniel Salzman wrote: > >> Hi Klaus, >> >> Knot DNS always sends NOTIFY over TCP. It's intentional, because UDP is >> unreliable. >> Unfortunately, it's not possible to easily switch to UDP :-/ -- https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users