Mark Andrews wrote:
Please explain how
https://datatracker.ietf.org/doc/draft-andrews-dnsop-update-parent-zones/
would not work.
Update messages are designed to be forwarded and that includes signed
UPDATE messages be they TSIG or SIG(0). Named already forwards UPDATE
messages if your tell it to.
Forward to which IP address of the primary? Unupdated one?
We already have UPDATE clients that lookup SRV records to send UPDATE
With SRV? You introduce yet another server, address of which may
also be updated!?
Congratulations, you have made barely solvable problem
unsolvable.
Masataka Ohta
