Hi Jeroen, Thank you very much for the information.
Best Regards. On Thu, Jun 29, 2023 at 1:47 AM Jeroen Koekkoek <jer...@nlnetlabs.nl> wrote: > Hi, > > > My questions are as follows > > 1) When zone data is not saved on file and only held in memory NSD > > initiates zone transfer after NSD service is restarted. > > > > Would like to know if there is a time limit from when zone transfer > > is requested until data gets saved in memory. > > I'm not sure if I understand your question correctly, but: > > There is a reload timer, configurable through xfrd-reload-timeout, that > determines how often a reload is triggered. There is however no time > limit from when a zone is requested. When a zone transfer is received, > (triggered by the refresh timer in the SOA record expiring, through a > NOTIFY or having no zone data), a transfer for that zone is scheduled. > xfrd (transfer daemon in NSD) updates the timers with the data from the > AXFR/IXFR. How long it takes for the reload to complete depends on the > number of changes within that reload. > > > 2) When NSD service is 'reloaded' for example by running 'systemctl > > reload nsd' does NSD check the serial number (SOA) for each record > > and tries to initiate a zone transfer? > > > > After performing a service reload the following entries are logged. > > > > nsd[1704236]: error: xfrd: zone testnsdexp01.tk received error code > > SERVER NOT AUTHORITATIVE FOR ZONE from xx.xx.xx.xx > > nsd[1704236]: error: xfrd: zone testnsdexp01.tk, from xx.xx.xx.xx: no > > tsig in first packet of reply > > nsd[1704236]: info: xfrd: zone testnsdexp01.tk bad transfer 0 from > > xx.xx.xx.xx > > > > The zone records for testnsdexp01.tk is not present on the master DNS > > servers therefore it returns error but it seems like NSD is doing > > some sort of checks during the reload process hence its trying to get > > the records for 'testnsdexp01.tk'. > > > > These errors are from xfrd, which is the process that keeps running and > is not recycled (unlike the server(s)). Once there's no more zone data, > either by not having it in the first place on (re)load or because it > has expired, xfrd will request new data from the primary every so > often. The messages above is merely xfrd indicating it cannot refresh > the zone. > > So, to answer your question, yes, once NSD restarts it tries to request > a zone transfer for zones that have no data. > > Best regards, > Jeroen >
_______________________________________________ nsd-users mailing list nsd-users@lists.nlnetlabs.nl https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
