Feature #220
Configure a.authns.bitfolk.co.uk to not send notifies based on NS records
| Status: | Resolved | Start: | 2025-06-14 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| Votes: | 1 |
Description
First of all I do realize that this is an issue that is both very minor and rather niche. Yet since the fix is potentially correspondingly trivial I figured that I might as well raise the issue.
Judging by what one can observe from the outside a.authns.bitfolk.co.uk is configured both to send notifies based on NS records as well as to hard coded send notifies to b.authns.bitfolk.com and to c.authns.bitfolk.com?
The former, sending notifies based on NS records, becomes an issue when one is using the Bitfolk DNS secondaries together with other DNS secondaries. Then those other secondaries might end with the following log noise.
Jun 14 04:45:17 secondary named[719]: client @0x754b5817dae8 85.119.80.222#33317: received notify for zone 'erid.se' Jun 14 04:45:17 secondary named[719]: zone erid.se/IN: refused notify from non-primary: 85.119.80.222#33317 Jun 14 04:45:17 secondary named[719]: client @0x754b5817bd68 2001:ba8:1f1:f085::53#33162: received notify for zone 'erid.se' Jun 14 04:45:17 secondary named[719]: zone erid.se/IN: refused notify from non-primary: 2001:ba8:1f1:f085::53#33162
Assuming that there are no zones depending on those implicit NS notifies then the BIND config fix is potentially as trivial as follows.
options {
...
notify explicit;
...
};
