[nsd-users] incomplete AXFR and ixfr.db overwritten by nsdc patch

Matthijs Mekking matthijs at NLnetLabs.nl
Mon Dec 1 12:27:43 CET 2008

Hash: SHA1

Hi Vicky,

I believe this is expected: A zone transfer (AXFR of IXFR) is stored in
parts into the ixfr.db. When a zone transfer is fully transmitted, the
parts are followed by a 'commit'. If such a commit is not present while
patch is running, the previous parts are discarded. NSD will see that an
update failed and starts a new zone transfer request to restore the
latest update.

So it is expected, but I can see that in your situation it can be
problematic. Maybe a script can help you out, that checks if patching is
'wise'? For example, by checking log messages or entries with nsdc-patch
- -l to see if the zone transfer was committed. If you need some special
property that needs to be printed, I can add a log entry for that.


Matthijs Mekking

Vicky Shrestha wrote:
> Hi,
> It seems if a zone AXFR is incomplete when nsdc patch runs, then it will
> discard and delete the partial entries  in ixfr.db. With a big zone and
> limited bandwidth it seems nsdc patch can only be run after AXFR is
> complete.  Is this expected ?
> I have tested this with NSD version 3.1.1 on Linux 32bit and 64bit.
> Regards,
> Vicky Shrestha
nsd-users mailing list
nsd-users at NLnetLabs.nl

Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the nsd-users mailing list