[nsd-users] nsd-control delzone on a zone that is defined in the nsd.conf

W.C.A. Wijngaards wouter at nlnetlabs.nl
Tue May 14 09:01:38 CEST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Will,

On 05/08/2013 11:32 PM, Jaap Akkerhuis wrote:
> 
> I am trying to wrap my head around the rationale of the restriction
> on not allowing nsd-control to delzone a zone that is configured in
> the nsd.conf. What is the risk here? Is it more of an operational
> one where it will not truly delete if a stop/start of the daemon
> occurs without modification of the nsd.conf? I mean, if your
> workflow is to always update your nsd.conf by removing entries for
> zones you are planning to delzone (and then blowing away the
> zone.list file before start) -- then where is the problem, 
> exactly?
> 
> I see the restriction only exists in remote.c, and it doesn't look
> like deleting one of these zones declared in the nsd.conf would be
> much different that one that wasn't (although I am probably missing
> something).
> 
> Can you help me understand this, please?
> 
> FYI, Wouter is on vacation so it might take another week or so 
> before he answers. What I do remember from talking about this is 
> that "nsd-control delzone" is merely the inverse of "nsd-control 
> addzone".
> 
> Zones defined in nsd.conf are supposed to be static that is why
> the man nsd-control says:
> 
> Zones  configured  inside  nsd.conf  itself  cannot be removed this
> way because  the  daemon  does  not  write to the nsd.conf  file,
> you need to add such zones to the zonelist file to be able to
> delete them with the delzone command.
> 
> Hope this helps.

Yes, what you can do, if you modify the nsd.conf yourself, is that you
modify the nsd.conf and then nsd-control reconfig (you need that
latest svn trunk of NSD4 for that, beta4 does not have this feature).
 Then it adds and removes the changes you made in the config file.
This may fit better into your existing workflow.

Best regards,
   Wouter

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRkeFOAAoJEJ9vHC1+BF+NAKoP+wa222FNH7XrdK/PQewqcbvH
th+kWMazD7tg6aw/RHP4I6iS/lKfm+PIeGW/4o7AhoJVzEhhq4PREDxqgFHYNnFe
IQW/pi52XDpRb/tIn0p+rGok8Bk6rE3o4xXsbkKOMEGpF7S356OS7R/Q0F3Qyzyf
kWRfEQ/Ov2xSw930fS5DsxO+vVNLu55q4Pmg0IZAQDeLJoLFee/zOEBjj/bpWio7
Beg+b+fbYyVg2v2C9AqVBC8vazWjykt5Abpb+Kdhv5IU2ARVLm/nLxh/5co85L8f
NGUyJ0Ntx10YgTrrV7o+rwufRidGlRk4S/lVcilPGzvHx5D4NztUNSk1xauaSetn
/evGWN5ZSbVmxYRU/hymrRKSsZAIr2HDJiBis3kKjovc/EMpSBUHi3EKMDIUnun8
KN9wEJEK+URjWx206pnj453Vb8nihBIfX8GFw2XhGyize21bd/++KwwagElAQ2Jj
TTfFo6XYWQZwzWY1suLXtbzlfLGZu74LPWuB6WFPSMrPUPrwF5uSqk8iEthz69KY
eHU+JDq007nE9njR7ifo4hihxzWmQF6SQREAnf53dFX0rTiaBKctEC4/9Q3yHoIc
xi9IiTZItii2FlTClYAcKJM2vUaXvxcKJnl8zZITZz1aI4J9He5vCQBLItjubu+r
iIbBrZ9u+kXYbvcz8n2i
=ChtX
-----END PGP SIGNATURE-----


More information about the nsd-users mailing list