Maintained by: NLnet Labs

[Unbound-users] NOTIFY implementation to unbound

Greg A. Woods
Mon Oct 19 20:28:36 CEST 2009

At Mon, 19 Oct 2009 10:30:57 -0700 (PDT), Aaron Hopkins <lists at> wrote:
Subject: Re: [Unbound-users] NOTIFY implementation to unbound
> On Mon, 19 Oct 2009, Greg A. Woods wrote:
> > The key concept here is that notify says something has changed with the
> > given zone.
> It means "whoever sent you the NOTIFY has updated data for this zone".
> However, unbound won't just query whoever sent it the NOTIFY; it will query
> any authoritative server, many of which probably have stale data since they
> received NOTIFY at the same time as unbound and have more work to do before
> they are updated.

True, in many real-world configurations I've seen where this feature
could be useful both the Master and all the Slaves are pointed to by NS
records in the parent zone so Unbound could suffer from reloading data
from a still-slave auth server.

However if _all_ the slaves are configured to send NOTIFY to Unbound
(including, or excluding, the true master) then the last one to reload
will cause a final flush of Unbound's cache and all will be well.

Sorry I didn't make this concept clear before.  It was so obvious to me
I forgot to mention it!  :-)

BTW, performance considerations are secondary (or even tertiary).

						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at>
Planix, Inc. <woods at>      Secrets of the Weird <woods at>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <>