[Freeipa-devel] Design: Automatic Empty Zone handling in bind-dyndb-ldap
Martin Basti
mbasti at redhat.com
Tue Mar 1 11:08:37 UTC 2016
On 19.02.2016 09:11, Petr Spacek wrote:
> On 12.1.2016 15:10, Martin Basti wrote:
>>
>> On 12.01.2016 15:06, Petr Spacek wrote:
>>> On 8.1.2016 18:14, Martin Basti wrote:
>>>> On 08.01.2016 16:57, Petr Spacek wrote:
>>>>> Hello,
>>>>>
>>>>> recent improvements in FreeIPA 4.3.0 (finally) prevent FreeIPA installer from
>>>>> creating made-up DNS reverse zones, which already exist on some other DNS
>>>>> server.
>>>>>
>>>>> This change uncovered a well-hidden automatic empty zones in BIND 9.9+, which
>>>>> is now causing problem to users.
>>>>>
>>>>> It seems that this can be fixed by change to the code which handles forward
>>>>> DNS zones. Short design document with necessary background is available on:
>>>>> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/AutomaticEmptyZones
>>>>>
>>>>>
>>>>> Please be so kind and review it ASAP, so I can write the patch quickly and
>>>>> make life of our QE guys easier.
>>>>>
>>>>> Have a nice Friday.
>>>>>
>>>> Hello,
>>>>
>>>> IIUC, the differences between default bind behaviour and bind-dyndb-ldap
>>>> behaviour are:
>>>>
>>>> * disable automatic empty zone when policy is 'first' or 'only', instead of
>>>> just 'only'
>>>> I liked it more than default behaviour of named, but could be this somehow
>>>> unexpected by users, or they will be happy that it works better (?) than in
>>>> named?
>>> I hope users will appreciate it :-)
>>>
>>>> * bind-dyndb-ldap will not recreate automate empty zone
>>>> IMO this should not harm at all
>>>>
>>>> so design LGTM, I will thinking about it over this weekend
>>> Did you find any problem?
>>>
>>>
>>> Petr^2 Spacek
>> My mind did not pop out any issue during weekend.
>> It should work :)
> I was discussing this further with BIND upstream and Mark Andrews do not like
> it. IMHO we should respect his opinion and do that same what BIND 9.11 is
> going to do.
>
> For this reason I've updated design page
> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/AutomaticEmptyZones
> with the new approach.
>
> Please review it again. It contains new sections Configuration and Upgrade.
>
> Thank you!
>
If bind wants to have it in this way, LGTM.
More information about the Freeipa-devel
mailing list