>(1) Master-only. The master observes an ANAME record at the apex of a zone >it loads and uses it to periodically refresh the relevant records in the >zone (as if you had a cron job running dig | magic | nsupdate).
I have implemented something like this, with master file syntax foo IN A [rmtip:bar.remote] The implementation fetches any A and AAAA records from bar.remote and invents local A and AAAA records. It rechecks every hour or so. >Disadvantage: potentially lots of XFR traffic if the TTLs are low. My crock manages the zone serial numbers and only changes the serial number and does a notify if the zone changes. It's all done in python scripts on top of NSD. It doesn't do DNSSEC yet but I don't see any problems since the zones that NSD sees are ordinary zones. I agree that Paul's suggestion to limit this to references within the zone would make it useless in practice unless it also resolved CNAMEs, which turns it back into the more complicated case. R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
