content-type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-RT-Original-Encoding: utf-8 Content-Length: 2689 On 7.1.2016 12:37, BIND Feature Requests via RT wrote: > > Greetings, > > This message has been automatically generated in response to the > creation of a trouble ticket regarding: > "auto-disable empty zones if forward 'first' is configured", > a summary of which appears below. > > There is no need to reply to this message right now. Your ticket has been > assigned an ID of [ISC-Bugs #41441]. > > Please include the string: > > [ISC-Bugs #41441] > > in the subject line of all future correspondence about this issue. To do so, > you may reply to this message. > > Thank you, > bind-suggest@isc.org > > ------------------------------------------------------------------------- > Hello, > > I would like to propose a change in BIND's behavior with respect to > interaction between forward 'zones' and automatic empty zones: > > Currently the configure_view() in server.c disables/skips the automatic empty > zones if there is a forward 'zone' with policy 'only'. > > /* > * If we would forward this name don't add a > * empty zone for it. > */ > result = dns_fwdtable_find(view->fwdtable, name, > &forwarders); > if (result == ISC_R_SUCCESS && > forwarders->fwdpolicy == dns_fwdpolicy_only) > continue; > > For me as a user, it is kind of confusing and inconvenient that empty zones > are enabled even for dns_fwdpolicy_first, because it effectively means that > forwarding is not working for automatic empty zones. > > Typically I have to manually disable empty zones when global forwarder (for > root zone) is configured as traffic optimization measure, while full recursion > is used as a fallback. > > In other words, the gotcha is that condition 'we would forward this name' is > fulfilled also when forward policy 'first' is used. > > > Would it be possible to relax the condition to > forwarders->fwdpolicy != dns_fwdpolicy_none > ? > > That would match my expectation as user - i.e. when I configure forwarding for > all zones, it should be respected. > > > I can see the potential problem with leaking queries when all configured > forwarders fail, but given that this would happen only in a (hopefully rare) > error state, I think it is a good trade-off for usability. > > > If this is 'simple' fix is not acceptable, I can write a patch which would > replace automatic empty zone with forward 'zone' with policy 'only' and > addresses taken from parent forward zone with policy 'first', if you wish. > > > Thank you for considering this. I found out that the original version was not complete. Here is new version of the patch + test. -- Petr Spacek @ Red Hat