On Fri, Mar 15, 2002 at 11:32:52AM +0100, Bruce Campbell wrote:
> urm, how, exactly, are you proposing to have this implemented?  (or, do
> you really understand the mechanics behind DNS secondaries? )

I already passed enough detail to David Keegel and Bruce to enable such
a thing to be implemented if it is desired. For everybody else though,
I'll outline the rough details below.

> Your proposal, noble as it is, indicates that named-xfer must be replaced
> by something which applies business rules on a given zone and possibly on
> a per source basis as well.

That's exactly right. The basic idea is to replace named-xfer as called
from named with a script which uses the original named-xfer to first
transfer the requested zone from the hidden master. Once the candidate
zone file has been received, the script can then test it in any
desired manner, and if it passes the tests, the script returns a
successful exit code to its parent (named).

Consequently, there is no change required to the sender of the domain
info, no change to the BIND code itself, just a script running in
the middle of BIND normal functionality.

> Who is going to implement this?

I'd hope whoever maintains box2.aunic.net will think it's a nifty
idea which might save some heartache in future.

Nick.