AD DNS and Global sequence number implementation

Andrew Tridgell tridge at
Mon Nov 21 19:00:03 MST 2011

Hi Matthieu,

> Why not having a simplier solution: make the bind plugin refuse to serve 
> any request for the domain up to the moment the unix socket is readable ?

because DNS is pretty important during system startup, plus I don't like
the idea of losing the bind9 service when Samba is down for maintainence
or being upgraded.

> It allows bind to start correctly and pretend it is serving our zone.

pretend in what way? What does it do when it gets queries on the zone?

> Another idea is: while samba is not started bind has only a read access 
> on the partial copy and when samba is started it has the write access 
> through the unix socket.

I think the correct synchronisation of this partial copy would be more
complex than what Amitay has done, plus it would still leave us with the
problem of not correctly supporting transactions. Correct transaction
semantics is quite important when we have DNS updates coming in over so
many different protocols.

Cheers, Tridge

More information about the samba-technical mailing list