Nsd-xfer's return code for IXFR with no updates is not zero

PaulWouters · October 27, 2010, 11:22pm

When you run nsd-xfer with the -s 12345 option (serial number) and
there are no updates to this zone, the returning answer will have no
SOA record. However, nsd-xfer returns error code 3.

I am not sure if this should return an error. If I understood correctly
(thanks Jelte), if an IXFR update path is not available, an AXFR would
get returned. So the only case where no SOA is returned is when there
are no updates to our specified IXFR serial?

When attempting to do an IXFR that otherwise would return no valid SOA,
such as querying a server that does not allow you to XFR, nsd-xfer
returns error code 5 (refused)

(hint: the man page does not tell me what return codes I can expect or
what they mean

My suggestion is to not return error 3, unless you received some records AND
it contained no SOA records.

Paul

PaulWouters · October 28, 2010, 12:25am

Actually, this seems to not always be the case. It works fine against tjeb.nl.

I think this may be a powerdns specific problem. But it is a little hard
to debug as I'm not aware of an easy tool to read dns tcp streams.

The powerdns instance I'm querying seems to return no SOA when ixfr'ing
for the current serial. And it also does not return an AXFR if I use
a lower serial with my IXFR request, as I believe the RFC compliant server
is supposed to do.

It is suggested this was fixed a long time ago:

so maybe I'm just talking to an old powerdns server.

Paul