On Mon, 11 Apr 2005, David Conrad wrote:
As far as I know, BINDv9 complies with the AXFR protocol.
Very, very technically, (and only due to the unresolved vagueness in the AXFR RFC), this is true. But it is isn't exactly honest. Every implementation including BIND interpreted the "vague" section the same way, and now BIND9 wants it changed. That isn't a clarification.
Empirically, given BINDv9 interoperates with every DNS server that implements AXFR and IXFR that I'm aware of, it would seem assertions that "BIND9 is not compliant with AXFR standards" is simply pure crap.
"Empirically" is because BIND9 attempts to detect other BIND9 servers, and if it thinks the other server isn't BIND9, then it uses the traditional protocol. So it will work so long as no implementation can fool BIND9 into thinking the other server is BIND9, but then not implement the non-standard protocol. However, if you were to capture the packets between two BIND9 servers, and use that as your guide to reverse engineer AXFR protocol specification (or more practically, just send it to another server verbatim), you will not be able to communicate with other non-BIND9 servers.
There was an attempt to clarify various ambiguities found in the rather loose specification of the AXFR protocol by writing up the issues encountered and a solution to those issues, but that effort sunk in the IETF swamp.
Uhh, not exactly "sunk in the swamp", so much as overwhelming opposition from nearly every implementor who didn't want to alter their implementation. As I said above, and as was pointed out by many on the DNSEXT WG, this isn't a clariification. Its a major change and it was rejected. -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000