On Thu, 2008-11-20 at 14:02 +0000, Wilfried Woeber, UniVie/ACOnet wrote:
So - this may just be a glitch in the alerting script, but I am still left with the question: how does the robot at the NCC's end determine the "appropriate" host to try zone transfers from?
Any recommendations?
IMHO ... This is a system-administrative matter to be agreed between the zone administrator and the slave operator. Zone data is not zone metadata. Blurring the distinction can only lead to unintended consequences. If a robot is involved, there needs to be an out-of-zone channel from the zone administrator to the robot. Peter's suggestion of using a new attribute in the database to serve this purpose makes sense to me. A similar, but more sensitive, issue arises with shared secrets for TSIGs. ATB, Niall