nsd users - Mar 2016 - NSD 4.1.9 release

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Wouter,

Thanks for this! We were affected by this issue as well, because some
of our servers were still using the DB mode.

However, I have changed our internal SPEC file to build NSD with:

- --with-dbfile=""

so that all our NSD instances will use plain text zone files by
default, and simply not use the DB mode.

FYI for all NSD users. Wouter added this "nodb" mode at our request,
and it works really well for us. An NSD server that has only slave
zones will XFR them all in at startup. Periodically (default every
1h), it will flush the zones to plain text files on disk, so that when
NSD is restarted, it can read the zones back in. If 1 hour seems too
long to wait before writing out changed zones to disk, one can adjust
the value in nsd.conf.

In the event of a restart with unflushed zones, NSD will just read an
older copy of the zone from disk, and then immediately XFR a new copy
in. If you wish, you can also run "nsd-control write" before
restarting NSD, so that it restarts with the freshest copy of zones.
In my opinion though, all this isn't really necessary, because
restarts are rare, and if the odd zone here or there hadn't been
flushed to disk, it will be updated to the latest copy within moments
of starting NSD.

I can highly recommend the "nodb" mode by setting
"database:" to "" in
nsd.conf, or making this the default at compile time with the
configure option I mentioned above.

Regards,
Anand Buddhdev
RIPE NCC

On 15/03/16 11:52, W.C.A. Wijngaards wrote:
> Hi,
> 
> NSD 4.1.9 is available: 
> http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.9.tar.gz sha1
> 6ff4b2998aedf3a8ae18a071f1d121f3586aaf70 sha256
> b811224d635331de741f1723aefc41adda0a0a3a499ec310aa01dd3b4b95c8f2 
> pgp http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.9.tar.gz.asc
> 
> Fix crash on startup when upgrading from 4.1.x to 4.1.8, because
> of nsd.db format change.  This has no effect if nsd.db is deleted
> before upgrade or if database: "" is set in nsd.conf.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJW5/THAAoJEBXgoyUMySoFc9AP/3xCUYkIL56mzw4dxyzFia7v
CwjyUSBgDQeHc5uHVSr6ZyVgXwkEOd+ZdUMLj3hsfSvPzuO2ZRzhD4vtz8V6xzE1
DhwD6fM6ODfDrU06v3kmHVorc9N/svoEzsn3u5i0XDvHu4aplrJ5cEk5XMr6HWC1
eN5MMGFGFZcGYIs/5Uoall/rQiJy3QSsUN91HGh4mrKLhZeEHezsX5IVnByTrMp/
a9P5Fc6gqyUOZpCzPba6VUWz3W3sxg7qI9Zmr7ePkEajX18T8WRxddATPiStKCcO
aLJqL9kjMDieDqutrqH05AgCZhRqMzVxwBsniTxBnEcVfGeB6VycHrH7Qlqo081h
2DTXrhhM3tJjUQWysWrY/k9RBMEv/qbH2jJi4jynddhug+x2j2YK+efu/fcn2Nwq
ogfbvlEf3TMTa5Cuows2S1Nx+uITv3XfL5FqlPmF19oJSEpHhxe/s5DATxT5HidO
50gqpj0laIY79GL5ZK7YSavCSpYKoXLKvXsWyzjDc5Quc8y6ldbfr1DdrgujEr6q
e7IxBgRKdV29c+by7cN5AV107kqI3Zm7dXZ0nAkrg/h/n639Vnj9GzhdI3JCNCGy
W78X5ABug8xhAVUNteEd2yf3V5ZouHxogTr5LWotVG6daWP0Wb/jxeI2zBaKJUfU
Omn0bOzzWjk22qkXvbb/
=Wsfe
-----END PGP SIGNATURE-----

I would echo Anands endorsement of the nodb mode we use this for all of our TLD
secondaries and have found it very efficient and stable.

Brett

--
Brett Carr
Senior DNS Engineer
Nominet UK
> On 15 Mar 2016, at 11:40, Anand Buddhdev <anandb at ripe.net> wrote:
> 
> Signed PGP part
> Hi Wouter,
> 
> Thanks for this! We were affected by this issue as well, because some
> of our servers were still using the DB mode.
> 
> However, I have changed our internal SPEC file to build NSD with:
> 
> --with-dbfile=""
> 
> so that all our NSD instances will use plain text zone files by
> default, and simply not use the DB mode.
> 
> FYI for all NSD users. Wouter added this "nodb" mode at our
request,
> and it works really well for us. An NSD server that has only slave
> zones will XFR them all in at startup. Periodically (default every
> 1h), it will flush the zones to plain text files on disk, so that when
> NSD is restarted, it can read the zones back in. If 1 hour seems too
> long to wait before writing out changed zones to disk, one can adjust
> the value in nsd.conf.
> 
> In the event of a restart with unflushed zones, NSD will just read an
> older copy of the zone from disk, and then immediately XFR a new copy
> in. If you wish, you can also run "nsd-control write" before
> restarting NSD, so that it restarts with the freshest copy of zones.
> In my opinion though, all this isn't really necessary, because
> restarts are rare, and if the odd zone here or there hadn't been
> flushed to disk, it will be updated to the latest copy within moments
> of starting NSD.
> 
> I can highly recommend the "nodb" mode by setting
"database:" to "" in
> nsd.conf, or making this the default at compile time with the
> configure option I mentioned above.
> 
> Regards,
> Anand Buddhdev
> RIPE NCC
> 
> On 15/03/16 11:52, W.C.A. Wijngaards wrote:
> 
> > Hi,
> >
> > NSD 4.1.9 is available:
> > http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.9.tar.gz sha1
> > 6ff4b2998aedf3a8ae18a071f1d121f3586aaf70 sha256
> > b811224d635331de741f1723aefc41adda0a0a3a499ec310aa01dd3b4b95c8f2
> > pgp http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.9.tar.gz.asc
> >
> > Fix crash on startup when upgrading from 4.1.x to 4.1.8, because
> > of nsd.db format change.  This has no effect if nsd.db is deleted
> > before upgrade or if database: "" is set in nsd.conf.
> 
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL:
<http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20160315/ec1efd76/attachment.bin>

On 2016/03/15 12:40, Anand Buddhdev wrote:
> Thanks for this! We were affected by this issue as well, because some
> of our servers were still using the DB mode.
> 
> However, I have changed our internal SPEC file to build NSD with:
> 
> - --with-dbfile=""
> 
> so that all our NSD instances will use plain text zone files by
> default, and simply not use the DB mode.
> 
> FYI for all NSD users. Wouter added this "nodb" mode at our
request,
> and it works really well for us. An NSD server that has only slave
> zones will XFR them all in at startup. Periodically (default every
> 1h), it will flush the zones to plain text files on disk, so that when
> NSD is restarted, it can read the zones back in. If 1 hour seems too
> long to wait before writing out changed zones to disk, one can adjust
> the value in nsd.conf.
> 
> In the event of a restart with unflushed zones, NSD will just read an
> older copy of the zone from disk, and then immediately XFR a new copy
> in. If you wish, you can also run "nsd-control write" before
> restarting NSD, so that it restarts with the freshest copy of zones.
> In my opinion though, all this isn't really necessary, because
> restarts are rare, and if the odd zone here or there hadn't been
> flushed to disk, it will be updated to the latest copy within moments
> of starting NSD.
> 
> I can highly recommend the "nodb" mode by setting
"database:" to "" in
> nsd.conf, or making this the default at compile time with the
> configure option I mentioned above.
We're using this as the OpenBSD default too (after I ran into some
problems with the dbfiles before, which I suspect may possibly have
been related to lack of cache coherency between mmap and file access
on OpenBSD).

I was initially uncertain if switching to "nodb" mode might
introduce performance problems during restarts but it has been
absolutely fine.