>Regarding whether notifies are still plain UDP. Yes, the config parser >doesn't accept additional arguments to "notify" and judging by the xfrd >code anything to do with notify is using UDP, so no TLS yet.Is there currently or will there by provision for NOTIFY over TCP? Knot-DNS only supports NOTIFY over TCP and not UDP, so interoperabilty is in danger. nsd.conf(5) doesn't mention protocol in either notify: or allow-notify: so I'm hoping [1] will add this capability. Is it worth an additional issue there? -JP [1] https://github.com/NLnetLabs/nsd/issues/365
On 30/07/2024 22:16, Jan-Piet Mens via nsd-users wrote: Hi Jan-Piet,> Knot-DNS only supports NOTIFY over TCP and not UDP, so interoperabilty > is in > danger. nsd.conf(5) doesn't mention protocol in either notify: or allow- > notify: > so I'm hoping [1] will add this capability.Knot DNS sends NOTIFY only over TCP. However, it will *accept* NOTIFY over both UDP and TCP. NSD sends NOTIFY only over UDP. However, it will *accept* NOTIFY over both UDP and TCP. Therefore, Knot DNS and NSD will interoperate as far as NOTIFY is concerned. Regards, Anand