Some feedback for you.
A primary name server is a name server that gets the data for its
zones from local files. Changes to a zone, such as adding domains or
hosts, are done at the Primary Name Server. A secondary name server
gets the data for its zones from another name server across the
network which is authoritative for that zone. The processes of
obtaining this zone information (that is the database file) across the
network is referred to as a zone transfer.
Since bind 8 I believe the nomenclature that has been widely adopted
is a "master" nameserver (corresponding to a master zone configured on
that host) and multiple "slave" nameservers which keep their copies
of the zone up-to-date using zone transfers. Probably makes sense to
make use of the current terminology.
Zone Transfers will be allowed provided:
I think that there are numerous reasons to perform a zone transfer
which are not covered here, which would be consistent with the
privacy act provision in point 2. It seems to me that the list is
unnecessarily restrictive in presuming to know all the reasons
an operator might have for performing a zone transfer.
I also think that there is nothing wrong with statistics gathering.
Understanding trends makes the network a safer place. I do not
understand your earlier point that data for statistical analysis
would be available on the web, but not by zone transfer...
Perhaps I misunderstood it.
I would rephrase point (3) to be something like:
that it is not for the purpose of allowing, enabling or otherwise
supporting the transmission of mass unsolicitited, commercial
advertising or solicitatious e-mail.
I would also make point (4) a little more general, and allow
zone transfers to facilitate "operational network engineering".
Is it reasonable for a request not to contain a detailed description
of the reason for wanting to perform a zone transfer? What is a
Is the idea of this policy to be prepared in the event that a
flagrant misuse of the zone data occurs? If so, I think it's
a good idea.
If the idea is to implement an immediate set of restrictions on
zone transfers, and to administer zone transfer access control
(including all associated adds, moves and changes) for all
secondary nameservers, then I remain slightly dubious :)
To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz
where the body of your message reads: