TXT ownership is not honoured if AXFR is disabled #2935
Unanswered
AntonioAlfrz
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
The RFC2136 provider does not honour the TXT ownership when AXFR is disabled, that is, it updates/deletes DNS records even though they are not managed by it. This is due to the fact that if this feature is disabled, the list of records fetched by the binary is always empty:
external-dns/provider/rfc2136/rfc2136.go
Line 215 in 1de31c2
There are use cases whereby enabling AXFR on the DNS server is not an option due to security concerns. Could there be the possibility of adding a logic that checks the existence of the corresponding TXT record of each new addition instead of transferring the whole zone?
Regards,
Antonio
Beta Was this translation helpful? Give feedback.
All reactions