inbound IXFR to bindbackend quietly fails

[paddg]

• Program: Authoritative
• Issue type: Bug report ~or Feature request, I'm not sure :-)~

Short description

I tried to slave a zone in Bind backend via IXFR. The documentation suggests it works: https://doc.powerdns.com/authoritative/domainmetadata.html#ixfr https://doc.powerdns.com/authoritative/modes-of-operation.html#ixfr-incremental-zone-transfers

But it does not work. pdnsserver claims Done with IXFR of ..._, but it does not write the slave zone file and it does not serve the new zone version.

This could be a software bug or a documentation error. I don't know.

[ahupowerdns]

So after a little bit of study, it turns out our IXFR code uses methods that are implemented by the generic backends, but not by the BIND backend. In addition, even though the BIND backend returns false on those calls, we do not turn that into a useful error message that tells you what is going on. We also should not attempt IXFR if the backend can't do it.

The fix is to teach the BIND backend what to do (since IXFR is useful there) and to make sure we do not attempt IXFR for backends that can't do it, or at the very least generate a useful error message and good fallback behaviour.

[zeha]

Teaching BIND backend about this might also make it (API) edit capable?