xref: /src/external/bsd/nsd/dist/doc/TODO

Id

AUTOCONF
- check/translate arguments to --with-facility

ZONE COMPILER
- unify dns type table (name, dns type, yacc token, rdata types) prettier?
- unify dns class table (name, dns type, yacc token) prettier?
- one db file per zone (as an option?) (featurecreep)?
  req by Alex (Bit). So that after rsync, zonec is fast with many zones.
- if a zone is dropped from the config file, but not removed from the
  nsd.db. NSD refuses to start. Should skip/drop the zone.
  Redesign file format, so that you can skip a zone more easily, this
  also makes multiply db files easier.
- profile the zonec compiling speed. Speed it up. Many people complain about
  this.
- wireformat interop. testing for IPSECKEY type.
- chown nsd nsd.db (Paul Wouters nsd-users mail)

SERVER
- make sure that we dont copy anything from the query we dont want to copy, like
  funny headers etc
- From Aaron Hopkins: set O_NONBLOCK on all sockets. Now a udp raging herd of
  server can get woken up when a message arrives. One server handles the packet,
  the rest blocks on that socket and does not serve other sockets.
- From Aaron Hopkins: write tcp length and tcp data in one write operation,
  instead of multiple calls to write. Avoids Nagle algo delay in this case.
  preallocate 2 bytes in front of buffer to put them into.
- Test TCP performance (do a lot of AXFRs, different zone sizes, and compare
  time averages).
- From Aaron Hopkins: after you do select calls, do multiple read calls
  per select. This polling improves performance in high-load situations.
  Speed test to prove that it does so.
- Turn off TC bit on all error replies.
- Bug #133: print empty statistic blocks. Not sure if the feature is wanted.
- XFRD should throttle the number of notifys going out for a zone to
  x/minute. (even if updates are very often).
- Option to only notify a batch of slaves (from loads) at a time, with
  timeout between.
- Round robin selection to send notify to secondaries. So the last one
  on the notify list does not diverge.
- xfrd NOTIFY timeouts exponential backoff.
- query SOA before getting AXFR and then cutting it off, it causes an errlog
  on the master. 
- when verbose, print the ip addresses that cause network errors to the log.
- the server reaps children every minute, this is bad for powersaving laptops.
- Implement AXFR clarify, RFC 5936.

SECURITY

PURITY
- some data is in network order some in host order, make it clear with prefixes
  prettier?
- brush up the function and identifiers names
- The XFRD zone state can be split up in expired/service-possible and 
  in idle/zone-transfer-busy state flags. Is this more beautiful?
- no more #ifdefs, remove them all, but keep configure options.
- getflags on socket before setflags nonblocking.
- exponential backoff for retries xfrd and notify.
- conformance to RFC: NSD accepts TSIG before OPT in additional, but this
  is not legal, only TSIG after OPT is allowed.
- Allow for username: uid:gid, next to uid.gid.
- Log error when serial in xfrd.state is inconsistent with that from nsd.db.

NSD PATCH
- -q(?) option: no output when no patch necessary
- cleaner output on normal operation (don't mention memory)
- patch on demand after a xfrd reload has occurred (including checks for disk 
  memory and a reload timeout (no more often than 15 minutes or so)?).

CLEANUP
- make so that startup sends SOA_INFO to xfrd just like reload does, prettier? 
- dlopen and dynlib checks can be removed from autoconf scripts.
- If presentation format NSEC3 stays, put optout-iterations into one 4byte
  datatype, easier reading and printing, avoids ugly special cases.

DOCUMENTATION
- document what to do when adding (or removing) a config option (what
  changes have to be made in the code).

OPTIMISATIONS
- delete entire zone for AFXR during reload read in,
  now walks the tree, but could use a double linked list to speed up.
- less memory churn in deleting RRs/adding RRs: keep rrset->capacity num.
  initial read in capacity==limit, if you want to add RRs, alloc capacity*2.
- less memory churn in deleting rrsets : keep a linked list of deleted rrsets
  for reuse.
  Keep a list (based on buckets of size of the malloc) of rr arrays.
  Keep a list (based on buckets of size of malloc) of rdata arrays.
  Keep a list (buckets on size) of rdata_data allocs.
  For reuse, buckets on char size, because we know most are small anyway
  large ones can be discarded/churned.
- Look for special purpose memory allocators for NSD.
- compress dnames in ixfr queries (write_soa_buffer) (zone 2x, mname, rname).
  small gain, nasty code.
- compress dnames in tsig records, keyname, algorithmname.
- compress names in packets by pointing to uncompressed_dname entries.
  After each DNAME(with uncompressed target) follows a CNAME that can be
  compressed in this way.
- Do not give servfail during reload quit sync process. Only stop old
  server processes once the new ones are forked and answering for secondary
  zones (so when xfrd is done with sending zone state to all children).
  The brief double answers are preferable to brief SERVFAIL.
- nsd manual programs contain identical functions that are written down multiple 
  times. Do we need to introduce a util_programs.c or something?
- reduce the memory leak on zone transfers (deleted domains are not removed from
  tree).
- Options server: ip-address: and zone: outgoing-interface are pretty much the same.
- Options to make NSD restrict AXFR response messages to a single RR (RFC5936)

TESTS
- tpkg test for bug 157: a valid NSID EDNS0 option generates FORMERR on
	nsd-3.0.5
- tpkg test for bug 163: unable to read nsd.db when chroot'ed
- tpkg test for bug 164: chkconfig
- Update tpkg long tests
- tpkg test for bug 347: NSEC3 no data tests when requesting DS
From tpkg/bugzilla-bugs todo:
!  - other ways to test this?
! 3   "RCODE for dynamic updates" --- how to send dynamic updates?
! 20   "256 questions per-se should generate form err"
! 22   "trailing byte in queries (see also bug4)" ALLOW TESTING WITH TRACES
! 31   "query section not included in 'NotImp' answers to updates"
! 37   "invalid packet echoed on FormErr" - how to send stuff with tcp replay
! 100   "zonec alters RRSIG inception/expiration" on sparc only --- hmmmm
! 29   "NSD sends answer on notify"  - cannot send notify with DIG
M  - Moet nog
M 157   "return FORMERR if edns query is received with version=0 and rdlen>0"
M 163   "..."
M 164   "chkconfig"
-  - too little information to write a testcase
- 4   "Correctly handle queries with too much data"  to little info
- 6   "different name encodings?"
- 7   "sometimes label compression skip some parts"
- 8   "do not exit on sendto buffer exhaustion"
- 10   "Segmentation violation while trying to destroy the database on exit"
- 11   "EDNS(0) spurious formerr"
- 14   "Magic string alignment"
- 15   "nsd hangs on some queries..."
- 16   "zonec dumps core with HASH -z nl nl -c . examples/zones/root"
- 18   "name compression not quite 100% yet"
- 28   "Wrong additional section RRcount in case of EDNS."
- 35   "sending wrong name errors (NXDOMAIN)"
- 36   "we should not bounce on RR Type when doing a referral"