[Pdns-users] Slave zone just won't refresh....
Gary Shaver
gshaver at he.net
Wed Jun 9 22:04:31 UTC 2010
Hi Bert,
I have a few that we've put on a bind server locally here. We were
providing secondary service for one domain that had WKS records (which
is how I ended up starting down this road).
Here are the WKS records that customer's nameserver was spitting out
towards us.
atlantica.us. 604800 IN WKS 173.16.9.10 6 22 25 42 53 80 113 443 6667 8008
atlantica.us. 604800 IN WKS 173.16.9.10 17 22 25 42 53 80 443 8008
*.atlantica.us. 604800 IN WKS 173.16.9.10 6 22 25 42 53 80 113 443 6667
8008
*.atlantica.us. 604800 IN WKS 173.16.9.10 17 22 25 42 53 80 443 8008
Ariel.atlantica.us. 604800 IN WKS 173.16.9.10 6 22 25 42 80 113 443 6667
8008
Ariel.atlantica.us. 604800 IN WKS 173.16.9.10 17 22 25 42 80 443 8008
It seems shorter versions of the WKS record will go in, but they cause
other issues. (see below)
For example: This record will actually work, and be entered into the
database without crashing the backend.
root at ns1:~# dig test-wks-good.com @ns1.csbd.org AXFR
; <<>> DiG 9.4.2-P2.1 <<>> test-wks-good.com @ns1.csbd.org AXFR
;; global options: printcmd
test-wks-good.com. 86400 IN SOA ns1.csbd.org. hostmaster.csbd.org.
2010060902 10800 1800 604800 86400
test-wks-good.com. 86400 IN NS ns1.csbd.org.
test-wks-good.com. 86400 IN NS ns2.csbd.org.
test-wks-good.com. 86400 IN A 10.1.1.2
test-wks-good.com. 86400 IN WKS 173.16.9.10 6 22
test-wks-good.com. 86400 IN SOA ns1.csbd.org. hostmaster.csbd.org.
2010060902 10800 1800 604800 86400
;; Query time: 1 msec
;; SERVER: 2001:470:1:111::21#53(2001:470:1:111::21)
;; WHEN: Wed Jun 9 14:51:39 2010
;; XFR size: 6 records (messages 1, bytes 198)
But getting anything back out is futile.
# dig test-wks-good.com @ns1.he.net AXFR
; <<>> DiG 9.4.2-P2.1 <<>> test-wks-good.com @ns1.he.net AXFR
;; global options: printcmd
test-wks-good.com. 86400 IN SOA ns1.csbd.org. hostmaster.csbd.org.
2010060902 10800 1800 604800 86400
;; Got bad packet: FORMERR
115 bytes
56 57 84 00 00 01 00 04 00 00 00 00 0d 74 65 73
74 2d 77 6b 73 2d 67 6f 6f 64 03 63 6f 6d 00 00
fc 00 01 c0 0c 00 02 00 01 00 01 51 80 00 0e 03
6e 73 31 04 63 73 62 64 03 6f 72 67 00 c0 0c 00
02 00 01 00 01 51 80 00 06 03 6e 73 32 c0 33 c0
0c 00 01 00 01 00 01 51 80 00 04 0a 01 01 02 c0
0c 00 00 00 01 00 01 51 80 00 08 ad 10 09 0a 06
00 00 02
-- database entry --
id domain_id name type content ttl prio
26038029 112454 test-wks-good.com #11 \# 8 ad10090a06000002 86400
If I can be of further help, please let me know,
Gary
On 6/9/10 2:37 PM, bert hubert wrote:
> Garry,
>
> "2.6.1 WKS WKS records are deprecated in [RFC 1123]. They serve no known
> useful function, except internally among LISP machines"
>
> Normally we'd whip up an implementation just to have the issue go away, but
> it is a pretty weird record type too, containing a bitmap of protocols.
>
> Unknown record type support might save us, but it is not quite there yet it
> appears.
>
> I struggle to find some WKS zone file examples btw, do you have any?
>
> Bert
>
> On Wed, Jun 09, 2010 at 02:31:22PM -0700, Gary Shaver wrote:
>> Hi Ken,
>>
>> I just found your ticket from abut 4 years ago... Seems strange that
>> it's still a bug. We just ran a few tests and yep.. you were
>> completely correct, WKS records just piss off pdns something fierce.
>>
>> I'll consolidate the test case down to something reasonable and
>> submit a bug report.
>>
>> Gary
>>
>> On 6/9/10 12:54 PM, Kenneth Marshall wrote:
>>> Ah, I hit the same problem. WKS records are not supported by
>>> PDNS. On top of that, they are not really useful and have not
>>> been for quite a while. Try nuking them and your zone should
>>> transfer fine.
>>>
>>> Regards,
>>> Ken
>>>
>>> On Wed, Jun 09, 2010 at 11:43:27AM -0700, Gary Shaver wrote:
>>>>
>>>>
>>>> On 6/9/10 5:49 AM, Kenneth Marshall wrote:
>>>>
>>>>>> another issue that I've run into was another slave zone. This had pdns
>>>>>> cycling every 2-3 seconds
>>>>>>
>>>>>> Jun 7 00:48:44 ns1 pdns[10216]: Initiating transfer of 'axxxxxxxa.us'
>>>>>> from
>>>>>> remote '216.117.186.93'
>>>>>> Jun 7 00:48:45 ns1 pdns[10216]: AXFR started for 'axxxxxxxa.us',
>>>>>> transaction started
>>>>>> Jun 7 00:48:45 ns1 pdns[10216]: Communicator thread died because of
>>>>>> error:
>>>>>> Failed to execute mysql_query, perhaps connection died? Err=1: You have
>>>>>> an
>>>>>> error in your SQL syntax; check the manual that corresponds to your MySQL
>>>>>> server version for the right syntax to use near ''\\# 1007
>>>>>> ad10090a0600000240002000000000800000
>>>>>> 0040000000000000000000000000000000' at line 1
>>>>>> Jun 7 00:48:46 ns1 pdns[16017]: Our pdns instance exited with code 0
>>>>>> Jun 7 00:48:46 ns1 pdns[16017]: Respawning
>>>>>> Jun 7 00:48:47 ns1 pdns[10258]: Guardian is launching an instance
>>>>>>
>>>>>> Simply removing the zone puts everything back in a happy state, so It's
>>>>>> not
>>>>>> a timeout issue. Are there any debugging options that can be turned on
>>>>>> for
>>>>>> the mysql backend? I didn't find any referenced in the documentation and
>>>>>> increasing the loglevel doesn't give me any additional information.
>>>>>>
>>>>>> I've pulled down the zone and besides the laundry list of different
>>>>>> record
>>>>>> types, it looks fine. I can sanitize it an post it if that would help.
>>>>>>
>>>>>> The pdns version is the static .deb package from the main download page.
>>>>>>
>>>>>> Any help is appreciated.
>>>>>>
>>>>>> Thanks,
>>>>>> Gary
>>>>>>
>>>>>
>>>>> Hi Gary,
>>>>>
>>>>> Try enabling the MySQL query logging to see what command is being
>>>>> received by the backend. You can also bump the logging level on the
>>>>> PDNS system to see if it gives you more information. Have you changed
>>>>> any of the default queries? What is your PDNS configuration, including
>>>>> the backend chosen? At 27 entries, you could post the entire zone but
>>>>> if the problem is a weird character, sanitizing it will make the
>>>>> information useless. I would try bumping the debugging levels first.
>>>>> I cannot help much on the MySQL side since we use PostgreSQL as the
>>>>> backend database.
>>>>
>>>> I already tried both of those. Increasing the loglevel didn't yield any
>>>> additional information and query log didn't include the query, I suspect
>>>> due to it's failure.
>>>>
>>>> I've attached the zone. I've changed the hostnames and ip's. The remainder
>>>> of the zone is untouched.
>>>>
>>>> Gary
>>>>
>>>>> Regards,
>>>>> Ken
>>>>>> --
>>>>>> Gary Shaver | Voice 510.580.4100, Fax 510.580.4151
>>>>>> Hurricane Electric | AS6939
>>>>>> Network Operations | http://www.he.net
>>>>>>
>>>>>> _______________________________________________
>>>>>> Pdns-users mailing list
>>>>>> Pdns-users at mailman.powerdns.com
>>>>>> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> Gary Shaver | Voice 510.580.4100, Fax 510.580.4151
>>>> Hurricane Electric | AS6939
>>>> Network Operations | http://www.he.net
>>>>
>>>
>>>> ;<<>> DiG 9.4.2-P2.1<<>> axxxxxxxx.us @10.117.186.93 AXFR
>>>> ;; global options: printcmd
>>>> axxxxxxxx.us. 7200 IN SOA DD1.axxxxxxxx.us. AtlDNS.Fxxxxxl.Com. 2010060736 1200 600 2419200 10800
>>>> axxxxxxxx.us. 7200 IN NS DD1.axxxxxxxx.us.
>>>> axxxxxxxx.us. 7200 IN NS NS1.SxxxxxP.US.
>>>> axxxxxxxx.us. 604800 IN AAAA 2fff:470:e056::
>>>> axxxxxxxx.us. 604800 IN AAAA 2fff:ad10:90a::
>>>> axxxxxxxx.us. 604800 IN A 192.168.9.10
>>>> axxxxxxxx.us. 604800 IN WKS 192.168.9.10 6 22 25 42 80 113 443 6667 8008
>>>> axxxxxxxx.us. 604800 IN WKS 192.168.9.10 17 22 25 42 80 443 8008
>>>> axxxxxxxx.us. 604800 IN MX 10 Mail.axxxxxxxx.us.
>>>> axxxxxxxx.us. 604800 IN MX 30 Mail.Rxxxxxxxt.US.
>>>> axxxxxxxx.us. 604800 IN MX 30 Mail2.Rxxxxxxxt.US.
>>>> axxxxxxxx.us. 604800 IN MX 40 ASPMX.L.Google.Com.
>>>> axxxxxxxx.us. 604800 IN MX 50 Alt1.ASPMX.L.Google.Com.
>>>> axxxxxxxx.us. 604800 IN MX 50 Alt2.ASPMX.L.Google.Com.
>>>> axxxxxxxx.us. 604800 IN MX 60 ASPMX2.GoogleMail.Com.
>>>> axxxxxxxx.us. 604800 IN MX 60 ASPMX3.GoogleMail.Com.
>>>> axxxxxxxx.us. 604800 IN MX 60 ASPMX4.GoogleMail.Com.
>>>> axxxxxxxx.us. 604800 IN MX 60 ASPMX5.GoogleMail.Com.
>>>> axxxxxxxx.us. 604800 IN MX 80 mxbackup1.junkemailfilter.com.
>>>> axxxxxxxx.us. 604800 IN MX 90 mxbackup2.junkemailfilter.com.
>>>> axxxxxxxx.us. 604800 IN TXT "v=spf1 mx ip6:2fff:470:e056::/48 ptr exists:%{i}.%{l}.%{o}._spf.%{d} -all exp=explain._spf.%{d}"
>>>> axxxxxxxx.us. 604800 IN RP Philip.axxxxxxxx.us. Contact.axxxxxxxx.us.
>>>> *.axxxxxxxx.us. 604800 IN CNAME Axxxxxxxxa.US.
>>>> explain._spf.axxxxxxxx.us. 604800 IN TXT "%{s} - %{i} is not one of %{d}'s designated mail servers.."
>>>> AO2.axxxxxxxx.us. 7200 IN A 10.37.196.55
>>>> AO2.axxxxxxxx.us. 7200 IN AAAA 2fff:470:8:198::53:2
>>>> AO2.axxxxxxxx.us. 7200 IN AAAA 2fff:ad10:90a::53
>>>> Ariel.axxxxxxxx.us. 604800 IN A 192.168.9.10
>>>> Ariel.axxxxxxxx.us. 604800 IN HINFO "PC-Intel-400MHz" "Ubuntu Linux"
>>>> Ariel.axxxxxxxx.us. 604800 IN MX 11 Ariel.axxxxxxxx.us.
>>>> Ariel.axxxxxxxx.us. 604800 IN TXT "v=spf2.0/pra mx a ptr -all"
>>>> Ariel.axxxxxxxx.us. 604800 IN TXT "v=spf1 include:axxxxxxxx.us -all"
>>>> Ariel.axxxxxxxx.us. 604800 IN AAAA 2fff:470:e056:1:2::
>>>> Ariel.axxxxxxxx.us. 604800 IN AAAA 2fff:ad10:90a:1:2::
>>>> Ariel.axxxxxxxx.us. 604800 IN SSHFP 1 1 06725056467348BBFFF152EE2C1F99A0720FBC31
>>>> Ariel.axxxxxxxx.us. 604800 IN SSHFP 2 1 BB1451F9F40EA800AFF39BF55F3E6B4484544757
>>>> *.Ariel.axxxxxxxx.us. 604800 IN CNAME Ariel.Axxxxxxxxa.US.
>>>> _http._tcp.Ariel.axxxxxxxx.us. 604800 IN SRV 5 0 8080 www.Ariel.Axxxxxxxxa.US.
>>>> _www._tcp.Ariel.axxxxxxxx.us. 604800 IN SRV 5 0 8080 www.Ariel.Axxxxxxxxa.US.
>>>> IRC.Ariel.axxxxxxxx.us. 604800 IN CNAME IRC.Axxxxxxxxa.US.
>>>> DD1.axxxxxxxx.us. 7200 IN A 216.117.186.93
>>>> DD2.axxxxxxxx.us. 7200 IN A 10.111.175.42
>>>> Docs.axxxxxxxx.us. 604800 IN CNAME GHS.Google.Com.
>>>> IRC.axxxxxxxx.us. 86400 IN CNAME IRC.IPv6.FreeNode.Net.
>>>> Mail.axxxxxxxx.us. 604800 IN A 192.168.9.10
>>>> Mail.axxxxxxxx.us. 604800 IN AAAA 2fff:470:e056:1:7::1
>>>> Mail.axxxxxxxx.us. 604800 IN AAAA 2fff:ad10:90a:1:7::1
>>>> NS1.axxxxxxxx.us. 7200 IN A 192.168.9.10
>>>> NS1.axxxxxxxx.us. 7200 IN AAAA 2fff:470:8:198::53:1
>>>> NS1.axxxxxxxx.us. 7200 IN AAAA 2fff:ad10:90a::
>>>> Sebastian.axxxxxxxx.us. 604800 IN A 192.168.9.10
>>>> Sebastian.axxxxxxxx.us. 604800 IN AAAA 2fff:470:e056:1:4::
>>>> Sebastian.axxxxxxxx.us. 604800 IN AAAA 2fff:ad10:90a:1:4::
>>>> Sites.axxxxxxxx.us. 604800 IN CNAME GHS.Google.Com.
>>>> Start.axxxxxxxx.us. 604800 IN CNAME GHS.Google.Com.
>>>> www.axxxxxxxx.us. 604800 IN CNAME Axxxxxxxxa.US.
>>>> XN0.axxxxxxxx.us. 7200 IN A 10.234.42.1
>>>> XN1.axxxxxxxx.us. 7200 IN A 10.98.164.164
>>>> Z12.axxxxxxxx.us. 7200 IN A 10.62.64.46
>>>> Z15.axxxxxxxx.us. 7200 IN A 10.227.210.9
>>>> axxxxxxxx.us. 7200 IN SOA DD1.axxxxxxxx.us. AtlDNS.Fxxxxxl.Com. 2010060736 1200 600 2419200 10800
>>>> ;; Query time: 169 msec
>>>> ;; SERVER: 10.117.186.93#53(216.117.186.93)
>>>> ;; WHEN: Mon Jun 7 21:21:02 2010
>>>
>>>
>>>
>>>
>>
>> --
>> Gary Shaver | Voice 510.580.4100, Fax 510.580.4151
>> Hurricane Electric | AS6939
>> Network Operations | http://www.he.net
>>
>> _______________________________________________
>> Pdns-users mailing list
>> Pdns-users at mailman.powerdns.com
>> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>>
>
>
> !DSPAM:4c1009bd99323534212390!
>
--
Gary Shaver | Voice 510.580.4100, Fax 510.580.4151
Hurricane Electric | AS6939
Network Operations | http://www.he.net
More information about the Pdns-users
mailing list