[Pdns-users] Possible AXFR Race Condition
Ton van Rosmalen
ton at netbase.nl
Wed Feb 23 08:04:08 UTC 2011
Hi,
Op 23-2-2011 8:54, p8x schreef:
> Hi all,
>
> After spending the day testing and mucking around I think I have
> narrowed it down slightly. On the master, I have about 77,000 domains.
> When I add a new zone to it I do the following:
>
> 1. A new zone is added to the supermaster server and a "pdns_control
> rediscover" is then run. The zone appears on the master and and queries
> to the zone work successful. At this step everything is ok.
I use the gmysql back-end but in a rather similar situation. After
adding a record to the database we execute:
pdns_control notify <domain>
> <snip>
> b) Send another notify from the master to the slave. This causes the
> symptom below where the zone gets added to the bind slave config file a
> second time. The zone transfer also happens this time, as can be seen
> with these log lines:
> Feb 23 15:22:29 dns2 pdns[17029]: Received NOTIFY for test.com from
> 192.168.1.10 for which we are not authoritative
> Feb 23 15:22:29 dns2 pdns[17029]: [bindbackend] Writing bind config zone
> statement for superslave zone 'test.com' from supermaster 203.1708
> Feb 23 15:22:29 dns2 pdns[17029]: Created new slave zone 'test.com' from
> supermaster 192.168.1.10, queued axfr
> Feb 23 15:22:29 dns2 pdns[17029]: Initiating transfer of 'test.com' from
> remote '192.168.1.10'
> Feb 23 15:22:29 dns2 pdns[17029]: AXFR started for 'test.com',
> transaction started
> Feb 23 15:22:29 dns2 pdns[17029]: Remote 192.168.1.10 tried to sneak in
> out-of-zone data '' during AXFR of zone 'test.com', ignoring
> Feb 23 15:22:29 dns2 pdns[17029]: Zone 'test.com'
> (/etc/powerdns/zones/test.com) reloaded
> Feb 23 15:22:29 dns2 pdns[17029]: AXFR done for 'test.com', zone committed
>
> I noticed after the second notify, the line saying "Can't determine
> backend for domain 'test.com'" does not appear, this only seems to
> happen after the first notify. I am assuming this is what is causing the
> issue, but I can't see why this is happening as a restart of the pdns
> server with no config changes seems to fix it.
>
> Has anyone experienced this?
>
I'm not sure if and why a 'rediscover' would send a different
notification but perhaps
you could test the approach I use to see if it works for the
bind-backend as well.
Regards,
Ton
More information about the Pdns-users
mailing list