search

NLnetLabs / nsd

The NLnet Labs Name Server Daemon (NSD) is an authoritative, RFC compliant DNS nameserver.
https://nlnetlabs.nl/nsd
BSD 3-Clause "New" or "Revised" License
444 stars 101 forks source link

Report failure of primaries with secondary zones #325

Open wtoorop opened 5 months ago

wtoorop commented 5 months ago

It would be nice if nsd-control zonestatus would report on failed primaries and also the error code (EDE code if available) with which they failed. Especially if all primaries failed it would be nice if there is a special message logged that this is the case.

As discussed in the context of catalog zones with @pettai

pettai commented 3 weeks ago

A mash-up could look something like:

$ nsd-control zonestatus sunet.se
zone:   sunet.se
    state: ok
    served-serial: "2024082105 since 2024-08-21T16:05:40"
    commit-serial: "2024082105 since 2024-08-21T16:05:40"
    wait: "13162 sec between attempts"
    primary-ns: "192.36.125.2 is reachable"

and possibly 

$ nsd-control zonestatus sunet.se
zone:   sunet.se
    state: refreshing
    served-serial: "2024082105 since 2024-08-21T16:05:40"
    commit-serial: "2024082105 since 2024-08-21T16:05:40"
    wait: "126231 sec between attempts"
    primary-ns: "192.36.125.2 is unreachable since ..."

but other ideas on the format are welcome...

pettai commented 3 weeks ago

just remembered that a kv for TSIG also would be valuable to see:

$ nsd-control zonestatus sunet.se
zone:   sunet.se
    state: ok
    served-serial: "2024082105 since 2024-08-21T16:05:40"
    commit-serial: "2024082105 since 2024-08-21T16:05:40"
    wait: "13162 sec between attempts"
    primary-ns: "192.36.125.2 is reachable"
    tsig-key: "somekeyname"
$ nsd-control zonestatus sunet.se
zone:   sunet.se
    state: refreshing
    served-serial: "2024082105 since 2024-08-21T16:05:40"
    commit-serial: "2024082105 since 2024-08-21T16:05:40"
    wait: "126231 sec between attempts"
    primary-ns: "192.36.125.2 is unreachable since ..."
    tsig-key: ""