Habbie
commented
11 years ago Attachment 'MySQL dump with single zone showing defect.' (powerdnslab.sql) https://gist.github.com/5466603
Closed Habbie closed 11 years ago
Habbie
commented
11 years ago Attachment 'MySQL dump with single zone showing defect.' (powerdnslab.sql) https://gist.github.com/5466603
Habbie
commented
11 years ago Attachment 'The patch removes the conditionals that add the spurious SOA.' (pdns-packethandler.cc.patch) https://gist.github.com/5466604
Habbie
commented
11 years ago Author: anon You can see the defect after loading the MySQL dump by querying the kgctest zones.
Spurious SOA with glue that points to self:
[augie@augnix tmp]$ dig mx kgctest.sf.ca.us @pdns-lab.sr.sonic.net
; <<>> DiG 9.3.1 <<>> mx kgctest.sf.ca.us @pdns-lab.sr.sonic.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48736
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 2
;; QUESTION SECTION:
;kgctest.sf.ca.us. IN MX
;; AUTHORITY SECTION:
sf.ca.us. 259200 IN SOA ns1.sonic.net. hostmaster.sonic.net. 2006122202 3600 300 1209600 3600
kgctest.sf.ca.us. 259200 IN NS kgctest.sf.ca.us.
kgctest.sf.ca.us. 259200 IN NS ns2.kgctest.sf.ca.us.
;; ADDITIONAL SECTION:
kgctest.sf.ca.us. 259200 IN A 64.142.122.13
ns2.kgctest.sf.ca.us. 259200 IN A 64.142.122.14
;; Query time: 3 msec
;; SERVER: 64.142.100.91#53(64.142.100.91)
;; WHEN: Fri Dec 29 11:47:14 2006
;; MSG SIZE rcvd: 167No spurious SOA when glue points elsewhere:
[augie@augnix tmp]$ dig mx kgctest2.sf.ca.us @pdns-lab.sr.sonic.net
; <<>> DiG 9.3.1 <<>> mx kgctest2.sf.ca.us @pdns-lab.sr.sonic.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44482
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;kgctest2.sf.ca.us. IN MX
;; AUTHORITY SECTION:
kgctest2.sf.ca.us. 259200 IN NS ns1.kgctest2.inavlid.
kgctest2.sf.ca.us. 259200 IN NS ns2.kgctest2.inavlid.
;; Query time: 4 msec
;; SERVER: 64.142.100.91#53(64.142.100.91)
;; WHEN: Fri Dec 29 11:47:12 2006
;; MSG SIZE rcvd: 87Author: ahu Strangely enough, this problem does not appear in the trunk of my code! Could you try with the latest snapshot from http://svn.powerdns.com/snapshots ?
Habbie
commented
11 years ago Author: anon http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/947 fixed this.
pdns_server = 2.9.21-svn.20061029.908
mysql> select name,type,content from records where name = 'wraith.sf.ca.us';
+-----------------+------+------------------------+| name | type | content |+-----------------+------+------------------------+| wraith.sf.ca.us | A | 192.58.220.5 || wraith.sf.ca.us | NS | wraith.sf.ca.us || wraith.sf.ca.us | NS | smidge.wraith.sf.ca.us |+-----------------+------+------------------------+In this situation with a delegated domain with glue pointing at itself and on an authoritative server without recursion available PowerDNS will return an SOA record even when not queried for:
[augie@augnix ~]$ dig mx wraith.sf.ca.us @pdns-lab.sr.sonic.net
However with recursion available, the spurious SOA does not appear:
[augie@augnix ~]$ dig mx wraith.sf.ca.us @pdns-lab.sr.sonic.net
The spurious SOA stops some resolvers in their tracks and will cause them to stop recursing the tree, and thus in this case the correct MX record is never found.