cmouse
commented
10 years ago Can you provide a full dump of your zone?
SELECT * FROM records WHERE domain_id = <id of domain>
Closed quentinsch closed 10 years ago
cmouse
commented
10 years ago Can you provide a full dump of your zone?
SELECT * FROM records WHERE domain_id = <id of domain>
cmouse
commented
10 years ago After rectify, that is.
quentinsch
commented
10 years ago Hi Aki,
See the attachment for the result as requested. Please be careful with the privacy of the information.
Best regards,
Quentin
Op 29 apr. 2014, om 14:12 heeft Aki Tuomi notifications@github.com het volgende geschreven:
After rectify, that is.
— Reply to this email directly or view it on GitHub.
cmouse
commented
10 years ago github does not parse attachments from emails. please send me a private email if you wish.
quentinsch
commented
10 years ago I cannot find how to send you an email. Can you send me one instead?
Regards,
Quentin
Op 29 apr. 2014, om 16:00 heeft Aki Tuomi notifications@github.com het volgende geschreven:
github does not parse attachments from emails. please send me a private email if you wish.
— Reply to this email directly or view it on GitHub.
cmouse
commented
10 years ago Well, if you really feel your data is that secret, you can send it to cmouse at cmouse dot fi.
cmouse
commented
10 years ago I cannot find any duplicates in your data, just non-terminals generated by rectify, which is expected.
If you have records
domain.com
dev.foo.bar.domain.comThen rectify will generate the labels required in between, namely,
bar.domain.com
foo.bar.domain.comwith type NULL. This is entirely expected and does not constitute a bug. You should consider upgrading your content field to 64000 characters btw.
quentinsch
commented
10 years ago Hi Aki,
Thank you for your analysis. If this is expected behavior, can you explain why this is useful? Because it seems to me it is just poisoning the database records, but there is probably a good explanation for it.
Best regards,
Quentin
Op 30 apr. 2014, om 14:49 heeft Aki Tuomi notifications@github.com het volgende geschreven:
I cannot find any duplicates in your data, just non-terminals generated by rectify, which is expected.
If you have records
domain.com dev.foo.bar.domain.com Then rectify will generate the labels required in between, namely,
bar.domain.com foo.bar.domain.com with type NULL. This is entirely expected and does not constitute a bug. You should consider upgrading your content field to 64000 characters btw.
— Reply to this email directly or view it on GitHub.
cmouse
commented
10 years ago @Habbie can provide better explanation, but see http://doc.powerdns.com/html/dnssec-modes.html
Habbie
commented
10 years ago I wrote this comment earlier but did not post it as @cmouse offered to actually look at a dump. Posting it now :)
The record is not duplicate. This NULL avoids having a 'hole' in your DNS name tree. For more information, please see http://doc.powerdns.com/html/dnssec-modes.html#dnssec-direct-database
Closing ticket.
When running pdnssec rectify-zone it seems to happen that some records are added in the database with NULL-values. For example:
The following A-record is added: wordpress.testdomain-testdomain.some-domain.com
Then run a: pdnssec rectify-zone some-domain.com When the rectify-zone is finished the following records are added to the database: 19835 920 testdomain-testdomain.some-domain.com NULL NULL NULL NULL NULL NULL 1
The original record is still there: 19025 920 wordpress.testdomain-testdomain.some-domain.nl A xxx.xxx.xxx.xxx 86400 0 1380017610 testdomain-testdomain wordpress 1
This does not happen with all domains and records, but it seems it has something to do with dashes (-) and/or underscores (_), but I cannot confirm this for sure.
OS used:
OS: CentOS 6.5 Kernel version: 2.6.32-431.5.1.el6.x86_64
Software used:
pdns-3.3.1-1.el6.x86_64 pdns-tools-3.3.1-1.el6.x86_64 pdns-backend-mysql-3.3.1-1.el6.x86_64