search

PowerDNS / pdns

PowerDNS Authoritative, PowerDNS Recursor, dnsdist
https://www.powerdns.com/
GNU General Public License v2.0
3.7k stars 908 forks source link

AXFR not working for disabled zones #9195

Open klaus3000 opened 4 years ago

klaus3000 commented 4 years ago

Short description

The docs at https://doc.powerdns.com/authoritative/backends/generic-sql.html state that disabled zones (records.disable=true on SOA records) can be slaved. This is not true. If a zone is disabled, AXFR requests fail with "not authoritative". This was tested with 4.1.9 and 4.3

Environment

Steps to reproduce

  1. Add a master zone
  2. UPDATE records SET disabled=true WHERE name='foo' AND type='SOA';
  3. dig @.... axfr foo

Expected behaviour

Either fix the docs or fix the code. I do not know how it should be.

Habbie commented 4 years ago

I'm leaning towards fixing the docs.

zeha commented 4 years ago

I believe the docs were written from a "slave" perspective - i.e., if a zone is disabled on the slave, it will still be slaved from the master.

klaus3000 commented 4 years ago

Disabling on the slave would be rather silly (as the zone would be re-enabled with every XFR). Hence I thought it would be written from master perspective. So yes, the docs should be improved/fixed.