search

aws-samples / aws-lambda-mirror-dns-function

AWS Lambda function to mirror DNS zone from on-premises DNS server to Route 53 private hosted zone.
Apache License 2.0
40 stars 27 forks source link

Wildcard records not handled #2

Open Jason-Crowe opened 7 years ago

Jason-Crowe commented 7 years ago

my source zone contains wildcard records of the form '*.test.example.com' when first run, i see the record added correctly in route53 as '*.test.example.com' however when rerun, i see:

Transferring zone example.com from server 1.2.3.4 Getting VPC SOA serial from Route 53 Comparing SOA serial 2017091200 with 2017091200 Updating as DELETE for A record 4.test TTL 300 in zone example.com with [<DNS IN A rdata: 2.3.4.5>] An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='4.test.example.com.', type='A'] but it was not found ERROR: Unable to update zone example.com

this appears to be a known issue with libraries that interact with route53. see: https://github.com/boto/boto/issues/818

the underlying cause is that route53 escapes non-alphanumeric characters see: http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html

so route53 is returning '\052.test.example.com' which gets misinterpreted somewhere in the python code and converted to '4.test.example.com'. since that record does not exist in the source zone, it is scheduled for deletion from route53. when the delete is attempted, it fails because there is no record for '4.test.example.com'.

it seems the python error is related to the difference between 052 (octal) => '*' and 52 (decimal) => '4' see: http://www.asciitable.com/

chrislmayes commented 6 years ago

Sure wish some of these were merged into master.