Closed ntoofu closed 2 years ago
When I query NS records at the apex of the zone, a RR in the additional section of the response has wrong domain name as follows:
$ dig +norec example.com. ns -p10053 @127.0.0.1 ; <<>> DiG 9.16.22 <<>> +norec example.com. ns -p10053 @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61786 ;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 85b08ee266e90b20 (echoed) ;; QUESTION SECTION: ;example.com. IN NS ;; ANSWER SECTION: example.com. 60 IN NS ns.test.example.com. ;; ADDITIONAL SECTION: example.com. 60 IN A 10.20.30.40 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#10053(127.0.0.1) ;; WHEN: Wed Aug 03 22:54:41 JST 2022 ;; MSG SIZE rcvd: 123
The domain name of the RR in the additional section should be ns.test.example.com., but that returned by k8s_gateway plugin is example.com..
ns.test.example.com.
example.com.
kubectl create namespace test
kubectl create service -n test loadbalancer ns --tcp 53:53
kubectl edit service -n test ns --subresource=status
status
status: loadBalancer: ingress: - ip: 10.20.30.40
.:10053 { log k8s_gateway example.com { apex ns.test kubeconfig /home/ntoofu/.kube/config } }
dig +norec example.com. ns -p10053 @127.0.0.1
Description
When I query NS records at the apex of the zone, a RR in the additional section of the response has wrong domain name as follows:
The domain name of the RR in the additional section should be
ns.test.example.com., but that returned by k8s_gateway plugin isexample.com..Reproduction
kubectl create namespace testkubectl create service -n test loadbalancer ns --tcp 53:53kubectl edit service -n test ns --subresource=statusstatusfield as follows:dig +norec example.com. ns -p10053 @127.0.0.1