#102 Invalid zone is not reloaded after a record change
Closed: Fixed None Opened 11 years ago by pspacek.

https://bugzilla.redhat.com/show_bug.cgi?id=893571 (Red Hat Enterprise Linux 6)

Description of problem:

1) IPA user is adding a new zone with relative nameserver name:
$ ipa dnszone-add example.test --name-server=ns --ip-address=127.0.0.1
--admin-email=admin.test

Zone is successfully created in LDAP.


2) BIND logs some errors:

named[2310]: zone example.test/IN: NS 'ns.example.test' has no address records
(A or AAAA)
named[2310]: zone example.test/IN: not loaded due to errors.
named[2310]: update_zone (psearch) failed for
'idnsname=example.test,cn=dns,dc=example,dc=com'. Zones can be outdated, run
`rndc reload`: bad zone
named[2310]: SOA serial number incrementation failed in zone
'idnsname=example.test,cn=dns,dc=example,dc=com'
named[2310]: update_record (psearch) failed, dn
'idnsname=ns,idnsname=example.test,cn=dns,dc=example,dc=com' change type 0x1.
Records can be outdated, run `rndc reload`: zone not loaded


3) The new zone is not functional:
$ dig @127.0.0.1 -t ANY example.test.
;; ->>HEADER<<- opcode: QUERY, status: *SERVFAIL*, id: 59367


4) Changing some record doesn't help:
$ ipa dnsrecord-add example.test newrec --txt-rec="string"
  Record name: newrec
  TXT record: string

$ sudo tail /var/log/messages
named[2310]: SOA serial number incrementation failed in zone
'idnsname=example.test,cn=dns,dc=example,dc=com'
named[2310]: update_record (psearch) failed, dn
'idnsname=newrec,idnsname=example.test,cn=dns,dc=example,dc=com' change type
0x1. Records can be outdated, run `rndc reload`: zone not loaded


5) BIND reload helps:
$ sudo rndc reload
server reload successful

$ dig @127.0.0.1 -t ANY example.test.
;; ->>HEADER<<- opcode: QUERY, status: *NOERROR*, id: 45274


Version-Release number of selected component (if applicable):
bind-dyndb-ldap-2.3-1.el6.x86_64
ipa-server-3.0.0-19.el6.x86_64
ipa-admintools-3.0.0-19.el6.x86_64


How reproducible:
Fine on vm-115, but it is a race condition...


Steps to Reproduce:
above


Actual results:
The new zone return SERVFAIL.


Expected results:
The new zone is functional.

I found that reload is not done if serial_autoincrement feature is disabled. Patch is on the list.

Metadata Update from @pspacek:
- Issue assigned to pspacek
- Issue set to the milestone: Fedora 19

7 years ago

Login to comment on this ticket.

Metadata