Issue #106: Zones with conditional forwarder are not removed properly when zone refresh is enabled - bind-dyndb-ldap

bind-dyndb-ldap

#106 Zones with conditional forwarder are not removed properly when zone refresh is enabled

Closed: Invalid None Opened 11 years ago by pspacek.

This ticket is clone of ticket #96. This ticket tracks the status for zone-refresh enabled configurations.

Conditional forwarder is still active even after zone deletion:

Add forwarder for zone idm.lab.bos.redhat.com:

$ ipa dnszone-add idm.lab.bos.redhat.com --name-server=vm-061.idm.lab.bos.redhat.com. --admin-email='hostmaster@ad.lan' --force --forwarder=10.16.78.61 --forward-policy=only



$ dig @127.0.0.1 -t ANY test.idm.lab.bos.redhat.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64187
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; ANSWER SECTION:
test.idm.lab.bos.redhat.com. 86400 IN   TXT "666"

;; AUTHORITY SECTION:
idm.lab.bos.redhat.com. 86400   IN  NS  vm-061.idm.lab.bos.redhat.com.

;; ADDITIONAL SECTION:
vm-061.idm.lab.bos.redhat.com. 1200 IN  A   10.16.78.61



$ ipa dnszone-del idm.lab.bos.redhat.com

Named will log a message if debug level >= 1:

zone 'idm.lab.bos.redhat.com' not found in zone register

Zone is still resolvable through the forwarder:

$ dig @127.0.0.1 -t ANY test2.idm.lab.bos.redhat.com

; <<>> DiG 9.9.1-P3-RedHat-9.9.1-9.P3.fc17 <<>> @127.0.0.1 -t ANY test2.idm.lab.bos.redhat.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14943
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; ANSWER SECTION:
test2.idm.lab.bos.redhat.com. 86400 IN  TXT "another" "value" "obtained" "from" "forwarder"

;; AUTHORITY SECTION:
idm.lab.bos.redhat.com. 86190   IN  NS  vm-061.idm.lab.bos.redhat.com.

;; ADDITIONAL SECTION:
vm-061.idm.lab.bos.redhat.com. 990 IN   A   10.16.78.61

Expected result:
Record test2 should not be resolvable.

pspacek commented 11 years ago

This problem will disappear after converting pure forward zones (in BIND9 zones with type forward) to new idnsForwardZone object class. Plugin version >= 3.0 support the new object class.

pspacek commented 9 years ago

I'm closing this ancient ticket. Zone refresh is not supported anymore and latest version of bind-dyndb-ldap supports forward zones only in idnsForwardZone object class.

Metadata Update from @pspacek:
- Issue assigned to pspacek
- Issue set to the milestone: Fedora 20

7 years ago

Metadata

Assignee

pspacek

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

Fedora 20

rhbz

blockedby

None

blocking

None

fixedby

760bebb0e8744301420cf6e4918690ed171529a2, 3bf0d6fa6e6fe1bd81882a6819e9680e9c069997, bff6d68ac200ea1ab543b090ab2763e2437a48ce

fixedin

5.0

proposedmilestone

None

type

defect

component

ldap driver

version

None

keywords

nihsyndrome

None

bind-dyndb-ldap

Source Code

Documentation

#106 Zones with conditional forwarder are not removed properly when zone refresh is enabled Closed: Invalid None Opened 11 years ago by pspacek.

Metadata

#106 Zones with conditional forwarder are not removed properly when zone refresh is enabled

Closed: Invalid None Opened 11 years ago by pspacek.