Learn more about these different git repos.
Other Git URLs
First of all, query for some record in non-existent zone:
$ dig @127.0.0.1 -t ANY test.idm.lab.bos.redhat.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13496 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 7 ;; ANSWER SECTION: test.idm.lab.bos.redhat.com. 600 IN MX 10 mx1.redhat.com. ;; AUTHORITY SECTION: redhat.com. 600 IN NS ns4.redhat.com.
Now add the conditional forwarder for idm.lab.bos.redhat.com:
idm.lab.bos.redhat.com
$ ipa dnszone-add idm.lab.bos.redhat.com --name-server=vm-061.idm.lab.bos.redhat.com. --admin-email='hostmaster@ad.lan' --force --forwarder=10.16.78.61 --forward-policy=only
... and repeat the query. It should return existing record test.idm.lab.bos.redhat.com but it incorrectly returns cached result:
test.idm.lab.bos.redhat.com
$ dig @127.0.0.1 -t ANY test.idm.lab.bos.redhat.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34582 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 7 ;; QUESTION SECTION: ;test.idm.lab.bos.redhat.com. IN ANY ;; ANSWER SECTION: test.idm.lab.bos.redhat.com. 448 IN MX 10 mx1.redhat.com. ;; AUTHORITY SECTION: redhat.com. 448 IN NS ns4.redhat.com.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=869324
The expected output = data from record DNS server vm-061.idm.lab.bos.redhat.com. Right data will pop up after cache TTL timeouts - 600 seconds in example above.
$ dig @127.0.0.1 -t ANY test.idm.lab.bos.redhat.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64183 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; ANSWER SECTION: test.idm.lab.bos.redhat.com. 86400 IN TXT "666" ;; AUTHORITY SECTION: idm.lab.bos.redhat.com. 86400 IN NS vm-061.idm.lab.bos.redhat.com. ;; ADDITIONAL SECTION: vm-061.idm.lab.bos.redhat.com. 1200 IN A 10.16.78.61
Fixed by 8bd0ee7
The issue also affects global forwarders and non-local zones. I.e. dig 'some.zone.test.' can return old results if some.zone.test. is not served by local server and global forwarder setting was changed.
dig 'some.zone.test.'
some.zone.test.
Fixed by 25ca3ce
Metadata Update from @pspacek: - Issue assigned to pspacek - Issue set to the milestone: 2.1 plugin bugfix
Login to comment on this ticket.