Re: [Pdns-users] Possible AXFR Race Condition
Hi, Op 23-2-2011 8:54, p8x schreef: Hi all, After spending the day testing and mucking around I think I have narrowed it down slightly. On the master, I have about 77,000 domains. When I add a new zone to it I do the following: 1. A new zone is added to the supermaster server and a pdns_control rediscover is then run. The zone appears on the master and and queries to the zone work successful. At this step everything is ok. I use the gmysql back-end but in a rather similar situation. After adding a record to the database we execute: pdns_control notify domain snip b) Send another notify from the master to the slave. This causes the symptom below where the zone gets added to the bind slave config file a second time. The zone transfer also happens this time, as can be seen with these log lines: Feb 23 15:22:29 dns2 pdns[17029]: Received NOTIFY for test.com from 192.168.1.10 for which we are not authoritative Feb 23 15:22:29 dns2 pdns[17029]: [bindbackend] Writing bind config zone statement for superslave zone 'test.com' from supermaster 203.1708 Feb 23 15:22:29 dns2 pdns[17029]: Created new slave zone 'test.com' from supermaster 192.168.1.10, queued axfr Feb 23 15:22:29 dns2 pdns[17029]: Initiating transfer of 'test.com' from remote '192.168.1.10' Feb 23 15:22:29 dns2 pdns[17029]: AXFR started for 'test.com', transaction started Feb 23 15:22:29 dns2 pdns[17029]: Remote 192.168.1.10 tried to sneak in out-of-zone data '' during AXFR of zone 'test.com', ignoring Feb 23 15:22:29 dns2 pdns[17029]: Zone 'test.com' (/etc/powerdns/zones/test.com) reloaded Feb 23 15:22:29 dns2 pdns[17029]: AXFR done for 'test.com', zone committed I noticed after the second notify, the line saying Can't determine backend for domain 'test.com' does not appear, this only seems to happen after the first notify. I am assuming this is what is causing the issue, but I can't see why this is happening as a restart of the pdns server with no config changes seems to fix it. Has anyone experienced this? I'm not sure if and why a 'rediscover' would send a different notification but perhaps you could test the approach I use to see if it works for the bind-backend as well. Regards, Ton ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Possible AXFR Race Condition
Hi Ton, On 23/02/2011 4:04 PM, Ton van Rosmalen wrote: *CUT* I'm not sure if and why a 'rediscover' would send a different notification but perhaps you could test the approach I use to see if it works for the bind-backend as well. Regards, Ton Thanks for the quick reply, I am only running the 'pdns_control rediscover' on the primary server when a new zone is added to reread the bind config file so its away of the new zone. After the zone exists on the master it then sends the notify to the slave, adding the zone to the config but not actually doing a zone transfer. It is only after the second notify that the zone transfer actually happens (OR a server restart, a rediscover and reload on the slave doesn't seem to fix the issue) but that causes the domain to be added to the slave configuration twice (as it was first inserted by the first notify). The process I am going through for zone addition is this: 1. Add zone to super master 2. Run pdns_control rediscover on super master to re-read bind config; the zone becomes live on the super master 3. The slave receives notify packet from super master. The slave inserts the relevant lines into the bind slave config. The zone cannot be queried as no zone transfer has happened yet At stage 3 I was expecting the slave to do a zone transfer, but that doesn't seem to happen so it takes these steps to get the zone working on the slave 4. Restart the slave pdns server OR Resend a notifcation from the master 5. Zone transfer happens and zone loads/works fine If you would like any more information please let me know! Thanks ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Possible AXFR Race Condition
Hi p8x, Op 23-2-2011 9:29, p8x schreef: Hi Ton, On 23/02/2011 4:04 PM, Ton van Rosmalen wrote: *CUT* I'm not sure if and why a 'rediscover' would send a different notification but perhaps you could test the approach I use to see if it works for the bind-backend as well. Regards, Ton Thanks for the quick reply, I am only running the 'pdns_control rediscover' on the primary server when a new zone is added to reread the bind config file so its away of the new zone. After the zone exists on the master it then sends the notify to the slave, adding the zone to the config but not actually doing a zone transfer. It is only after the second notify that the zone transfer actually happens (OR a server restart, a rediscover and reload on the slave doesn't seem to fix the issue) but that causes the domain to be added to the slave configuration twice (as it was first inserted by the first notify). The process I am going through for zone addition is this: 1. Add zone to super master 2. Run pdns_control rediscover on super master to re-read bind config; the zone becomes live on the super master 3. The slave receives notify packet from super master. The slave inserts the relevant lines into the bind slave config. The zone cannot be queried as no zone transfer has happened yet At stage 3 I was expecting the slave to do a zone transfer, but that doesn't seem to happen so it takes these steps to get the zone working on the slave I would have expected this as well since the notify is accepted. I can't comment on the reason for this not happening. Perhaps the source code could provide some insight in this. 4. Restart the slave pdns server OR Resend a notifcation from the master 5. Zone transfer happens and zone loads/works fine Thinking in workarounds would it be possible in your set-up to add this immediately after the rediscover in step 2? If you've scripted the set-up I imagine that executing: pdns_control rediscover pdns_control notify domain might 'solve' the issue for now while you/someone looks into the bindbackend code. Regards, Ton ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
