Re: [Pdns-users] bind backend zones not registered with zone cache
Hello Christof, On Sun, 2021-08-01 at 22:03 +0200, Christof Meerwald via Pdns-users wrote: > So the problem only seems to occur when also launching the gsqlite3 > backend in addition to the bind backend. I am mainly using the bind > backend for the zone data and gsqlite3 for DNSSEC. > > > launch=bind,gsqlite3 > > bind-hybrid > > gsqlite3-database=/var/lib/powerdns/pdns.db > gsqlite3-dnssec In your gsqlite3 database, every zone (that has DNSSEC data) has a numeric ID (domains.id). In the bindbackend, every zone also has an ID (generated counting from 1 at startup and when you add a zone). Without the zone cache, hybrid mode can deal with those IDs not matching. But in the zone cache, one zone has one ID. The zone cache is filled first from bind, then from gsqlite3, so gsqlite3 IDs end up in the zone cache - and likely those are wrong, and then your BIND data is no longer found. Then, when you add-zone, that overwrites the zone->ID mapping in the zone cache with the BIND id, which makes that zone work. In short, hybrid mode and the zone cache do not play well together. In your case, perhaps bind-dnssec-db (which uses an sqlite3 database as well, although with a slightly different schema) might be a simpler setup that avoids the problem. Can you file a ticket? We should probably disable the zone cache (or error on startup) if bind-hybrid is enabled. Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] bind backend zones not registered with zone cache
On Fri, 30 Jul 2021 16:32:06 +0200, Peter van Dijk via Pdns-users wrote: > Hello Christof, > > On Tue, 2021-07-27 at 19:21 +0200, Christof Meerwald via Pdns-users > wrote: >> After adding a zone with >> >> pdns bind-add-zone example.com /etc/dns/example.com.dns >> >> I could query that zone. >> >> To me it seems there really is a call to "g_zoneCache.add" missing for >> those zones added from the "bind-config" file. Can anyone confirm >> that? > > The zones loaded from your config should be available because pdns > calls `Bind2Backend::getAllDomains` during startup, and this works for > me here. So the problem only seems to occur when also launching the gsqlite3 backend in addition to the bind backend. I am mainly using the bind backend for the zone data and gsqlite3 for DNSSEC. > Can you share your config? config-dir=/etc/powerdns/test daemon=yes disable-axfr=no distributor-threads=2 guardian=no launch=bind,gsqlite3 bind-config=/etc/named.conf local-port=5300 primary=yes send-signed-notify=no setgid=pdns setuid=pdns secondary=no xfr-cycle-interval=180 secondary-do-renotify=no socket-dir=/tmp/pdns version-string=powerdns security-poll-suffix= bind-hybrid gsqlite3-database=/var/lib/powerdns/pdns.db gsqlite3-dnssec Christof -- https://cmeerw.org sip:cmeerw at cmeerw.org mailto:cmeerw at cmeerw.org xmpp:cmeerw at cmeerw.org ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] bind backend zones not registered with zone cache
Hello Christof, On Tue, 2021-07-27 at 19:21 +0200, Christof Meerwald via Pdns-users wrote: > After adding a zone with > > pdns bind-add-zone example.com /etc/dns/example.com.dns > > I could query that zone. > > To me it seems there really is a call to "g_zoneCache.add" missing for > those zones added from the "bind-config" file. Can anyone confirm > that? The zones loaded from your config should be available because pdns calls `Bind2Backend::getAllDomains` during startup, and this works for me here. Can you share your config? Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] bind backend zones not registered with zone cache
Hi, just upgraded to PowerDNS 4.5.1 today and noticed that zones from the bind backend stopped working (getting REFUSED response). Essentially, I am using bind-config=/etc/named.conf which contains the list of zones to load on start up. When adding "zone-cache-refresh-interval=0" to the config it started working again. I then had a look at the bind backend source code and it looks like zones are only registered with the zone cache when using "bind-add-zone", but not for the zones loaded from "bind-config". Did a bit of testing with "bind-config" commented out (and removing "zone-cache-refresh-interval" again. After adding a zone with pdns bind-add-zone example.com /etc/dns/example.com.dns I could query that zone. To me it seems there really is a call to "g_zoneCache.add" missing for those zones added from the "bind-config" file. Can anyone confirm that? Christof -- https://cmeerw.org sip:cmeerw at cmeerw.org mailto:cmeerw at cmeerw.org xmpp:cmeerw at cmeerw.org ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
