subject:"\[Bug 1487283\] \[NEW\] DNS forwarding doesn't work because MAAS enables dnssec"

[Bug 1487283] [NEW] DNS forwarding doesn't work because MAAS enables dnssec

2015-08-20 Thread Alexander List

Public bug reported:

I have a MAAS server that uses a box running dnsmasq as a DNS forwarder.

With MAAS enabling dnssec by default, I get errors like these and DNS
resolution from the MAAS provisioned machines doesn't work beyond what
MAAS manages.

Aug 21 01:29:17 maas-region-hkg named[1147]: error (no valid RRSIG) resolving 
'mediawiki/DS/IN': ipv4addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (network unreachable) 
resolving 'mediawiki/DS/IN': ipv6addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (network unreachable) 
resolving 'mediawiki/DS/IN': ipv6addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (insecurity proof failed) 
resolving 'mediawiki//IN': ipv4addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (insecurity proof failed) 
resolving 'mediawiki/A/IN': ipv4addr#53

/etc/bind/named.conf options contains this stanza:

//
// This file is managed by MAAS. Although MAAS attempts to preserve changes
// made here, it is possible to create conflicts that MAAS can not resolve.
//
// DNS settings available in MAAS (for example, forwarders and
// dnssec-validation) should be managed only in MAAS.

I I disable dnssec, name resolution works, and I didn't find a place in
the web UI where I can disable dnssec.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: maas 1.7.6+bzr3376-0ubuntu2~14.04.1
ProcVersionSignature: Ubuntu 3.19.0-25.26~14.04.1-generic 3.19.8-ckt2
Uname: Linux 3.19.0-25-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.11
Architecture: amd64
Date: Fri Aug 21 02:55:27 2015
InstallationDate: Installed on 2015-08-10 (10 days ago)
InstallationMedia: Ubuntu-Server 14.04.3 LTS Trusty Tahr - Beta amd64 
(20150805)
PackageArchitecture: all
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: maas
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: maas (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug trusty

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to maas in Ubuntu.
https://bugs.launchpad.net/bugs/1487283

Title:
  DNS forwarding doesn't work because MAAS enables dnssec

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1487283/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1487283] [NEW] DNS forwarding doesn't work because MAAS enables dnssec

2015-08-20 Thread Alexander List

Public bug reported:

I have a MAAS server that uses a box running dnsmasq as a DNS forwarder.

With MAAS enabling dnssec by default, I get errors like these and DNS
resolution from the MAAS provisioned machines doesn't work beyond what
MAAS manages.

Aug 21 01:29:17 maas-region-hkg named[1147]: error (no valid RRSIG) resolving 
'mediawiki/DS/IN': ipv4addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (network unreachable) 
resolving 'mediawiki/DS/IN': ipv6addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (network unreachable) 
resolving 'mediawiki/DS/IN': ipv6addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (insecurity proof failed) 
resolving 'mediawiki//IN': ipv4addr#53
Aug 21 01:29:17 maas-region-hkg named[1147]: error (insecurity proof failed) 
resolving 'mediawiki/A/IN': ipv4addr#53

/etc/bind/named.conf options contains this stanza:

//
// This file is managed by MAAS. Although MAAS attempts to preserve changes
// made here, it is possible to create conflicts that MAAS can not resolve.
//
// DNS settings available in MAAS (for example, forwarders and
// dnssec-validation) should be managed only in MAAS.

I I disable dnssec, name resolution works, and I didn't find a place in
the web UI where I can disable dnssec.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: maas 1.7.6+bzr3376-0ubuntu2~14.04.1
ProcVersionSignature: Ubuntu 3.19.0-25.26~14.04.1-generic 3.19.8-ckt2
Uname: Linux 3.19.0-25-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.11
Architecture: amd64
Date: Fri Aug 21 02:55:27 2015
InstallationDate: Installed on 2015-08-10 (10 days ago)
InstallationMedia: Ubuntu-Server 14.04.3 LTS Trusty Tahr - Beta amd64 
(20150805)
PackageArchitecture: all
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: maas
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: maas (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1487283

Title:
  DNS forwarding doesn't work because MAAS enables dnssec

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1487283/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1487283] [NEW] DNS forwarding doesn't work because MAAS enables dnssec

[Bug 1487283] [NEW] DNS forwarding doesn't work because MAAS enables dnssec

2 matches

Site Navigation

Mail list logo

Footer information