Designate

Bug #1917099
Comment #7

Comment 7 for bug 1917099

Revision history for this message

Alex Carder (carderalex) wrote on 2021-03-12:

example_zones_and_output.txt Edit (16.2 KiB, text/plain)

Here is the failure before adding NS records for the child zone (child.example.sandbox.domain.net) to the parent zone (example.sandbox.domain.net) demonstrated using PowerDNS:

# parent zone only exists on the host
[root@dev76-sandbox-pdnsslave01]# curl -v -H 'X-API-Key: -----------' https://dev76-sandbox-pdnsslave01.domain.net:8443/api/v1/servers/localhost/zones | jq .
[
  {
    "account": "admin",
    "dnssec": false,
    "edited_serial": 1615589654,
    "id": "example.sandbox.domain.net.",
    "kind": "Slave",
    "last_check": 1615589374,
    "masters": [
      "10.63.70.196"
    ],
    "name": "example.sandbox.domain.net.",
    "notified_serial": 1615589374,
    "serial": 1615589374,
    "url": "/api/v1/servers/localhost/zones/example.sandbox.domain.net."
  },
]

# we can get SOA records and NS records for the parent domain
[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 SOA example.sandbox.domain.net
dev76-sandbox-pdnsmaster01.domain.net. admin.domain.net. 1615588649 10800 3600 604800 86400

[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 NS example.sandbox.domain.net
dev76-sandbox-pdnsmaster01.domain.net.
dev76-sandbox-pdnsmaster02.domain.net.

# can't get SOA record for child zone
[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 SOA child.example.sandbox.domain.net
[root@dev76-sandbox-pdnsslave01]#

# can't get any records frmo child zone
[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 record.child.example.sandbox.domain.net
[root@dev76-sandbox-pdnsslave01]#

# trace is attached as failure_with_no_child_ns_records.txt

After adding NS records for child.example.sandbox.domain.net IN example.sandbox.domain.net everything works with no other changes

# zone still doesn't exist on the host
[root@dev76-sandbox-pdnsslave01]# curl -v -H 'X-API-Key: -----------' https://dev76-sandbox-pdnsslave01.domain.net:8443/api/v1/servers/localhost/zones | jq .
[
  {
    "account": "admin",
    "dnssec": false,
    "edited_serial": 1615589834,
    "id": "example.sandbox.domain.net.",
    "kind": "Slave",
    "last_check": 1615589464,
    "masters": [
      "10.63.70.196"
    ],
    "name": "example.sandbox.domain.net.",
    "notified_serial": 1615589464,
    "serial": 1615589464,
    "url": "/api/v1/servers/localhost/zones/example.sandbox.domain.net."
  },
]

# SOA records can now be found
[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 SOA child.example.sandbox.domain.net
dev76-sandbox-pdnsmaster01.domain.net. admin.domain.net. 1615589596 10800 3600 604800 86400

# same with any other child zone record
[root@dev76-sandbox-pdnsslave01]# dig +short @127.0.0.1 record.child.example.sandbox.domain.net
8.8.8.8

# trace is attached to success_with_child_ns_records.txt

I attached both these outputs + traces on the recursive server to this post. I also attached JSON output of the actual zones (parent) and child (pre and post adding NS records).