[2.0] confusing reverse DNS lookups because MAAS creates multiple PTR records
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Released
|
Undecided
|
Unassigned | ||
2.0 |
Fix Released
|
Undecided
|
Unassigned | ||
apache2 (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Hi,
we am running MAAS 2.0.0~beta8+
1.1.1.10.
1.1.1.10.
This leads to some problems, for example with Apache mod_authz_host which does reverse lookups and gets a different answers every time (well 50/50 chance to get either one of the two to be more precise).
Also deployed hosts think their fqdn is of the first type, others the second type. I suppose this is not necessarily a bug but imho having multiple PTR records for the same address is not the best idea either.
||/ Name Version Architecture Description
+++-===
ii maas 2.0.0~beta8+
ii maas-cli 2.0.0~beta8+
un maas-cluster-
ii maas-common 2.0.0~beta8+
ii maas-dhcp 2.0.0~beta8+
ii maas-dns 2.0.0~beta8+
ii maas-proxy 2.0.0~beta8+
ii maas-rack-
ii maas-region-api 2.0.0~beta8+
ii maas-region-
un maas-region-
un python-django-maas <none> <none> (no description available)
un python-maas-client <none> <none> (no description available)
un python-
ii python3-django-maas 2.0.0~beta8+
ii python3-maas-client 2.0.0~beta8+
ii python3-
Related branches
- Mike Pontillo (community): Approve
-
Diff: 539 lines (+164/-112)6 files modifiedsrc/maasserver/dns/tests/test_zonegenerator.py (+11/-22)
src/maasserver/dns/zonegenerator.py (+1/-35)
src/maasserver/models/dnsresource.py (+6/-3)
src/maasserver/models/staticipaddress.py (+61/-16)
src/maasserver/models/tests/test_dnsresource.py (+2/-2)
src/maasserver/models/tests/test_staticipaddress.py (+83/-34)
- LaMont Jones (community): Approve
-
Diff: 696 lines (+237/-135)6 files modifiedsrc/maasserver/dns/tests/test_zonegenerator.py (+11/-22)
src/maasserver/dns/zonegenerator.py (+12/-38)
src/maasserver/models/dnsresource.py (+6/-3)
src/maasserver/models/staticipaddress.py (+102/-36)
src/maasserver/models/tests/test_dnsresource.py (+2/-2)
src/maasserver/models/tests/test_staticipaddress.py (+104/-34)
Changed in maas: | |
status: | New → Triaged |
Changed in maas: | |
milestone: | none → 2.0.0 |
summary: |
- ambigious reverse DNS lookups because MAAS creates multiple PTR records + [2.0] confusing reverse DNS lookups because MAAS creates multiple PTR + records |
Changed in maas: | |
milestone: | 2.0.0 → 2.1.0 |
Changed in maas: | |
status: | Triaged → Fix Committed |
Changed in maas: | |
milestone: | 2.0.1 → next |
Changed in maas: | |
status: | Fix Committed → Fix Released |
Changed in maas: | |
milestone: | next → none |
This will be fixed by adding A/AAAA RRsets for the interface names (first format above). If the second format (non-interface) is given to mod_authz_host, then either answer will work.
Having said that, this is actually a bug in mod_authz_host, which should grant access if ANY of the PTR RRset names matches the list of allowed hosts.