Bug 1176129
| Summary: | forward zones stop working if bind-dyndb-ldap 2.x and 6.x are in the same replication topology | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Jan Kurik <jkurik> |
| Component: | bind-dyndb-ldap | Assignee: | Petr Spacek <pspacek> |
| Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 6.6 | CC: | jkurik, jsvarova, ksiddiqu, mkosek, pm-eus, pspacek |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | bind-dyndb-ldap-2.3-6.el6_6 | Doc Type: | Bug Fix |
| Doc Text: |
Previously, the bind-dyndb-ldap 2.x driver (used in Red Hat Enterprise Linux 6.x) did not handle forward zones correctly when it was in the same replication topology as bind-dyndb-ldap 6.x (used in Red Hat Enterprise Linux 7.1). As a consequence, forward zones stopped working on all replicas. The underlying source code has been patched to fix this bug, and forward zones now continue to work in the described situation.
|
Story Points: | --- |
| Clone Of: | 1175318 | Environment: | |
| Last Closed: | 2015-02-16 15:01:14 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1175318 | ||
| Bug Blocks: | |||
|
Description
Jan Kurik
2014-12-19 13:46:47 UTC
While verifying encountered that replication from upgraded RHEL-7.1 was broken and saw following on RHEL-6.6 master in /var/log/message, snip from /var/log/message: =========================== Feb 10 16:15:56 dhcp207-26 ns-slapd: encoded packet size too big (240569 > 65536) Feb 10 16:16:00 dhcp207-26 ns-slapd: encoded packet size too big (240569 > 65536) Feb 10 16:16:05 dhcp207-26 ns-slapd: encoded packet size too big (240569 > 65536) Feb 10 16:16:12 dhcp207-26 named[7202]: zone testrelm.test/IN: sending notifies (serial 1423565172) Modified the nsslapd-sasl-max-buffer-size to "2MB" from "64KB" on RHEL-6.6 master after which replication works fine from upgraded RHEL-7.1 replica. [root@dhcp207-26 ~]# rpm -q ipa-server 389-ds-base ipa-server-3.0.0-42.el6.x86_64 389-ds-base-1.2.11.15-46.el6.x86_64 [root@dhcp207-26 ~]# [root@dhcp207-26 ~]# ldapmodify -h $(hostname) -x -D "cn=Directory Manager" -w xxxxxxxx <<EOF > dn: cn=config > changetype: modify > replace: nsslapd-sasl-max-buffer-size > nsslapd-sasl-max-buffer-size: 2097152 > EOF modifying entry "cn=config" [root@dhcp207-26 ~]# A related bug for above https://bugzilla.redhat.com/show_bug.cgi?id=1136882 After doing above changes on RHEL-6.6 Master, i am able to verify the bug. Forward zone: newrelm.test [root@dhcp207-26 ~]# ipa dnszone-show newrelm.test Zone name: newrelm.test. Active zone: TRUE Zone forwarders: 10.65.207.126 Forward policy: only [root@dhcp207-26 ~]# nslookup dhcp207-126.newrelm.test Server: 10.65.207.26 Address: 10.65.207.26#53 ** server can't find dhcp207-126.newrelm.test: NXDOMAIN [root@dhcp207-26 ~]# yum update -y Loaded plugins: product-id, security, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package bind-dyndb-ldap.x86_64 0:2.3-5.el6 will be updated ---> Package bind-dyndb-ldap.x86_64 0:2.3-6.el6_6 will be an update Updated: ... .... bind-dyndb-ldap.x86_64 0:2.3-6.el6_6 Complete! [root@dhcp207-26 ~]# service ipa restart Restarting Directory Service Shutting down dirsrv: PKI-IPA... [ OK ] TESTRELM-TEST... [ OK ] Starting dirsrv: PKI-IPA... [ OK ] TESTRELM-TEST... [ OK ] Restarting KDC Service Stopping Kerberos 5 KDC: [ OK ] Starting Kerberos 5 KDC: [ OK ] Restarting KPASSWD Service Stopping Kerberos 5 Admin Server: [ OK ] Starting Kerberos 5 Admin Server: [ OK ] Restarting DNS Service Stopping named: [ OK ] Starting named: [ OK ] Restarting MEMCACHE Service Stopping ipa_memcached: [ OK ] Starting ipa_memcached: [ OK ] Restarting HTTP Service Stopping httpd: [ OK ] Starting httpd: [ OK ] Restarting CA Service Stopping pki-ca: [ OK ] Starting pki-ca: [ OK ] [root@dhcp207-26 ~]# ipa dnszone-show newrelm.test Zone name: newrelm.test. Active zone: TRUE Zone forwarders: 10.65.207.126 Forward policy: only [root@dhcp207-26 ~]# nslookup dhcp207-126.newrelm.test Server: 10.65.207.26 Address: 10.65.207.26#53 Non-authoritative answer: Name: dhcp207-126.newrelm.test Address: 10.65.207.126 [root@dhcp207-26 ~]# What do with chanages that we have to do with nsslapd-sasl-max-buffer-size on RHEL-6.6 master? documentation or changing default value in code? I will let Martin to decide. Maybe this is a known/already documented bug ... This is a separate bug, it is being solved (and also released in 6.6.z) in these Bug 1136882 and Bug 1179595. Turning to verified as per c7 . Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0231.html |