Bug 795406 - Hold bind and plugin global settings in LDAP
Summary: Hold bind and plugin global settings in LDAP
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: bind-dyndb-ldap
Version: 6.3
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: rc
: ---
Assignee: Petr Spacek
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-20 12:33 UTC by Petr Spacek
Modified: 2012-06-20 13:52 UTC (History)
5 users (show)

Fixed In Version: bind-dyndb-ldap-1.1.0-0.3.b1.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-20 13:52:31 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 795414 0 high CLOSED Dynamic database plug-in cannot change BIND root zone forwarders while plug-in start 2021-02-22 00:41:40 UTC
Red Hat Product Errata RHBA-2012:0837 0 normal SHIPPED_LIVE bind-dyndb-ldap bug fix and enhancement update 2012-06-19 20:49:06 UTC

Internal Links: 795414

Description Petr Spacek 2012-02-20 12:33:43 UTC 
Description of problem:
Plugin is missing global configuration feature.


Version-Release number of selected component (if applicable):
bind-dyndb-ldap-1.1.0-0.8.a2


Actual results:
Configuration is taken from named.conf.


Expected results:
Configuration is loaded from idnsConfigObject in LDAP.


Upstream ticket:
https://fedorahosted.org/bind-dyndb-ldap/ticket/43
Comment 2 Petr Spacek 2012-02-28 14:30:19 UTC 
Fixed in upstream:
https://fedorahosted.org/bind-dyndb-ldap/ticket/43#comment:2
Comment 5 Gowrishankar Rajaiyan 2012-05-09 14:44:31 UTC 
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
Case 1:
- Forwarder not set in /etc/named.conf
- nslookup $somezone

Result:
[root@goldbug ~]# nslookup shanks.example.com
Server:		10.65.201.101
Address:	10.65.201.101#53

** server can't find shanks.example.com: NXDOMAIN

[root@goldbug ~]# 
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
Case 2:
- forwarder set in dns global config
- nslookup $somezone

[root@goldbug ~]# ipa dnsconfig-mod --forwarder=10.65.201.100
  Global forwarders: 10.65.201.100
[root@goldbug ~]# 


[root@goldbug ~]# nslookup shanks.example.com
Server:		10.65.201.101
Address:	10.65.201.101#53

Non-authoritative answer:
Name:	shanks.example.com
Address: 192.168.0.100

[root@goldbug ~]# 


[root@goldbug ~]# tcpdump  -ni eth0 udp port 53
10:38:58.389557 IP 10.65.201.101.51174 > 10.65.201.100.domain: 60351+ [1au] A? shanks.example.com. (47)
10:38:58.389588 IP 10.65.201.101.55396 > 10.65.201.100.domain: 29952+ [1au] NS? . (28)
10:38:58.390613 IP 10.65.201.100.domain > 10.65.201.101.55396: 29952 14/0/23 NS e.root-servers.net., NS f.root-servers.net., NS k.root-servers.net., NS l.root-servers.net., NS c.root-servers.net., NS m.root-servers.net., NS i.root-servers.net., NS a.root-servers.net., NS b.root-servers.net., NS d.root-servers.net., NS j.root-servers.net., NS h.root-servers.net., NS g.root-servers.net., RRSIG (857)
10:38:58.392649 IP 10.65.201.100.domain > 10.65.201.101.51174: 60351* 1/1/2 A 192.168.0.100 (122)
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
Case 3:
- Set a forwarder in /etc/named.conf
- set another forwarder in dns global config
- nslookup $somezone

[root@goldbug ~]# ipa dnsconfig-mod --forwarder=10.65.201.100
  Global forwarders: 10.65.201.100
[root@goldbug ~]# 


[root@goldbug ~]# nslookup shanks.example.com
Server:		10.65.201.101
Address:	10.65.201.101#53

Non-authoritative answer:
Name:	shanks.example.com
Address: 192.168.0.100

[root@goldbug ~]# 

[root@goldbug ~]# tcpdump  -ni eth0 udp port 5310:40:53.025919 IP 10.65.201.101.BESApi > 10.65.201.100.domain: 3705+ [1au] A? shanks.example.com. (47)
10:40:53.025969 IP 10.65.201.101.34315 > 10.65.201.100.domain: 3036+ [1au] NS? . (28)
10:40:53.026550 IP 10.65.201.100.domain > 10.65.201.101.34315: 3036 14/0/23 NS d.root-servers.net., NS a.root-servers.net., NS l.root-servers.net., NS h.root-servers.net., NS m.root-servers.net., NS i.root-servers.net., NS c.root-servers.net., NS g.root-servers.net., NS k.root-servers.net., NS b.root-servers.net., NS f.root-servers.net., NS j.root-servers.net., NS e.root-servers.net., RRSIG (857)
10:40:53.028004 IP 10.65.201.100.domain > 10.65.201.101.BESApi: 3705* 1/1/2 A 192.168.0.100 (122)
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

Verified: bind-dyndb-ldap-1.1.0-0.8.b1.el6.x86_64
Comment 7 errata-xmlrpc 2012-06-20 13:52:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0837.html
Note You need to log in before you can comment on or make changes to this bug.