bundy

* Modular * Extensible * Friendly *

Old BIND 10 trac ticket database

Below is a table created from the trac SQLite3 database containing the status from April 2014. The HTML table only contains the non-closed tickets, but the CSV-File contains the whole dataset.

We're manually migrating the open tickets over into the github ticket system. If you want to help with this work, please let us know on the mailing list.

CSV-Versions of the BIND 10 ticket database: bind10-201404-tickets.csv.gz

id type time changetime component severity priority owner reporter cc version milestone status resolution summary description keywords
56 enhancement 1267141993000000 1329823707585229 libdns++ low UnAssigned jinmei assigned revisit rdata::compareNames() we may want to move rdata::compareNames() to the name module (name.{h.cc}),
and may even want to make it a member function of the Name class.

Opinions vary, but not critical, so we’ll revisit this as a post-year1 thing.

see also http://bind10.isc.org/ticket/48
78 task 1268145199000000 1329304126421309 build system low jreed jreed assigned use py-compile for the src/bin python programs I am committing improvements for Makefile.am for the src/lib/python modules so they will use the py-compile. Get that by doing “autoreconf —install”. This makes it so the installation gets the compiled pyc and pyo optimized versions.

Next part is to handle the src/bin/ python programs, but some go to libexec. I am opening this ticket as a reminder to do this sometime later.
81 enhancement 1268404649000000 1384857722783308 bind-ctl low jreed new non-interactive bindctl with commands on shell command line Please extend bindctl to offer non-interactive support, such as shell command line:

$ bindctl config Auth/databasefile path_to_file
102 enhancement 1268858126000000 1391267820368510 Unclassified low jreed new reporting versions Make sure all executables report versions.

And have bind10 report versions for all its managed components when running modules as daemons or justy to get versions without running serbices.
134 defect 1270562244000000 1394116188229075 Boss of BIND low UnAssigned jreed DNS Outstanding Tasks assigned Boss more careful shutdown I had an b10-xfrout running since March 23 (with nothing else using it). I couldn’t kill it except with SIGKILL.

Here is a bind10 shutdown (for a different xfrout):

Sending SIGTERM to b10-xfrout (PID 1267).
Sending SIGTERM to b10-cfgmgr (PID 15979).
Process b10-cfgmgr (PID 15979) died.
Sending SIGKILL to b10-xfrout (PID 1267).
Process b10-xfrout (PID 1267) died.

This ticket is opened to track down why b10-xfrout won’t exit on its own.
189 enhancement 1274278300000000 1330701629241613 Unclassified low jreed jreed assigned install pkg-config .pc files for libdns, libexceptions, others
194 task 1274419118000000 1300972860628475 xfrin medium UnAssigned jinmei new RR class for xfrin should be specifiable Right now we can only specify the zone name via the command channel for xfrin.

At least the RR class (whose default should be IN) should be able to be specified. If/when we support something like views, the view name should also be specifiable.

See also trac #185 and r1889.

I’ll keep this ticket in the backlog.
208 enhancement 1274910195000000 1300972860628475 Unclassified low jinmei new make b10 programs runnable standalone For convenience of dvelopment we should:
- allow individual b10-xxx programs in a stand alone mode
- (to do this) add some kind of option to bypass the need for establishing a connection to msgq
- (also to do this) if/when we develop a separate socket creator process, add some kind of option so that each b10-xxx program can directly open the necessary sockets (we should provide some abstraction to mimize the work at the client side and to avoid code duplication)

A backlog item.
212 enhancement 1275285934000000 1394116215928464 Boss of BIND low shane Common Outstanding Tasks new Move everything but main() and signal handling to separate file for BoB At some point it was decided to move everything possible out of the Python .in file. I don’t remember the reason for this, but it is so. This may or may not be related to ticket #24.
230 enhancement 1275944895000000 1394116237014355 Boss of BIND medium larissas Common Outstanding Tasks new BoB Sequenced Startup BoB: do not start other processes until specific processes are started (sequenced startup) (3 days) (Task 93)
236 enhancement 1276134964000000 1329313637893391 xfrout low UnAssigned zhanglikun new Rename UNIX_SOCKET_FILE and libxfr This ticket derives from ticket #224. Following is Jelte’s comment.

Only comment is that I think UNIX_SOCKET_FILE is a bad name, since this is specifically for libxfr (which is also a bad name imho). But that may be another ticket (and i want to get the python wrappers merged first, so I suggest we create a separate ticket for this). Oh and while we’re at it, should that be a configurable value or do we consider this ‘core and unchanging’?
237 task 1276617475000000 1276617475000000 bind-ctl low jreed new more unittests for bindctl The following don’t appear to receive any testing:

src/bin/bindctl/mycollections.py
replacement for OrderedDict?

src/bin/bindctl/bindctl-source.py (.in) This is the tool itself.
I’d like to change the original source file name too.
239 task 1276617843000000 1392912273398470 loadzone low jreed DNS Outstanding Tasks new need more unittests for loadzone need tests for src/bin/loadzone/b10-loadzone.py
and maybe also src/bin/loadzone/init.py
240 task 1276617887000000 1276617887000000 cmd-ctl low jreed new need tests for src/bin/usermgr/b10-cmdctl-usermgr.py src/bin/usermgr/b10-cmdctl-usermgr.py needs unit tests
243 enhancement 1276766664000000 1364222734133948 configuration low UnAssigned jelte assigned Put spec files together in source tree Originally, the idea of the .spec file was to have one single thing that a new module could simply send to the configuration manager or other interested software pieces, that described what the module expects and can handle in terms of commands an configuration.

The idea was that on startup, it reads in this file, sends it to ConfigurationManager, and all would be fine. However, we’re running into a few snags.

One is that other modules might need a configuration value of another module (e.g. xfrin needs the location of the database_file from auth right now, this example may change in the future but there will probably be others). For that we have the add_remote_config() and get_remote_config_value() functions in CCSession.

However, since the only real fixed pointer to what may be in the config is this spec file, the module wanting data from another must have access to it. Which isn’t necessarily a problem, but the location of the file might be when we run from source tree (in which case all spec files are in different locations, and we now end up with hardcoded src/bin/auth paths etc.).

Another thing that arised is that we might need to change configuration of modules that aren’t running, and while we can do that now, there is no checking done on the values. If we wanted to do that, we’d have to hand-add all specfile locations or do some scary recursive directory search.

Therefore I propose to put all spec files in the source tree in one specific directory (like they would be when installed), so the manager can simply read all of them out, and the modules only need to know the file name, not the location.

This would also be a nice first step to have ‘offline’ access to these things (the API that loadzone would (perhaps indirectly) use for instance)
282 task 1278425871000000 1329397512026858 data source medium larissas new BDB style Datasource Task #9 from Face to Face BDB style Datasource
including the config file and tests
287 enhancement 1278701543000000 1330430993084351 Inter-module communication medium UnAssigned jinmei assigned revisit cc::Session establish/disconnect mode [background: a review comment in Trac #275:
http://bind10.isc.org/ticket/275#comment:7]

We may have to revist the C++ API of how to establish cc::Session:

- we should clarify who is responsible for establishing the session, especially if the session object is passed to a different module
- we may want to detect an attempot of doubly establishing a session
- same for disconnect
- same for other operations that require an established session: send/receive, etc. should we support automatic session establishment?

Another planned refacotring with a generalized ASIO link may affect the design decision on these.

A backlog item.
295 defect 1280254567000000 1392999357289824 data source low UnAssigned jreed DNS Outstanding Tasks assigned allow loadzone/datasrc to support different classes The python code at src/lib/python/isc/datasrc/master.py has


if rrclass.lower() != ‘in’:
raise MasterFileError(“CH and HS zones not supported”)


Even when commented out, b10-loadzone will load a CH zone as IN.
317 enhancement 1282609695000000 1300972860628475 libdns++ low UnAssigned jinmei assigned suggested cleanups for the python bindings of libdns++ - we should use stricter compiler warnings
- we should use unnamed namespace instead of translation unit (.cc)specific static variables and functions
some method functions can be more “constified”. for simple functions like those in these wrappers this may not be a big deal, but it’s generally a good idea.
318 defect 1282744988000000 1329406398663530 Unclassified low stephen stephen assigned MSVC+ detected errors and warnings in libdns+ I’ve run the libdns+ code in revision 2798 of the trunk through the Microsoft Visual C+ compiler and it has thrown up a number of warnings and errors. Those that are relevant to the Unix version of BIND are listed below; the more Windows-specific erors (e.g. use of a function for which there is no equivalent in Windows) will be the subject of another ticket.


‘’’src/lib/dns/rdata/generic/dnskey_48.cc’‘’
’‘DNSKEY::DNSKEY (!InputBuffer& buffer, size_t rdata_len)’‘

uint16_t protocol = buffer.readUint8();
uint16_t algorithm = buffer.readUint8();

The declarations should be uint8_t. These variables are passed to the constructor of DNSKEYImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘DNSKEY::getTag()’‘

for (int i = 0; i < size; i ++)

Compiler warns about a signed/unsigned comparison mismatch (size is declared as size_t).

’‘’src/lib/dns/rdata/generic/ds_43.cc’‘’
’‘DS::DS (!InputBuffer& buffer, size_t rdata_len)’‘

uint16_t protocol = buffer.readUint8()
uint16_t algorithm = buffer.readUint8()

The declarations should be uint8_t. These variables are passed to the constructor of DSImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘’src/lib/dns/rdata/generic/nsec3param_51.cc’‘’
’‘NSEC3PARAM::NSEC3PARAM(const string& nsec3param_str)’‘

uint16_t hashalg, flags, iterations

hashalg and flags should be declared uint8_t. These variables are passed to the constructor of NSEC3PARAMImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘’src/lib/dns/rdata/generic/nsec3_50.cc’‘’
’‘NSEC3::NSEC3(!InputBuffer& buffer, size_t rdata_len)’‘

for (int i = 0; i < typebits.size(); i += len)
if (i + 2 > typebits.size())

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC3::toText()’‘

for (int i = 0; i < impl->typebits.size(); i += len)
assert(i + 2 <= impl->typebits.size())

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC::NSEC (!InputBuffer& buffer, size_t rdata_len)’‘

for (int i = 0; i < rdata_len; i += len)
if (i + 2 > rdata_len)

and

if (i + len > rdata_len)

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC::toText()’‘

for (int i = 0; i < impl->typebits.size(); i += len)
assert(i + 2 <= impl->typebits.size());

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/rdata/generic/rrsig_46.cc’‘’
’‘RRSIG::RRSIG (const string& rrsig_str)’‘

uint32_t timeexpire = timeFromText(expire_txt);
uint32_t timeinception = timeFromText(inception_txt);

timeFromText returns a time_t value. Under Windows, time_t is 64 bits, so the compiler is warning about a possible loss of data. (Suggestion: as the value of the inception and expiration times in an RRSIG are defined to be unsigned 32-bit values, altering the return type of the timeFromText() function would seem to be a better fix than changing the data types of timeexpire and timeexception.)

’‘’src/lib/dns/rdata/generic/txt_16.cc’‘’
’‘TXT::TXT (!InputBuffer& buffer, size_t rdata_len)’‘

if (rdata_len < len + 1)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/rdata.cc’‘’
’‘Generic::Generic(const string& rdata_string)’‘

while (!iss.eof() && data.size() < rdlen)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/name.cc’‘’
’‘Name::toText(bool omit_final_dot)’‘

assert(np_end - np >= count);

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/message.h’‘’
message.h forward declares !MessageImpl as a struct but message.c defines it as a class. The compiler warns about the mismatch.

’‘’src/lib/dns/message.cc’‘’
’‘MessageImpl::parseQuestion(!InputBuffer& buffer)’’

for (unsigned int count = 0;
count < counts;
}}

Compiler warns about a signed/unsigned comparison mismatch.

‘’MessageImpl::parseSection(const Section& section, !InputBuffer& buffer)’’

}}

Compiler warns about a signed/unsigned comparison mismatch.


‘’’src/lib/dns/dnssectime.cc’‘’
’‘timeFromText(const string& time_txt)’‘

for (int i = 0; i < time_txt.length(); ++i)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/messagerenderer.c’‘’
’‘MessageRenderer::writeName(const Name& name, const bool compress)’’

}}

This gives an error because notfound is declared as:

}}

… but nodeset
.end() has type:

std::set::const_iterator
321 defect 1282937323000000 1392811230882602 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned b10-auth doesn’t handle mixture of DNAME and NS See trac #70.

Assume a b10-auth server has authority for the zone “jinmei.org”, which has the following RRs in its data source:


sec.jinmei.org. 600 IN NS ns.sec.jinmei.org.
3600 IN DNAME example.com.


(Note: this is an invalid zone configuration.)

In this case, BIND 9 ignores the NS and exclusively use DNAME for names equal to or under sec.jinmei.org. BIND 10 still returns a NS referral if we ask for sec.jinmei.org/NS.

There are several problems around this symptom:

- naively accepting such a broken configuration at parse/load time may not be a good thing anyway (in this sense BIND 9 is also not really good)
- but specifically for BIND 10, since the underlying data source may be non captive, the middle layer of the data source module cannot always assume the data stored in data sources is valid anyway. what should we do?
- if we decide to accept this type of half-broken configuration, what should b10-auth return? We could add yet another if-block in the data source code to deal with this case, but, personally, I (jinmei) feel the data source code is already messed up with many such case-by-case fixes and has become to complicated to comprehensive and maintain. So I’d rather solve this issue by revisting the whole logic and refactoring the code cleanly (though I’m not sure if it’s a realistic path)
337 defect 1284522582000000 1392837346027656 Unclassified medium UnAssigned zhanglikun DNS Outstanding Tasks assigned Expired zone should not be served Currently, when zonemgr expires one zone, auth/xfrout module doesn’t know it, so, the expired zone is still served. There should be one way to mark the zone.
339 defect 1284534918000000 1392917332918612 secondary manager medium zzchen_pku DNS Outstanding Tasks new Provide one way to see the current data for each zone managed by zonemgr There should be one way to see the current counters/timers and other data for each zone managed by zonemgr.
359 defect 1286199011000000 1286199011000000 msgq low jreed new msqg report component when problem
[b10-msgq] Closing socket fd 10
[b10-msgq] Receive error: EOF


Please have msgq report what component(s) it has problems with.
360 defect 1286201348000000 1398197202330131 msgq medium UnAssigned jreed Sprint-20131001 reviewing socket.error: AF_UNIX path too long
bash-3.00$ ./install/libexec/bind10-devel/b10-msgq —verbose
[b10-msgq] MsgQ v20091030 (Paving the DNS Parking Lot)
Traceback (most recent call last):
File “./install/libexec/bind10-devel/b10-msgq”, line 436, in
setup_result = msgq.setup()
File “./install/libexec/bind10-devel/b10-msgq”, line 171, in setup
self.setup_listener()
File “./install/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener
raise e
File “./install/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener
self.listen_socket.bind(self.socket_file)
socket.error: AF_UNIX path too long


(same with gcc or sunstudio build)
361 defect 1286202337000000 1286202337000000 msgq low jreed new msgq too noisy if missing directory for socket file
[bind10] Started b10-msgq (PID 20052)
Traceback (most recent call last):
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 436, in
setup_result = msgq.setup()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 171, in setup
self.setup_listener()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener
raise e
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener
self.listen_socket.bind(self.socket_file)
socket.error: [Errno 2] No such file or directory

Traceback (most recent call last):
File “/home/reed/opt/bind10/sbin/bind10”, line 766, in
main()
File “/home/reed/opt/bind10/sbin/bind10”, line 717, in main
startup_result = boss_of_bind.startup()
File “/home/reed/opt/bind10/sbin/bind10”, line 302, in startup
c_channel.process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill
self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process


Maybe msgq should create missing directory if needed. If that is the case maybe the socket file name should be separated into directory name and the basename.
379 task 1287428822000000 1295969570512122 configuration medium UnAssigned jreed assigned item descriptions for module specs Add item_description for self-documenting specification items. We already have command_description and module_description.
385 enhancement 1287776615000000 1287776615000000 bind-ctl low vorner new More convenient configuration interface Currently, config show displays only one item, even if it has subitems. It would be more convenient if some kind of dump command produced a recursive representation of the whole item with descendants (for example in JOSN).

Furthermore, setting up items one by one by commands is inconvenient as well. If there was a command that launched editor on the JOSN representation and let the user edit it. After exiting the editor, it could check syntax, if it was OK, store it, if not, ask him to edit it again.
391 enhancement 1288097361000000 1362157351512503 cmd-ctl low zhanglikun new Make it harder to do dictionary attacks for cmdctl. This is the suggestion from Jerry Scharf. Add a 1-2 second delay before the response on a login failure. This makes it harder to do dictionary attacks.
392 defect 1288100826000000 1392917342653335 secondary manager low jinmei DNS Outstanding Tasks new Xfrin.publish_xfrin_news is not tested explicitly According to the coverage tool the case of xfr_result == XFRIN_OK isn’t tested. I also suspect the failure case just happens to be covered as a side effect of other test. We should test this method expliclty.
398 enhancement 1288221488000000 1300972860628475 Unclassified low jinmei new we should use more specific tests than EXPECT_TRUE See http://bind10.isc.org/ticket/365#comment:8

In general, when we do

EXPECT_TRUE(a b);


it’s better to be changed to:

EXPECT_(a, b);


because when the test fails the latter will provide more detailed information (the values of a and b).
406 enhancement 1288921672000000 1392812405749819 xfrout medium UnAssigned zzchen_pku DNS Outstanding Tasks assigned Improve Xfrout unittest coverage Add more unittest for Xfrout.
460 defect 1293580156000000 1394116778962443 b10-auth low jinmei DNS Outstanding Tasks new constructors of b10-auth and b10-recurse are not exception safe It should be obvious from the code.


AuthSrv::AuthSrv(const bool use_cache, AbstractXfroutClient& xfrout_client) :
impl),
checkin
(new ConfigChecker(this)),
dns_lookup),
dns_answer
(new MessageAnswer(this))
{}


Consider the case the allocation for checkin_ fails.

Recursor::Recursor() has the same problem.
486 enhancement 1295044100521580 1392913290884624 resolver low shane DNS Outstanding Tasks new De-duplication of client queries
490 enhancement 1295045246664093 1392913263487822 resolver low shane DNS Outstanding Tasks new Handle packet errors from clients Handle packet errors from clients
500 enhancement 1295047841160192 1392913236706074 resolver low shane DNS Outstanding Tasks new Query tracing (design) Query tracing

* design (task V)
511 enhancement 1295272062607065 1379676478009811 statistics medium UnAssigned stephen assigned Get list of authoritative domains Part of the work required to instrument the authoritative server to collect per-zone data.
514 enhancement 1295364508294539 1394116250390967 Boss of BIND low jreed DNS Outstanding Tasks new allow both the resolver and auth to run at same time bind10 should allow both the resolver and auth to run at same time.
For now they can listen on different address(es) or ports.
520 defect 1295544388306086 1396529218985091 xfrin low jinmei DNS Outstanding Tasks new xfrin/zonemgr should handle command responses appropriately This is a continuation of #516. We need to do a few more things on top of
the urgent care fix:

- We need more complete tests for the problem of #516.
- xfrin and zonemgr should check the command response and take appropriate
action, especially if the response indicates an error

We should probably consider further extensions, too:
- extend command spec to indicate whether it requests a response
(see a review comment of #516)
- making communication over CC channels asynchronous

But these will even be beyond the scope of this follow up ticket.
525 enhancement 1295586131506860 1391488011554849 libdns++ medium UnAssigned jinmei assigned handle “singleton” RR types Some types of RRs are “singleton”, i.e., only one RR of such type
can exsit in the RRset for the tuple.

It would be useful to provide an API that takes an RR type and returns
if it’s singleton or not.

It may also make sense to modify RRset::addRdata() so that it rejects
adding more than one RDATA for single types of RRs.

See also Trac #504.
528 enhancement 1295712778466636 1322007216658740 configuration medium UnAssigned smann assigned getopt() c-lib function should be replaced with boost::program_options C++ function Throughout the BIND 10 C++ code, getopt is used (probably because it is portable). But this raises an inconsistency in the command line options since getopt() cannot handle long options (e.g. —user=foo) while the python getopt() function can. Further, boost::program_options provides a fairly abstract mechanism for retrieving key/value pairs from either the command line or a file. See http://www.boost.org/doc/libs/1_45_0/doc/html/program_options.html for details.
531 defect 1295902288990249 1295902288990249 msgq low jreed new msgq not exiting When cfgmgr couldn’t access config file,



bind10 20101129 (BIND 10 20110120)
[bind10] Checking for already running b10-msgq
[bind10] Starting b10-msgq
[bind10] Started b10-msgq (PID 26636)
[bind10] Starting b10-cfgmgr
[bind10] Started b10-cfgmgr (PID 8593)
[b10-cfgmgr] Can’t read configuration file: [Errno 13] Permission denied: ‘/home/reed/opt/bind10/var/bind10-devel/b10-config.db’
[b10-msgq] Closing socket fd 5
[bind10] Starting ccsession


… instead of waiting for this to timeout, I pressed Ctrl-C, resulting in:


[b10-msgq] Receive error: EOF
C[bind10] Received SIGINT.
killing started processes:
- b10-cfgmgr
Traceback :
File “/home/reed/opt/bind10/sbin/bind10”, line 544, in startup
self.start_all_processes
File “/home/reed/opt/bind10/sbin/bind10”, line 487, in start_all_processes
self.start_ccsession
File “/home/reed/opt/bind10/sbin/bind10”, line 378, in start_ccsession
self.ccs.start
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 164, in start
C[bind10] Received SIGINT.
self.request_config
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 338, in
request_config
raise ModuleCCSessionError(“No answer from configuration manager”)
isc.config.ccsession.ModuleCCSessionError: No answer from configuration manager

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/reed/opt/bind10/sbin/bind10”, line 899, in
main()
File “/home/reed/opt/bind10/sbin/bind10”, line 838, in main
startup_result = boss_of_bind.startup()
File “/home/reed/opt/bind10/sbin/bind10”, line 546, in startup
self.kill_started_processes()
File “/home/reed/opt/bind10/sbin/bind10”, line 263, in kill_started_processes
self.processes[pid].process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill

self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process
t1:bind10$ [b10-msgq] Closing socket fd 4
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 5
[b10-msgq] Receive error: EOF



What happened in the above is that everything was exited except msgq, it was left running so next time starting bind10 failed due to


[bind10] Checking for already running b10-msgq
[bind10] Error on startup: b10-msgq already running, or socket file not cleaned , cannot start


If I do let it timeout on its own, bind10 just exit everything including b10-msgq.

(Please ignore the permission denied in the above output; that is unrelated to my problem.)

Also why SIGKILL?
532 enhancement 1295954356511535 1392913219301581 resolver medium jelte DNS Outstanding Tasks new refactor resolver/asio interface While probably not strictly necessary, I think this would be a good moment to make an actual resolver ‘library’, and move resolver-specific code out of asiolink. This may even be necessary for #494 (or at the very least very useful).

See the thread at https://lists.isc.org/pipermail/bind10-dev/2011-January/001848.html

Theoretically, this would mostly involve renaming and moving classes and methods, but there are inevitably going to be some hairy details around asio.
535 enhancement 1296066983705468 1392913526161945 resolver low stephen DNS Outstanding Tasks new Aggregate NSAS HashTable and LruList classes Both the NSAS and the main resolver cache use the NSAS LruList classes. In both cases, the hash table is used to store/locate objects and the LRU list used to track and remove expired objects.

It would make sense to:
* Create a single class that contains both the hash table and LRU list, and provide methods that do common processing, e.g. provide the hash table search function that automatically updates the position of the object in the LRU list if a match is found. (It also means that possible optimisations - such as using multiple LRU lists in multi-threaded applications - could be implemented without changing client code.)
* Extract the code away from the NSAS into a separate library.
538 task 1296075787210206 1392825387586453 Unclassified low UnAssigned vorner DNS Outstanding Tasks assigned Make isc::dns::Name reside in continuous block of memory. We have a lot operations with Names in the code, comparing names takes 16% of runtime, which is mostly caused by cache misses.

The amount of cache misses could be lowered by factor of at last 3 if the whole Name and it’s data resides in one continuous block of memory (it will be either retrieved as a single cache line or at last predicted by CPU prediction heuristics).

It can be accomplished for example by not using stl string and vector, but C strings and arrays. The memory can be allocated before calling the actual constructor, passing the pointer to memory both to new and using pointer arithmetics on this pointer in constructor to place the actual data behind it. The constructor should not be directly visible then and a wrapper function would have to be used to hide this, possibly error-prone, logic.

As this is quite a lot of work, we should try handling the easier tasks first and see if it helps enough. Therefore I’m giving it a lower priority.
539 task 1296076487976341 1344438678460379 Unclassified low UnAssigned vorner assigned Hash-based name compression Name compression is expensive operation (isc::dns::MessageRenderer::writeName with it’s inlined functions takes 16% of our runtime (this includes NameCompare::operator() and NameCompare::nextPosition). The isc::dns::OutputBuffer::operator[] is used a lot inside these functions, which increases the cost of it even more).

There’s idea to store positions of all already written names and suffixes of them to a hash table. When a new name is to be written, the hash table is queried first to see if it is already there. If yes, the address is taken and written. If not, the first label is written and noted into the hash table, then it is repeated with next label.

It would be nice to get the hashes precomputed form the names. They can be provided by the datasource for example, or whenever the hash is needed, it is cached in the Name and if two names are compared and one does not have the cached hashes, while the other does, the ones for common parts are copied.

This is a largish task, maybe we can put it off after we try the simpler ones.
540 task 1296077081317778 1330431286583890 Unclassified medium UnAssigned vorner assigned Explore ways to eliminate extra shared_pointers in hot path We spend 8% of runtime in boost::detail::shared_count::~shared_count(), which is related to shared pointers. Therefore it would be good to find the ones on the hot path (the one where normal processing happens and have the biggest impact on performance) which are not needed and eliminate them (or create additional tasks for each of them).

Possible situations include:
* It is completely unnecessary.
* std::auto_ptr would be enough.
* Candidate for using a memory pool idea. We have a block of memory. Each time we need a temporary variable, we just take it from the block. Once we finished a query, we „drop“ the whole block (reset the position where we take the memory from to the beginning). It is faster because:
- We don’t need to call destructors at all.
- We don’t need to care when we should run the destructors (counting references, etc).
- The memory we use a lot is located close together, which is better for CPU caches and TLBs.
543 task 1296121589023721 1330115503339365 data source medium vorner new Chaining of CNAMEs in in-memory data-source. Currently only the CNAME itself is returned to client if the in-memory datasource is used. The CNAME should be followed and the answer at the end returned as well if it is available in the same zone (or, in the datasource).

Note that this could solve itself when we merge datasource APIs together.
546 enhancement 1296213153077274 1300972860628475 Unclassified low stephen new Support defined callouts to user-written code This was discussed on bind10-dev in the thread starting at https://lists.isc.org/pipermail/bind10-dev/2011-January/001839.html.

The idea is to define a set of points at which BIND-10 will call out to user-written code and provide a supported interface for it. For example, a user-written filter could be called when a query is received and accept or reject it according to logic based on business need.

Ideally the code would load at run-time, avoiding the need for the user to edit BIND source code directly. Such a scheme would also open the way for upgrades to BIND-10 without the need to rebuild the user code.
556 enhancement 1296583817302371 1331038939391875 build system medium jreed vorner new Request for feedback in ./configure As we talked on todays call, it would be nice to have some request for feedback printed at the very end of the ./configure script. So people who try it out now probably use configure, and most probably run it manually and we need as much feedback as possible. I have no proposal for the exact wording, but something like to send any suggestions, ideas, what works for them, what doesn’t, why, and to drop an email or ticket or patch, what is best for them.

It should be relatively easy to implement IMO.
557 enhancement 1296755443971648 1392913539618655 resolver low stephen DNS Outstanding Tasks new Check additional data RRsets against rest of server response See comments in #496, where the response scrubbing was introduced.

In essence, the response scrubbing code should remove from the additional section anything that is not referenced in the rest of the message. This implies adding the ability to interpret the RDATA of RRs.
561 task 1297249810700581 1392825427624589 Unclassified medium stephen DNS Outstanding Tasks new Functional testing of the resolver This involves firing queries at different configurations and checking that the results are correct.

We may be able to use the CNNIC test suite for this.
563 enhancement 1297261110546902 1392913580521380 resolver medium stephen DNS Outstanding Tasks new Add command-line options to resolver Problem: to enable resolver, the normal steps are: start bind10 (including auth server); use bindctl to configure bind10 to start resokver instead; stop bind10; start bind10 again (includes resolver); use bindctl to configure resolver to listen on correct interface/port, do forwarding, etc. (because couldn’t be configured before).

Workaround: just like bind10 and b10-auth has a andp options for auth address and port, bind10 should have command-line options to choose address/port/forwarder and to enable the resolver too. b10-resolver could also have command line options for these too.

Note that an early version of the resolver did have some command-line options. Now they are gone. This is inconsistent with b10-auth.
566 defect 1297373350141055 1392913592387515 resolver medium jreed DNS Outstanding Tasks new forwarder and recursion desired not set Using b10-resolver as a forwarder.

When the incoming query does not have recursion desired (RD) bit set, the forwarder ignores this
and will send on a query with RD now set and will return back its recursive results.

The BIND 9 behaviour for forward only and RD not set is to not forward the query — it responds back with root-servers in the authority section (the only thing it knows).
567 enhancement 1297423851025095 1392999386258306 data source low UnAssigned vorner DNS Outstanding Tasks assigned RdataIterator::getCurrent() should throw if invalid. When the RdataIterator points at the last entry and getCurrent is called, it should throw an exception.

This way, we can just use the first Rdata in RRset and don’t need to care about empty RRsets (in case of DNAME, for example, empty DNAME rrset is wrong and the code makes no sense).

After this is finished, the assert in CNAME synthesis code for DNAME in auth/query.cc should be removed (see #505).
568 enhancement 1297430406836414 1330097397847649 libdns++ low UnAssigned stephen new Extend RRset with copy constructor, assignment operator and comparison operator A needs has arisen for these in the implementation of the resolver cache - see the comments on ticket #449.
570 defect 1297445683637748 1392913652570241 resolver medium jreed DNS Outstanding Tasks new question duplicated results in servfail First response is fine. But still has second query that has a servfail.
See extra question added and multiple answers for same query:



[b10-resolver] Got a DNS message
[b10-resolver] received a message:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A

[b10-resolver] Processing normal query
[b10-resolver] Sending upstream query (isc.org. IN A
) to 127.0.0.1
[b10-resolver] Sending ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 0
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A
to 127.0.0.1
[b10-resolver] Received response from 127.0.0.1
[b10-resolver] [XX] got an answer
[b10-resolver] Adding question isc.org. to message
[b10-resolver] sending a response (272bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 6

;; QUESTION SECTION:
;isc.org. IN A

;; ANSWER SECTION:
isc.org. 883 IN A 149.20.64.42

;; AUTHORITY SECTION:
isc.org. 28131 IN NS ord.sns-pb.isc.org.
isc.org. 28131 IN NS ams.sns-pb.isc.org.
isc.org. 28131 IN NS sfba.sns-pb.isc.org.
isc.org. 28131 IN NS ns.isc.afilias-nst.info.

;; ADDITIONAL SECTION:
ams.sns-pb.isc.org. 28131 IN A 199.6.1.30
ams.sns-pb.isc.org. 28131 IN AAAA 2001:500:60::30
ord.sns-pb.isc.org. 28131 IN A 199.6.0.30
ord.sns-pb.isc.org. 28131 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 28131 IN A 149.20.64.3
sfba.sns-pb.isc.org. 28131 IN AAAA 2001:4f8:0:2::19

[b10-resolver] [XX] got an answer
[b10-resolver] [XX] got an answer
[b10-resolver] Adding question isc.org. to message
[b10-resolver] sending a response (31bytes):
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 63665
;; flags: qr rd ra ; QUESTION: 2, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A
;isc.org. IN A





11:25:22.091100 IP 127.0.0.1.53645 > 127.0.0.1.53: 63665+ A? isc.org. (25)
0x0000: 4500 0035 0000 0000 4011 0000 7f00 0001 E..5…........<br> 0x0010: 7f00 0001 d18d 0035 0021 4791 f8b1 0100 .......5.!G.....<br> 0x0020: 0001 0000 0000 0000 0369 7363 036f 7267 .........isc.org<br> 0x0030: 0000 0100 01 .....<br>11:25:22.092289 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 1/4/6 A 149.20.64.42 (272)<br> 0x0000: 4500 012c 8f30 0000 4011 0000 7f00 0001 E..,.0..…….
0x0010: 7f00 0001 0035 d18d 0118 e507 f8b1 8180 …..5……….
0x0020: 0001 0001 0004 0006 0369 7363 036f 7267 ………isc.org
0x0030: 0000 0100 01c0 0c00 0100 0100 0003 7300 …………..s.
0x0040: 0495 1440 2ac0 0c00 0200 0100 006d e300 …*........m..<br> 0x0050: 0d03 6f72 6406 736e 732d 7062 ..ord.sns-pb<br>11:25:22.092601 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 ServFail [2q], 0/0/0 (31)<br> 0x0000: 4500 003b 0000 0000 4011 0000 7f00 0001 E..;....…….
0x0010: 7f00 0001 0035 d18d 0027 b841 f8b1 8182 …..5…’.A….
0x0020: 0002 0000 0000 0000 0369 7363 036f 7267 ………isc.org
0x0030: 0000 0100 01c0 0c00 0100 01 ………..


This problem didn’t exist prior to Jan. 24. In this case the client (id 63665 or port 53645) was dig. It never displayed the additional response.
578 task 1297866808524022 1392999399550405 data source low UnAssigned vorner DNS Outstanding Tasks assigned Refactor of PARTIALMATCH in isc::datasrc::MemoryZone::MemoryZoneImpl::find. It is getting rather long and unreadable. It would be nice to clean it up little bit, eg. by separating the PARTIALMATCH (which is the longest case label) into separate function.
579 task 1297933322527514 1392913205805053 resolver medium zhanglikun DNS Outstanding Tasks new Add iterator interface to Hash Table The iterator interface for Hash Table needs to be added, so that the content of it can be walked.
580 task 1297941415039838 1392914212200665 Unclassified low vorner DNS Outstanding Tasks new More flexible isc::testutils::rrsetCheck It would be handy if it could check only part of the equality (eg. only class, TTLs and data and ignore different names for example). The wildcard testcases in memory zone could be simplified by it.
581 task 1297952111140992 1392999421680956 data source low jreed jreed DNS Outstanding Tasks assigned src/lib/python/isc/datasrc/master.py source documentation Convert existing comments in src/lib/python/isc/datasrc/master.py to doxygen style documentation.

See http://git.bind10.isc.org/~jreed/pydoc/master.html for existing incomplete pydoc example.

Also add more documentation for this.

(Or maybe this code is going away?)
582 task 1297952294432839 1392837539252508 Unclassified medium jreed DNS Outstanding Tasks new add more unit tests for src/lib/python/isc/datasrc/master.py See

http://bind10.isc.org/~tester/2011/02/20110217130443-57736fd/coverage-python-html/src_lib_python_isc_datasrc_master.html

(only 9% coverage at this time).

(Unrelated to this ticket, but why does it’s rrtypes set have RR types that libdns++ doesn’t know, including some obsolete that BIND 9 doesn’t even accept?)
585 task 1298043021255787 1300972860628475 data source low jreed new Make SQLIte3 dependency optional Make the dependency on SQLite3 optional. ./configure should not fail if sqlite3 is not found.

This also means that b10-auth, b10-xfrin, b10-xfrout, b10-loadzone, and b10-zonemgr need to use an abstracted data source backend. This depends on:
#368, #374, #375, #376.
586 task 1298044224002248 1392913150462579 resolver medium jreed DNS Outstanding Tasks new randomize source ports Have an option so we can set our own source ports (instead of operating system). (For example, some operating systems use sequential source ports and not randomized.)

(09:47:30) stephen: I’ve just had a look at the Boost documentation and it seems that we can create a native port, that ask Boost to use that for its I/O. So we should be able to control the port numbers ourselves.
596 task 1298382431550481 1317139349238781 Unclassified medium jreed new allow configurations without running services Should be able to do configurations, especially for auth and resolver, without starting them first.

This may mean being able to change configurations without running cmdctl too.
601 defect 1298448694146657 1392811406027717 libdns++ medium UnAssigned jinmei DNS Outstanding Tasks new bug in handling out-of-range DNSSEC times This is an (originally unintended) continuation of #174.

According to Rob Austein our current implementation of DNSSEC time
(which is actually compatible with BIND 9) isn’t correct:

- we should allow pre-epoch time such as 19691231000000 as long as it’s in the valid 68-year range.
- we should reject (in the 32-bit mode) out-of-range time format such as 21000101000000

In practice, these would be minor, but since we’ve recently completed #174,
it would make sense to fix it using this opportunity.
619 task 1298497711930303 1330422593174356 cmd-ctl low jreed new pick a good default cmdctl port number Decide on port for cmdctl; 8080 is too common?
628 defect 1298575416565604 1337691456593207 Unclassified low UnAssigned jreed assigned switching from auth or resolver is too noisy This was done with:



> config diff
{’Boss’: {’start_resolver’: True, ‘start_auth’: False}}
> config commit



See all this output:



[b10-cmdctl] Begin send command ‘set_config’ to module ‘ConfigManager’
[bind10] Handling new configuration: {’start_resolver’: True, ‘start_auth’: False}
[bind10] Starting b10-resolver
[bind10] Started b10-resolver (PID 22058)
[bind10] Asking b10-zonemgr to terminate
[bind10] Asking b10-xfrin to terminate
[bind10] Asking b10-xfrout to terminate
[bind10] Asking b10-auth to terminate
[b10-auth] Received ‘shutdown’ command
[b10-msgq] Closing socket fd 8
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 9
[b10-msgq] Receive error: EOF
24-Feb-2011 14:19:32.111 Xfrout: INFO: Received shutdown command.
[bind10] Process b10-auth (PID 22024) terminated, exit status = 0
[b10-msgq] Closing socket fd 7
[b10-msgq] Receive error: EOF
[b10-cmdctl] Finish send command ‘set_config’ to module ‘ConfigManager’
[b10-cmdctl] Begin send command ‘get_config’ to module ‘ConfigManager’
[b10-resolver] Command line: b10-resolver -v
[b10-resolver] Server created.
[b10-resolver] IOService created.
[b10-resolver] Configuration session channel created.
[b10-cmdctl] Finish send command ‘get_config’ to module ‘ConfigManager’
[b10-resolver] Configuration channel established.
[b10-resolver] Config loaded
[b10-resolver] Server started.
[bind10] Process b10-xfrin (PID 22026) terminated, exit status = 0
[b10-msgq] Closing socket fd 10
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 12
[b10-msgq] Receive error: EOF
[bind10] Process b10-zonemgr (PID 22027) terminated, exit status = 0
[b10-msgq] Closing socket fd 14
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 15
[b10-msgq] Receive error:
[bind10] Process b10-xfrout (PID 22025) terminated, exit status = 0
[b10-msgq] Closing socket fd 11
[b10-msgq] Receive error:



While this is verbose, the many errors shouldn’t be there. This is not clean.
632 task 1298666735493161 1392913131851989 resolver medium jinmei DNS Outstanding Tasks new “libcache” has too generic a name As raised on jabber…

I just noticed “cache” is too generic when I saw src/lib/cache (it also
applies to the resulting library, libcache.{a,so}). Consider,
e.g. the fact we already have the “hot spot cache” for data source.
Also consider BIND 10 may not even specific to DNS. Even without
taking these into account, “cache” still sounds too generic and can
be quite ambiguous.

So, IMO, it should have a more specific name.

This is probably part of a larger packaging matter, though (e.g.,
whether we want to provide the cache library as a stand alone library
that can be exclusively used by third party applications, or whether
it’s intended to be used only as part of the resolver
(library/server)).

But I’m creating the ticket anyway so that we won’t forget it.
635 defect 1298980700682057 1330426424708472 build system low stephen stephen assigned Presence of old version of BIND10 may cause new build to fail Building from sources, if:
* —prefix is specified on the ./configure command line
* “make install” is run to install the software in the “prefix” directory
… a subsequent build of a later version of BIND10 may fail.

The set of commands that cause the build to fail on Ubuntu 10.04 are given in the attached file.

Removing the “prefix” directory allows the subsequent build to succeed.
645 defect 1299072541726805 1330430795159535 Unclassified low vorner new Little errors hinted by valgrind This is the rest of valgrind topics raised by #614. I believe this bunch is small and simple enough to handle them in one ticket.

They are:
- Invalid read in cc tests (the map there seems to be freed before the tests are done with it, but that’s only my guess)
- There’s call to open with NULL pointer as the path in the dns tests, which probably shouldn’t happen.
- Some memory leaks in auth tests. The two IOEndPoint ones are already topic covered by #644 (the same leak got to different tests), but there’s one more in changeUser.

I think this one is minor, because the first two probably happen only in tests (but I’m not sure about it, that’s why I leave it here to examine), and the third one happens just once per run.
650 task 1299224653994828 1392812528597430 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s dnssec system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/dnssec.
651 task 1299224711538630 1392812546628371 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s masterfile system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/masterfile.
652 task 1299224751638636 1392812561419620 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s notify system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/notify.
653 task 1299224794714962 1392812576738283 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s xfer system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/xfer.
654 task 1299224832714631 1392812592156794 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s unknown system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/unknown.
655 task 1299224906799160 1392812608264326 resolver medium jinmei DNS Outstanding Tasks new port BIND 9’s resolver system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/resolver.

I’m giving this ticket to R-team (as an initial assignment).
659 enhancement 1299234839233509 1392913106528658 resolver medium jelte DNS Outstanding Tasks new resolver priming Ticket #495 introduces the use of the NSAS, but it doesn’t correctly prime the resolver yet. We really need this (at least a simple version of it), it should probably be a method of RecursiveQuery (which is in essence the ‘resolver’ object right now), called once initialized, and later at a regular interval (either when the priming result appears to expire or once a day).

This might also need a way to simply send out one query and get back the result, without the full recursive process. Depending on what we do in #658, this may already be possible.
660 enhancement 1299235088120650 1392913035779181 resolver medium jelte DNS Outstanding Tasks new options and/or commands to control cache behaviour Ticket #491 introduced the use of a cache, but at this moment we have no method of controlling it;

some initial nice options would be:
- set maximum cache size
- set maxmimum lru size
- flush cache
- flush cache for specific names
- flush cache for specific zones and everything below it (though i’m not sure this is possible with the current cache implementation)
662 defect 1299245065169497 1392811258123648 b10-auth medium UnAssigned jreed DNS Outstanding Tasks assigned b10-auth wrongly falls back to default listen_on As I noted in #657, b10-auth now falls back to default listen_on (from spec?) if the b10-config.db version fails.



[bind10] BIND 10 started
Setting listen addresses:
0.0.0.0:53
127.0.0.1:5300
Initialize TCP server at 0.0.0.0:53
Unable to set new address: Failed to initialize network servers: Permission denied
[b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied
[b10-auth] Configuration channel established.
[b10-auth] Xfrin session channel created.
[b10-auth] Xfrin session channel established.
[b10-auth] Statistics session channel created.
[b10-auth] Statistics session channel established.
Setting listen addresses:
::1:5300
127.0.0.1:5300
Initialize TCP server at ::1:5300
Initialize UDP server at ::1:5300
Initialize TCP server at 127.0.0.1:5300
Initialize UDP server at 127.0.0.1:5300
[b10-auth] Set statistics timer to 60 seconds
[b10-auth] Data source database file: /usr/home/jreed/opt/bind10/var/bind10-devel/zone.sqlite3
[b10-auth] Server started.



I think the previous behaviour was for it to exit. bind10 (boss) would restart and the failure would continue looping. I don’t think that is good behaviour either.

But using default values when a configuration is specifically defined is not correct. It may not be noticed and it may break some policies or other software (which wanted to use those).

Maybe this will be fixed in #657, but I open this ticket just in case.
668 enhancement 1299497980496860 1299497980496860 Unclassified low stephen new Add formal randomness checking to unit tests of classes using random-number generators We are currently using the Boost random number generators in classes where random numbers are required (e.g. QID generation). Although these should be random, we currently do not do formal testing of the randomness of generated values in our unit tests. This runs the risk of not noticing a loss of randomness if the implementation of such classes is changed.

It is proposed that we formally check such cases using the NIST random number test suite [http://csrc.nist.gov/groups/ST/toolkit/rng/index.html]
674 defect 1299513343493610 1392912325412484 loadzone low jreed DNS Outstanding Tasks new loadzone wrong RR count and percentage From a couple tests, it looks like b10-loadzone RR count is one to many.

For example it shows “2 RR (s) loaded” for a single line SOA only zone.

Also sometimes the percentage shown is not 100% when completed. But that doesn’t match up to the count off by one.
677 defect 1299528731023605 1337591752864723 bind-ctl low jreed new bindctl doesn’t have readline/emacs-style editing On some of my systems, bindctl doesn’t provide line editing (no arrow keys, no CTRL-A, CTRL-E, etc).

Maybe the system is just missing some python module.

The fix for this is probably just to document what is needed and/or where supported.
679 enhancement 1299599149442427 1344438138107723 Unclassified medium UnAssigned vorner assigned More clever switching of listening addresses and ports Currently, when user changes addresses and ports (listen_on), isc::server_common::portconfig::installAddresses is invoked. It closes all old sockets and create new ones.

But if there are common sockets in old and new configuration, it is both unneeded and may cause a short break in service. So a more fancy way of switching them should be done.

The idea is to open the new ports, then close the old ones and keep the same ones untouched. (In this order, we can check we can get the new ones without losing the old ones, so it is easier to rollback)
685 defect 1299688327340397 1392913014659093 resolver medium jreed DNS Outstanding Tasks new resolver cached SERVFAIL becomes NOERROR I had a DNAME that resulted in a synthesized CNAME that is too long. Using b10-resolver as a forwarder: on the first query the upstream sent back a SERVFAIL. On second query, the b10-resolver said “Message found in cache, returning that” and returned a status: NOERROR (ANSWER: 0).

(I noticed this when researching #145.)
686 enhancement 1299761964159824 1389622076495221 build system medium jreed jreed assigned set library version info This was based on #635 issues.

We need to set the version information (such as libtool’s current:revision:age) for each library that has changed. At the minimum we should do these at least for each tarball release. We will not use the BIND 10 release or individual module versions for the library versions.

I will add more details to this ticket.

This ticket should not be closed until a wiki page also documents our policy on this.
687 defect 1299797626444982 1394116289440406 Boss of BIND low jreed Common Outstanding Tasks new suspend (stop) signal sent to boss doesn’t suspend children I used to be able to suspend bind10 and it would suspend the children too.
But now the parent is only suspended, children keep on running. I am doing this with Ctrl-Z from shell.
This causes some confusion for me as I troubleshoot (especially if I am flooded with verbose output on same terminal).
692 defect 1300207928617670 1392999432267907 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned response with NSEC3 for class ANY queries This is a remaining task for #80. We first need to add tests about
query logic (in general) for NSEC3 responses, and then make the same
fix as the one we did for #80.
694 enhancement 1300229091452958 1300972799721442 msgq low jinmei new proposal: change timeout for SendNonblock (msg test) to 30sec It’s currently 10sec

def terminate_check(self, task, timeout = 10):

(btw the space chars around = should be removed according to the style
convention)

Apparently this is too small for my personal slow server, and this
test regularly fails.

I propose changing this value to 30sec (yes, it’s an arbitrary choice
that happens to work for that particular server). Normally the value
shouldn’t affect testability; timeout doesn’t happen unless the test
fails or for a very slow machine. So I think the change is acceptable.
702 defect 1300357203601211 1392912989810995 resolver medium jelte DNS Outstanding Tasks new resolver/forwarder does not answer CH TXT version.bind and authors.bind
In fact, right now it crashes on such queries.

Fixing the crash is trivial, but getting the right answers is not (they’re hidden in StaticDataSrc, and including that would imply including nearly everything that’s necessary for b10-auth).

So I propose to move the actual creation of the ‘static’ data (i.e. the names and rrsets for authors.bind and version.bind) to a singleton in server_common, and use those from StaticDataSrc and bin/resolver.
705 enhancement 1300390542235100 1394116308396684 Boss of BIND low shane Common Outstanding Tasks new Log more helpful status when process exits under the boss Jeremy reported something exited with status 139.

It turns out that the status value is as follows:

a 16-bit number, whose low byte is the signal number that killed the process, and whose high byte is the exit status (if the signal number is zero); the high bit of the low byte is set if a core file was produced

That is from the Python documentation here:

http://docs.python.org/py3k/library/os.html#os.wait

So, deciphering it we see that it is < 256, which means it is a signal. The high bit is set - meaning we have core. We can remove that by subtracting 128 and discover that this is signal 11 (SEGV).

It would be nice if the boss process did this work and reported exactly what happened to the child process.
707 defect 1300391188623803 1392825456361357 Unclassified medium jreed DNS Outstanding Tasks new b10-resolver (as forwarder) exit with SEGV Not sure what caused this b10-resolver to exit with SEGV.

I am confused why question generates different upstream questions and one question results in multiple responses. Is this an error too?

Here is the closest lines in verbose output:



[b10-resolver] Got a DNS message
[b10-resolver] received a message:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;external.ak.fbcdn.net. IN A

[b10-resolver] Processing normal query
[b10-resolver] Try out cache first (started by incoming event)
[b10-resolver] Message not found in cache, starting recursive query
[b10-resolver] doLookup: try cache
[b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (photos-e.ak.fbcdn.net. IN A
) to 127.0.0.1

[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] sending a response (442bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 3781
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 11, AUTHORITY: 9, ADDITIONAL: 0

;; QUESTION SECTION:
;photos-e.ak.fbcdn.net. IN A

;; ANSWER SECTION:
photos-e.ak.fbcdn.net. 895 IN CNAME photos-a.ak.facebook.com.edgesuite.net.
photos-a.ak.facebook.com.edgesuite.net. 4798 IN CNAME a995.mm1.akamai.net.
a995.mm1.akamai.net. 20 IN A 69.31.72.194
a995.mm1.akamai.net. 20 IN A 69.31.72.139
a995.mm1.akamai.net. 20 IN A 69.31.72.145
a995.mm1.akamai.net. 20 IN A 69.31.72.147
a995.mm1.akamai.net. 20 IN A 69.31.72.169
a995.mm1.akamai.net. 20 IN A 69.31.72.176
a995.mm1.akamai.net. 20 IN A 69.31.72.178
a995.mm1.akamai.net. 20 IN A 69.31.72.184
a995.mm1.akamai.net. 20 IN A 69.31.72.193


;; AUTHORITY SECTION:
mm1.akamai.net. 1798 IN NS n7mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n4mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n3mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n2mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n5mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n0mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n6mm1.akamai.net.
mm1.akamai.net. 1798 IN NS a0mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n1mm1.akamai.net.

[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] sending a response (308bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 0

;; QUESTION SECTION:
;external.ak.fbcdn.net. IN A

;; ANSWER SECTION:
external.ak.fbcdn.net. 2472 IN CNAME external.ak.fbcdn.net.edgesuite.net.
external.ak.fbcdn.net.edgesuite.net. 4798 IN CNAME a1920.g.akamai.net.
a1920.g.akamai.net. 20 IN A 63.80.138.48
a1920.g.akamai.net. 20 IN A 63.80.138.67

;; AUTHORITY SECTION:
g.akamai.net. 1799 IN NS n4g.akamai.net.
g.akamai.net. 1799 IN NS n7g.akamai.net.
g.akamai.net. 1799 IN NS n6g.akamai.net.
g.akamai.net. 1799 IN NS a0g.akamai.net.
g.akamai.net. 1799 IN NS n5g.akamai.net.
g.akamai.net. 1799 IN NS n3g.akamai.net.
g.akamai.net. 1799 IN NS n0g.akamai.net.
g.akamai.net. 1799 IN NS n1g.akamai.net.
g.akamai.net. 1799 IN NS n2g.akamai.net.

[b10-resolver] sending a response (38bytes):
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 24087
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;profile.ak.fbcdn.net. IN A

[bind10] Process b10-resolver (PID 16152) terminated, exit status = 139

709 enhancement 1300396709121370 1392914161716876 resolver low UnAssigned shane stephen@isc.org DNS Outstanding Tasks assigned Improve RTT message from recursive resolver by using decimal Stephen noted that the RTT: debug output would possibly be nicer with outputing using decimals.


Stephen: We could change that to output it to three decimal places.


715 defect 1300452454216757 1301321712247554 configuration low jreed new cfgmgr errors need a new line or separator I made a mistake:


> config set Auth/datasources [{file “/Local/Users/jreed/J”, origin config commit
Error: Error in config validation: Unknown item fileUnknown item origin
Configuration not committed



It is unknown because I forgot to use “zones” for this list. The problem is the error messages got merged together.
717 defect 1300453300858334 1300453300858334 bind-ctl low jreed new config diff output uses single quotes config diff output uses single quotes.

But bindctl and cfgmgr require double quotes. So if you attempt to copy and paste it will fail.

718 defect 1300453366384540 1377867759038750 bind-ctl low jreed new Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty. Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty (such as piping in a command to it).
732 task 1300982884532984 1308086219578281 bind-ctl medium jreed new add more unittests for bindctl components Get all of bindctl to at least 75 unit test code coverage.
See:

http://bind10.isc.org/~tester/LATEST_PYTHON_UNITTEST_COVERAGE/
734 task 1300983182591938 1308086254849558 Unclassified medium jreed new add more unit tests for lib/xfr Add more unit tests for lib/xfr to get it to atleast 75% code coverage. See:
http://bind10.isc.org/~tester/LATEST_UNITTEST_COVERAGE/xfr/index.html
748 enhancement 1301048430011042 1303288185742206 resolver low stephen new Remove coroutines from IOFetch Remove the coroutine code from io_fetch.{cc,h}.

This involves removing the inheritance from the “coroutine” objects and breaking down the operator() method into a number of separate methods corresponding to each phase of the I/O. (This may involve the use of boost::bind to specify the asynchronous I/O callbacks.)
750 enhancement 1301049551821677 1330704341390354 Unclassified low stephen new Remove coroutines from UDP server and TCP server The work involved in this is similar to that in ticket #748, but is applied to the TCP and UDP server code.
752 enhancement 1301050626523132 1303288206489049 Unclassified low stephen new IOService Refactoring Several points in the code access the boost ASIO “post” function through IOService by calling IOService::get_io_service().post(). Ideally IOService should supply a post() method itself. Owing to the use of templates, this may require removing the “pimpl” structure.
757 enhancement 1301163841383808 1330702682035017 logging low stephen stephen assigned Python logging - understand configuration The logging configuration is being defined in ticket #736, although the scope of that ticket is C++. This ticket involves producing Python code that understands the logging configuration and sets the options in the BIND-10 Python logging module accordingly,
776 enhancement 1301410070349491 1392999528377870 Unclassified medium stephen DNS Outstanding Tasks new IXFR out: Share UDP Address/Port with b10-auth and xfrout In many cases, different functions of BIND 10 should use the same address and port to receive communications. This task - which is also involved with using UDP in general - makes this possible.
778 enhancement 1301466559425504 1301466559425504 xfrout medium stephen new IXFR out: limit number of concurrent XFRs Configuration of a wide limit on the number of concurrent transfers and implementation of the code to keep a track of the transfers and refuse a request that would cause this limit to be exceeded.
779 enhancement 1301466669718474 1301466738839037 xfrout medium stephen new IXFR out: cleanup configuration Add configuration parameters to specify how many versions of the zone should be kept and how long the history should be kept for.
780 task 1301466900488102 1301466900488102 xfrout medium stephen new IXFR out: add housekeeping to clean up old history Based on the configuration specified in #779, some form of housekeeping task is required to periodically clean up history.
785 task 1301484331910045 1301484331910045 Unclassified medium stephen new DNSSEC: read, document and understand BIND 9 handling of DNSSEC Possibly the precursor to all DNSSEC related tasks, this is to make sure that we don’t lose knowledge of what BIND 9 has done with DNSSEC.

The person doing this task should make sure that they interact with the BIND 9 programme manager, as the output will be a useful addition to the BIND 9 documentation set.
789 defect 1301503700873539 1394116322264037 Boss of BIND medium stephen Common Outstanding Tasks new Make “shutdown” a hidden command for non-Boss processes At the moment it is possible to shutdown components individually. Unfortunately, the Boss immediately restarts them because it does not know that they have been requested to terminate.

This change removes the component shutdown command and ensures that they can only be shutdown through Boss - which, because it knows about the shutdown will not restart them.
791 enhancement 1301503869663869 1394116339620628 Boss of BIND medium stephen Common Outstanding Tasks new Add command to Boss to see component configuration Should be able to execute a command to see a list of running process and any relevant configuration information.
795 enhancement 1301504172842902 1394116356863046 Boss of BIND medium stephen Common Outstanding Tasks new Stop/force-stop/restart/start a component (temporarily) Sometimes a component will not shutdown. The cmdctl interface should allow the user to:
* Stop a component (i.e. request it to shut down normally)
* Force-stop (i.e. kill it)
* Restart (i.e. shut down normally and get it to restart automatically)
* Start (i.e. start a component that is currently not running)
803 enhancement 1301557630304648 1394116372443015 Boss of BIND medium stephen Common Outstanding Tasks new Command to list currently used sockets (Related to #802.)
804 enhancement 1301557671331241 1394116387627774 Boss of BIND medium stephen Common Outstanding Tasks reopened Client side code to request new sockets (Python)
808 task 1301558082457798 1301558082457798 Unclassified low stephen new Research alternate strategy of using a lexer/parser to define record types Rather than explicitly creating a class for each record type, is there some way that we can define the characteristics of a RR and automatically generate the code?
822 enhancement 1301560581841591 1301560581841591 data source medium stephen new Use first match data source Modify so that first match instead of best match is used from multiple data sources
824 enhancement 1301560817541807 1317990348048159 data source medium stephen new Improve configuration of data sources
826 task 1301817156175350 1340899583918649 Unclassified medium fdupont fdupont assigned Windows support Windows support:
- OS >= Vista/Windows Server 2008
- Visual Studio >= 2008 (aka 9.0)
- google test (for validation)

Individual item:
- HOWTO (needed software and tools)
- DLL exports
- solution and projects (for VS 2008)
others will be added
837 defect 1302099452093934 1392811598022391 Unclassified medium fdupont DNS Outstanding Tasks new multiple include of initialized static constant members In edns.h:
class EDNS {
///
}

Each time the edns.h file is included this gives a new EDNS::SUPPORTED_VERSION
symbol so linking raises “multiple defined” errors.

There are two ways to fix it:
- play with an #ifdef so only the initializing form in included in edns.cc
- move the initialization to edns.cc
I prefer the second way but there are still some choices:
- keep the value in .h in a comment
- what to do for this line is edns_unittest.cc:
const uint8_t EDNS::SUPPORTED_VERSION;
(I’d like to remove it)?
840 defect 1302140837373042 1304377436907887 Unclassified medium fdupont new Windows support for libcc No chance: current libcc relies on asio::local which is not supported on Windows.
Note the ASIO_HAS_LOCAL_SOCKETS flag should help according to the ASIO doc…
Got a !WinSock.h double include error too (to be fixed in config.h for Windows).
What is the plan? Add local TCP as an option?
841 task 1302162674129589 1305213407580130 Unclassified medium jelte new remove generated .py files We have a number of python scripts that are generated from .in files at configure time. We also have a file src/lib/python/bind10_config.py[.in] that is supposed to act like the config.h file in cpp; we should put configure-time substitutions in this file instead of in all the generated .py files.

ps. when we do this, it’ll cause a lot of git checkout ‘problems’ (files that were generated in one branch but are in the repository of another), we might want to add a small script that deletes them as an interim workaround until we have no old branches left after this is done.
842 defect 1302166140879988 1394114735280370 Unclassified medium zzchen_pku Common Outstanding Tasks new Do range check within C++ class Some of the long int variables can be a plain int: Message_init, Message_clear, MessageRenderer_setCompressMode. (although being long is not necessarily incorrect; it just consumes more (stack) space unnecessarily).
Actually, in these cases it make more sense to do this check within the corresponding C++ class (Message, MessageRenderer?, etc) and delegate the check to it.
854 enhancement 1303204287914456 1305289926802818 Unclassified low stephen new Extend the badpacket generator The “badpacket” generator is a program that generates (potentially) bad DNS packets for sending to a nameserver and testing its response. It is meant to be used as a testing tool for the BIND 10. Currently, the generator can:
* Set any combination of flags in the DNS message header.
* Vary the size of the DNS message (by truncating or extending with random data)
* Set the DNS message section counts (independently of what is in the section).
This ticket is for enhancements to the program to:
* Actually insert data into the various message sections.
* Modify the data in the message sections (e.g. by corrupting the label length fields).
* Add a set of options for testing (bad) EDNS0 data.
856 task 1303252448822559 1304496626188282 libdns++ medium UnAssigned jinmei assigned add ability to send TSIG’ed query to src/bin/host Unless I’m mistaken this is an additional task for the May03 sprint so
that it will have one “user-visible feature”.

What I meant is to add a small change to src/bin/host so that it accepts
a new “-f ” option just like BIND 9 dig, and uses that
information with the libdns++ API introduced in #812 to send TSIG signed
queries. Should be pretty easy.
858 enhancement 1303293435055645 1305291723225946 Unclassified low fdupont new silent MSVC warnings on libdns++ I’ll collect MSVC warnings in VS2005/2008/2010 and try to address them.
Some are spurious (as a warning for {} while(0) in macros) and should be avoided
with a pragma, some are real (mainly incompatible integer operations) and should
be fixed (for instance by a cast). As far as I know none is critical so
I put this ticket in enhancements.
Note at least a common one is related to C++: VS2010 complains about missing and
impossible to generate copy operation in class definition…
860 task 1303452541864048 1392999445167461 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned sqlite3 data source should separate DONE and other errors See #851 (espeically its initial description). Conceptually, this means
instead of doing this:

rc = sqlite3_step(dbparameters>q_zone_);
const int i = ?
sqlite3_column_int :
1;

we should do it this way:

rc = sqlite3_step(dbparameters>q_zone_);
if
const int i = ?
sqlite3_column_int :
1;


It’s basically straightforward, but since a naive approach would result
in the same patter repeated in various places, we’ll probably also need
some kind of refactoring.
861 enhancement 1303453310640018 1305214361342052 Unclassified medium zhanglikun new Check max udp packet size(buffer size) carried by edns0 message When resolver geting a query with DO bit from a client, the max udp packet size should be checked. Once the size of answer message is bigger the max size, tcp query should be triggered.

Currently the simplest forwarder doesn’t check, always treate the max udp packet size of query client is 4096.(see more in ticket#598)
862 task 1303460875383770 1344438559841280 Unclassified medium UnAssigned vorner assigned Properly encapsulate the output buffer in AbstractMessageRenderer As discussed in #404, we shouldn’t expose the output buffer to descendants of `AbstractMessageRenderer` trough `getBuffer()`. The most problematic place that uses it is name compression in `MessageRenderer`, which needs some small refactoring. The rest should be trivial to replace.
864 task 1303815711705987 1392912967341617 resolver low vorner DNS Outstanding Tasks new Simplification of ResponseScrubber::scrubSection As noted in comment:5:ticket:847, the method would use some simplification (the suggestion about `nomatch` is already implemented).
874 task 1304087689458972 1305223378939417 Unclassified medium shane new Create tests for src/bin/host We need tests for src/bin/host.
887 task 1304280532725770 1305270004460967 Unclassified medium shane new review code for undocumented functionality Also meant as input for #884, but we probably need to break this down into smaller tasks.
891 enhancement 1304402768405000 1392912898819529 resolver medium zhanglikun DNS Outstanding Tasks new Retry forward query over TCP when getting a truncated response. Currently, the forward query doesn’t have the ability to retry over TCP when getting a truncated response. It should add the support for it. Following is the comments in ticket# 598 given by vorner.

“What should the forwarder do with TCP anyway? Ask over UDP if the request come over UDP and use TCP if it comes over TCP? Is it possible with our current framework?”
892 enhancement 1304404513391522 1389749466423194 build system medium UnAssigned jinmei assigned move generic test utils from lib/dns/tests to lib/util/unittests As I commented in #813, I propose:

- move things except DNS specific things (matchName and createRequestMessage) in lib/dns/tests/unittest_util to lib/util/unittests/
- unify addDataPath and (part of) readWireData with lib/util/unittests/testdata. basically I’d keep the latter and remove the duplicate functionality from the former.
- in addition I’d change the interface of matchWireData() so that expected data is given before the actual data in the parameter list to be more comatible with other gtest interfaces (and variable names should be renamed to actual/expect, etc)
895 enhancement 1304444293674245 1307052968960904 build system medium UnAssigned jinmei assigned “null” crypto module It will help if we add an internal backend crypto module (used from
libcryptolink) for environments where Botan is not available. It will
also be helpful for users who don’t need any crypto related DNS
operations (no TSIG, no DNSSEC) and don’t want to install Botan just
to compile BIND 10.

This should be configurable in configure.ac and should be disabled by
default. It was also suggested that if the null module is enabled a
warning message (that no TSIG or DNSSEC will be usable) be shown.

Note also that when the null module is enabled some unit tests will
fail. We’ll need to work around it in some way.
896 defect 1304446501946920 1305292100972925 bind-ctl low jreed new bindctl command history shows username and user name attempts

Username:fhdsjkdfshjk
Password:
[“user doesn’t exist”]
Username:root
Password:
[“login success”]
> fhdsjkdfshjk


The above shows attempts and then command history. Command history also showed the real username.

I think this is misleading to have the username in command history.
909 task 1304717919353537 1396529228792699 xfrin medium jreed DNS Outstanding Tasks new Move command “retransfer” from Xfrin to zonemgr. Move command “retransfer” from Xfrin to zonemgr.

For background see https://lists.isc.org/pipermail/bind10-dev/2011-May/002235.html

This is related to #908.
911 enhancement 1304754703435921 1341252007825965 Unclassified low fdupont new time64 & Y2038 Some systems (at least HPUX and Windows) provide a “time64” version of time_t, time(), etc, which will still work after 2038. I suggest 3 things:
- use the 64 bit variant when it is available (e.g., twist a #define config.h and don’t forget to include it)
- make the code compiling without warnings with the 64 bit variant
- at low priority provide a 64 variant on systems which don’t have it.
Even we have ~20 years to solve this issue it should be fine to not wait so long…
918 task 1305116578867933 1317139338430339 configuration medium vorner new Non-dict top-level configuration Currently a module configuration must be a dict and with names hardcoded in the spec file (eg. we say that we’ll have
module.a, module.b and that’s it). These items can have any type then.

But for process-less configurations, it makes sense to have a different type for the whole module. An example would be
tsig_keys configuration section, which would be shared between multiple processes. It would make sense for it to be
just list of strings, each representing one TSIG key in the keyring. Current workaround in #875 is to put there one more
level, but it’s inconvenient for the user.

(I’m putting it to core, as the configuration is shared)
919 enhancement 1305140148511611 1317990940778622 libdns++ medium UnAssigned jinmei assigned define a header file for DNS protocol constants See the discussion for the background:
http://bind10.isc.org/ticket/893#comment:11
(around the paragraph beginning with “OK, although…”)

The idea is to create a new header file, say, protocol_constants.h, in
lib/dns to centrailze the definition of (mainly numeric) protocol constants
such as the max wire length of domain names.

We should begin with the discussion about whether this is a good idea
in the first place, and, if so, which constants should be defined
in that file.
920 enhancement 1305140328886955 1308058627479306 libdns++ medium UnAssigned jinmei assigned extension to TSIG: support truncated signature This is a remaining task (for relatively minor cases) of #893 as noted in
http://bind10.isc.org/ticket/893#comment:3

We need to support truncated signature in TSIGContext::verify() (and
perhaps also in sign() - BIND 9 does something about this in its verify
implementation. we need to check). We then need to revert the short term
hack (and temporarily disabled tests) made in libcryptolink in #893 and
#954.
921 enhancement 1305140551409948 1305295195674457 libdns++ low jinmei jinmei new extension to TSIG: support signed but no TSIG message over TCP This is a remaining task (and covering a very minor case) of #893 as
noted in http://bind10.isc.org/ticket/893#comment:3

This could probably have a very low priority. There’s probably no
implementation of the sender side that does this. If so, the only
meaning of implementating this is to be feature complete as a
reference implementation of the protocol.
923 enhancement 1305226590899704 1305272688701612 logging medium vorner new Create a cross-breed between isc_throw and LOG_ERROR macro. We often need to log an error message and throw an exception at the same place. We also generate similar message for them.

So the proposal is to create a macro that creates the message like for logging (with the message ID and formatting), logs it and then throws an exception with the same message as one command.
932 defect 1305617161312654 1339226208051796 libdns++ medium UnAssigned jinmei assigned overall cleanups (including real bug fixes) for pydnspp As I pointed out in #905, the current implementation of pydnspp
seems to be fragile and contains some real bugs like memory leak
or propagating C++ exceptions.

I’d suggest applying overall cleanup using tools in src/lib/util/python
to make the code more robust.
933 enhancement 1305617411892712 1344438451664443 documentation medium jreed jinmei assigned introduce a framework to convert from doxygen to pydoc I’d propose introducing a tool to convert XML output from doxygen
to a template of embedded documentation string for our python
bindings. This will help improve documentation of the python binding
(specifically pydnspp) to the quality of pretty close to that of the
original C++ doxygen doc.

I’ve written a mostly complete python script to this job. So this
ticket will be just to complete the work and get it reviewed and
merged.

934 enhancement 1305617767636295 1306402982030665 libdns++ medium UnAssigned jinmei assigned use real constants (instead of proxy factory) in pydnspp I noticed that pydnspp uses many proxy factory functions for constant
objects like RRType.AAAA (), RRClass.IN(). In Python we don’t have to
do that because there’s no worry for static initialization fiasco
(which is the reason why we use the proxy functions in C++).

We can simply define RRType.AAAA, etc, as class constant in
initialization and use it throughout our applications. That will be
more intuitive, and will be a bit more efficient (a call to a proxy
function always involve an allocation of PyObject and subsequent
deallocation; real constants are created only once in initialization).

I’d propose making this change in the entire pydnspp. It will require
changes to the applications (xfrin.py, etc), but the changes should be
pretty straightforward.
935 enhancement 1305618161576064 1306403137199231 documentation medium jinmei new improve pydnspp documentation Once #933 is completed and merged, we can use it to improve the
actual documentation of our python bindings.

I’d propose to create a task for improving pydnspp. Using the
auto-generated template, the rest of the work should be a quite
straightforward and small set of editorial changes.
941 enhancement 1305796792290507 1331638684393979 Inter-module communication medium jelte new ‘internal’ commands in .spec/modules There is the need to have ‘internal’ commands; i.e. commands that modules accept, but only from other modules, and not from an administrator. For instance, Xfrin currently has a ‘notify’ command, that is sent from zonemgr. This command is only used on incoming notifies, and for that reason is not in the specfile. However, this means that we have no way to automatically validate the arguments.

The proposal is to extend the specification format with a ‘internal’ value for commands, and if this is true, it will not be exported to bindctl etc, but we can add argument validation to moduleccsession.
942 defect 1305796961573817 1306403320569133 Unclassified medium jelte new filling in default values for command arguments ModuleCCSession currently offers support for getting the default values of configuration options, should they not be configured explicitely. We need the same for command arguments.
944 task 1305802004391137 1306403386613441 Unclassified medium jelte new some generalized checks we don’t really have a python util afaik, but we could use some general set of checks (for instance that an integer is a valid port number, that a string represent a valid domain name, etc.); from #811:

“this makes me think that maybe we do need a set of generalized check-calls like is_valid_port_number, etc. Preferably ones that do not raise, but do convert to specific type if necessary (and do provide the error if they can’t)”

having a good place to put these and a somewhat general interface for this is more important than providing a complete set of specific checks, we can add them as we encounter the need for them later
948 defect 1305825426209235 1331645709045791 configuration medium jreed new old Xfrin/master_addr configuration is in the way This is related to #945.

zone-related info is in xfrin, not zonemgr. master_addr is not directly in xfrin anymore, but one of the values of Xfrin/zones.

If you have old configuration in place, it gets in the way:



> config show Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones [] list (default)
> config show_json Xfrin
{master_addr “192.168.1.1”}



I think something should loudly complain.

And now bindctl is showing two different sets of values and doesn’t tell me which is real.

jelte says I think we should have per-module config version numbers.

Here is an example of problem:


> config show_json Xfrin
{master_addr “192.168.1.1”}
> config add Xfrin/zones
> config set Xfrin/zones[0]/name foo
> config set Xfrin/zones[0]/master_addr 192.168.1.1
> config diff
{’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}}
> config commit
Error: unknown item master_addr
Configuration not committed
> config show_json Xfrin
{zones [{name “foo”, master_addr “192.168.1.1”}]}
> config diff
{’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}}



Looks like “show_json” shows what is not committed yet.

It does complain, only way too late.

Jelte said “afraid the only quick workaround is to stop bind10 and manually remove that original master_addr from b10-config.db”.

So that is what I did.

Manually editing the config database is not what we want to do so I am opening ticket.
949 defect 1305839394492086 1331646600577714 build system low jreed shane new ./configure —prefix change requires “make clean” before “make install” If I run:


./configure —prefix=OLD
make
./configure —prefix=NEW
make
make install


Then the install fails. I can fix it via “make clean” before the second make, but that costs a lot of time and indicates some problem with some dependency.
952 defect 1305896769953683 1394114699762318 Unclassified medium UnAssigned jelte Common Outstanding Tasks assigned msgq/cc multiple reads problem (and bad_alloc in b10-auth upon notify) in ticket #931, Michal discovered that there is a problem with multiple reads in cc/session. A (partial?) fix was proposed, and a different workaround was counterproposed (see that ticket).

However, I also see problems that look like they are caused by the same or a very similar issue; upon notify, sometimes b10-auth aborts with a bad_alloc. The bad_alloc is caused by it trying to create a buffer for a message of which the length was incorrectly read.

I think we should have locks around the different reads in session.cc
958 defect 1306144810660046 1306404268369401 Unclassified low stephen new Provide more information on failing test if exception is thrown Give more information in a failing test if an isc::Exception-derived exception is thrown. See https://lists.isc.org/pipermail/bind10-dev/2011-January/001891.html for more details.
959 enhancement 1306244936958027 1396529237609820 xfrin medium shane DNS Outstanding Tasks new Allow multiple masters for a slave zone Right now we can only have a single master for a zone. We need to be able to define more than one.
961 enhancement 1306245275716716 1306404102447876 configuration medium shane new Should be a way to see how to configure something “help” does not help me to create a secondary zone:


> config show Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones/ list


What is supposed to go in zones?

Jelte has a workaround, which is to add a zone then look:


> config help Xfrin/zones
Error! Unknown parameter ‘Xfrin/zones’ to command ‘help’ of module ‘config’
Command help (Get help for module.)
help (Get help for command)
No parameters for the command
> config add Xfrin/zones
> config show Xfrin/zones
Xfrin/zones[0]/name “” string (default)
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “” string (default)
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string


This works okay, but it not ideal. :)
965 defect 1306328078086645 1318411518734941 xfrout medium shane new Xfrout should not notify itself I have a machine that gets errors sending notifies to itself:


25-May-2011 12:52:44.878 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.879 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.880 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.881 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.882 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.882 Xfrout: INFO: notify to 78.47.15.240#53: retried exceeded


The server should be smart enough not to notify itself.
966 enhancement 1306328544150372 1306404156394645 xfrout medium shane new Notify should be configurable We should be able to configure notify behavior, both on a server and per-zone level.

It should be possible to set explicit IP:port values, as well as something like “figure out from NS RRSET” as a special target.


Xfrout/default_notify [ { type } ]
Xfrout/zones[0]/notify [ { type, IP, port } ]
Xfrout/zones[1]/notify []


Here the default behavior would be to figure out who to notify from the NS RRSET, while the first zone would have only an explicit notify, and the second zone would not send any notifies at all.
968 task 1306332590204165 1331646546535527 build system low jreed shane new separate configure.ac into specific .m4 files From ticket #35:

Should we consider moving our specific configure functions into a included m4 file? (at Labs we used a shared acx_nlnetlabs.m4 file, for two reasons, one might not be relevant for us and that is that we shared a lot of functions between different projects, but the other was to keep the main configure.ac more readable).

969 defect 1306336569652746 1306404309122532 bind-ctl low jreed new non-intuitive bindctl configuration for Auth/listen_on This is a few problems.

I want to be able to just change one default. Testing as non-root. Defaults have port 53 for :: and 127.0.0.1. For testing, I change one to 5300, but commit fails since the other “default” port 53 still does not work:



> config set Auth/listen_on[0]/port 5300
> config commit
Setting listen addresses:
:::5300
0.0.0.0:53
Initialize TCP server at :::5300
Initialize UDP server at :::5300
Initialize TCP server at 0.0.0.0:53
Unable to set new address: Failed to initialize network servers: Permission denied
[b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied
Error: Server configuration failed: Failed to initialize network servers: Permission denied
Configuration not committed


It seems like if I change one configuration, then that one configuration should be used.

Second problem (starting with my custom config removed so just defaults again):



> config remove Auth/listen_on[0]
> config diff
{’Auth’: {’listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}}
> config set Auth/listen_on[1]/port 5300
> config diff
{’Auth’: {’listen_on[1]‘: {’port’: 5300}, ‘listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}}
> config commit
Error: Error in config validation: Unknown item listen_on[1]
Configuration not committed



I did not immediately realize that listen_on[1] became listen_on[0]

Comments from jabber follow:

(09:55:07) vorner: jreed: actually, it created new item called listen_on[0], which is a dict and didn’t touch the list in listen_on. And yes, you confused the poor tool.

(09:55:56) jelte: well, in this specific case it’s not not intuitive, it’s plain buggy handling that command for an element that doesn’t exist
972 defect 1306350840779360 1392912875881081 resolver medium jinmei DNS Outstanding Tasks new Resolver class is not exception safe As I looked at the code for #971, I noticed another problem in the
Resolver class: Its constructor is not exception safe:


Resolver::Resolver() :
impl),
dnss
(NULL),
checkin),
dns_lookup
(new MessageLookup(this)),
dns_answer,
nsas
(NULL),
cache,
configured
(false)
{}


If, for example, “new ConfigCheck” fails, the allocated resource for
impl_ will leak.

It also looks quite awkward that it has specific member variables even
if it adopts the pimpl idiom (although there may be a specific reason
that can only be understood via deep understanding of the
implementation details).

Furthermore, due to the fact that dnss_/nsas_/cache_ are not set (to a
non NULL value) at the construction time this class is quite fragile
because some methods naively assumes they are non NULL. Example:


void
Resolver::setForwardAddresses(const AddressList& addresses)
{
impl_->setForwardAddresses(addresses, dnss_);
}


I’d suggest heavy refactoring and cleanup for this class so that it
will be cleaner and safer.
973 enhancement 1306501010362252 1308579624913495 configuration low vorner new Separate methods for addRemoteConfig Currently, there’s one method and it takes a name and a bool parameter. The parameter specifies if the name is filename or modulename (so the spec is loaded from config manager).

This design isn’t exactly clean, so it was suggested this might be better separated into two methods (or, alternatively, some other solution might be thought of).
974 enhancement 1306501301050171 1394116792119803 b10-auth low vorner DNS Outstanding Tasks reopened Pointer to shared pointer in `Auth::setTSIGKeyRing` is awkward and error prone As discussed in #931, the design isn’t clean. We should come up with some solution that is simple and elegant.
975 defect 1306501611597398 1392811651433463 Unclassified medium vorner DNS Outstanding Tasks new Non-primitive static object `server_common::keyring` is candidate for intialization problems As noted in #931, this might be problematic if one non-primitive static object uses another one for it’s initialization, as the second one might be yet unitialized. This should be replaced by some function returning the instance or something to prevent such problems.
982 task 1306772645217077 1308064433369781 Unclassified medium vorner new Named ACL objects It should be possible for the loader (#978) to remember the ACLs it loaded under a name. It could then either provide them directly or use them for sub-expression loading when the name is used in specification.

Note that this needs a cycle protection (see notes at [wiki:AclSyntax]).
984 enhancement 1306828146083423 1308576861650272 Unclassified medium shane new Get list of zone timers from zonemgr It would be nice for debugging to get a list of the timers from zonemgr, along with perhaps any other information being tracked (although I think that is it).
986 defect 1306830870989501 1314221339732657 bind-ctl medium shane new bindctl crash when removing unknown item I was using a BIND 10 server with an old (pre-2011-05-17) configuration. It has a “master_addr” for all of Xfrin, instead of per-zone.

I was unable to commit my database changes because of that:


> config commit
Error: unknown item master_addr
Configuration not committed


Here is the old configuration:


shane@madras:/opt/bind10/var/bind10-devel$ cat b10-config.db
{Xfrin {master_addr “85.17.60.159”}, version 2,
Auth {listen_on [ { address “85.17.60.232”, port 53 } ]}}


So I decided to remove the offending legacy configuration, with these results:


> config unset Xfrin/master_addr
Traceback (most recent call last):
File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/opt/bind10/bin/bindctl”, line 138, in
tool.run
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd
Cmd.onecmd
File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default
self.
parse_cmd(line)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd
self.
handle_cmd(cmd)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd
self.apply_config_cmd(cmd)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 673, in apply_config_cmd
self.config_data.unset(identifier)
AttributeError: ’UIModuleCCSession’ object has no attribute ‘unset’
995 enhancement 1306963399183164 1308059157201126 build system medium UnAssigned jinmei assigned use “convenience libraries” to share .cc in multiple targets Currently we compile some .cc files multiple times, once for a main
target (such as b10-auth), and in other cases for tests and
benchmarks. The additional compilation is simply redundant and
(though maybe relatively marginal) contribute to increasing the
already large build time of BIND 10.

I propose we use the “convenience library” feature of automake to avoid
the duplicate compilation. See this link for convenience libraries:
http://sourceware.org/autobook/autobook/autobook_92.html

(At least in theory) this should be a beneficial (and mostly trivial)
change at no risk of regression.

Both b10-auth and b10-recurse should be able to benefit from this, and
there may be some others.
996 enhancement 1307102047876400 1392912857860556 resolver medium jelte DNS Outstanding Tasks new keep track of nameserver ‘capabilities’ in nsas
We should keep track of capabilities of any nameserver in the NSAS. The first thing that comes to mind is whether it supports ENDS0, but also DNSSEC lameness, and path MTU to said server.

This would also include either some form of probing if things seem off (while the resolver continues its resolving with another NS), or a direct fallback algorithm in the resolver.
1000 defect 1307560236025600 1392811723634386 Unclassified medium jinmei DNS Outstanding Tasks new tools/query_cmp is IPv4 only We should be ashamed we’re shipping an IPv4-only program even after
the world IPv6 day:-)
1002 defect 1307579062301691 1321984100262904 xfrout medium jinmei new various glitches in notify_out As I worked on #964 I found various glitches in the notify_out.py
implementation. I suspect we’ll soon need fundamentally rewrite of
it (even if done incrementally) due to its current overall quality of
the code, but here are some specific points as a placeholder:

- port number 53 is hardcoded
- creating separate sockets for separate notify transaction seems to
be a waste
- a related note: it’s not clear whether the limit of concurrent of
notifies (30) is reasonable. if not, and if we allow a larger
number notifies at the same time, the second point will be severer.
- it’s so heavily dependent on details of sqlite3 specific code
(although not really the problem of notify_out itself)
- it cannot send notifies to out-of-zone NSes.
1005 defect 1307630899261306 1310489785238739 logging medium jelte new check logger names in cfgmgr You can configure any logger, but if you mistype the name, it will happily create a logger for a module that does not exist, and the ones that do will use defaults.

So the plugin config checker should really check the name and see if it makes sense.

However, there are a few problems;
- right now the way those python checking scripts are called they have no knowledge of what modules there are, so they can’t really check the names of the loggers.
- even if they could, you would only be able to configure logging for modules that are running (which is another symptom of the bigger ‘can’t configure non-running modules’)

so right now, i think we should modify the calling design so you can actually check, but not error on a ‘wrong’ name, only log an error (yes that sounds weird, in effect this error log message would go to the ‘previous’ config, or the default if nothing has been configured yet).
1007 enhancement 1307670650283458 1308578603334225 Unclassified medium zzchen_pku new create a higher granularity of exceptions for xfrin/xfrout See Jinmei’s comments below:

xfrin and xfrout use the same single exception in so many places, obscuring the accuracy of test results.
When we do self.assertRaises(XfrinException?, xxx), we cannot really be sure if the exception is really
triggered at where it should be triggered.
We could check the exception error message , but since the error message tends to be modified it will be
unstable. I guess we’ll need a higher granularity of exceptions (or sub types of them) for these apps.


1015 task 1308092664999753 1392912833304993 resolver medium jinmei DNS Outstanding Tasks new unify configuration/command code for auth and resolver Looking at the (b10) resolver configuration code, I start feeling
we should unify the server configuration code for both b10-auth and
b10-resolver (and, probably the DHCP servers eventually).

The current implementation for b10-resolver is a big single method
that is responsible for everything: parsing config parameters,
building internal configuration data from the passed param, and doing
this for all parameters in the single function. Clearly this approach
won’t scale as we add more parameters.

My suggestion is to use the auth/auth_config.{h,cc} and
auth/command.{h,cc} by moving them to lib/server_common (and rename
them appropriately), adjusting them if necessary so that they can work
with the resolver, and have the resolver use it.

We should perhaps also consider making the hardcoded factory logic
in auth_config.cc:createAuthConfigParser() more generic using this
opportunity.
1019 defect 1308243218084975 1310770768972289 Unclassified medium jreed new catch specific exception types for logging Continuation from closed #1018…

We decided long ago to have unique log IDs. This log ID with

“RESOLVER_FAILED”, “resolver failed, reason: %1”

generated by src/bin/resolver/main.cc

} catch (const std::exception& ex) {
LOG_FATAL(resolver_logger, RESOLVER_FAILED).arg(ex.what());

is not unique.


From jabber: (11:03:21) jelte: but i agree that the way we handle those catchalls leaves room for improvement, we should catch more specific exception types if we know they can happen
1042 enhancement 1308788003613420 1331739219688546 configuration medium cas new default value for sysconfdir sysconfdir is currently set to /usr/local/etc by default.

On some installations, the /usr filesystem is mounted read-only

having sysconfdir set to /etc by default would align with the standards of other Unix daemons (such as BIND9)
1043 enhancement 1308788231160066 1309434361596028 bind-ctl medium cas new ‘?’ as shortcut for ‘help’ it would be nice if bindctl would support ‘?’ as a shortcut for ‘help’ in the commandline.

so ‘config ?’ would be the same as ‘config help’
1046 enhancement 1308789271340013 1332168519954869 bind-ctl medium cas new command completion/short commands in bindctl it would be nice to have command completion (tab completion) on the bindctl commandline.

shortened commands (similar to the cisco CLI) woudl also be useful:

“co s” for “config set”

the CLI commands should be selected so that the first chars of each level don’t overlap (‘show’ and ‘show-json’ are colliding, ‘json-show’ would be better, or ‘show-json’>‘show json’ and ‘show’>‘show config’ ), or short ‘s j’ and ‘s c’)

1047 task 1308833593778712 1309442615297978 logging medium jelte new introspection of current logging settings
When doing #1004, it occurred to me that to efficiently test it, i need to be able to see what the currently set loggers and outputoptions are. This is actually also needed for error recovery (if a new logger setup fails for some reason).

The current implementation backend (log4cplus) does allow a list of current loggers to be requested. So we need to (names may be different):
- create getCurrentLoggerSpecifications() that reads that out and puts them in a vector (of type LoggerSpecification, including the internal list of OutputOptions)
- add equality operators to LoggerSpecification and OutputOptions
- add equality for vectors of both (presumably by also adding an ordering to the classes)

Then we can add real tests for default_logconfig_update, and make it recover the previous settings if it fails
1049 defect 1308838274465464 1394116412988143 Boss of BIND medium jreed Common Outstanding Tasks new Processes not shutting down cleanly I don’t think bind10 (boss) should fallback to SIGKILL.

I see it often on multiple systems. Processes aren’t dieing with SIGTERM. So we brute force them to close. (General a “shutdown” sent over a command channel does work though.)

I understand it is useful so everything dies, but it hides problems — why aren’t the processes closing correctly?

We shouldn’t ever have real data loss on abrupt shutdown (because we should never respond about success until data has written and synced to final storage.

But we do have data loss potential in log messages output. If we SIGKILL we may lose debugging output that may be useful.

If the SIGKILL is still desired, please:

- don’t do the SIGKILL only .1 second after SIGTERM. Wait much longer. Even check if children are still alive first and then wait a few seconds.

- allow option to turn this off. I think that developers should never use SIGKILL or we won’t fix real exit problems.
1054 enhancement 1308919730033434 1394116425521908 Boss of BIND low shane Common Outstanding Tasks new Replace get_signame() with errno.errorcode[] The boss program has a routine to convert a signal number (like 2) into a symbolic name (like ENOENT). This is actually part of the standard errno module in Python, as the errorcode[] array. That should be used instead.

http://stackoverflow.com/questions/1546882/how-to-convert-errno-in-unix-to-corresponding-string/1546901#1546901
1055 enhancement 1308925053836560 1330541957376270 logging medium shane new Utility for logging message maintenance It would be useful to have a utility to manage our logging messages. It should have the following functionality:

* Check that any defined message is actually used somewhere
* Check that each message used is defined (a possible problem for Python)
* Check that message IDs are not reused
1059 defect 1309224632889037 1309443785624850 xfrout medium zzchen_pku new notify-out shouldn’t look for slaves directly in the database jelte’s comments:

It is noted by TODO that it shouldn’t look for slaves directly in the database.
Certainly true, and I think we might not want the code in notify to look for it at all (but rather have it passed
by xfrout, which also has a better chance to discover which slaves it should not send to. I’m mainly thinking
of the problem i have right now that my bind10 is sending notifies to itself)

1070 defect 1309258226594693 1309445219733443 logging low stephen new Automatically update logging test scripts when switching branches There is another slightly annoying issue, in that the test /src/lib/log/tests/destination_test.sh keeps failing when you switch branches but don’t regenerate them by hand. The same goes for local_file_test.sh and severity_test.sh. Not sure if there is an easy automake target to let config.status update it, but if there is we might want to add that. Certainly not a showstopper though.
1073 defect 1309337746784812 1392912811893692 resolver low zhangcuiling DNS Outstanding Tasks new root_addresses settings doesn’t work for resolver use bind10 updated at this point:
Date: Wed Jun 29 01:18:59 2011 +0000

what ip addresses are used by resolver?

output of bindctl:

> config show Resolver/listen_on
Resolver/listen_on[0]/address “10.53.0.8” string
Resolver/listen_on[0]/port 53 integer
> config set Resolver/root_addresses [{ address “10.53.0.1”, port 53 }]
> config commit

output of bind10

2011-06-29 16:41:29.896 INFO [b10-resolver.resolver] RESOLVER_SET_ROOT_ADDRESS setting root address 10.53.0.1(53)

results of ‘dig’

# dig nocmdnostat 10.53.0.8 example ns -b 127.0.0.1 <br>;; QUESTION SECTION:<br>;example. IN NS<br><br>;; AUTHORITY SECTION:<br>. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062801 1800 900 604800 86400<br><br><br># dig +nocmd +nostat 10.53.0.1 example ns b 127.0.0.1
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40302
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;example. IN NS

;; AUTHORITY SECTION:
example. 300 IN NS ns2.example.

;; ADDITIONAL SECTION:
ns2.example. 300 IN A 10.53.0.2


# dig nocmdnostat @10.53.0.2 example ns b 127.0.0.1
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 56793
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;example. IN NS

;; ANSWER SECTION:
example. 300 IN NS ns2.example.
example. 300 IN NS ns3.example.

;; ADDITIONAL SECTION:
ns2.example. 300 IN A 10.53.0.2
ns3.example. 300 IN A 10.53.0.3


1076 defect 1309340449496557 1361802259331247 bind-ctl very low zhangcuiling new bindctl exit because of input in wrong format use bind10 updated at this point:
Date: Wed Jun 29 01:18:59 2011 +0000

> config show Resolver//
Traceback (most recent call last):
File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “./bindctl”, line 138, in
tool.run
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd
Cmd.onecmd
File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default
self.
parse_cmd(line)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd
self.
handle_cmd(cmd)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in handle_cmd
self.apply_config_cmd
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 626, in apply_config_cmd
values = self.config_data.get_value_maps
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 555, in get_value_maps
spec_part = find_spec_part, id)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 174, in find_spec_part
cur_el =
find_spec_part_single(cur_el, id_parts[–1])
IndexError: list index out of range


1079 defect 1309358894148235 1317201814572258 configuration medium jelte new bindctl ‘config add ’ should be a bit more lenient ‘config add’ takes a list and a value to add to the list, and the value is optional; if left out it’ll add an item with only defaults

It should be a bit more lenient; ‘config add foo/bar[index]’ should also work, possibly checking if ‘index’ is indeed the next available index. This currently fails with a cryptic error message.

There is a second problem that ‘config add’ does not work twice in a row (only if you commit in between)
1082 defect 1309386010377587 1332174338040267 logging medium jinmei new log file isn’t created when running bind10 with -u If I started BIND10 with ’u bind’ with logging configuration for
dumping logs to file:
}}

The file was not created and I saw this message from liblog4cplus:
}}
.

Even though the directory is writable for the user of bind 2 jinmei bind 512 Jun 29 15:01 /home/jinmei/opt/var/log


If I started BIND 10 without
u bind 10 and with root permission, it created
the bind10.log file. If I then changed the owner of the file to “bind”,
this file is updated with new logs.

These are very strange and inconvenient.
1083 defect 1309386261801153 1332174550140402 logging medium jinmei new log “destination” is seemingly ignored for some logs With the logging (to file) setting I showed in #1082, I still see
some messages on the console:


2011-06-29 15:07:15.461 INFO [b10-auth.datasrc] DATASRC_CACHE_ENABLE enabling the cache
2011-06-29 15:07:15.883 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created
2011-06-29 15:07:17.206 INFO [b10-auth.auth] AUTH_SERVER_STARTED server stated


It’s counter intuive and noisy.
1085 task 1309451005371033 1313508590357376 Unclassified medium vorner new Document ACLs We need a user documentation on how they can be specified and used, with some semi-formal definition, examples and list of what can be checked. It probably should be part of the big shipped documentation or a man page for just the ACLs.

It should be specific to the DNS ACLs (the library is templated to support quite anything, but that would confuse users).
1087 defect 1309501752485300 1392912787015717 resolver medium zhangcuiling DNS Outstanding Tasks new Resolver SERVFAIL when qtype is any bind10 Resolver SERVFAIL

# dig 10.53.0.8 www.google.com any -b 127.0.0.1 <br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com any b 127.0.0.1
;
;; global options: +cmd
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53505
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN ANY

;; Query time: 61 msec
;; SERVER: 10.53.0.8#53(10.53.0.8)
;; WHEN: Fri Jul 1 14:13:31 2011
;; MSG SIZE rcvd: 32


actually, it should give several RRs

# dig 8.8.8.8 www.google.com any<br><br>; <<>> DiG 9.7.3 <<>> 8.8.8.8 www.google.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 47961
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN ANY

;; ANSWER SECTION:
www.google.com. 86399 IN CNAME www.l.google.com.
www.l.google.com. 299 IN A 74.125.71.104
www.l.google.com. 299 IN A 74.125.71.147
www.l.google.com. 299 IN A 74.125.71.105
www.l.google.com. 299 IN A 74.125.71.99
www.l.google.com. 299 IN A 74.125.71.106
www.l.google.com. 299 IN A 74.125.71.103

;; Query time: 70 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jul 1 14:13:40 2011
;; MSG SIZE rcvd: 148


it’s ok when qtype is A


# dig 10.53.0.8 www.google.com a -b 127.0.0.1<br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com a b 218.241.111.236
;
;; global options: +cmd
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40138
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 604658 IN CNAME www.l.google.com.
www.l.google.com. 158 IN A 74.125.71.147
www.l.google.com. 158 IN A 74.125.71.99
www.l.google.com. 158 IN A 74.125.71.104
www.l.google.com. 158 IN A 74.125.71.105
www.l.google.com. 158 IN A 74.125.71.103
www.l.google.com. 158 IN A 74.125.71.106

;; Query time: 0 msec
;; SERVER: 10.53.0.8#53(10.53.0.8)
;; WHEN: Fri Jul 1 14:13:54 2011
;; MSG SIZE rcvd: 148


1088 task 1309517678383962 1394116491409821 Boss of BIND medium jelte Common Outstanding Tasks new test(s) for bind10.py’s main loop ticket #758 changed the behaviour of bind10.py’s main loop a little bit (actually stop if the msgq socket disappears), but there’s no test for that, and bind10.py needs a bit of refactoring in order to reach that part. We should pull the actual loop out of the current function and add tests for it
1089 defect 1309872492881989 1392912764692526 resolver low jreed DNS Outstanding Tasks new RESOLVER_NO_ROOT_ADDRESS log message in forwarding mode I don’t think the RESOLVER_NO_ROOT_ADDRESS log warning makes sense in forwarding mode. But since it is a “WARNING” it should be looked at by the admin.
1092 defect 1309886155365208 1361955325493727 Unclassified medium UnAssigned jreed assigned NSAS_INVALID_RESPONSE is internal error? My resolver logs are full of entries like the following:


2011-07-05 15:58:30.997 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for l.gtld-servers.net. but got invalid response
2011-07-05 15:58:31.000 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for aloe.arin.net. but got invalid response
2011-07-05 15:58:31.001 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for y.arin.net. but got invalid response
2011-07-05 15:58:31.019 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for e2.nstld.com. but got invalid response

2011-07-05 16:34:07.448 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns1.pbi.NET. but got invalid response
2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS2.SWBELL.NET. but got invalid response
2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS1.SWBELL.NET. but got invalid response
2011-07-05 16:34:07.534 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS3.SBCGLOBAL.NET. but got invalid response



I looked in log messages guide since this error was too vague to be useful to me.

The messages guide says “This message indicates an internal error in the NSAS. Please raise a
bug report.”

So here is the report :)
1094 defect 1309950570517250 1392912750970695 resolver low stephen DNS Outstanding Tasks new Separate programmer error from user error when processing configuration message In the resolver (resolver.cc), the message RESOLVER_CONFIG_ERROR is output when an exception is caught during a configuration update. The exception may be the result of an error in the configuration message itself or an incorrect value that has been caught by a range check.

Different messages should be output in the two cases as the corrective action for each is different.
1095 defect 1309952707175066 1392912730782253 resolver low stephen DNS Outstanding Tasks new Log sender of NOTIFY queries to resolver Specifically this is aimed at the resolver and the RESOLVER_NOTIFY_RECEIVED debug message. The message should include the IP address of the sender of the NOTIFY. (see #1078)
1098 defect 1309988686279777 1394116802333132 b10-auth low shane DNS Outstanding Tasks new AuthCommandTest.loadUnreadableZone succeeds when run as root I had the following test fail:


[ RUN ] AuthCommandTest.loadUnreadableZone
command_unittest.cc:58: Failure
Value of: rcode
Actual: 0
Expected: expected_code
Which is: 1
[ FAILED ] AuthCommandTest.loadUnreadableZone (25 ms)


This happens if the tests run as root, because the test creates a file with 000 permissions, which root can read anyway.

Jinmei suggests just giving a non-existent file may be a better way that doesn’t depend on any particular permissions.
1103 defect 1310402021665576 1311341770675316 Unclassified medium jelte new catching import error in python libs In some of the libraries, import errors (mainly for pydnspp, but also for a few others) are caught, at which point an error is printed. While converting to the new logging system we encountered a problem (see the comments in #763); the logging system is most likely not initialized

More generally, we shouldn’t just log an error, as this is a fatal problem (it’ll crash the moment it needs said library anyway), so we should let it fail immediately anyway.

src/lib/python/isc/notify/notify_out.py has a comment here now, but the rest of the libraries need to be checked as well.
1105 enhancement 1310473722839822 1310474454221938 libdns++ very low UnAssigned shane assigned RR type implementation: MD Implement the obsolete MD type, from RFC 1035.

See ticket #809 for more discussion.
1106 enhancement 1310473785333211 1313582676381837 libdns++ very low UnAssigned shane new RR type implementation: MF Implement the obsolete MF type, from RFC 1035.

See ticket #809 for more discussion.

1107 enhancement 1310473853848925 1313582681893664 libdns++ very low UnAssigned shane new RR type implementation: MB Implement the experimental MB type, from RFC 1035.

See ticket #809 for more discussion.
1108 enhancement 1310473955423418 1313582686292099 libdns++ very low UnAssigned shane new RR type implementation: MG Implement the experimental MG type, from RFC 1035.

See ticket #809 for more discussion.
1109 enhancement 1310474201832276 1313582691197308 libdns++ very low UnAssigned shane new RR type implementation: MR Implement the experimental MR type, from RFC 1035.

See ticket #809 for more discussion.
1110 enhancement 1310474284398978 1313582695437207 libdns++ very low UnAssigned shane new RR type implementation: NULL Implement the experimental NULL type, from RFC 1035.

See ticket #809 for more discussion.

1111 enhancement 1310474403634561 1313582537504788 libdns++ low UnAssigned shane new RR type implementation: WKS Implement the obsolete WKS type, from RFC 1035.

See ticket #809 for more discussion.
1115 enhancement 1310474824660331 1313582557711430 libdns++ low UnAssigned shane new RR type implementation: X25 Implement the X25 type, from RFC 1183.

See ticket #809 for more discussion.
1116 enhancement 1310474895547774 1313582562531717 libdns++ low UnAssigned shane new RR type implementation: ISDN Implement the ISDN type, from RFC 1183.

See ticket #809 for more discussion.
1117 enhancement 1310474945010499 1313582567266142 libdns++ low UnAssigned shane new RR type implementation: RT Implement the obsolete RT type, from RFC 1183.

See ticket #809 for more discussion.
1118 enhancement 1310474993156733 1313582700717027 libdns++ very low UnAssigned shane new RR type implementation: NSAP Implement the NSAP type, from RFC 1706.

See ticket #809 for more discussion.
1119 enhancement 1310475065968108 1313582704985366 libdns++ very low UnAssigned shane new RR type implementation: NSAP-PTR Implement the obsolete NSAP-PTR type, from RFC 1348.

See ticket #809 for more discussion.
1120 enhancement 1310475159294084 1313582575283701 libdns++ low UnAssigned shane new RR type implementation: SIG Implement the SIG type, from RFC 4034, RFC 3755, and RFC 2535.

See ticket #809 for more discussion.
1121 enhancement 1310475443187757 1313582580513220 libdns++ low UnAssigned shane new RR type implementation: KEY Implement the obsolete KEY type, from RFC 4034, RFC 3755, and RFC 2535.

See ticket #809 for more discussion.
1122 enhancement 1310475517598220 1313582585337682 libdns++ low UnAssigned shane new RR type implementation: PX Implement the PX type, from RFC 2163.

See ticket #809 for more discussion.
1123 enhancement 1310475767183953 1313582590248389 libdns++ low UnAssigned shane new RR type implementation: GPOS Implement the GPOS type, from RFC 1712.

See ticket #809 for more discussion.
1124 enhancement 1310475871076257 1313582594865796 libdns++ low UnAssigned shane new RR type implementation: LOC Implement the obsolete LOC type, from RFC 1876.

See ticket #809 for more discussion.
1125 enhancement 1310475920791835 1313582709246387 libdns++ very low UnAssigned shane new RR type implementation: NXT Implement the obsolete NXT type, from RFC 3755 and RFC 2535.

See ticket #809 for more discussion.
1126 enhancement 1310476004246675 1313582713481903 libdns++ very low UnAssigned shane new RR type implementation: EID Implement the proposed EID type.

I think this is the document that describes it:

http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt

See ticket #809 for more discussion.
1127 enhancement 1310476068410202 1313517185584957 libdns++ very low UnAssigned shane new RR type implementation: NIMLOC Implement the proposed NIMLOC type.

I think this is the document that describes it:

http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt

See ticket #809 for more discussion.
1129 enhancement 1310476252872049 1313582618639231 libdns++ low UnAssigned shane new RR type implementation: ATMA Implement the ATMA type, described here:

http://broadband-forum.org/ftp/pub/approved-specs/af-saa-0069.000.pdf

See ticket #809 for more discussion.
1131 enhancement 1310476401657054 1313582624301884 libdns++ low UnAssigned shane new RR type implementation: KX Implement the KX type, from RFC 2230.

See ticket #809 for more discussion.
1132 enhancement 1310476477176274 1313582628590271 libdns++ low UnAssigned shane new RR type implementation: CERT Implement the CERT type, from RFC 4398.

See ticket #809 for more discussion.
1133 enhancement 1310476544073758 1313517163948594 libdns++ very low UnAssigned shane new RR type implementation: A6 Implement the experimental A6 type, from RFC 3226 RFC 2874.

See ticket #809 for more discussion.
1134 enhancement 1310476695279842 1313517007876097 libdns++ very low UnAssigned shane new RR type implementation: SINK Implement the proposed SINK type. I think this describes it:

http://tools.ietf.org/html/draft-eastlake-kitchen-sink-02

See ticket #809 for more discussion.
1135 enhancement 1310476782132668 1313582633294354 libdns++ low UnAssigned shane new RR type implementation: APL Implement the APL type, from RFC 3123.

See ticket #809 for more discussion.
1137 enhancement 1310476893334020 1313582642428401 libdns++ low UnAssigned shane new RR type implementation: IPSECKEY Implement the IPSECKEY type, from RFC 4025.

See ticket #809 for more discussion.
1139 enhancement 1310477088100786 1313582646855862 libdns++ low UnAssigned shane new RR type implementation: HIP Implement the HIP type, from RFC 5205.

See ticket #809 for more discussion.
1141 enhancement 1310478266979453 1313582651581469 libdns++ low UnAssigned shane new RR type implementation: TKEY Implement the TKEY type, from RFC 2930.

See ticket #809 for more discussion.
1142 enhancement 1310478398223087 1313516994898133 libdns++ very low UnAssigned shane new RR type implementation: MAILB Implement the obsolete MAILB type, from RFC 1035.

See ticket #809 for more discussion.
1143 enhancement 1310478470861172 1313516980715064 libdns++ very low UnAssigned shane new RR type implementation: MAILA Implement the obsolete MAILA type, from RFC 1035.

See ticket #809 for more discussion.
1146 defect 1310504783125117 1311345305995875 xfrout low vorner new Stop hiding errors in XfrOut There’s this statement in the `xfrout.py.in` file:

#!python
try:
from libutil_io_python import
from pydnspp import

except ImportError as e:
# C++ loadable module may not be installed; even so the xfrout process
# must keep running, so we warn about it and move forward.
log.error(XFROUT_IMPORT, str(e))


This makes sure the process is started even if the DNS library can not be loaded. In such case, the process will be useless, because it won’t understand any requests and this exceptions only masks the real problem (the library is not properly installed or the installation is corrupt), pretending everything is OK and just not answering the queries.

Besides having these bad properties, hiding errors in code kind of smells.

As noted in the https://lists.isc.org/pipermail/bind10-dev/2011-July/002477.html email discussion, this is here because if there’s a problem, the boss keeps restarting it, which is annoying. But I believe this is problem of Boss, not every program that has a fatal unrecoverable problem.

So I suggest we remove this thing and make XfrOut crash if it can’t perform its goal as every well behaved program.
1147 defect 1310505448222589 1394116504566314 Boss of BIND low vorner Common Outstanding Tasks new Boss should give up after n unsuccessful attempts to start a module If a module has a fatal problem and can not be started (eg. it crashes right after being started), boss keeps restarting it and is „jumping“. This isn’t a serious problem, but it eats resources unnecessarily and is annoying, because it fills logs. This sometimes leads to workarounds like the one in #1146.

I suggest that if the started process dies in 10s from being started, we count it as an unsuccessful attempt to start it. If we do 5 of them in a row (without a successful one), we give up more attempts to start it, since it’s hopeless (for some value of 10 and 5).

Then we would add a command an admin could use to ask boss to try again (after the admin thinks the problem was fixed) ‒ reset the count of unsuccessful attempts to 0 again.
1151 enhancement 1310765542268192 1310765542268192 xfrout medium jinmei new xfrout log should better include remote addresses Currently xfrout’s log doesn’t show the remote address of xfr:

2011-07-15 02:36:05.649 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_STARTED transfer of zone jinmei.org./IN has started
2011-07-15 02:36:05.835 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_DONE transfer of jinmei.org./IN complete


it is inconvenient.

Once we merge #772, we can easily get access to the information of
the remote address, so I propose including this information in logs
wherever possible (not only for the above cases).
1156 enhancement 1311251670908353 1311345273476582 build system medium UnAssigned shane new Script like ./configure which checks for libraries needed by BIND 10 We should make a script which works roughly like ./configure, but does not exit when it discovers a missing dependency. Instead it should report all missing dependencies. See the discussion here:

http://bind10.isc.org/wiki/WeeklyMinutes20110719#DependencyManagementfromJinmei

And the e-mail here:

https://lists.isc.org/pipermail/bind10-dev/2011-July/002527.html

For more information.
1158 defect 1311618412847778 1331918709253972 build system medium UnAssigned jinmei new suggestion: avoid OS-specific switch in configure.ac I noticed that in #1155 the following change was introduced to configure.ac:

*solaris*)

# In Solaris, IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT need
Wno-missing-braces
B10_CXXFLAGS=“$B10_CXXFLAGS Wno-missing-braces"
;;


I have a few concerns with this approach:

In general, such OS specific switch is discouraged in autoconf.
And, in fact, not all Solaris versions/installments have this
problem as some of our buildbot showed. For such”cleaner" Solaris,
this setting weakens compiler warning unnecessarily. A better test
is to use AC_TRY_COMPILE with using the offending IN6ADDR_ macros
and specify Wno-xxx only when it’s necessary.

If I understand it correctly, this problem happens only where ASIO
headers are directly included (mainly in libasiolink and libasiodns,
with (inappropriate) a couple of possible exceptions). We should
limit the place of weakening the warning to where it’s absolutely
necessary.
1159 enhancement 1311861739400418 1312308273961656 data source low vorner new Make InMemoryClient::addZone take only InMemoryZoneFinder Currently whatever zone finder can be stored there, which isn’t logical. But currently some tests (eg. for auth/query.cc) uses this to put mock zones in there. The tests should be changed to use mock client as well.

See ticket #1060, comment 9 at the bottom.
1164 enhancement 1312323618366572 1392837303705767 ACL medium jinmei DNS Outstanding Tasks new TSIG ACL should avoid matching TSIG key without validation This is an open issue carried over from #1104.

See the discussion at around
http://bind10.isc.org/ticket/1104#comment:10 (look for “possilbe open
issue”) and its follow ups.

We should resolve this to make the operation safer. It may require
some modifications to libdns++ TSIG APIs.
1169 defect 1313068383649776 1318437718131465 Unclassified medium jreed new some processes not exiting I killed msgq… a little later bind10 parent exited. Some child processes were still left running:



root 1791 0.0 0.3 15724 3348 ttyp4 Il Fri08AM 0:17.10 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-zonemgr
root 3985 0.0 0.3 23188 3300 ttyp4 Il Fri08AM 0:00.40 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-xfrout
root 4343 0.0 0.0 22268 3436 ttyp4 IWl Fri08AM 0:01.01 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-cmdctl
root 15861 0.0 0.0 3856 4 ttyp4 IW Fri08AM 0:00.01 b10-sockcreator



A SIGTERM killed sockcreator and cmdctl for me. I used SIGKILL to kill the zonemgr and xfrout. I did a ktrace but didn’t get any output. If anyone can share ideas on how to see where it is hanging (this is NetBSD), I can reproduce and provide more details.



1170 defect 1313072726548271 1392912709545070 resolver low shane DNS Outstanding Tasks new TTL checks in resolver tests may be too restrictive Jeremy pointed out a recent test failure:

http://git.bind10.isc.org/~tester/builder//BIND10-systest/20110811124500-MacOS/logs/unittests.out

Looked at the tests, and it seems like all of the values for TTL are based on whole second values. This means that if a test happens to run near the end of a given second, that the second may change during that second, and the TTL should go down by 1, as we see there.

Note that this theory may be based on my poor understanding of how TTLs are tracked!
1173 defect 1313113829125671 1339225960135291 data source medium jinmei new DatabaseClientTest should also check best match for findZone For example, the mock abstraction (or accessor) should support both “org”
and “example.org”, and there should be a test checking
findZone(“example.org”) should return a finder for “example.org”, not “org”.

Same for “sub.example.org” to check it’s not only the case for an exact match.

It should be quite easily be fixed.

I consider it a kind of defect in that it’s a missing test case.
1185 defect 1313590040885055 1392912692217191 resolver low jreed DNS Outstanding Tasks new Resolver/listen_on should not require a port Port 53 should be a default and should not be required, for example this shows the problem:



> config add Resolver/listen_on
> config set Resolver/listen_on[2]/address “149.20.57.219”
> config commit
Error: Address must contain both the IPaddress and port
Configuration not committed
> config set Resolver/listen_on[2]/port 5301
> config commit



1188 enhancement 1314011547203507 1314258898983642 data source medium jelte new performance consideration in getRecords()/getAllRecords() (this came out of discussion in #1083)

Currently, in the refactored data source code, the sqlite version creates individual sqlite3_stmt structures for each call to getRecords() and getAllRecords(). This is pretty clean (as they are also finalized on the same level), and allows for multiple iterators over the data at the same time.

However, should we not need that property, it is not necessary to prepare() the query for each statement, so we may want to reconsider this if we are looking for performance improvements.
1189 defect 1314023743154128 1327506596492553 logging low jreed new log output to console buffering I was capturing stderr and stdout (tee’d into a file). After I enabled debug 100. And then did a tail of my output, no change. Then I did the dig resulting in a SERVFAIL and then my output suddenly had all the output over the past 5+ hours. Also sometimes log output wasn’t complete (like no newline). So some buffering problems when outputting to stdout or stderr.

The following is from jabber:

(05:48:33) stephen: I’ve had a very quick look at the log4cplus code and it appears logging output to the console ultimately ends up as a standard C+ call, something along the lines of “cerr << text”.

stephen: So if there are problems with flushing buffers and the like, it points to a problem in the C
+ library on that system. What operating system did these problems occur on?

(05:49:43) jreed: I am surprised I needed to set flush to true. Not useful default for this.

(05:49:58) jreed: This is on Debian Linux. (git.bind10.isc.org)

(05:50:21) stephen: Hmm…

(05:50:59) stephen: AFAIK, when logging to stderr you should not have to flush after each write, it is done for you.

(05:51:34) jreed: The default is stdout.

(05:51:59) jreed: If changing that fixes it, then that is fine. But too many things to change already.

(05:52:14) stephen: Perhaps we ought to make stderr the default.
1191 defect 1314027258905447 1377700979401284 logging low jreed new logging needs “name”

> config add Logging/loggers
> config set Logging/loggers[0]/severity DEBUG
> config show Logging/loggers
Logging/loggers[0]/name “” string (default)
Logging/loggers[0]/severity “DEBUG” string (modified)
Logging/loggers[0]/debuglevel 0 integer (default)
Logging/loggers[0]/additive false boolean (default)
Logging/loggers[0]/output_options [] list (default)
> config set Logging/loggers[0]/debuglevel 100
> config show Logging/loggers[0]/output_options
Logging/loggers[0]/output_options [] list (default)
> config show Logging/loggers[0]/output_options/
Logging/loggers[0]/output_options/ [] list (default)
> config commit
Error: Exception: ‘name’
Configuration not committed



Fixed with:



> config set Logging/loggers[0]/name *
> config commit



In jabber, jelte said:


(11:46:04) jelte: that’s an uncaught exception somewhere (and hence no decent error)

(11:47:04) jelte: from the fix i gather the error should be “name must be set” :)


I think it should just use some default for name (if not defined).
1196 defect 1314223320252340 1336072586386422 Unclassified medium jreed new respond using same source address

$ dig 2001:04f8:3:d::95 bind10.isc.org <br>;; reply from unexpected source: 2001:4f8:3:d::80#53, expected 2001:4f8:3:d::95#53<br><br><br><br>or<br><br><br><br>$ dig 149.20.48.80 bind10.isc.org
;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53
;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53



I will copy some from jabber:


(12:43:11) jinmei: in general, a DNS server implementation must either listen on a specific address or use the IPv6 pkthdr API to ensure query dest addr = response src addr.

(12:54:48) shane: Yes, I agree. Probably we can use the work of the DHCP team to give us interfaces and we can bind to them.
(12:55:49) vorner: Can we add and remove them (eg. get notified of addition and removal) of interface at runtime? Because when I instruct it to bind to , I mean even future.
(12:56:03) shane: Yes, that’s the idea.
(12:56:36) shane: BIND 9 works that way; apparently IPv6 in Linux is a lot faster if you bind to specific interfaces instead of the wildcard.
(12:56:46) shane: At least, it was in the past… not sure about now.

(13:04:45) jinmei: the solutions may be different for IPv4 and IPv6: for IPv6 we could use the help of API (with possible performance implication as Shane noted); for IPv4 there’s a similar API but it’s not so commonly available, we should probably need to introduce interface (address) scanning mechanism and listen-on every one of them as we find a new one.
(13:05:57) jinmei: FYI: this is what BIND9 does.
(13:06:57) shane: The DHCP code in BIND 10 already uses the technique, if you are interested to see how it works.
(13:07:03) shane: (It’s DHCPv6 only right now.)
(13:07:28) vorner: The scanning of IPv4 could be directly borrowed from bind9, no?
(13:10:31) jinmei: in its essence, yes, I think so.
1203 defect 1314714317047834 1315225670073954 bind-ctl medium jreed new bindctl crash when setting a list item (under another list item) without using a index number I can reproduce with:

config set Logging/loggers[0]/output_options/flush true

(assumimg the Logging/loggers[0] was already added.

Note I forgot to add [0] for output_options[0] here.



> config set Logging/loggers[0]/output_options flush
Error: flush is not a list
> config add Logging/loggers[0]/output_options
> config show Logging/loggers[0]/output_options
Logging/loggers[0]/output_options[0]/destination “console” string (default)
Logging/loggers[0]/output_options[0]/output “stdout” string (default)
Logging/loggers[0]/output_options[0]/flush false boolean (default)
Logging/loggers[0]/output_options[0]/maxsize 0 integer (default)
Logging/loggers[0]/output_options[0]/maxver 0 integer (default)
> config set Logging/loggers[0]/output_options/flush true
Traceback (most recent call last):
File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “work/isc/bind10-install/bin/bindctl”, line 149, in
tool.run
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 452, in onecmd
Cmd.onecmd
File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 418, in default
self.
parse_cmd(line)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 556, in parse_cmd
self.
handle_cmd(cmd)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd
self.apply_config_cmd(cmd)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 680, in apply_config_cmd
self.config_data.set_value(identifier, parsed_value)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/config_data.py”, line 671, in set_value
isc.cc.data.set(self._local_changes, identifier, value)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/data.py”, line 214, in set
cur_el[id] = value
TypeError: list indices must be integers, not str



1204 task 1314775155328362 1315225703396808 xfrout low jreed new setup a IXFR-only testing Use BIND 9 to do IXFR only back and forth with our b10-xfrout and b10-xfrin. Automate this for new BIND 10 code.
1205 task 1314780064053048 1318350741680172 configuration low jreed new Import and export configurations from/to different JSON file Create commands to import and export configurations from/to different JSON file.
Or single command to set the filename.

This would be done via bindctl and used by cfgmgr.

In tandem with this, we will need a “check” function. Possibly each module would have its own check function. Need to be able to check even if process (module) is not running.
1211 task 1315387617660619 1396529246918315 xfrin medium stephen DNS Outstanding Tasks new AXFR system test specification Review [http://tools.ietf.org/html/rfc5936 RFC 5936] (the description of AXFR) and produce the specification for a set of system tests to check the implementation of AXFR-in and AXFR-out.
1214 task 1315389768523232 1318350619573428 Unclassified medium stephen new Implement AXFR system tests This depends on #1211.

It may be possible to re-use the BIND 9 tests for AXFR.
1219 defect 1315486600770106 1394116513993003 Boss of BIND medium jreed Common Outstanding Tasks new ccsession error from boss when cfgmgr can’t parse its configuration When the cfgmgr can’t parse its configuration, boss will kill all its processes which are sockcreator, msgq, and cfgmgr. But then it complains:


2011-09-07 17:16:45.476 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR
error during startup: Unable to start ccsession: No answer from
ConfigManager when asking about Remote module Logging


This error is confusing. I don’t think it should happen.
1221 enhancement 1315492060598643 1392912675752174 resolver very low jreed DNS Outstanding Tasks new log when changing / adding address I had no default logging when I did:



> config set Resolver/listen_on[1]/address “0.0.0.0”
> config commit



(sockstat and dig showed me it worked.)
1222 defect 1315493252698584 1392812456460100 resolver high jreed DNS Outstanding Tasks new resolver problems with IPv6 I often have SERVFAILs when some nameservers are AAAA. But sometime later queries are successful. For example:



$ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 18552
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;bind10.isc.org. IN A

;; Query time: 4023 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 8 09:41:12 2011
;; MSG SIZE rcvd: 32

4.04s real 0.01s user 0.00s system
$ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 12394
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 8, ADDITIONAL: 13

;; QUESTION SECTION:
;bind10.isc.org. IN A

;; ANSWER SECTION:
bind10.isc.org. 3600 IN A 149.20.48.40

;; AUTHORITY SECTION:
isc.org. 86396 IN NS sfba.sns-pb.isc.org.
isc.org. 86396 IN NS ns.isc.afilias-nst.info.
isc.org. 86396 IN NS ams.sns-pb.isc.org.
isc.org. 86396 IN NS ord.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS ord.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS n10.isc.org.
bind10.isc.org. 3600 IN NS ams.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS sfba.sns-pb.isc.org.

;; ADDITIONAL SECTION:
ams.sns-pb.isc.org. 86396 IN A 199.6.1.30
ams.sns-pb.isc.org. 86396 IN AAAA 2001:500:60::30
ord.sns-pb.isc.org. 86396 IN A 199.6.0.30
ord.sns-pb.isc.org. 86396 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 86396 IN A 149.20.64.3
sfba.sns-pb.isc.org. 86396 IN AAAA 2001:4f8:0:2::19
ams.sns-pb.isc.org. 7200 IN A 199.6.1.30
ams.sns-pb.isc.org. 7200 IN AAAA 2001:500:60::30
n10.isc.org. 7200 IN A 149.20.48.59
ord.sns-pb.isc.org. 7200 IN A 199.6.0.30
ord.sns-pb.isc.org. 7200 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 7200 IN A 149.20.64.3
sfba.sns-pb.isc.org. 7200 IN AAAA 2001:4f8:0:2::19

;; Query time: 2151 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 8 09:41:14 2011
;; MSG SIZE rcvd: 487

2.17s real 0.00s user 0.00s system



And the logging:


2011-09-08 09:41:00.019 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20110809)
2011-09-08 09:41:00.025 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser
2011-09-08 09:41:00.031 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq
2011-09-08 09:41:00.258 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr
2011-09-08 09:41:01.267 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_READING_BOSS_CONFIGURATION reading boss configuration
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_AUTH start authoritative server: False
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_RESOLVER start resolver: True
2011-09-08 09:41:01.297 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver
2011-09-08 09:41:01.304 2011-09-08 09:41:01.345INFO INFO [ b10-boss.boss [] b10-resolver.resolverBIND10_STARTING_PROCESS starting process b10-stats]
RESOLVER_STARTING starting resolver with command line ‘b10-resolver -v’
2011-09-08 09:41:01.3532011-09-08 09:41:01.354 INFODEBUG [ [b10-resolver.resolverb10-boss.boss] ] RESOLVER_CREATED main resolver object createdBIND10_STARTING_PROCESS starting process b10-stats-httpd

2011-09-08 09:41:01.449 2011-09-08 09:41:01.455DEBUG [INFOb10-resolver.cache ] CACHE_RESOLVER_INIT initializing resolver cache for class IN
[b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cmdctl
2011-09-08 09:41:01.532 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 20000 RRsets of class IN
2011-09-08 09:41:01.533 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 10000 RRsets of class IN
2011-09-08 09:41:01.534 DEBUG [b10-resolver.cache] CACHE_MESSAGES_INIT initialized message cache for 10000 messages of class IN
2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_MSG updating message for ./NS/IN
2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_MESSAGES_UPDATE updating message entry ./NS/IN
2011-09-08 09:41:01.538 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache
2011-09-08 09:41:01.539 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for ./NS/IN in cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./A/IN in cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./AAAA/IN in cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for ./NS/IN
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key .2
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ./NS/IN to make space for new one
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./A/IN
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.1
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./A/IN to make space for new one
2011-09-08 09:41:01.545 INFO [b10-boss.boss] BIND10_STARTUP_COMPLETE BIND 10 started
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./AAAA/IN
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.28
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./AAAA/IN to make space for new one
2011-09-08 09:41:01.546 DEBUG [b10-resolver.resolver] RESOLVER_SERVICE_CREATED service object created
2011-09-08 09:41:01.548 DEBUG [b10-resolver.cc] CC_ESTABLISH trying to establish connection with message queue daemon at /home/reed/work/isc/bind10-install/var/bind10-devel/msgq_socket
2011-09-08 09:41:01.606 DEBUG [b10-resolver.cc] CC_ESTABLISHED successfully connected to message queue daemon
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_SUBSCRIBE subscribing to communication group Resolver
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “module_spec”, { commands [ { command_args [ ], command_description “Shut down recursive DNS server”, command_name “shutdown” } ], config_data [ { item_default 2000, item_name “timeout_query”, item_optional false, item_type “integer” }, { item_default 4000, item_name “timeout_client”, item_optional false, item_type “integer” }, { item_default 30000, item_name “timeout_lookup”, item_optional false, item_type “integer” }, { item_default 3, item_name “retries”, item_optional false, item_type “integer” }, { item_default [ ], item_name “forward_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ ], item_name “root_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { address “::1”, port 53 }, { address “127.0.0.1”, port 53 } ], item_name “listen_on”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { action “ACCEPT”, from “127.0.0.1” }, { action “ACCEPT”, from “::1” } ], item_name “query_acl”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “rule”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “action”, item_optional false, item_type “string” }, { item_default “,”item_name “from”, item_optional false, item_type “string” } ] } } ], module_description “Recursive service”, module_name “Resolver” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 0, seq 8, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0 ] }’)
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.717 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 1, seq 9, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] } ] }’)
2011-09-08 09:41:01.717 DEBUG [b10-resolver.resolver] RESOLVER_CONFIG_UPDATED configuration updated: { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] }
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 0.0.0.0#53
2011-09-08 09:41:01.719 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured
2011-09-08 09:41:01.719 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_SETUP query setup
2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_module_spec”, { module_name “Logging” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 2, seq 10, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { commands [ ], config_data [ { item_default [ ], item_name “loggers”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “logger”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “name”, item_optional false, item_type “string” }, { item_default “INFO”, item_name “severity”, item_optional false, item_type “string” }, { item_default 0, item_name “debuglevel”, item_optional false, item_type “integer” }, { item_default false, item_name “additive”, item_optional false, item_type “boolean” }, { item_default [ ], item_name “output_options”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “output_option”, item_optional false, item_type “map”, map_item_spec [ { item_default “console”, item_name “destination”, item_optional false, item_type “string” }, { item_default “stdout”, item_name “output”, item_optional false, item_type “string” }, { item_default false, item_name “flush”, item_optional false, item_type “boolean” }, { item_default 0, item_name “maxsize”, item_optional false, item_type “integer” }, { item_default 0, item_name “maxver”, item_optional false, item_type “integer” } ] } } ] } } ], module_description “Logging options”, module_name “Logging” } ] }’)
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Logging” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.727 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 3, seq 11, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { loggers [ { debuglevel 99, name “,”output_options [ { flush true } ] } ] } ] }’)
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_RECURSIVE running in recursive mode
2011-09-08 09:41:01.728 WARN [b10-resolver.resolver] RESOLVER_NO_ROOT_ADDRESS no root addresses available
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_STARTED resolver started
2011-09-08 09:41:01.908 DEBUG [b10-stats-httpd.stats-httpd] STATHTTPD_STARTING_CC_SESSION starting cc session
2011-09-08 09:41:02.028 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000
2011-09-08 09:41:02.034 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_CLOSING closing 127.0.0.1#8000
2011-09-08 09:41:02.036 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000
2011-09-08 09:41:08.850 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53)
2011-09-08 09:41:12.793 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:4f8:0:2::19(53)
2011-09-08 09:41:12.958 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:6::79(53)
2011-09-08 09:41:12.961 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:a::79(53)
2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response
2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response




(By the way, I thought at debuglevel 99 it would show my query also.)
1242 defect 1315512398960305 1317283148039437 Unclassified low jreed new removing zone entry from Zonemgr/secondary_zones and Xfrin/zones does not remove it from sqlite3 database

> config remove Zonemgr/secondary_zones[0]
> config remove Xfrin/zones[0]
> config commit
> config show Zonemgr/secondary_zones
Zonemgr/secondary_zones [] list
> config show Xfrin/zones
Xfrin/zones [] list



I remove my single zone as above, but sqlite3 database still has it and it still can be served.
I guess this is a technique to convert a slave to a master zone.

But this should be documented. And maybe a warning should be logged about it too.
1249 enhancement 1317106857327061 1324150829912888 build system medium UnAssigned jinmei new separate unittests with timeouts As we discussed in f2f, it would be helpful if we can separate
unittest cases that involves timeouts (at least for C++ google tests).

What I’d do is
- rename these tests so that they ca be distinguished by a gtest filter.
(e.g. TIMEOUT_test_Something)
- tweak Makefile.am’s so that if we do just ‘make check’ TIMEOUT tests
will be excluded, and if we do something like ‘make check-all’ they
will be included
(this is an example idea. as long as the goal of the ticket is achieved
how to do that doesn’t matter)
1250 task 1317107440290380 1317201824638530 xfrout medium jinmei new add system tests for xfrout ACL and update bind10-guide This is a follow-up task of #1165. Adding a base of system tests will also
help for further development of xfrout (revise AXFR using new data source
API, supporting IXFR, etc)
1254 enhancement 1317131238268370 1317282481995621 Unclassified medium jelte new define LIBRARY_PATH_PLACEHOLDER more centrally
I just had to update nearly every test makefile because the placeholder for the library paths needed another value. Since these are nearly the same almost everywhere, I think we could better define it in configure.ac or somewhere up there (similar to COMMON_PYTHON_PATH)
1255 task 1317141818325243 1318411519335286 Unclassified medium jelte new Document how to add an RR type
What steps to take, what examples to steal from, what utility functions are available, and perhaps most important, what pitfalls to watch out for.

anything to get someone started, etc
1256 defect 1317204574323066 1392912202997929 b10-auth very low shane DNS Outstanding Tasks new Minor error in getopt() processing According to the getopt() man page:


If getopt() finds an option character in argv that was not included in
optstring, or if it detects a missing option argument, it returns ‘?’
and sets the external variable optopt to the actual option character.
If the first character (following any optional ‘+’ or ‘-’ described
above) of optstring is a colon (‘:’), then getopt() returns ‘:’ instead
of ‘?’ to indicate a missing option argument. If an error was
detected, and the first character of optstring is not a colon, and the
external variable opterr is nonzero (which is the default), getopt()
prints an error message.


We use the leading colon sometimes, I think in an effort to avoid the pre-defined error messages, which are ugly and not helpful. However, we then check for ‘?’ in our while() loop, which is an error.

It doesn’t actually show up, since we then follow with the default: statement, however a restructuring of the code could break this. It’s a one-line fix.
1257 defect 1317215987760513 1318411523404056 Unclassified low jreed new configure require at least sqlite3 3.3.9 for sqlite3_prepare_v2 API The error is:


ImportError: /home/jreed/builder/work/BIND10/20110928074701-CentOS5-x86_64-GCC/build/src/lib/datasrc/.libs/libdatasrc.so.0: undefined symbol: sqlite3_prepare_v2



That sqlite3_prepare_v2 API was added in sqlite3 3.3.9 (2007 January 4) and the CentOS version was sqlite-3.3.6-5.
1269 defect 1317316653413624 1318411519920776 Unclassified medium jreed new NameError: global name ‘EINTR’ is not defined (via Ctrl-C) Pressing Ctrl-C caused Traceback:



[b10-msgq] Receive error: EOF
2011-09-29 15:35:04.152 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-msgq (PID 62572)
2011-09-29 15:35:04.154 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 62575)
Exception in thread Thread-1:
Traceback (most recent call last):
File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 71, in serve_forever
r, w, e = select.select([self, self.read_sock], )
select.error:

During handling of the above exception, another exception occurred:

Traceback :
File “/usr/local/lib/python3.1/threading.py”, line 516, in
bootstrap_inner
self.run
File “/usr/local/lib/python3.1/threading.py”, line 469, in run
self.
target(*self.args, **self.kwargs)
File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 73, in serve_forever
if err.args[0] == EINTR:
NameError: global name ‘EINTR’ is not defined




This is August release and I didn’t test latest. This is on FreeBSD 8.2-RELEASE on amd64. I did see similar bugs, but not the same.
1270 defect 1317316885754664 1318411520449707 data source medium jreed new Failed to set up schema … sqlite3.OperationalError: no such table: zones Note this was from running bind10 as installed using a FreeBSD ports package which was built with CONFIGURE_ARGS= —localstatedir=/var

Notice that the xfrout traceback got interspersed with real b10-auth logging output:



2011-09-29 15:34:59.696 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Failed to set up schema CREATE TABLE zones (id INTEGER PRIMARY KEY, name STRING NOT NULL COLLATE NOCASE, rdclass STRING NOT NULL COLLATE NOCASE DEFAULT ‘IN’, dnssec BOOLEAN NOT NULL DEFAULT 0)
Traceback (most recent call last):
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 723, in
xfrout_server = XfroutServer()
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 616, in init
self.start_notifier
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 628, in
start_notifier
self.notifier = notify_out.NotifyOut
File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 120, in
init
2011-09-29 15:34:59.731 INFO AUTH_SERVER_STARTED server started
self.
init_notify_out(datasrc_file)
File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 132, in _init_notify_out
for zone_name, zone_class in sqlite3_ds.get_zones_info(datasrc_file):
File “/usr/local/lib/python3.1/site-packages/isc/datasrc/sqlite3_ds.py”, line 161, in get_zones_info
cur.execute(“SELECT name, rdclass FROM zones”)
sqlite3.OperationalError: no such table: zones



sqlite3 shows:



freebsd8-64-4# sqlite3 /var/bind10-devel/zone.sqlite3
SQLite version 3.7.4
Enter “.help” for instructions
Enter SQL statements terminated with a “;”
sqlite> .tables
schema_version



Maybe different components are using different path to the database?

Some suggestions:

- log output give more information like the path to the database.

- sqlite3_ds.py check before using

- xfrout fail cleanly on failures (no traceback)

The problem is in both components.
1284 defect 1318067328550878 1337188385146694 Unclassified low erickom new Debian SID: Missing file liblog.so.0 library Hello,

I configured and compiled Bind10 successfully on Debian Sid.

but during starting precess of bind10, I received the error mentioned below:

root@kom:/bind10# /usr/local/sbin/bind10
Traceback :
File “/usr/local/sbin/bind10”, line 65, in
import isc.cc
File “/usr/local/lib/python3/dist-packages/isc/init.py”, line 6, in
import isc.config
File “/usr/local/lib/python3/dist-packages/isc/config/init.py”, line 1, in
from isc.config.ccsession import *
File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 44, in
from isc.log import log_config_update
ImportError: liblog.so.0: cannot open shared object file: No such file or directory
root@kom:
/bind10# ps auxww
grep bind10
root 26107 0.0 0.2 3476 752 pts/0 S+ 11:49 0:00 grep bind10
root@kom:~/bind10#

the python package dependency mentioned above is present; please how to ignore the error message?
liblog.so.0
1291 defect 1318362589493900 1331918477360839 Unclassified medium jreed new bad config database results in unclean shutdown I made a mistake in my config database (removed starting brace). This resulted in:



2011-10-11 14:44:14.197 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr
2011-10-11 14:44:14.698 FATAL [b10-cfgmgr.cfgmgr] CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/reed/work/isc/bind10-install/var/bind10-devel/b10-config.db
2011-10-11 14:44:14.725 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession
2011-10-11 14:44:18.767 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes
2011-10-11 14:44:18.768 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator
2011-10-11 14:44:18.769 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process b10-cfgmgr
Traceback (most recent call last):
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 322, in add_remote_config
answer, env = self.
session.group_recvmsg(False, seq)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 218, in
receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “./sbin/bind10”, line 682, in startup
self.start_all_processes()
File “./sbin/bind10”, line 618, in start_all_processes
self.start_ccsession(c_channel_env)
File “./sbin/bind10”, line 501, in start_ccsession
self.command_handler)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 188, in init
default_logconfig_handler)
ile “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 326, in add_remote_config
module_name)
isc.config.ccsession.ModuleCCSessionError: No answer from ConfigManager when asking about Remote module Logging

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “./sbin/bind10”, line 1087, in
main()
File “./sbin/bind10”, line 1036, in main
startup_result = boss_of_bind.startup()
File “./sbin/bind10”, line 684, in startup
self.kill_started_processes()
File “./sbin/bind10”, line 382, in kill_started_processes
self.processes[pid].process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill
self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process



Also left running:



root 13671 0.0 1.2 22568 12100 ttyp7 S 2:44PM 0:00.49 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-msgq


1296 enhancement 1318406506891556 1318587118159926 dhcp very low UnAssigned tomek DHCP Outstanding Tasks new Kea: Pkt an Option should provide interators besides of getOption() Pkt6 and Option classes currently provide getOption() methods.
They should also provide iterator for option container.

This required a bit of thought as such iterator may become invalid if option is modified in the meantime.
1297 enhancement 1318409947165927 1318497930789309 Unclassified low UnAssigned tomek DHCP Outstanding Tasks new Kea: Methods for printing out option content Currently toText() in all option classes print out all info about option (type, length, number of addresses etc.). That is useful for debugging to print out content of the whole message. However, that is less useful for casual logging.

toText() should return short version of the content (e.g. space separated addresses). A new set of methods (toTextDetailed?) should be added.
1302 defect 1318516112811014 1319112489945206 documentation medium jreed new add bindctl configuration examples to guide The README previously had usage examples of using bindctl with “config”.

Put these into the guide.
1304 defect 1318545078673702 1396529256167943 xfrin medium jinmei DNS Outstanding Tasks new xfrin test should retrieve config defaults from the spec file Right now, it’s hardcording some default values, which just happen to
be consistent with the spec file:


class MockCC():
def get_default_value(self, identifier):
# The returned values should be identical to the spec file
# XXX: these should be retrieved from the spec file
# (see MyCCSession of xfrout_test.py.in)
if identifier "zones/master_port":<br> return TEST_MASTER_PORT<br> if identifier zones/class return TEST_RRCLASS_STR
if identifier == zones/use_ixfr return False


Obviously it’s ugly and more difficult to maintain. As commented the
mock class should retrieve the defaults from the spec file. We should
also have some tests to check whether the default values are really
used in other cases (such as “max transfer in”).
1312 task 1318591339707868 1364499059808920 dhcp low tomek DHCP Outstanding Tasks new Kea: Pkt6 and OutputBuffer merge should be investigated DHCP component uses Pkt6 class. There is OutputBuffer that is used in DNS that provides covenient way of writing to a buffer that automatically expands as needed.

Pkt6, Pkt6::data_ replacement to OutputBuffer or other unification should be investigated.
1315 task 1318932830445413 1396529291116443 xfrin medium stephen DNS Outstanding Tasks new IXFR system test - SOA Expiry #1213 started the process of producing system tests for IXFR-in. At the time, the generation of an IXFR request by a slave server when the zone expired was not supported, and so the production of a system test for this functionality has been deferred to this ticket.

(The specification for the IXFR system tests can be found [wiki:IxfrSystemTests here].)
1316 task 1318932997247028 1396529300004921 xfrin medium stephen DNS Outstanding Tasks new IXFR-in System Test - UDP transfers #1213 started the process of producing system tests for IXFR-in. At the time, handling IXFRs over UDP was not supported, and so the production of a system test for this functionality has been deferred to this ticket.

(The [wiki:IxfrSystemTests specification] for the IXFR system tests can be found here.)
1317 task 1318933248158868 1396529309298751 xfrin medium stephen DNS Outstanding Tasks new IXFR-in System Test - special cases #1213 started the process of producing system tests for IXFR. Not included in that ticket were tests for two cases:

* Interruption of an IXFR transfer over TCP aborts the update to the zone.
* Checking that additions and deletions are applied in the right order.

… as special code is required to create the abnormal conditions to test them. (Details of these cases can be found in the comments to #1213.) This ticket requires the creation of the appropriate test framework.
1319 defect 1318958440950029 1320940878874911 Unclassified low jreed new systest can’t find stop.pl on failure (Note: I don’t think this issue is specific to ixfr nor ixfr/in-2.)

If a b10-config.db file has a syntax problem it will cause fatal issues when starting up bind10.

I saw within ixfr/in-2 (when I introduced the error), it attempted to stop:


I:starting server nsx2
I:Couldn’t start server nsx2
R:FAIL
Can’t open perl script /b/work/BIND10-systest/20111018144505-MacOS/build/tests/system/ixfr/stop.pl No such file or directory


stop.pl is located in directory below that.

I think it is because it is referenced from $topdir instead of $SYSTEMTOP.
1335 enhancement 1319188850845259 1319188850845259 dhcp low stephen DHCP Outstanding Tasks new Extend DHCP benchmarking to ramp up packet send rate The DHCP benchmarking tool should be extended to allow the rate at which packets are sent to be ramped up over a period of time.

This will allow the maximum packet rate the DHCP server can handle to be determined.
1337 enhancement 1319192543738139 1319201872095106 dhcp low stephen DHCP Outstanding Tasks new DHCP benchmarking - enhanced reply verification From a [ticket:1263#comment:2 a comment 2 in ticket 1263]:

It would be useful to elaborate on reply verification. V4 server responding with NACK is ok or not? What about v6 server sending REPLY with status-code=no-addrs-avail? That is another thing we could eventually add as a feature. In some scenarios negative response as considered a proper one (test passed) and in others it is not (test failed). Make sure that the verification could be tuneable. For now it can be simple, but it will be more complex later.
1338 enhancement 1319200506808850 1324552147778802 dhcp low tomek DHCP Outstanding Tasks new perfdhcp should have the ability to dump sent/received traffic to file Even though we will work on making this tool as smart as possible, there always be cases when manual investigation is required.

Traffic should be dumped in pcap (tcpdump) format.

Ideally, it would use some existing library to write traffic in proper format.

Due to time constraints, I don’t think we will be able to do this in the November 2011 milestone. We could consider temporary solution that could work, though:

Before test: fork() + system(“tcpdump -i eth0 dhcp”)

Run tests as usual

After test: kill tcpdump


1339 enhancement 1319200820485863 1319200820485863 dhcp low tomek DHCP Outstanding Tasks new perfdhcp should warn if there are any DHCP clients running A small, but useful feature.

If there are any clients running, we should warn about this. This may save us from having strange statistics, like receiving more responses than we sent queries.
1348 defect 1319534720783127 1321962568946624 build system low UnAssigned tomek new make check fails on a fresh tree The likely problem is with dependencies. datasrc test includes isc.log that is not built yet.

A simple workaround is to do “make” before “make check”.

Error message:
lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/.libs:/home/thomson/devel/bind10-libdhcp4/src/lib/dns/python/.libs br> TESTDATA_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests br> /usr/bin/python3.1 /home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/$pytest
exit ; br> done
Running test: datasrc_test.py
Traceback (most recent call last):
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/datasrc_test.py”, line 16, in
import isc.log
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/init.py”, line 6, in
import isc.config
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/init.py”, line 1, in
from isc.config.ccsession import
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/ccsession.py”, line 44, in
from isc.log import log_config_update
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log/init.py”, line 33, in
from log import

ImportError: No module named log
1352 defect 1319706995872430 1321962564467197 bind-ctl medium vorner new Config go allows setting unusable path It is possible to enter invalid place in the configuration by config go. The following error message when used makes sense after small thinking what happens inside, but users shouldn’t need to care about that. What happened to me was this:


/Logging/loggers> config go [0]
/Logging/loggers[0]> config show
Logging/loggers[0]/name “‘*’” string (modified)
Logging/loggers[0]/severity “DEBUG” string (modified)
Logging/loggers[0]/debuglevel 100 integer (modified)
Logging/loggers[0]/additive false boolean (default)
Logging/loggers[0]/output_options/ list (modified)
/Logging/loggers[0]> config show output_options
Error: Bad format in identifier (extra ]): loggers[0]output_options


Eg. it does show me local values, but it does not add the slash when needed. The config go should probably add one (eg. go directly to loggers[0]/) just like cd in shell does.
1353 defect 1319707427373568 1396529317167555 xfrin low vorner DNS Outstanding Tasks new Wrong reason for transfer failure logged when TSIG fails This log message appears whenever validation of TSIG fails for some reason:


2011-10-26 12:35:52.460 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone example.com./IN failed: TSIG verify fail: FORMERR


However, the FORMERR is misleading. In this exact case, the signature was missing completely (because it was a servfail), but AFAIK it happened at other situations as well. It should tell more details.
1355 defect 1319707819418639 1396529324975048 xfrin low vorner DNS Outstanding Tasks new Xfrin mistakes EOF with timeout When the remote shuts down a connection prematurely (for example it crashes attempting to serve the transfer), Xfrin detects this and reports an error right away. However, it logs it was a timeout (which it wasn’t, as the transfer failed in less than 1 second). This may lead the administrator to look for wrong errors.
1373 defect 1320472719592176 1339225194377791 data source medium jinmei new DataSourceClient::getIterator should differentiate no-such-zone case Currently it throws a generic DataSourceError exception (and the
python version raises isc.datasrc.Error). Since this can be thrown
for other reasons than the case where the specified zone doesn’t
exisit, xfrout cannot decide whether it should return NOTAUTH
or other Rcode.

The bottom line is we should differentiate this case with other errors.
Possibilities include a separate error code with NULL/None (like find())
and a dedicated exception. I personally prefer the former especially
for C++, but that’s debatable.
1374 task 1320473299432823 1322985171982419 data source medium jinmei new implement “ZoneTableIterator” To completely replace the old data source API, we need some more
interfaces to manage “zone tables”. One of them is the “ZoneTableIterator”
(tentaively named) class. It would be created via DataSourceClient,
and provides an interface to iterate over all stored zones in the
data source.

(maybe we should divide this task into a few sub tasks).
1375 task 1320473352815196 1320769939143599 data source medium jinmei new implement “ZoneTableUpdater” To completely replace the old data source API, we need some more
interfaces to manage “zone tables”. One of them is the “ZoneTableUpdater”
(tentaively named) class. It would be created via DataSourceClient,
and provides an interface to add or delete a zone to/from the data
source.

(maybe we should divide this task into a few sub tasks).
1379 enhancement 1320599686548510 1320769939542694 Unclassified low jelte new move zone/address formatters for logging to some util lib
When done, #1298 introduced two functions to format zone/class and ipaddress/port information for easier use when logging or printing them. These functions should be moved to a separate library (and for the address one, we should consider what argument type(s) it should get), like src/lib/python/isc/util/format.py or something.

When done, the logging calls in other modules should be checked and modified to use these functions so we have a consistency in our logging output.

We may need to add these in c++ as well.
1380 task 1320599810674309 1320769940073753 Unclassified medium jelte new move ixfr system tests to lettuce
#1290 introduces a lettuce framework for system tests. If that one has been done, we should try and convert the current IXFR system tests to that framework, as a base for the rest of the IXFR system tests.
1382 enhancement 1320657651881930 1320940411224675 data source medium jelte new datasource interface for signaling capabilities
We do not expect every data source implementation to support every type of action; some will be ‘read-only’, and hence will not support things like updating etc. We can (and do) already throw NotImplemented exceptions if these functions are called, but we should really not call them in the first place if the implementation is not able to do it anyway.

So the proposal is to add a method that returns what the datasource can and cannot do (iteration, updating, journaling, perhaps more) so any callers can more cleanly handle cases where these are not supported.
1385 defect 1320988192785322 1321962565560548 data source medium kevin_tes new Sqlite3ClientBadConfig unit test fail ‘’’make check:’‘’
make[7]: Entering directory `/home/xiejiagui/bind10/src/lib/datasrc/tests’
[] Running 313 tests from 19 test cases.<br>[----------] Global test environment set-up.<br>[----------] 3 tests from FactoryTest<br>[ RUN ] FactoryTest.sqlite3ClientBadConfig<br>factory_unittest.cc:84: Failure<br>Value of: result1.code<br> Actual: 2<br>Expected: result::SUCCESS<br>Which is: 0<br>/bin/bash: line 5: 26559 Segmentation fault ${dir}$tst<br>FAIL: run_unittests<br>=
1 of 1 test failed
Please report to bind10-dev@isc.org
=<br><br>'''gdb:'''<br>.......<br>Starting program: /home/xiejiagui/bind10/src/lib/datasrc/tests/.libs/run_unittests <br>[Thread debugging using libthread_db enabled]<br>[] Running 313 tests from 19 test cases.
[———-] Global test environment set-up.
[———-] 3 tests from FactoryTest
[ RUN ] FactoryTest.sqlite3ClientBadConfig
[New Thread 0x7ffff4086700 (LWP 24771)]
[Thread 0x7ffff4086700 (LWP 24771) exited]
factory_unittest.cc:84: Failure
Value of: result1.code
Actual: 2
Expected: result::SUCCESS
Which is: 0

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff795254d in sqlite3_finalize () from /usr/lib/libsqlite3.so.0


my computer: ubuntu-10.0.4, 64bit

1391 defect 1321817047238332 1321962567921516 configuration medium jinmei new “config add” for a list doesn’t always work For example, this is okay:

> config add Xfrout/zone_config

(zone_config[0] will be created)

but this doesn’t work:

> config add Xfrout/zone_config[0]/transfer_acl
Error: No value given and no default for /Xfrout/zone_config[0]/transfer_acl


and this doesn’t work either:

> config add Xfrout/zone_config[0]/transfer_acl {action “ACCEPT”}
Traceback (most recent call last):
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/Users/jinmei/opt/bin/bindctl”, line 149, in
result = tool.run
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run
self.cmdloop
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd
Cmd.onecmd
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default
self.
parse_cmd(line)
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 569, in parse_cmd
self.
handle_cmd(cmd)
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 410, in handle_cmd
self.apply_config_cmd
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 677, in apply_config_cmd
cmd.params.get)
File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 503, in add_value
self.
add_value_to_list(identifier, value, module_spec)
File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 456, in _add_value_to_list
+ identifier)
TypeError: unsupported operand type(s) for +: ’dict’ and ‘str’

1393 enhancement 1321817734588585 1339829049552844 logging medium jinmei new reduce overhead in python logging See this: https://bind10.isc.org/ticket/1359#comment:11

On a related note, it would be better to pass the original object
to logger rather than passing a string based on the object whenever
possible. Then we can avoid the expensive conversion if the specified
level of logging is disabled.

Example: do this

isc.dns.Name name(‘example.com’)
logger.debug(VERY_MINOR, SOME_NOISY_LOG, name)

instead of

isc.dns.Name name(‘example.com’)
logger.debug(VERY_MINOR, SOME_NOISY_LOG, name.to_text())


Another related note is that we should generally try to provide str()
for Python classes defined in BIND 10.
1394 enhancement 1321818244235633 1339259969883910 logging medium jinmei new unify format_zone_str and format_addrinfo These were introduced in xfrin and subsequently copied to xfrout and
notify_out. They should be moved to some utility library and applications
should refer to it.

Also, in the sense of a note in #1393, I’d suggest making this classes:

#!python
class ZoneFormatter:
def init(self, zone_name, zone_class):
self.zone_name = zone_name
self.
zone_class = zone_class

def str(self):
return self.__zone_name.to_text(True) + ‘/’ + str(self.__zone_class)


And the applicaton pass Formatter objects to logger:


logger.debug(VERY_MINOR, SOME_NOISY_LOG, ZoneFormatter(zname, zclass))


ddns.logger.py defines `ClientFormatter` and `ZoneFormatter`. These
should be unified, too.
1395 defect 1321818672626016 1322756346092314 logging medium jinmei new python isc.datasrc should be usable without logging See src/bin/xfrout/tests/testdata/creatediff.py of trac1371
(or master when merged). If we don’t import isc.org or call
isc.log.init(), it fails:


Traceback (most recent call last):
File “creatediff.py”, line 58, in
‘{ database_file “test.sqlite3” }’)
isc.datasrc.Error: Failed to create DataSourceClient of type sqlite3:Unknown uncaught exception from sqlite3 createInstance: Error creating sqlite3 datasource: attempt to access logging function before logging has been initialized


even though this script doesn’t use any logging in it. This is incovenient.
I believe generic BIND 10 libraries should be usable without logging
setup.

I’m not sure if it’s specific to isc.datasrc or common for other cases
such as isc.acl (not tested). But if it’s the latter, the same comment
applies to them, too.
1400 task 1321820450438137 1328631164980120 statistics medium UnAssigned jinmei assigned auth per qtype statistics
1402 task 1321820484571629 1321962575882605 statistics medium jinmei new auth query statistics (referral, nxdomain, etc)
1403 task 1321820501164239 1321962576500971 statistics medium jinmei new auth TSIG/EDNS related statistics
1406 defect 1321913575345053 1394116525914230 Boss of BIND low jreed Common Outstanding Tasks new boss show_processes format Currently we have for example:



> Boss show_processes
[
[
3722,
“b10-xfrin”
],
[
6802,
“msgq”
],





We should be consistent with formats as much as we can. This should probably be JSON. Here is an idea:



{ boss_processes { pid 3722, name “b10-xfrin” }, { pid 6802, name “msgq” } ….



1408 task 1321962730068690 1394116540316153 Boss of BIND medium vorner Common Outstanding Tasks new Configurable parameters for components Currently, the configuration on Boss/components allows setting the command line parameters. But these are ignored by boss, they need to be propagated through the isc.bind10.Component to the started process.
1409 defect 1321964195762413 1394116552403378 Boss of BIND medium vorner Common Outstanding Tasks new Better checks of Boss/components configuration validity Currently, the boss doesn’t perform any checks on the configuration, it just uses it. It should at last validate it against the spec file and the isc.bind10.Component check it makes sense and throw some better exceptions than the usual „key error“ and like.

However, it’s not that critical, as bindctl seems to perform some basic checks.
1410 enhancement 1321964662534494 1322560922805321 Unclassified medium vorner new Remove command line parameters from processes Some of our processes (like b10-auth) need parameters computed by boss at startup. This is wrong, for two reasons:
* It is impossible to change such settings at runtime.
* We need to handle such processes as special components, making it harder for user to grasp and configure.

So, I think all such parameters should be removed and special components eliminated (at last the ones that aren’t really that special, keeping msgq as special seems inevitable).
1411 enhancement 1321964944968568 1394116563971759 Boss of BIND medium vorner Common Outstanding Tasks new More component states in boss Currently, each component in boss can be either stopped, started or failed. We should extend it to allow more accurate control, notably about:
* Components that are starting up, but they didn’t initialize yet. That would allow to wait for one component to complete startup before starting another one depending on it.
* Waiting to being restarted. Currently it pretends to be stopped and boss itself keeps it in some list.
* Components that were asked to terminate, but didn’t do it yet. This will allow to kill a component that fails to stop after some time.
1412 enhancement 1321965103756754 1394116577753373 Boss of BIND medium vorner Common Outstanding Tasks new Boss should be more reluctant to abort shutdown. Currently, when boss shuts down and a component raises an exception when it is stopped, the shutdown is aborted and the rest of processes are just mercilessly killed. We should catch exceptions, keep stopping the other components and then after everything is stopped, rethrow them. This will allow killing only the components that are broken.
1413 enhancement 1321966062429119 1394116596697670 Boss of BIND medium vorner Common Outstanding Tasks new Runtime change of component configuration Currently, if a configuration of boss component is changed, the boss complains it can’t handle it and suggests to remove the component and then add it again. But the changes should be handled transparently, either by changing local variables in boss (if a core components becomes dispensable, etc) or by restarting the component behind the scene with new parameters, so the user isn’t bothered.
1416 task 1321986603556273 1323178776389778 data source medium jinmei new buffered read of journal I believe !DatabaseJournalReader should do buffered read so that
it can minimize the period of holding the database lock. While it’s
a kind of optimization, I think it’s quite crucial for production-like
environment, and suggest doing so earlier.
1417 defect 1322060080496444 1323178777012801 configuration low jreed new config show and missing index number and slash results in not found for single list entry

> config show Auth/listen_on/
Error: Auth/listen_on/[0]/address not found



Notice above is missing index number like [0] and has a slash which results in showing a list item (address) not found. (Really address and port do exist for [0].)
1418 defect 1322060624107872 1394116814482704 b10-auth low jreed DNS Outstanding Tasks new no logging by default when changing Auth/listen_on I removed some Auth/listen_on entries and changed some values there too. On commit, no logs (default configuration).

I think it should log this.

I thought there was logging for this, but now I can’t find it.
1419 defect 1322061105903298 1323178777674777 configuration medium jreed new confusing and unrelated auth listen_on logging I did the following in bindctl:


> config add Auth/listen_on/
> config show Auth/listen_on
Auth/listen_on[0]/address “::” string (modified)
Auth/listen_on[0]/port 53 integer (modified)
Auth/listen_on[1]/address “0.0.0.0” string (modified)
Auth/listen_on[1]/port 53 integer (modified)
Auth/listen_on[2]/address “::1” string (default)
Auth/listen_on[2]/port 53 integer (default)
> config set Auth/listen_on[0]/port 5353
> config commit
Error: Server configuration failed: Address must contain both the IPaddress and port
Configuration not committed



The default logging showed:



2011-11-23 08:50:05.696 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_MISSING address specification is missing “address” or “port” element in { }
2011-11-23 08:50:05.699 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Address must contain both the IPaddress and port
2011-11-23 08:50:05.702 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Address must contain both the IPaddress and port



1. SRVCOMM_ADDRESS_MISSING what is this { } element?

2. Why does it suggest I am missing an address or port?

3. Why is there an unrelated b10-cmdctl.cmdctl log message here?

Here is an example after starting with no configuration:



> config set Auth/listen_on[0]/port 5353
> config commit
Error: Server configuration failed: Failed to initialize network servers: Permission denied
Configuration not committed



Results in:



2011-11-23 09:08:44.650 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Permission denied)
2011-11-23 09:08:44.652 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Permission denied
2011-11-23 09:08:44.656 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Failed to initialize network servers: Permission denied



I will ignore permission denied for b10-auth as I understand that (I am non-root), but what is this CMDCTL_COMMAND_ERROR message? Oh… it is the previous error seen by cmdctl. This is quite confusing.
1422 defect 1322066511138520 1332238414333689 configuration low jreed new config remove /Boss/components/foo and not a list or a named set

> config remove Boss/components/b10-xfrin
Error: /Boss/components/b10-xfrin is not a list or a named_set
> config remove Boss/components b10-xfrin



The first example does not work. The second example is accepted.

I think it is confusing because config show does show it like “/Boss/components/b10-xfrin”.
1423 defect 1322067772031162 1331998412575006 configuration low jreed new config show Boss/components is missing entries

> config show Boss/components
Boss/components/b10-cmdctl/special “cmdctl” string
Boss/components/b10-cmdctl/process null string
Boss/components/b10-cmdctl/kind “needed” string
Boss/components/b10-cmdctl/address null string
Boss/components/b10-cmdctl/params/ list
Boss/components/b10-cmdctl/priority 99 integer (modified)
> config show /Boss/components/setuid
Boss/components/setuid/special “setuid” string
Boss/components/setuid/process null string
Boss/components/setuid/kind “dispensable” string
Boss/components/setuid/address null string
Boss/components/setuid/params/ list
Boss/components/setuid/priority 5 integer



Notice first only shows b10-cmdctl but setuid exists too.

When I restart bindctl, “config show Boss/components” shows over a screenful of many settings.

I can get into this broken state by doing:




> config set Boss/components/b10-stats-httpd/priority 99



(Without commit and note commit does not work anyways for that.)

A “config revert” will fix also.

1425 defect 1322087911350698 1396529357041668 xfrin medium shane DNS Outstanding Tasks new Need backoff algorithm when AXFR refused I was configuring BIND 10 as a secondary, and had not yet updated my master to allow transfers. Every 5 seconds I got this in my log files:


2011-11-23 22:35:54.849 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED
2011-11-23 22:36:00.690 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED
2011-11-23 22:36:05.319 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED


This needs to be made a bit less aggressive.
1438 enhancement 1322502345556404 1392999578081708 Unclassified medium stephen DNS Outstanding Tasks new NSEC3: consistent selection of NSEC3PARAM Consistent selection of NSEC3PARAM record for use in all subsequent NSEC3 code. [http://tools.ietf.org/html/rfc5155 RFC 5155] does not prohibit multiple NSEC3PARAM RRs at the apex of the zone and leaves flexibility in which one is used. The purpose of this ticket is to review the NSEC3 code and to ensure if multiple NSEC3PARAM records are present, the parameters of the same record are used throughout one query. (See [http://tools.ietf.org/html/rfc5155#section-7.3 RFC 5155 section 7.3].)

This relies on the completion of tickets #1431 through #1437.
1441 task 1322598538096248 1323178784715843 Unclassified medium shane new Requirements for sharing a socket This ticket is to document the requirements that we have for sharing a socket, for example to handle both AXFR and queries on a single IP+port, or to handle both DDNS and queries on a single IP+port, or to handle both authoritative and recursive servers on a single machine, and so on.

This may end up being a receptionist, but that is design, and this ticket is about requirements.
1445 defect 1322669839124408 1323357901608466 logging very low jreed new inconsistent use of “SQLite3” in log messages Log messages have “SQLite3Database” (no space), “sqlite”, “SQLite3” and maybe others. Let’s be consistent.
1459 task 1322857184069690 1339516603763329 DDNS medium jelte new Consistency checks in DDNS module (Updating based on jabber chat)

Before the (final) commit in a DDNS update, there is a number of consistency checks we should do.

It was not really clear what “consistency checks” mean, so I’m going
to list additional checks BIND 9 does, which don’t seem to be
implemented in BIND 10 yet (not even in #1457). Note that they are
not only “final” checks, but also checks in prescan or actually
updating the zone.

Some of the checks may not make sense for us (or too advanced at the
moment), so we should discuss any suspicious ones. Also, if we try to
include most of the checks, it may be too big for a single ticket.
Since each individual check is generally independent, we should be
easily able to separate them into multiple tasks.

In prescan:
- reject any meta types including MAILA/MAILB
- reject any attempt of updating NSEC/NSEC3/RRSIG

When adding an RR:
- ignore MD/MF
- ignore wildcard NS/DNAME
- be careful with the coexistence of CNAME and DNSSEC related records
- ignore a 2nd SOA (okay if explicitly deleting the existing one first)
- ignore NSEC3PARAM records with any flags other than OPTOUT.
- merge new RRs with existing RRset: in particular, if a new RR is
being added which is only different with an existing one in TTL,
make sure just the new TTL is used (note that the new TTL may be
larger than the existing one)

When deleting all any type of RRs of a name:
- do not delete RRSIG or NSEC (or NSEC3?)
- in addition, if the name is zone origin, do not delete NSEC3PARAM
(or SOA or NS)

After applying all changes:
- check DNSSEC: Prevent the zone entering a inconsistent state where
NSEC only DNSKEYs are present with NSEC3 chains.
- zone apex has NS, and if the NS name is a subdomain of the zone,
there’s AAAA or A for it.
- check_mx: (depending on configuration) whether MX has AAAA or A, the
mx name is reasonable (not “x.y.z.w”)
- remove_orphaned_ds: “DS records are not allowed to exist without
corresponding NS records”
- if ‘dnssec-secure-to-insecure’ is false, whether at least one DNSKEY
exists.
- if changing from secure to insecure, delete all NSEC3s
- also log it if all changes result in no-op: “redundant request”
1463 task 1322985484551436 1396529365842456 xfrin medium jinmei DNS Outstanding Tasks new use ixfr-in by default Now we support IXFR to AXFR, we should change the default mode of
xfrin protocol from AXFR to IXFR.

(Note: It’s probably better to hold off until #1299 is completed to avoid
conflicts)
1464 task 1322985744645661 1396529373849828 xfrin medium jinmei DNS Outstanding Tasks new do AXFR by ‘retransfer’ command I suggest we do unconditionally AXFR if zone transfer is invoked
via bindctl’s ‘retransfer’ command. It’s more compatible to BIND 9’s
‘rndc retransfer’. (Or maybe we can add an optional ‘type’
parameter for this command whose default is AXFR)

(Note: It’s probably better to hold off until #1299 is completed to avoid
conflicts)
1465 task 1323019258434804 1323019258434804 Unclassified medium larissas new DDNS User Story: DDNS Analysis Tools “[I need] Analysis tools that could aid me in getting more data on what is really going on in our systems. For example, I have a problem that I’m trying to figure out and do not have the tools, or do not know where to find access to what is happening in the”right now" interaction of our DNS with our DHCP and DDNS other than trying to read logs that fly by."
1466 task 1323019367019041 1323019367019041 Unclassified medium larissas new DDNS User Stories: No DDNS Option User request is to have a way to run without DDNS at all:

“Please be conservative & modular with features. If I don’t want something (say dynamic DNS), then I should be able to run without it.”
1469 defect 1323101532101380 1323352586911784 dhcp medium tomek DHCP Outstanding Tasks new SocketInfo may be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket It was pointed out in #1238 review (comment 6) that SocketInfo in IfaceMgr in dhcp can be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket.

1473 task 1323174884190713 1323174884190713 Unclassified medium larissas new DDNS User Stories: Finding inactive DDNS machines “[As an administrator] I need some way to go through DNS and find inactive DDNS machines.”
1474 task 1323174966408510 1338013399079949 Unclassified medium larissas new DDNS User Stories: Make it fast “[As an administrator, I need] for dynamic updates [to take] less time to configure”
1475 task 1323175124648575 1323352683698735 Unclassified medium larissas larissas assigned DDNS User Stories: Samba4 Interoperability “[I need there to be]less issues when running [DDNS] alongside Samba4”
1476 task 1323175219546909 1338013370225107 Unclassified medium larissas larissas assigned DDNS User Stories: ADDNS interoperability
“[As an administrator using DDNS], I need interoperability with Microsoft ADDNS”
1477 task 1323175388880578 1339829595814921 Unclassified medium larissas new DDNS User Stories: TSIG “[As an administrator I want] DDNS with TSIG so I can make sure no one unauthorized is altering my zone data”
1478 task 1323175532090406 1323175532090406 Unclassified medium larissas new DDNS User Stories: Requirements for high volume “[As a large scale domain host] rate of dynamic updates DNSSEC with dynamic updates is very high for us, need configuration parameters to customize for this and logging to track it”
1479 task 1323175854242600 1323175854242600 Unclassified medium larissas new DDNS User Storie: Crash-safe journal “Dynamic updates journal should really become crash-safe.”
1480 task 1323176229810631 1323176229810631 Unclassified medium larissas new DDNS User Stories: Dynamic Updates to specific view “[As an administrator I need] Views and dynamic updates to specific view [so that I can update specific interally or externally facing zones (or other view specific zone data).”
1481 enhancement 1323176461104253 1323356001589423 xfrout low shane new Optimize size on XFR-out https://lists.isc.org/pipermail/bind10-dev/2011-December/002851.html

During review of #1389, it was discovered, that xfrout splits the stream into
messages in an suboptimal way. Currently, it keeps a sum of RR sizes and if this
overflows, it renders the message and starts a new one.

But, the rendering compresses names. This means few more RRs could fit in, if we
are lucky and there are lots of similar names (which there usually are, at last
the names of the RRs, if not inside the real data).

This is not really a big deal, it doesn’t break anything. But it generates more
messages and can increase the size of the whole stream, as we can’t compress
names across message boundary. Having less messages mean having less boundaries
and more compression.

So, I’d like to ask, is it worth fixing? There surely are ways to do it
completely right and fill the messages up to the edge. One would be like this:


message =
* Iterate over the RRs to transfer:
* new_message = message
* new_message.add(rr)
* try to render
* if it overflows:
* send out message
* message =
* message.add(rr)
* else:
* message = new_message


That is, of course, slow. However, if we could save the renderer state and could
„continue“ with another rr added to the message, it could be made fast (it
wouldn’t make the counts in the headers right, but otherwise, we add RRs to the
end of message).

So, do you think, is it worth fixing?
1482 task 1323208794472721 1389878915635667 logging medium jinmei new simple logging format checker using unittests To catch some trivial errors in logging like this:
https://lists.isc.org/pipermail/bind10-dev/2011-December/002897.html
I’d propose the following:

- make sure all python unit tests call `isc.log.resetUnitTestRootLogger()`
- make sure all C++ unit tests call `isc::log::initLogger();
- add a top level make target, e.g. check-logformat, which would do

B10_LOGGER_DESTINATION=stdout make check
grep ‘^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]’ grep ‘%’

and exits with a non 0 code if the output is not empty
- fix any current problems that make this target fail
- configure a buildbot with enabling this target as a regular test
1487 defect 1323234902695730 1323234902695730 documentation medium jinmei new BIND 10 guide should explain more about zonemgr configuration At least
- explain configuring it is (in practice) mandatory for a secondary server to make zone transfers
- provide a configuration example
1490 defect 1323270428663135 1324388409115033 Unclassified medium jreed new redundant logging with SRVCOMM_ADDRESS_FAIL and AUTH_CONFIG_UPDATE_FAIL and missing example This ticket has multiple problems, all related. If I need more tickets, please let me know.

This is related to #1419 but in this case I already had configuration in place so not using bindctl.

I loaded a configuration that listed an IPv6 address that no longer existed on the interface. This resulted in:



2011-12-07 14:26:38.q ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address)
2011-12-07 14:26:38.q ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Can’t assign requested address



(Ignore the “q” in timestamp due to out of date log4cplus.)

1) Why log twice?

2) Please have it list the address(es) that has the problem. In my case, it was working with IPv4 and so I was initially confused.

3) Why AUTH_CONFIG_UPDATE_FAIL — this is not an attempt to “update the configuration”. This configuration has been in place for over a month. Also the description for the AUTH_CONFIG_UPDATE_FAIL in the message file does not make sense: “At attempt to update the configuration the server with information from the configuration database has failed, the reason being given in the message.” I think it is missing some words or has wrong grammar.

In addition I had a configuration with both IPv6 and IPv4 addresses that weren’t configured on any interface:



2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 2001:4f8:3:d::95#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 149.20.48.80#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 127.0.0.1#53
2011-12-07 14:48:53.q ERROR [b10-resolver.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address)
2011-12-07 14:48:53.q ERROR [b10-resolver.resolver] RESOLVER_CONFIG_ERROR error in configuration: Failed to initialize network servers: Can’t assign requested address



This doesn’t tell me which ones failed.

And notice the SRVCOMM_SET_LISTEN line is incomplete or wrong grammar. Listen “on”?

And why does the auth server have one log message that is quite different from the resolver’s message?
1492 defect 1323277092325829 1324388410159588 Unclassified low jreed new add debug logging for when timer is triggered to notify xfrin Xfrin logs XFRIN_XFR_TRANSFER_STARTED but I don’t know what triggered that.

Please add DEBUG level logging to zonemgr for when the timer is triggered to notify xfrin.

Please add DEBUG level logging to xfrin for when it receives notify and other commands.
1493 defect 1323278376179515 1324388410516405 Unclassified low jreed new tests/system/ixfr/in-2 is missing bind10.run output tests/system/ixfr/in-2 is missing bind10.run output

either it was removed or never saved.

please make sure it is kept around so it can be analyzed.

Note there is the corresponding: tests/system/ixfr/in-2/ns1/named.run


1494 task 1323338178346051 1324388411185427 Unclassified medium shane new Review environment variable use in BIND 10 BIND 10 has inconsistent use of environment variables. This ticket is to review the research Jeremy did in May and update it:

https://lists.isc.org/pipermail/bind10-dev/2011-May/002288.html

A follow-up ticket will actually implement any agreed-upon changes.
1495 enhancement 1323345408263358 1394116826100586 b10-auth low jreed DNS Outstanding Tasks new DEBUG log when NOTIFY is received In addition to #1492, have b10-auth log at some DEBUG level when a NOTIFY is received.
1496 enhancement 1323427164192949 1323955380563870 xfrout low vorner new Making the xfrout messages really full Currently, the xfrout decides when to start a new message based on the size of uncompressed RRs. But the RRs are sent compressed, so this leads to messages that are not completely filled.

It should be possible to do something like incremental message rendering to know the final compressed size.

The actuall benefit of this is unknown, but beleived to be low anyway, so this probably is a low-priority task.
1497 enhancement 1323427485658178 1394116608027166 Boss of BIND medium vorner Common Outstanding Tasks new Chroot for socket creator The socket creator should be able to create a temporary (empty) directory, chroot there and delete the directory. As the socket creator should be the only component running with elevated privileges, it should increase the trust in its safety, even as chroot itself is not primarily security related feature.
1498 enhancement 1323427701350145 1394116620114584 Boss of BIND medium vorner Common Outstanding Tasks new Droping root in socket creator On system where it is possible, the socket creator should drop all the privileges except only the ones needed to bind privileged sockets. Together with #1497, it should provide good trust in its security.
1499 enhancement 1323427995949111 1392912640058718 resolver low stephen DNS Outstanding Tasks new Add upstream nameserver information to debug messages Ticket #1383 improved the debug messages available to diagnose problems in responses received from upstream nameservers. However, missing from each message is information about the nameserver from which the response was received.

This ticket involves making that information available to the debug messages and updating the messages to include it.
1506 task 1324055666064594 1328717731614489 Unclassified medium jelte new extract the common patterns from python modules We have a number of python modules now, and most of those use very similar code (for instance for startup, option parsing, catching signals, etc.), or their code can be made to be very similar.

The suggestion is to extract those pieces, and not have duplicate code.

An addendum is that the dummy module for b10-ddns does a few things a tiny bit differently (for instance no global for catching signals, and a separate main() function), that we should apply to other modules too. This should automatically take care of that (Assuming those things are used in this ‘extracted’ code)

1507 task 1324055909292358 1328621887114801 Unclassified medium jelte new Extract the common dummy classes for python (module) tests We have a number of python tests where we have created dummy classes, for example MySocket, MyCCSession and MockDataSrc, MockDataSourceClient, etc.

It would be nice to have these extracted, not only to prevent duplicate code now, but also to be able to quickly use them when adding new tests (or tests for new modules).
1511 task 1324229809916537 1324388415717726 DDNS medium jelte new Documentation for b10-ddns
Write or complete the b10-ddns manpage and section in the bind10 guide
1521 defect 1324464330071317 1394116634419436 Boss of BIND medium jelte Common Outstanding Tasks new Make boss process close children on SIGHUP and internal fatal errors
There are some scenarios where child processes of the boss are not cleaned up well, notable cases are sending a SIGHUP and uncaught exceptions in the boss code.

In either case, we should always close all child processes if the boss exits, so if it isn’t available yet, we need exception-free process cleanup code (and point the correct handlers to it).

For SIGHUP, this has been more-or-less addressed in #642, but at the time it turned out to be more work than we had time for. The changes made there are probably not applicable anymore, but have been kept around for reference in branches/trac642-historic.
1525 defect 1324557521847740 1331917011391166 build system low UnAssigned jreed new configure should fail immediately if no pkg-config?

checking for pkg-config… no
checking for botan-config… no
./configure: line 16580: —libs: command not found
./configure: line 16581: —cflags: command not found

[failure later]



botan-config-1.10 is my executable name.

Note that later configure.ac does have check and failure for pkg-config (used to for sqlite3), so just move this earlier.
1529 defect 1325077429812275 1326903459326515 libdhcp medium tomek DHCP Outstanding Tasks new ifconfig parser improvements libdhcp+ currently have interface detection implemented that uses netlink. It works on linux only. To validate its correctness, tests parse ifconfig output and match with list returned by libdhcp+.

Unfortunately, this approach has 2 problems:
- some ifconfig outputs vary between Linux versions, e.g. Gentoo version produces slightly different output than Ubuntu
- In case of several addresses assigned to a single interface, ifconfig report alias interfaces while netlink reports a single interface with several addresses assigned.

Jeremy suggested to write an awk script that will produce a consistent output. Shane suggested that Python would be better, as we already use Python.
1530 defect 1325090564832766 1328621888606606 Unclassified medium jreed new BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: ‘xfrin’ I had this strange failure:


2011-12-23 21:16:46.001 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during
startup: Unable to start b10-cfgmgr: ‘xfrin’



Notice is says b10-cfgmgr and ‘xfrin’.

I removed the Boss config for the b10-xfrin.

On next attempt I then got same error for xfrout, so removed its configuration also:



b10-xfrout {kind “dispensable”, special “xfrout”},



Then it worked.

I don’t understand the error message. And I don’t understand what caused these configurations to be there.

As a reminder, see #1219 ticket — I also didn’t understand the same error message. (I created a new ticket instead since this is different.) Also see #1443 — since I can’t even start components to fix the problem.
1536 task 1325287488003233 1327400937432913 data source medium jinmei new ZoneFinder::find should (probably) throw for out-of-zone name See discussions at #1430. In short, calling find() for (clearly)
out-of-zone name should be considered a caller’s bug, so it would make
more sense to indicate it via an exception.

Note: this should be done after #1535. Otherwise it will accidentally
kill notify_out (and xfrout as a result).
1537 defect 1325521971174272 1340064910295911 Unclassified medium shane new Handle error receiving file descriptors I was seeing this in my log file:


2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection
2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection
2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection


Also, b10-xfrout then uses 100% of CPU once this condition occurs.

I discovered that this ultimately comes from fd_share.cc:


const int cc = recvmsg(sock, &msghdr, 0);
if (cc <= 0) {
free(msghdr.msg_control);
if (cc == 0) {
errno = ECONNRESET;
}
return (FD_SYSTEM_ERROR);
}


Looking via strace I find:


select(13, [9 12], [], [], NULL) = 1 (in [12])
recvmsg(12, {msg_name(0)=NULL, msg_iov(1)=[{“”, 1}], msg_controllen=0, msg_flags=0}, 0) = 0


My guess is that is what is happening is that the process on the other side of the Unix domain socket has closed the connection (perhaps due to dying), and that the xfrout gets stuck in a loop.

What I think we should do is:

1. Check for this condition everywhere in the code and re-connect (or error in some meaningful way) when we discover it.
2. Update the documentation to specify that this is necessary.
1544 task 1325761490369172 1328718119508541 statistics medium naokikambe new Resolve the design issues about names in MIB of stats-snmp As result of #930 we found at least two possible issues about names in MIB of stats-snmp in the current design as described in the prototype implement in the experiment branch(kambe-SNMP-stats) and in the document StatsModule#StatsSnmp(#1448).

* The MIB of stats-snmp is statically generated when the BIND 10 is made. And if we change the daemons to run, for example, when we disable the Auth daemon and enable the Resolver daemon, there may be an inconsistency between such static MIB and the statistics list which is dynamically answered by the Stats daemon.

* There might be name duplication in MIB. For example, if one name authQueriestcp is defined in MIB as two different OIDs .1.3.6.1.4.1.2021.255.0.0 and .1.3.6.1.4.1.2021.255.0.2.0.2, we can access to the object firstly matched in MIB by authQueriestcp but we cannot access secondly matched one by same way.

Improve current data mapping between specfile and MIB to resolve these design issues, and then revise the document StatsModule#StatsSnmp.
1569 defect 1326821487398082 1328718154706396 Unclassified medium jelte DHCP Outstanding Tasks new IFaceMgrTest fails on some systems
It may be the ifconfig output format, or perhaps that some systems have a few non-default virtual interfaces). It certainly fails on my Ubuntu system, and apparently on vorner’s gentoo as well.


[ RUN ] IfaceMgrTest.getIface
Interface checks. Please ignore socket binding errors.
IfaceMgr initialization.
Linux: detecting interfaces.
Detected interface lo/1, hwtype=772, maclen=6, mac=00:00:00:00:00:00, flags=10049(LOOPBACK UP RUNNING )
2 addr(s): 127.0.0.1 ::1
Detected interface eth0/2, hwtype=1, maclen=6, mac=20:cf:30:db:d9:19, flags=11043(UP RUNNING MULTICAST BROADCAST )
3 addr(s): 192.168.8.30 2001:470:1f15:17ba:22cf:30ff:fedb:d919 fe80::22cf:30ff:fedb:d919
Detected interface virbr0/3, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST )
1 addr(s): 192.168.122.1
Detected interface vnet0/5, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST )
1 addr(s): fe80::fc54:ff:fe49:3c6f
There are 8 interfaces.
lo/1
eth0/2
virbr0/3
vnet0/5
lo1/1
eth5/2
en3/5
e1000g0/3
iface_mgr_unittest.cc:207: Failure
Value of: tmp->getName()
Actual: “vnet0”
Expected: “en3”
[ FAILED ] IfaceMgrTest.getIface (1 ms)


If this isn’t fixed for the release, I propose we simply disable it in the release branch.
1572 task 1326868754682390 1389878540361599 data source medium jinmei new DS query handling in database data source See #1571. We need to do the same thing for the `DatabaseClient`.
(But this should go to the backlog for the moment, according to
our current task priorities).
1589 task 1326889420293980 1328718171476250 Unclassified medium vorner new Portconfig redesign The isc::server_common::portconfig would need a little bit of redesigning. The logic with the state is not entirely clean, it might become an object holding the configuration and be able to apply it.

Also a better error handling might be helpful.

And it would be good if the portconfig::test_mode wouldn’t be necessary.
1590 defect 1326889474949114 1328718355583811 Unclassified medium vorner new Make SocketCreator not a singleton It might be cleaner to have a local object.
1591 defect 1326889550549884 1328718371895885 Unclassified medium vorner new Handle the case when application can’t inform boss about released socket. If the communication with the boss fails, it might end up in inconsistent state. We should at last kill the application and start over.
1592 task 1326889631478056 1328718386656768 Unclassified medium vorner new Move testutils/socket_request.h Moving it somewhere from testutils (possibly server_common/tests) will make it possible to have a corresponding .cc file and hide the details and gtest.h header.
1594 task 1326889844284424 1328718406743593 Unclassified medium vorner new Use different place for socketcreator master socket The unix domain socket is currently placed under /tmp. This might arguably not the best place for it, at last because of consistency. We should discuss it and move it somewhere else.
1609 task 1327054489254688 1368439257140873 dhcp medium UnAssigned stephen DHCP Outstanding Tasks assigned Review object breakdown of DHCP code Review the object structure of the BIND 10 DHCP code to date and make recommendations about any refactoring needed.
1624 defect 1327415052754054 1329823712899211 Unclassified medium jreed new Unable to start b10-msgq, but it is started and running I started bind10 —verbose:


2012-01-24 08:15:22.099 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20111129)
2012-01-24 08:15:22.119 DEBUG [b10-boss.boss] BIND10_CHECK_MSGQ_ALREADY_RUNNING checking if msgq is already running
2012-01-24 08:15:22.138 INFO [b10-boss.boss] BIND10_CONFIGURATOR_START bind10 component configurator is starting up
2012-01-24 08:15:22.158 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_BUILD building plan ‘{}’ -> ‘{’sockcreator’: {’priority’: 200, ‘kind’: ‘core’, ‘special’: ‘sockcreator’}, ‘msgq’: {’priority’: 199, ‘kind’: ‘core’, ‘special’: ‘msgq’}, ‘cfgmgr’: {’priority’: 198, ‘kind’: ‘core’, ‘special’: ‘cfgmgr’}}’
2012-01-24 08:15:22.176 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_RUN running plan of 3 tasks
2012-01-24 08:15:22.192 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on Socket creator
2012-01-24 08:15:22.214 INFO [b10-boss.boss] BIND10_COMPONENT_START component Socket creator is starting
2012-01-24 08:15:22.294 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser
2012-01-24 08:15:22.314 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-sockcreator (PID 8761)
2012-01-24 08:15:22.334 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on msgq
2012-01-24 08:15:22.354 INFO [b10-boss.boss] BIND10_COMPONENT_START component msgq is starting
2012-01-24 08:15:22.371 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq
2012-01-24 08:15:22.619 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-msgq (PID 6349)
2012-01-24 08:15:27.753 ERROR [b10-boss.boss] BIND10_COMPONENT_START_EXCEPTION component msgq failed to start: Unable to connect to c-channel after 5 seconds
2012-01-24 08:15:27.757 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component msgq (pid None) failed with unknown exit status
2012-01-24 08:15:27.758 FATAL [b10-boss.boss] BIND10_COMPONENT_UNSATISFIED component msgq is required to run and failed
2012-01-24 08:15:27.759 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 1 of 3 done
2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes
2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process Socket creator
2012-01-24 08:15:27.761 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator
2012-01-24 08:15:27.769 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during startup: Unable to start b10-msgq: Component failed during startup



Now it has been a few minutes b10-msgq hasn’t exited yet. I sent a term signal to it and it exited.

I could repeat this.
1625 defect 1327420316714945 1333469720780363 bind-ctl low jreed new config go to a list confusion
> config go Auth/listen_on
/Auth/listen_on> config show
Auth/listen_on[0]/address “::” string (default)
Auth/listen_on[0]/port 53 integer (default)
Auth/listen_on[1]/address “0.0.0.0” string (default)
Auth/listen_on[1]/port 53 integer (default)
/Auth/listen_on> config set Auth/listen_on[0]/port 5300
Error: /Auth/listen_on/Auth/listen_on[0]/port not found
/Auth/listen_on> config go /
> config show Auth
Auth/database_file “/home/reed/builder/work/BIND10/20120124093934-NetBSD5-i386/install/var/bind10-devel/zone.sqlite3” string (default)
Auth/datasources [] list (default)
Auth/statistics-interval 60 integer (default)
Auth/listen_on/ list (default)
> config go Auth/listen_on
/Auth/listen_on> config set [0]/port 5300



The show output is not prefixed with a slash, that makes it appear that the “go” didn’t work or that is configurables below current location. Maybe it should prefix a slash or only show the item, for example:


> config go /Auth/listen_on
/Auth/listen_on> config show
[0]/address “::” string (default)
[0]/port 53 integer (default)
[1]/address “0.0.0.0” string (default)
[1]/port 53 integer (default)

(Note above does not exist yet.)

1629 defect 1327506670328527 1359562886790256 logging medium UnAssigned jreed assigned logging with garbage in it See https://lists.isc.org/pipermail/bind10-dev/2011-December/002901.html

There was a timeout in a lettuce test on December 6.

Wait for bind10 stderr message CMDCTL_STARTED

The stderr output has garbage in it. (I piped through cat v so I could
paste it.)

}}

Today on same system I saw another corrupted log file :



macmini:system jreed$ grep
a –1 ‘[[:cntrl:]]’ ./ixfr/in-2/nsx2/bind10.run
cat -v
2012-01-25 03:58:52.408 DEBUG [b10-cmdctl.cmdctl] CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080
2012-01-25 03:58:52.429 012-01-25 03:58:52.428IINFO ^^ @^XFROUT_NEW_CONFIG Update xfrout configuration^^^^^^^^^^^^^^^^^^^^^^^<br>^2012-01-25 03:58:52.429 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done
2012-01-25 03:59:07.946 INFO [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_STARTED IXFR transfer of zone example/IN started



Looks like corruption in same place.
1630 task 1327515699493178 1327515699493178 Unclassified low jreed shane new Change automatic unit test reporter to warn if percentage of coverage goes down This item came up from the face to face meeting.

With our current policies, any new code should have unit tests. This means that our test coverage percentage should never go down.

The idea of this ticket is for the scripts that we run automatically to produce coverage reports to send an e-mail if it discovers that our test coverage has declined.
1631 task 1327516267222093 1329463682149414 Unclassified medium shane new Turn goals for documentation into a plan to produce This ticket comes from the BIND 10 face to face meeting. We came up with a proposed structure of documentation, and need to create a plan to actually making that happen.
1632 task 1327516567137440 1343912070022677 Unclassified medium jreed shane new Experiment using Doxygen for Python This action came out of the BIND 10 face to face meeting.

We currently use pydoc for our Python documentation, and doxygen for our C++ documentation. However, apparently doxygen can work for both.

We need to investigate what is needed to use doxygen for our Python documentation.
1636 task 1327565743235142 1344438981978028 Unclassified medium shane shane accepted Redesign the BIND 10 Wiki The BIND 10 wiki is not helpful for most people landing there. This needs to be redesigned.
1645 task 1328271184994582 1328271184994582 Unclassified medium shane new Add anti-spam facilities to Trac We are starting to have non-trivial amounts of Trac spam, so we need to investigate tools to block this when possible, or minimize the effects in some way.
1647 defect 1328523121240668 1328805729377714 xfrout medium jelte new logging in xfrout is incomplete
Some error conditions in xfrout should be logged, such as tsig key mismatch. See for starters https://lists.isc.org/pipermail/bind10-users/2012-February/000168.html but we should probably go through the module and add other log messages as well.
1652 enhancement 1328620423271737 1328820919398110 msgq low jreed new msgq write to stderr on startup and exit status If msgq has a failure when it attempts to start, it should write to stderr and also have return some exit status indicating the problem.

(As mentioned in F2F 2012-01.)
1653 defect 1328620761245706 1394116652575675 Boss of BIND very low jreed Common Outstanding Tasks new too much output at startup (As discussed at F2F 2012-01.)

Reduce the logging output for startup of bind10.

For example has both BIND10_COMPONENT_START and BIND10_STARTING_PROCESS at INFO. And other components indicate own startup too like RESOLVER_STARTING. Maybe use a DEBUG level for these?



1654 defect 1328620862874551 1328828613174652 xfrout very low jreed new reduce xfrout logging Reduce xfrout logging.

For example both of these are INFO:


2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration
2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done


Maybe one or both can be DEBUG.
1656 defect 1328621163310965 1392911711044514 Unclassified low jreed DNS Outstanding Tasks new ZONEMGR_NO_SOA should not warn when adding new zone It should not WARN the ZONEMGR_NO_SOA when adding a new zone.
1657 defect 1328621237107039 1328810368022696 Unclassified medium jreed new zonemgr should not ask for IXFR on new zone zonemgr should not ask for IXFR on new zone. It should do AXFR.
1658 enhancement 1328621723577463 1328821085547843 logging low jreed new log when adding new configuring new logging When adding or changing to a new logging configuration (loggers, output), then log about it to that new output — that is a single line to introduce it.
1659 defect 1328621858996557 1328812632272980 configuration medium jreed new be able to view default list configurations If using bindctl, you can view a list that has the default configurations. You should be able to view all configurations even if defaults (so don’t have to go find the spec file and interpret it manually).
1661 defect 1328622693273693 1328821109597944 bind-ctl low jreed new config go strangeness Check this out:


> config go Xfrin/transfers_in
/Xfrin/transfers_in> config go ..
/Xfrin> config go zones/
/Xfrin/zones> config go ..
/Xfrin> config go zones
/Xfrin/zones> config show
Xfrin/zones[0]/name “foo” string
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “192.168.2.3” string
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string
Xfrin/zones[0]/use_ixfr false boolean (default)
/Xfrin/zones> config go zones[0]/use_ixfr
Error: /Xfrin/zones/zones[0]/use_ixfr not found
/Xfrin/zones> config go [0]
/Xfrin/zones[0]> config show
Xfrin/zones[0]/name “foo” string
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “192.168.2.3” string
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string
Xfrin/zones[0]/use_ixfr false boolean (default)
/Xfrin/zones[0]> config go tsig_key
Error: /Xfrin/zones[0]/tsig_key not found
/Xfrin/zones[0]> config go /Xfrin/zones[0]/master_addr
/Xfrin/zones[0]/master_addr> config show
Xfrin/zones[0]/master_addr “192.168.2.3” string
/Xfrin/zones[0]/master_addr> config go ..
/Xfrin/zones[0]> config go master_addr
/Xfrin/zones[0]/master_addr> config go ..
/Xfrin/zones[0]> config go /Xfrin/zones[0]/tsig_key
Error: /Xfrin/zones[0]/tsig_key not found
/Xfrin/zones[0]> config show /Xfrin/zones[0]/tsig_key
Error: Xfrin not found
/Xfrin/zones[0]> config show /Xfrin
Error: Xfrin not found
/Xfrin/zones[0]> config go ..
/Xfrin> config go ..
> config show /Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones/ list


Sometimes it works and sometimes it doesn’t. Notice how it can’t go into tsig_key. Also noitce that /Xfrin is not found.
1662 task 1328622766732752 1329823713576974 documentation medium jreed new documentation: logging quick start examples For the guide, have some quick start examples for logging in addition or instead of the tutorial.
1663 task 1328623332829622 1328627735816334 Unclassified medium jreed new doxygen generation automated on builder Add a doxygen build task to one system on the build farm.

The verbose output may need to be parsed or reduced and trigger failure on some types of issues.
1664 enhancement 1328623686802418 1328821126663106 build system low UnAssigned jreed new configure provide more help for building Have configure have some output about “If having problem building …” even in —help output.

Maybe point to documentation, websites, list addresses.
1670 enhancement 1328882972995808 1394116840891047 b10-auth medium Dr. Jeffry A. Spain DNS Outstanding Tasks new Ability to control version.bind output Question from the users mailing list:

In bind10-devel-20120119, how can the response to ‘dig @server version.bind. CH TXT’ be disabled in a manner equivalent to ‘options { version none; };’ in bind9? Thanks.

https://lists.isc.org/pipermail/bind10-users/2012-February/000184.html

AFAIK this is not possible, but it should be easy and useful to add.
1672 defect 1329168961119532 1392912620635197 resolver low Jeffry A. Spain DNS Outstanding Tasks new b10-resolver crashing with status 11 when compiled with —enable-boost-threads In my most recent build of bind10-devel-20110119, built according to http://bind10.isc.org/wiki/SystemNotesUbuntuOneiric, b10-resolver is failing after being given the query ‘dig @localhost jaspain.net a’, or any query for that matter. Most of the installed prerequisites are newer versions than those in the standard Ubuntu packages that I have used previously with success, so I will try to figure out which one may be causing the problem. Based on the following log excerpts, if you have a sense of where the problem lies, would you please let me know. Thanks.

The following is log from bind10-users mailing list. https://lists.isc.org/pipermail/bind10-users/2012-February/000216.html
Apparently any query caused resolver to crash.



2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_ACCEPTED query accepted: ‘jaspain.net./A/IN’ from 127.0.0.1#37965
2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_NORMAL_QUERY processing normal query
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 2)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RECQ_CACHE_NO_FIND did not find in the cache, starting RunningQuery (resolve() instance 2)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone . in the NSAS
2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone .
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve <. IN NS> (resolve() instance 1)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_FIND_NS_ADDRESS asking resolver to obtain A and AAAA records for l.root-servers.net.
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.676 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone net.
2012-02-12 23:00:20.676 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 20 of sockets disconnected, considering all its sockets closed
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1855 of b10-resolver ended with status 11
2012-02-12 23:00:20.678 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 1855) failed with 11 exit status
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting
2012-02-12 23:00:20.678 WARN [b10-boss.boss] BIND10_START_AS_NON_ROOT_RESOLVER starting b10-resolver as a user, not root. This might fail.
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver
2012-02-12 23:00:20.685 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-resolver (PID 1867)


1674 defect 1329257610581110 1392912596662655 resolver low jreed DNS Outstanding Tasks new confusing CACHE_RRSET_REMOVE_OLD

2012-02-14 18:32:18.196 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ams.sns-pb.isc.org./AAAA/IN to make space for new one


Why remove old RRSet on first query?
1675 enhancement 1329296537935503 1394116664953487 Boss of BIND medium vorner Common Outstanding Tasks new Allow specifying count in an component configuration Currently, if a user wants to run multiple instances of a component (eg. an auth for each core), multiple copies of the component configuration must be specified in Boss/components. It would be more convenient to have a `count` configuration variable and the system would start so many instances by itself.

If the isc.bind10.components.Component class is modified to take care of multiple processes or if multiple component objects are generated from single configuration element is to be decided.
1676 enhancement 1329296772886889 1329823718431454 Unclassified medium vorner new Differentiate instances of the same components in logs If multiple instances of a single component are running, it would be convenient to differentiate them in logs in case the outputs are mixed up (eg. have b10-auth-1, b10-auth-2, etc).

This might turn out to be an easy extension of #1675, when the system knows it should start n instances of single component, it could provide a different number as a command line argument to each of the instances and the component would modify its name in logs according to this.
1677 enhancement 1329297072638129 1329390620126168 Unclassified medium vorner new Remove local log level constants We defined the consistent debug levels (eg. `DBGLVL_START_SHUT`). However, when switching to them, we just redefined the constants used in the existing code to point to these, like this:

#!c++
const int DBG_AUTH_START = DBGLVL_START_SHUT;


This should be cleaned up and the local constants replaced by the global ones. This should be an easy search&replace, but it could be convenient to split it up into multiple tickets by the components, to have smaller diffs to review.
1679 enhancement 1329298384374814 1336568071055568 Unclassified medium vorner new Auto-generate backtraces & crash reports It would be good if whenever a process crashes, a crash report with some useful information is produced and saved somewhere, noted in a log and the admin is asked to send it. The idea is to use whatever is available in the system to get the information, for example use gdb to attach to the process and get the information or use some built-in methods. The crashing process could have a handler for registered all reasonable fatal signals and call a shell script with it’s PID and name and the script would write down system information, call gdb on the PID, produce the backtrace, etc…

It might make sense to register the signals for python too (in case it crashes in the wrapper code) and make sure any uncaught exceptions are caught at the highest level and written down to a file.

I attach a file which does that (from one of my own projects), it is slightly different, it produces the backtrace to the screen and leaves the gdb running, but it can illustrate the idea. While this relies on having gdb installed on the system and having debug information compiled in (which we could enable by default), it would at least increase the chance of getting useful bug report and make it easier for a user to generate them.
1683 task 1329315225571717 1332237437723377 Unclassified medium shane shane new Review all Trac tickets We need to go through our tickets on the Trac site and check the status of them all. Here’s a link:

http://bind10.isc.org/query?status=accepted&status=assigned&status=new&status=reopened&status=reviewing&max=1000&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&col=component&col=time&col=changetime&col=feature&order=id

There are over 600, so this will take awhile. Spending a couple hours a day will hopefully get this done in a month or so.
1685 task 1329315368637216 1329315368637216 Unclassified medium shane new Document and test security procedures We need to write down how we handle security bugs discovered in BIND 10.
1689 defect 1329387513525977 1392999621271534 Unclassified medium shane DNS Outstanding Tasks new Handle RRSIG TTL properly when combining multiple RRSIG into a single RRSet Apparently we improperly modify the TTL when we are dealing with RRSIG within an RRSet. This came out of discussion on ticket #152:

MessageImpl::parseSection() would still need to consider RRSIG type covered when it combines multiple RRSIGs into a single RRset. That would go to a separate ticket.
1694 enhancement 1329402017073627 1330431728587315 bind-ctl medium shane new bindctl should be able to run when BIND 10 is down This is a result of a comment in ticket #304.

Basically, bindctl should be able to do some things when BIND 10 is not running.
1700 task 1329906336862876 1329906336862876 Unclassified medium shane new Trac ticket dependency plugin We should try to get one of the plugins which supports dependencies between Trac tickets
1706 defect 1329928997058676 1330431986105718 msgq medium jreed new msgq exiting early? socket.error: [Errno 104] Connection reset by peer


2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 23285)
2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-auth (PID 23286)
2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-zonemgr (PID 23287)
2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats (PID 23288)
Traceback (most recent call last):
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 1040, in
xfrout_server = XfroutServer()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 922, in init
self.cc.start
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 211, in start
self.
send_spec
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 389, in
send_spec
answer, env = self.
session.group_recvmsg(False, seq)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, in
receive_full_buffer
raise se
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.error: Connection reset by peer
Traceback :
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 692, in
zonemgrd = Zonemgr
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 517, in
init
self.
setup_session()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 536, in setup_session
self.
module_cc.add_remote_config(AUTH_SPECFILE_LOCATION)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 349, in add_remote_config
answer, env = self.session.group_recvmsg
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, in receive_full_buffer
raise se
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in
receive_full_buffer
self.receive_len_data
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in
receive_len_data
new_data = self.receive_bytes
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self._socket.recv(size)
socket.error: [Errno 104] Connection reset by peer
2012-02-22 11:20:34.443 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 23278 of msgq ended with status 0

1707 defect 1329939626794526 1394116855912999 b10-auth medium jreed DNS Outstanding Tasks new Default configuration was used when mistake in different configuration Default configuration was used when mistake in different configuration:


2012-02-22 13:09:04.846 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created
2012-02-22 13:09:04.855 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to open master file: /home/jreed/dnsbenchsuite/tests/root/root.zone.file-canonical
2012-02-22 13:09:04.887 INFO [b10-boss.boss] BIND10_SOCKET_GET requesting socket [::]:53 of type TCP from the creator
2012-02-22 13:09:04.888 ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 13/Permission denied
2012-02-22 13:09:04.889 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”)
2012-02-22 13:09:04.889 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load of configuration failed: Server configuration failed: “Error creating socket on bind”



The only change was the wrong name of the database filename. The config is:


{version 2, Auth {datasources [{zones [{origin “.”, file “/home/jreed/dnsbenchsuite/tests/root/root.zone-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]}}


So why did the second error above happen? Why did it use port 53?

Once I renamed the file, it started fine using port 5300 as expected.

I am not sure if this problem is in cfgmgr or auth.
1709 task 1330001822014872 1336467375269802 dhcp medium stephen DHCP Outstanding Tasks new Consider alternatives to IOAddress for DHCP DHCP code needs to get to low-level features of the address object and often needs to know if it is V6 or V4 and get information depending on the result. For this reason, a general IOAddress may not be the best address abstraction to use in DHCP. This ticket will propose an alternative.
1710 enhancement 1330003336406236 1330432045258370 bind-ctl low vorner new Sort output of config show Just look at config show of, let’s say, Boss/components. The components are not sorted, which makes it harder to get oriented in the output.
1716 defect 1330094081569678 1366910527020037 Boss of BIND very low jreed new use DEBUG for BIND10_LOST_SOCKET_CONSUMER and BIND10_SOCKET_CREATED instead of INFO 2012-02-24 08:13:53.616 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 23

2012-02-24 08:24:35.165 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 23 of sockets disconnected, considering all its sockets closed

Please use DEBUG instead.

(Also it would be nice if the “consumer 23” was identified by name or PID.)
1718 defect 1330109246747787 1330432064257185 data source low jreed new null data source From January 2012 face-to-face meeting:

Idea: create a null data source to check efficiency of the code. A null data source could also serve as an example if people want to build their own.
1719 task 1330109811186048 1330109811186048 Unclassified low jreed new Test with bad packets See #703

Automate tests/tools/badpacket to test auth and resolver with bad packets
1720 task 1330111359741972 1330111359741972 Unclassified medium jreed new add profiling make target As discussed at January 2012 face-to-face, make a —with-gprof configure option, and a make profile target which runs query_bench with some set of data.
1723 enhancement 1330524467215903 1331636636281371 statistics low jreed new access to stats via bindctl It is not very intuitive for accessing stats. For example to see some entries I tried: Stats show Auth rcode, Stats show Auth.rcode, Stats show auth.rcode.nxrrset, and some others before I learned that I should use “Stats show Auth rcode.refused”

I suggest we allow showing a group of stats like Stats show auth, Stats show auth.rcode, and specifically like Stats show auth.rcode.nxrrset.
1724 enhancement 1330524561795476 1331636645298930 statistics low jreed new access to stats via stats-httpd This is related to #1723, but want same for the HTTP interface. It would be nice if the following would work to show all items under auth.queries.

http://n10.isc.org:8000/bind10/statistics/xml/Auth/queries
1729 defect 1330530157958703 1331571605832006 statistics medium jreed new cc session timeout causes noisy traceback from b10-stats-httpd
Traceback (most recent call last):
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 827, in
stats_httpd = StatsHttpd
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 187, in
in it
self.open_mccs
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 199, in open_mccs
SPECFILE_LOCATION, self.config_handler, self.command_handler)
File “/home/jreed/src/bind10/src/lib/python/isc/config/ccsession.py”, line 186, in
init
self.
session = Session(socket_file)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 57, in init
env, msg = self.recvmsg(False)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 218, in
receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out
Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘_session’” in > ignored
2012-02-29 15:27:37.994 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 13233 of b10-stats-httpd ended with status 256


This is due to same problem as #1726.

But I open a new ticket since I think its failure should be friendlier, such as:


2012-02-29 15:27:46.824 ERROR [b10-xfrin.xfrin] XFRIN_UNKNOWN_ERROR unknown error: recv() on cc session timed out


or


2012-02-29 15:27:46.854 ERROR [b10-zonemgr.zonemgr] ZONEMGR_SESSION_TIMEOUT timeout on session to command channel daemon


By the way, those two examples maybe should use identical format for same error?

So original problem to be fixed in #1726. Make the output clean in this ticket.
1730 defect 1330531611749244 1332509420767998 Unclassified medium jreed new OpenBSD meta ticket OpenBSD openbsd5-64 5.0 amd64

But it is not enabled in the build farm yet due to some issues:

system include header ordering needs
#1644

incomplete pc file for botan and wrong filename for botan-config
#1640

perfdhcp.c uses pselect
#1639

IntervalTimerTest.invalidArgumentToIntervalTimer failure
#1727

python import and versioned modules
#1728

HashTest tests fail on OpenBSD
#1812

IfaceMgrTest.sendReceive6 test hangs on OpenBSD
#1824

CC Session timeouts / ConfigManager not responding (on OpenBSD)
#1829

install-sh issue on OpenBSD
#1835
1734 defect 1330551648536980 1331571692456641 Boss of BIND medium jreed new ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component … failed with 0 exit status I noticed this when I restart resolver and auth as in #1733.

I did:


> Resolver shutdown
> Auth shutdown


The logs showed:



2012-02-29 15:23:40.820 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “stopping”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’
2012-02-29 15:23:40.820 INFO [b10-resolver.resolver] RESOLVER_SHUTDOWN resolver shutdown complete
2012-02-29 15:23:40.827 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Resolver’ was sent
2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 11275 of b10-resolver ended with status 0
2012-02-29 15:23:40.828 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 11275) failed with 0 exit status
2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting


Notice the “ERROR” for 0 exit status. That seems wrong. I don’t see any error here.

Then:



2012-02-29 15:23:45.847 DEBUG [b10-auth.datasrc] DATASRC_SQLITE_CLOSE closing SQLite database
2012-02-29 15:23:45.848 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache
2012-02-29 15:23:45.848 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Auth’ was sent
2012-02-29 15:23:45.868 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 17 of sockets disconnected, considering all its sockets closed
2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 12084 of b10-auth ended with status 0
2012-02-29 15:23:45.870 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth (pid 12084) failed with 0 exit status
2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-auth is starting


Same thing again: ERROR for 0 exit status.

These don’t seem to be errors to me.
1737 enhancement 1330563639383383 1331636855978016 statistics low jreed new store statistics data on shutdown Feature request: store statistics data on shutdown and maybe re-use it on next startup. Not sure yet. Just opening this ticket so this idea can be recorded.

This is not a high priority, since other tools can fetch the XML and then manage how they want.
1740 defect 1330640620273079 1331577732027152 bind-ctl medium jreed new bindctl crash on stats set
> Stats set Boss boot_time 2012-02-03T22:49:49Z
Traceback (most recent call last):
File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_Stats’

During handling of the above exception, another exception occurred:

Traceback :
File “/home/reed/opt/bind10/bin/bindctl”, line 149, in
result = tool.run
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run
self.cmdloop
File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd
Cmd.onecmd
File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default
self.
parse_cmd(line)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 568, in parse_cmd
self.
validate_cmd(cmd)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 399, in _validate_cmd
cmd.params[param_name] = isc.config.config_data.convert_type(param_spec, cmd.params[param_name])
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 112, in convert_type
map = ast.literal_eval(value)
File “/usr/pkg/lib/python3.1/ast.py”, line 49, in literal_eval
node_or_string = parse(node_or_string, mode=’eval’)
File “/usr/pkg/lib/python3.1/ast.py”, line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File “”, line 1
boot_time2012-02-03T22:49:49Z
^
SyntaxError: invalid token


Here is another different example:



File “”, line 1
last_update_time“2012-03-01T22:21:42Z”
^
SyntaxError: invalid syntax
1742 enhancement 1330693514506461 1331038947010571 message-library low stephen new Have message compiler exit with an error if a duplicate message ID is detected Ticket #1741 reports a case where a duplicate ID is used in a message file. This was only noticed by chance, as the message compiler outputs a warning message but otherwise exits normally.

The message compiler should be modified to output an error message when this condition is detected, and to exit with a non-zero status. That would cause a build to stop when a duplicate ID is found and so make the problem more obvious.
1743 task 1330700156041242 1391544186391937 data source medium jreed new [meta] support NSEC in in-memory datasource NXDOMAIN result only returns RRSIG for the SOA, but no NSEC.

(Additional task is lettuce test(s) — open new tickets as needed.)
1753 task 1330793748465085 1392999461740805 data source medium jinmei jinmei DNS Outstanding Tasks assigned use object pool for in-memory finder contexts By default ZoneFinder::Context needs to be allocated from heap
(by `new`) for every call to find(). The cost would not be negligible
for performance sensitive version like the one for the in-memory data
source.

I’d suggest introducing an object pool such as boost::object_pool
so the major resource of Context can be resused over multiple calls to
find(). I’d maintain the pool in the `InMemoryClient` that created
the finder and use the same pool for all zones.

The in-memory version of Context class will need to be “resettable” so
we release resources in the context when it goes back to the pool.
It will also require some modifications to the base Context call.
1755 defect 1330939939098902 1347891866607468 data source medium jinmei new “ANY_SUB” query in sqlite3_accessor needs to be updated See https://lists.isc.org/pipermail/bind10-dev/2012-March/003167.html

In short:
- we need to revise the query so ‘' will be placed last (and so we'll<br> probably have to use rname instead of name)<br>- let the caller append the '’

I also wonder whether this can correctly detect the following case:
Zone has b.example.com.
*.example.com.
Query a.b.example.com must result in NXDOMAIN, not wildcard match.
It’s nicer if we can confirm that too.
.
1761 enhancement 1331030390320577 1331635774132797 data source medium shane new Change the SQLite data source so that it supports binary labels See the thread started here:

https://lists.isc.org/pipermail/bind10-dev/2011-September/002630.html
1765 defect 1331144039722679 1331636583333687 bind-ctl medium jreed new config go, then config show datasources does no work

> config go Auth
/Auth> config show
database_file listen_on
datasources statistics-interval
/Auth> config show datasources
/Auth> config show Auth
/Auth> config show /Auth
Error: Auth not found
/Auth> config show data
database_file datasources
/Auth> config show_json
{datasources [{zones [{origin “smallzone”, file “/home/jreed/dnsbenchsuite/tests/smallzone/master.zone.file-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]}
/Auth> config show datasources
/Auth> config go /
> config show Auth/data
database_file datasources
> config show Auth/data
database_file datasources
> config show Auth/datasources
Auth/datasources[0]/type “memory” string
Auth/datasources[0]/class “IN” string (default)
Auth/datasources[0]/zones/ list
>



(notice tab completion in output above)

An additional problem is config show /Auth doesn’t work.
1766 enhancement 1331158406719092 1331636915476954 data source low jinmei new placeholder: python binding for ZoneFinder::Context It’s currently only in C++.

As discussed in http://bind10.isc.org/ticket/1607#comment:11
python binding wasn’t provided because it was not clear if we need it.

This ticket is a placeholder for it so we can revisit this point later.
1770 enhancement 1331287704347235 1396529381183472 xfrin medium jelte DNS Outstanding Tasks new xfrin command to show transfers in progress
It would be nice to have a command that shows transfers in progress in the xfrin module; possibly with some extended information from the information collected in #1280.
xfrin bindctl
1776 task 1331719471784379 1331917664425822 build system medium UnAssigned shane assigned git repository should set version to something Jeremy proposed that we should set the version string in our software to something. Right now it is whatever the last release was, or sometimes updated since then, but it is not helpful and sometimes misleading. Some notes are available in our [wiki:WeeklyMinutes20120313#Versioninthemasterconfigure.acJeremy5minutes meeting minutes].

Ideally we would set the version string to something like:

git-259eea4da2d634ee7cbf28eb34ac076d2a8ed50d

We would need a way to override this on our release branches, of course.

If we cannot do that, then possibly using just “git” or “master” as the version identifier is okay.
1777 enhancement 1331733353163112 1336592052344382 Unclassified medium jelte new resetting vectors in auth::Query
#1747 and its predecessors introduced three vectors for storing the rrsets that get added to response messages. These vectors currectly get reserved to contain 64 rrsets each, but in theory they might grow. It was suggested that if they ever become larger than this, it might be good to reset them (back to a reserved size of 64, or whatever value turns out to be good).

The idea is that if they are abnormally large, the are replaced by new vectors during reset(). In normal cases this wouldn’t happen (and the overhead is a size check for each). If much larger, the replacement should clear up unused memory for these.

But see the discussion in #1747
1797 defect 1331972495039357 1392811741870737 b10-auth medium jinmei DNS Outstanding Tasks new CNAME should include auth and additional b10-auth doesn’t include the authority and additional section
in the case of CNAME. This does not necessarily be incorrect per
the spec, but I don’t think it’s intentional but rather a bug.

I propose we handle it just like the SUCCESS case. (As a bonus)
this will also make the big, ugly switch of Query::process()
a bit more concise.

This should be a pretty easy task.
1801 task 1331999509260329 1336748005828429 Unclassified medium jelte new NSEC in-mem; lettuce tests for NSEC responses
Create lettuce tests for NSEC responses. On the one hand it should be relatively easy; the framework is already there (we have lettuce tests for NSEC3). OTOH, there may not be a clear (rfc-based) list on what tests to write.

Technically, this depends on #1800 (and #1799 and #1798), but in theory these could be written in parallel (or even before; BDD-style).
1811 task 1332132785079358 1336577058868652 Inter-module communication medium naokikambe new Consider how to address multiple instances As a result of #1751, each auth instance uses its own PID for addressing itself so that stats would identify one of multiple auth instances. But that way is a short-term narrow solution as discussed in [comment:ticket:1751:10]

Furthermore we need a long-term wide solution, not only between auth and stats, for addressing multiple instances.
1817 task 1332236902882641 1336577260560153 data source medium vorner new Cleanup object for SQLite3 statements We manually reset a SQLite3 statement each time it is used. This is both little bit too much code and can keep the statement not reset on some unexpected exception (which is not fatal, as we reset the statement before use again, but it is clearly not optimal).

The task is to create a class that would hold the statement and reset it on destruction and use it to hold the statements inside the methods using them.
1821 defect 1332341006212027 1336577914147394 Unclassified medium jreed new inconsistent verbose logging Some components honor a -v (or —verbose) switch to enable maximum debug logging.

But not all is set to maximum. For example, it provides complete logging for “auth” but not “datasrc”.

This is confusing.

One fix is to either clearly document this. Another fix is to make everything “*” logged at DEBUG 99 when using —verbose.
1822 task 1332342771530688 1336577964165257 logging medium jreed new review logging details The task(s) to review existing logging was discussed at the January 2012 F2F. http://bind10.isc.org/wiki/January2012MeetingMinutes#LoggingIssues

This probably needs to be broken up into separate tasks maybe by component level.

This is to:

Review readability and understandability of the log descriptions.

Confirm that the log severity is correct.

Confirm that debug levels are correct (for example 30 and below is useful for admins, but we have non-developer details at higher levels).

Do we have excess messages? Too many messages for same issue?

Missing useful logging?
1827 defect 1332430142589214 1340809921054942 build system medium UnAssigned muks new Install bind10 shared objects and other resources in versioned directories bind10 modules (.so) used to have a version in their filenames. Due to issues on OpenBSD, now they’re created without the version. Currently, bind10 modules are installed in `$prefix/libexec/bind10-devel/modules` whereas they should be installed in `$prefix/lib/bind10-devel-/modules` (note the change from libexec to lib and the version added to the directory name). The same should be done for the installation paths of any version-specific resources.

Whether we want to implement this should be discussed, and a list of what all need to be versioned should be made. This work would involve build system changes and also some minor changes to code for using the correct paths.
1830 defect 1332444460478829 1336644551015538 Unclassified medium jreed new traceback in cfgmgr shutdown The initial problem was caused by some cc session timeouts / cfgmgr not listening as seen in ticket #1829. But shutdown stills seems wrong:


2012-03-22 19:11:34.701 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component cfgmgr is being stopped
2012-03-22 19:11:34.702 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking cfgmgr to shut down

2012-03-22 19:11:35.729 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to cfgmgr (PID 25628)

2012-03-22 19:11:35.832 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to b10-cmdctl (PID 7154)
2012-03-22 19:11:35.837 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to msgq (PID 16242)
Traceback (most recent call last):
2012-03-22 19:11:35.842 File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 107, in
sys.exit(main())
INFO File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 95, in main
cm.run()
[ File “/home/jreed/src/bind10/src/lib/python/isc/config/cfgmgr.py”, line 526, in run
b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to cfgmgr (PID 25628)
2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 7154 of b10-cmdctl ended with status 9
2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 25628 of cfgmgr ended with status 9
2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 16242 of msgq ended with status 9
2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete


(Notice how logs are mixed. That is ticket #1704)
1835 task 1332509337004142 1389102214188351 build system medium jreed jreed accepted install-sh issue on OpenBSD

/bin/sh /bin/sh /home/jreed/src/bind10/install-sh d
//home/jreed/opt/bind10/var/bind10-devel

Caused by:
$c m 644
install_sh_PROGRAM = ${SHELL} $
c
install_sh_SCRIPT = ${SHELL} $(install_sh) c
mkinstalldirs = $ $
d
install_sh = ${SHELL} /home/jreed/src/bind10/install-sh


$ /bin/sh /bin/sh
/bin/sh[2]: syntax error: `(’ unexpected


The problem is caused by http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-lib_am_header-vars_am and http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-automake_in

I reported this to their ports team. I am opening this ticket to track it from our side too.
1837 task 1332770526219153 1336652421972022 Unclassified medium jelte new log/print b10-dbutil command when db is out of date
If any module (most probably b10-auth) finds that the sqlite3 database it is trying to use is out of date, it should log (or print, if it is a printed error) the command needed to upgrade it, including the full path to the database file(s)

e.g. ‘please run b10-dbutil —upgrade /foo/bar/bind10-zones.sqlite3’
1840 task 1332841559982496 1336654818626401 Unclassified medium jelte new handling several databases at once in b10-dbutil
Right now b10-dbutil can only upgrade one database at a time. It was suggested that it should perhaps be able to do multiple (as you can technically have several database backends at the same time). But it did not seem much of a priority when doing #963, so here is the deferred task.
1841 task 1332841736950079 1336745465447674 Unclassified low jelte new port b10-dbutil tests to lettuce
The tests created for b10-dbutil in #963 were done in shellscript. We should port them to lettuce tests (these really are system tests anyway)
1842 task 1332850908086397 1336654981957369 Unclassified medium vorner new Integrate the b10-dbutil into system start Currently, if the database schema is old, the system starts, but will complain about the problem somewhere in the middle of logs. That is too late.

We should integrate a call to `b10-dbutil —check` into the startup, before anything that would provide service is attempted and if it fails, don’t attempt to start it. This task will probably need to be split into smaller ones:
* Support for „synchronous“ commands in the boss (currently, a component is forked off and we don’t care much any more until it fails, but this should start it and wait for the process to terminate, either successfully or fail).
* Add support to dbutil to read the list of databases from configuration through the message queue.
* Include the dbutil invocation in the guide how to enable and start auth.
1844 defect 1332851322907622 1336655517870037 bind-ctl medium vorner new The config unset help is wrong If I execute the above command, it prints this:

> config unset help
Command unset (Unset a configuration value (i.e. revert to the default, if any).)
help (Get help for command)
Parameters:
identifier (string, mandatory)
The identifier specifies the config item. Child elements are
separated with the ‘/’ character. List indices can be
specified with ‘[i]’, where i is an integer specifying the
index, starting with 0. Examples: ‘Boss/start_auth’,
‘Recurse/listen_on[0]/address’. If no identifier is given,
shows the item at the current location.


Which is wrong for several reasons:
* The examples are outdated, these no longer exist.
* It says it is mandatory, but still includes the „If no identifier is given“ condition.
* Talks about showing the item, not clearing it.
1848 defect 1332859129521998 1355947936419631 Unclassified medium jreed new msgq disappeared causes great shutdown confusion I received:


2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared


I don’t know what caused this. This ticket is mostly about what happens next. It is “fatal” so boss starts a BIND10_SHUTDOWN as expected.


2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared
2012-03-27 07:22:22.964 INFO [b10-boss.boss] BIND10_SHUTDOWN stopping the server
2012-03-27 07:22:22.965 ERROR [b10-boss.config] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_CONFIGURATOR_STOP bind10 component configurator is shutting down
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component Socket creator is being stopped
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_SOCKCREATOR_TERMINATE terminating socket creator
Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in
sys.exit(main())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main
cm.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run
answer = self.handle_msg(msg);
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg
2012-03-27 07:22:22.967 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component msgq is being stopped
answer = self.handle_module_spec)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, in
handle_module_spec
spec.get_full_spec())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in send_module_spec_to_cmdctl
self.cc.group_sendmsg
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg
}, isc.cc.message.to_wire)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg
cc = self.
socket.send(data)
socket.error: [Errno 32] Broken pipe
2012-03-27 07:22:22.967 ERROR [b10-auth.cc] CC_READ_ERROR er2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component b10-auth is being stopped
2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking b10-auth to shut down
2012-03-27 07:22:22.977 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 7 done
ror reading data from command channel (End of file.)2012-03-27 07:22:22.977 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
2012-03-27 07:22:22.977 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe

2012-03-27 07:22:22.980 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-27 07:22:22.982 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
2012-03-27 07:22:22.982 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe
2012-03-27 07:22:22.970 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.)
2012-03-27 07:22:22.984 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56861 of b10-auth-4 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56860 of b10-auth-2 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56859 of b10-auth-3 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56858 of b10-auth ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56851 of cfgmgr ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56850 of msgq ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56849 of Socket creator ended with status 0
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete



The above is much to noisy and doesn’t give me much clue on what happened.
1849 defect 1332876790346463 1336661869166721 Unclassified medium jreed new traceback in msgq self.sendbuffs (as previously mentioned in #1847)

This is on the macmini system:


Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 551, in
msgq.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 460, in run
self.run_poller()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 479, in run_poller
self.process_write
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 391, in
process_write
(_, msg) = self.sendbuffs[fileno]
KeyError: 8323074


I have it configured for four b10-auth components. This happens maybe one out of every five times I try. I have seen it maybe 6 times.
1850 defect 1332877306895467 1336729330422770 Unclassified medium jreed new core dump at isc::server_common::portconfig::installListenAddresses when Error while reading data from cc session on macmini:

core from b10-auth


#0 0x930a3176 in __kill ()
#1 0x930a3168 in kill$UNIX2003 ()
#2 0x9313589d in raise ()
#3 0x9314b9bc in abort ()
#4 0x00653347 in isc::server_common::portconfig::installListenAddresses ()
#5 0x0000d29d in AuthSrv::setListenAddresses ()
#6 0x0001bccc in (anonymous namespace)::ListenAddressConfig::build ()
#7 0x0001b0e3 in configureAuthServer ()
#8 0x0000dce6 in AuthSrv::updateConfig ()
#9 0x00024f89 in (anonymous namespace)::my_config_handler ()
#10 0x00396760 in isc::config::ModuleCCSession::handleConfigUpdate ()
#11 0x003985c1 in isc::config::ModuleCCSession::ModuleCCSession ()
#12 0x00025846 in main ()


This was configured with four b10-auth components.

I think the corresponding logging is:


2012-03-27 12:32:10.427 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file.


There were several “Error while reading data from cc session” and CC_READ_ERROR and a traceback in b10-cfgmgr at same time:


Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in
sys.exit(main())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main
cm.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run
answer = self.handle_msg(msg);
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg
answer = self.handle_module_spec)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, in
handle_module_spec
spec.get_full_spec())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in _send_module_spec_to_cmdctl
rver_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file.
self.cc.group_sendmsg(spec_update, “Cmdctl”)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg
2012-03-27 12:32:10.427 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth-4 (pid 34532) failed: process exited normally with exit status 256
}, isc.cc.message.to_wire(msg))
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg


(note that some regular logging is mixed in above)
1851 defect 1332881865392315 1360930892151771 Unclassified medium UnAssigned jreed assigned finding python modules should not append for example my installed bind10 has:


import sys; sys.path.append (‘/var/users/jreed/dnsbench/work/master/201203272003
37/install/lib/python3.1/site-packages’)

from bind10_config import LIBEXECPATH


But the LIBEXECPATH is defined from the /usr/local/lib/ version of bind10_config.py and not my version in my path above.

This causes all types of confusion when communicating with wrong msgq and cfgmgr so gets wrong configurations.
1854 enhancement 1332944504898895 1336730512437894 Unclassified medium jreed new directory for configuration files Currently for in-memory datasource (and other configurations), the file may be an absolute path to the master zone file or it is relative to the directory BIND 10 is started from.

That behavior may be dangerous I think since you never know where the admin will be located when running bind10 boss.

But it is useful for testing.

We should have some default directory configurable.

And if not set this means relative. (jelte’s idea from jabber) (Or maybe set to “.” for relative?)
1855 defect 1332945511404703 1336730692492694 Unclassified medium jreed new Error: Unknown configuration identifier: datasources/ Reporting error… should say what is missing or wrong:



> config set Auth/datasources[0]/type “”
> config commit
Error: Unknown configuration identifier: datasources/
Configuration not committed



2012-03-28 10:17:07.641 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Unknown configuration identifier: datasources/
2012-03-28 10:17:07.642 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Unknown configuration identifier: datasources/


I was attempting to change a working “memory” zone to “” to disable it (as a test).
1859 defect 1333031352406559 1336731045404127 Unclassified medium jreed new many auth servers results in Unable to open domain socket on macmini I can reproduce the following frequently on the macmini system by attempting to run around 15 b10-auth components:



2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 19, to “4f746d5e_12@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3455974382” } ] }’)
2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 18, to “4f746d5e_11@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3513635662” } ] }’)
2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused
2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused
2012-03-29 07:10:38.819 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 37


Other times I get other failures like in #1850 or like:



2012-03-29 07:13:47.201 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.)
2012-03-29 07:13:47.201 DEBUG [b10-auth.cc] CC_DISCONNECT disconnecting from message queue daemon
2012-03-29 07:13:47.202 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-29 07:13:47.202 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache


(Also often my sockcreator is left running.)

I used the following script to generate my configuration:



#!/usr/bin/awk -f

BEGIN{

print “{ersion 2,”;

print “uth {atasources [”;
print “{ones [{rigin xample ile ests/smallzone/master.zone.file-canonical}], ype emory}],”;
print “isten_on [{ort 5300, ddress 27.0.0.1}]},”;

print “oss {omponents {”;

for (i = 1; i <= ARGV[1]; i++) {

print “10-auth-” i “ {ind eeded pecial uth}”;

if (i < ARGV[1]) { print “,”; }

}

print “
”;

}



The command line argument is the number of b10-auth components to run.

I think this is a macmini or portability issue. I can run 50 of the b10-auth server components on Linux fine.

1861 defect 1333129676122232 1350619070112693 data source medium jinmei new SQLite3 DB creation code should be consolidated With the introduction of b10-dbutil, we now have 4 places that create
initial DB file for the SQLite3 data source:
- isc.datasrc.sqlite3_ds Python module (used by b10-loadzone)
- two places in C++ libdatasrc (old and new APIs)
- b10-dbutil (although, technically, it only does ‘upgrade’ rather than ‘create’)

This is obviously bad. Although some of the above will be retired
(hopefully) soon, we should basically maintain the DB schema only in a
single place.

My suggestion is to introduce a python module that defines the latest
SQLite3 schema, and have dbutil use it. b10-dbutil wold also have a
“create” option, and on ‘make install’ we not only check compatibility
but also create a new one if the DB file doesn’t exist.

After that, remove the DB creation code from libdatasrc.
1862 enhancement 1333129799230681 1336126333995496 data source medium jinmei new have b10-dbutil reports upgrade progress It could take long time to upgrade a large SQLite3 DB file to
a new version. It would be nice if it could keep showing the progress
like b10-loadzone.
1864 defect 1333137073260916 1336731070940783 Unclassified medium jreed new bindctl help help is indented too many help in bindctl shows indented “help”. It has one too many tabs:


$ echo Stats show help
bindctl cat -tv
Command show I (Show the specified/all statistics data)
I^Ihelp (Get help for command)
Parameters:
owner (string, optional)
module name of the owner of the statistics data
name (string, optional)
statistics item name of the owner

Exit from bindctl
1865 task 1333139411442035 1336126350407522 libdns++ medium UnAssigned jinmei new python wrapper for findNSEC3 Not for any urgency, but for completeness. Shouldn’t be difficult.
1867 task 1333175462970721 1394116865894633 b10-auth medium jinmei DNS Outstanding Tasks new use util::io::SocketSessionForwarder for passing xfr from auth to xfrout I believe this will also help resolve various issues in xfrout such as
busy loop-like problem. Both auth and xfrout need to be updated, but
that will probably be too big for a single task, so I propose we first
update auth, only with unittests, and keeping the current code for the
actual operation. xfrout part is #1868.

Once the xfrout part is completed, we’ll switch the auth part too.
1868 task 1333175654854404 1334677602625827 xfrout medium jinmei new use SocketSessionReceiver for receiving xfr messages from b10-auth at xfrout This is the xfrout part of #1867 (and depends on it).

With this change, we can also eliminate the