bundy

Old BIND 10 trac ticket database

Below is a table created from the trac SQLite3 database containing the status from April 2014. The HTML table only contains the non-closed tickets, but the CSV-File contains the whole dataset.

We're manually migrating the open tickets over into the github ticket system. If you want to help with this work, please let us know on the mailing list.

CSV-Versions of the BIND 10 ticket database: bind10-201404-tickets.csv.gz

id

type

time

changetime

component

severity

priority

owner

reporter

cc

version

milestone

status

resolution

summary

description

keywords

56

enhancement

1267141993000000

1329823707585229

libdns++

low

UnAssigned

jinmei

assigned

revisit rdata::compareNames()

we may want to move rdata::compareNames() to the name module (name.{h.cc}), and may even want to make it a member function of the Name class. Opinions vary, but not critical, so we’ll revisit this as a post-year1 thing. see also http://bind10.isc.org/ticket/48

78

task

1268145199000000

1329304126421309

build system

low

jreed

jreed

assigned

use py-compile for the src/bin python programs

I am committing improvements for Makefile.am for the src/lib/python modules so they will use the py-compile. Get that by doing “autoreconf —install”. This makes it so the installation gets the compiled pyc and pyo optimized versions. Next part is to handle the src/bin/ python programs, but some go to libexec. I am opening this ticket as a reminder to do this sometime later.

81

enhancement

1268404649000000

1384857722783308

bind-ctl

low

jreed

new

non-interactive bindctl with commands on shell command line

Please extend bindctl to offer non-interactive support, such as shell command line: $ bindctl config Auth/databasefile path_to_file

102

enhancement

1268858126000000

1391267820368510

Unclassified

low

jreed

new

reporting versions

Make sure all executables report versions. And have bind10 report versions for all its managed components when running modules as daemons or justy to get versions without running serbices.

134

defect

1270562244000000

1394116188229075

Boss of BIND

low

UnAssigned

jreed

DNS Outstanding Tasks

assigned

Boss more careful shutdown

I had an b10-xfrout running since March 23 (with nothing else using it). I couldn’t kill it except with SIGKILL. Here is a bind10 shutdown (for a different xfrout): Sending SIGTERM to b10-xfrout (PID 1267). Sending SIGTERM to b10-cfgmgr (PID 15979). Process b10-cfgmgr (PID 15979) died. Sending SIGKILL to b10-xfrout (PID 1267). Process b10-xfrout (PID 1267) died. This ticket is opened to track down why b10-xfrout won’t exit on its own.

189

enhancement

1274278300000000

1330701629241613

Unclassified

low

jreed

jreed

assigned

install pkg-config .pc files for libdns, libexceptions, others

194

task

1274419118000000

1300972860628475

xfrin

medium

UnAssigned

jinmei

new

RR class for xfrin should be specifiable

Right now we can only specify the zone name via the command channel for xfrin. At least the RR class (whose default should be IN) should be able to be specified. If/when we support something like views, the view name should also be specifiable. See also trac #185 and r1889. I’ll keep this ticket in the backlog.

208

enhancement

1274910195000000

1300972860628475

Unclassified

low

jinmei

new

make b10 programs runnable standalone

For convenience of dvelopment we should: - allow individual b10-xxx programs in a stand alone mode - (to do this) add some kind of option to bypass the need for establishing a connection to msgq - (also to do this) if/when we develop a separate socket creator process, add some kind of option so that each b10-xxx program can directly open the necessary sockets (we should provide some abstraction to mimize the work at the client side and to avoid code duplication) A backlog item.

212

enhancement

1275285934000000

1394116215928464

Boss of BIND

low

shane

Common Outstanding Tasks

new

Move everything but main() and signal handling to separate file for BoB

At some point it was decided to move everything possible out of the Python .in file. I don’t remember the reason for this, but it is so. This may or may not be related to ticket #24.

230

enhancement

1275944895000000

1394116237014355

Boss of BIND

medium

larissas

Common Outstanding Tasks

new

BoB Sequenced Startup

BoB: do not start other processes until specific processes are started (sequenced startup) (3 days) (Task 93)

236

enhancement

1276134964000000

1329313637893391

xfrout

low

UnAssigned

zhanglikun

new

Rename UNIX_SOCKET_FILE and libxfr

This ticket derives from ticket #224. Following is Jelte’s comment. Only comment is that I think UNIX_SOCKET_FILE is a bad name, since this is specifically for libxfr (which is also a bad name imho). But that may be another ticket (and i want to get the python wrappers merged first, so I suggest we create a separate ticket for this). Oh and while we’re at it, should that be a configurable value or do we consider this ‘core and unchanging’?

237

task

1276617475000000

1276617475000000

bind-ctl

low

jreed

new

more unittests for bindctl

The following don’t appear to receive any testing: src/bin/bindctl/mycollections.py replacement for OrderedDict? src/bin/bindctl/bindctl-source.py (.in) This is the tool itself. I’d like to change the original source file name too.

239

task

1276617843000000

1392912273398470

loadzone

low

jreed

DNS Outstanding Tasks

new

need more unittests for loadzone

need tests for src/bin/loadzone/b10-loadzone.py and maybe also src/bin/loadzone/init.py

240

task

1276617887000000

1276617887000000

cmd-ctl

low

jreed

new

need tests for src/bin/usermgr/b10-cmdctl-usermgr.py

src/bin/usermgr/b10-cmdctl-usermgr.py needs unit tests

243

enhancement

1276766664000000

1364222734133948

configuration

low

UnAssigned

jelte

assigned

Put spec files together in source tree

Originally, the idea of the .spec file was to have one single thing that a new module could simply send to the configuration manager or other interested software pieces, that described what the module expects and can handle in terms of commands an configuration. The idea was that on startup, it reads in this file, sends it to ConfigurationManager, and all would be fine. However, we’re running into a few snags. One is that other modules might need a configuration value of another module (e.g. xfrin needs the location of the database_file from auth right now, this example may change in the future but there will probably be others). For that we have the add_remote_config() and get_remote_config_value() functions in CCSession. However, since the only real fixed pointer to what may be in the config is this spec file, the module wanting data from another must have access to it. Which isn’t necessarily a problem, but the location of the file might be when we run from source tree (in which case all spec files are in different locations, and we now end up with hardcoded src/bin/auth paths etc.). Another thing that arised is that we might need to change configuration of modules that aren’t running, and while we can do that now, there is no checking done on the values. If we wanted to do that, we’d have to hand-add all specfile locations or do some scary recursive directory search. Therefore I propose to put all spec files in the source tree in one specific directory (like they would be when installed), so the manager can simply read all of them out, and the modules only need to know the file name, not the location. This would also be a nice first step to have ‘offline’ access to these things (the API that loadzone would (perhaps indirectly) use for instance)

282

task

1278425871000000

1329397512026858

data source

medium

larissas

new

BDB style Datasource

Task #9 from Face to Face BDB style Datasource including the config file and tests

287

enhancement

1278701543000000

1330430993084351

Inter-module communication

medium

UnAssigned

jinmei

assigned

revisit cc::Session establish/disconnect mode

[background: a review comment in Trac #275: http://bind10.isc.org/ticket/275#comment:7] We may have to revist the C++ API of how to establish cc::Session: - we should clarify who is responsible for establishing the session, especially if the session object is passed to a different module - we may want to detect an attempot of doubly establishing a session - same for disconnect - same for other operations that require an established session: send/receive, etc. should we support automatic session establishment? Another planned refacotring with a generalized ASIO link may affect the design decision on these. A backlog item.

295

defect

1280254567000000

1392999357289824

data source

low

UnAssigned

jreed

DNS Outstanding Tasks

assigned

allow loadzone/datasrc to support different classes

The python code at src/lib/python/isc/datasrc/master.py has if rrclass.lower() != ‘in’: raise MasterFileError(“CH and HS zones not supported”) Even when commented out, b10-loadzone will load a CH zone as IN.

317

enhancement

1282609695000000

1300972860628475

libdns++

low

UnAssigned

jinmei

assigned

suggested cleanups for the python bindings of libdns++

- we should use stricter compiler warnings - we should use unnamed namespace instead of translation unit (.cc)specific static variables and functions some method functions can be more “constified”. for simple functions like those in these wrappers this may not be a big deal, but it’s generally a good idea.

318

defect

1282744988000000

1329406398663530

Unclassified

low

stephen

stephen

assigned

MSVC+ detected errors and warnings in libdns+

I’ve run the libdns+ code in revision 2798 of the trunk through the Microsoft Visual C+ compiler and it has thrown up a number of warnings and errors. Those that are relevant to the Unix version of BIND are listed below; the more Windows-specific erors (e.g. use of a function for which there is no equivalent in Windows) will be the subject of another ticket. ‘’’src/lib/dns/rdata/generic/dnskey_48.cc’‘’ ’‘DNSKEY::DNSKEY (!InputBuffer& buffer, size_t rdata_len)’‘ uint16_t protocol = buffer.readUint8(); uint16_t algorithm = buffer.readUint8(); The declarations should be uint8_t. These variables are passed to the constructor of DNSKEYImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t. ’‘DNSKEY::getTag()’‘ for (int i = 0; i < size; i ++) Compiler warns about a signed/unsigned comparison mismatch (size is declared as size_t). ’‘’src/lib/dns/rdata/generic/ds_43.cc’‘’ ’‘DS::DS (!InputBuffer& buffer, size_t rdata_len)’‘ uint16_t protocol = buffer.readUint8() uint16_t algorithm = buffer.readUint8() The declarations should be uint8_t. These variables are passed to the constructor of DSImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t. ’‘’src/lib/dns/rdata/generic/nsec3param_51.cc’‘’ ’‘NSEC3PARAM::NSEC3PARAM(const string& nsec3param_str)’‘ uint16_t hashalg, flags, iterations hashalg and flags should be declared uint8_t. These variables are passed to the constructor of NSEC3PARAMImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t. ’‘’src/lib/dns/rdata/generic/nsec3_50.cc’‘’ ’‘NSEC3::NSEC3(!InputBuffer& buffer, size_t rdata_len)’‘ for (int i = 0; i < typebits.size(); i += len) if (i + 2 > typebits.size()) Compiler warns about a signed/unsigned comparison mismatch. ’‘NSEC3::toText()’‘ for (int i = 0; i < impl->typebits.size(); i += len) assert(i + 2 <= impl->typebits.size()) Compiler warns about a signed/unsigned comparison mismatch. ’‘NSEC::NSEC (!InputBuffer& buffer, size_t rdata_len)’‘ for (int i = 0; i < rdata_len; i += len) if (i + 2 > rdata_len) and if (i + len > rdata_len) Compiler warns about a signed/unsigned comparison mismatch. ’‘NSEC::toText()’‘ for (int i = 0; i < impl->typebits.size(); i += len) assert(i + 2 <= impl->typebits.size()); Compiler warns about a signed/unsigned comparison mismatch. ’‘’src/lib/dns/rdata/generic/rrsig_46.cc’‘’ ’‘RRSIG::RRSIG (const string& rrsig_str)’‘ uint32_t timeexpire = timeFromText(expire_txt); uint32_t timeinception = timeFromText(inception_txt); timeFromText returns a time_t value. Under Windows, time_t is 64 bits, so the compiler is warning about a possible loss of data. (Suggestion: as the value of the inception and expiration times in an RRSIG are defined to be unsigned 32-bit values, altering the return type of the timeFromText() function would seem to be a better fix than changing the data types of timeexpire and timeexception.) ’‘’src/lib/dns/rdata/generic/txt_16.cc’‘’ ’‘TXT::TXT (!InputBuffer& buffer, size_t rdata_len)’‘ if (rdata_len < len + 1) Compiler warns about a signed/unsigned comparison mismatch. ’‘’src/lib/dns/rdata.cc’‘’ ’‘Generic::Generic(const string& rdata_string)’‘ while (!iss.eof() && data.size() < rdlen) Compiler warns about a signed/unsigned comparison mismatch. ’‘’src/lib/dns/name.cc’‘’ ’‘Name::toText(bool omit_final_dot)’‘ assert(np_end - np >= count); Compiler warns about a signed/unsigned comparison mismatch. ’‘’src/lib/dns/message.h’‘’ message.h forward declares !MessageImpl as a struct but message.c defines it as a class. The compiler warns about the mismatch. ’‘’src/lib/dns/message.cc’‘’ ’‘MessageImpl::parseQuestion(!InputBuffer& buffer)’’ for (unsigned int count = 0; count < counts; }} Compiler warns about a signed/unsigned comparison mismatch. ‘’MessageImpl::parseSection(const Section& section, !InputBuffer& buffer)’’ }} Compiler warns about a signed/unsigned comparison mismatch. ‘’’src/lib/dns/dnssectime.cc’‘’ ’‘timeFromText(const string& time_txt)’‘ for (int i = 0; i < time_txt.length(); ++i) Compiler warns about a signed/unsigned comparison mismatch. ’‘’src/lib/dns/messagerenderer.c’‘’ ’‘MessageRenderer::writeName(const Name& name, const bool compress)’’ }} This gives an error because notfound is declared as: }} … but nodeset.end() has type: std::set::const_iterator

321

defect

1282937323000000

1392811230882602

data source

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

b10-auth doesn’t handle mixture of DNAME and NS

See trac #70. Assume a b10-auth server has authority for the zone “jinmei.org”, which has the following RRs in its data source: sec.jinmei.org. 600 IN NS ns.sec.jinmei.org. 3600 IN DNAME example.com. (Note: this is an invalid zone configuration.) In this case, BIND 9 ignores the NS and exclusively use DNAME for names equal to or under sec.jinmei.org. BIND 10 still returns a NS referral if we ask for sec.jinmei.org/NS. There are several problems around this symptom: - naively accepting such a broken configuration at parse/load time may not be a good thing anyway (in this sense BIND 9 is also not really good) - but specifically for BIND 10, since the underlying data source may be non captive, the middle layer of the data source module cannot always assume the data stored in data sources is valid anyway. what should we do? - if we decide to accept this type of half-broken configuration, what should b10-auth return? We could add yet another if-block in the data source code to deal with this case, but, personally, I (jinmei) feel the data source code is already messed up with many such case-by-case fixes and has become to complicated to comprehensive and maintain. So I’d rather solve this issue by revisting the whole logic and refactoring the code cleanly (though I’m not sure if it’s a realistic path)

337

defect

1284522582000000

1392837346027656

Unclassified

medium

UnAssigned

zhanglikun

DNS Outstanding Tasks

assigned

Expired zone should not be served

Currently, when zonemgr expires one zone, auth/xfrout module doesn’t know it, so, the expired zone is still served. There should be one way to mark the zone.

339

defect

1284534918000000

1392917332918612

secondary manager

medium

zzchen_pku

DNS Outstanding Tasks

new

Provide one way to see the current data for each zone managed by zonemgr

There should be one way to see the current counters/timers and other data for each zone managed by zonemgr.

359

defect

1286199011000000

1286199011000000

msgq

low

jreed

new

msqg report component when problem

[b10-msgq] Closing socket fd 10 [b10-msgq] Receive error: EOF Please have msgq report what component(s) it has problems with.

360

defect

1286201348000000

1398197202330131

msgq

medium

UnAssigned

jreed

Sprint-20131001

reviewing

socket.error: AF_UNIX path too long

bash-3.00$ ./install/libexec/bind10-devel/b10-msgq —verbose [b10-msgq] MsgQ v20091030 (Paving the DNS Parking Lot) Traceback (most recent call last): File “./install/libexec/bind10-devel/b10-msgq”, line 436, in setup_result = msgq.setup() File “./install/libexec/bind10-devel/b10-msgq”, line 171, in setup self.setup_listener() File “./install/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener raise e File “./install/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener self.listen_socket.bind(self.socket_file) socket.error: AF_UNIX path too long (same with gcc or sunstudio build)

361

defect

1286202337000000

1286202337000000

msgq

low

jreed

new

msgq too noisy if missing directory for socket file

[bind10] Started b10-msgq (PID 20052) Traceback (most recent call last): File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 436, in setup_result = msgq.setup() File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 171, in setup self.setup_listener() File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener raise e File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener self.listen_socket.bind(self.socket_file) socket.error: [Errno 2] No such file or directory Traceback (most recent call last): File “/home/reed/opt/bind10/sbin/bind10”, line 766, in main() File “/home/reed/opt/bind10/sbin/bind10”, line 717, in main startup_result = boss_of_bind.startup() File “/home/reed/opt/bind10/sbin/bind10”, line 302, in startup c_channel.process.kill() File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill self.send_signal(signal.SIGKILL) File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal os.kill(self.pid, sig) OSError: [Errno 3] No such process Maybe msgq should create missing directory if needed. If that is the case maybe the socket file name should be separated into directory name and the basename.

379

task

1287428822000000

1295969570512122

configuration

medium

UnAssigned

jreed

assigned

item descriptions for module specs

Add item_description for self-documenting specification items. We already have command_description and module_description.

385

enhancement

1287776615000000

1287776615000000

bind-ctl

low

vorner

new

More convenient configuration interface

Currently, config show displays only one item, even if it has subitems. It would be more convenient if some kind of dump command produced a recursive representation of the whole item with descendants (for example in JOSN). Furthermore, setting up items one by one by commands is inconvenient as well. If there was a command that launched editor on the JOSN representation and let the user edit it. After exiting the editor, it could check syntax, if it was OK, store it, if not, ask him to edit it again.

391

enhancement

1288097361000000

1362157351512503

cmd-ctl

low

zhanglikun

new

Make it harder to do dictionary attacks for cmdctl.

This is the suggestion from Jerry Scharf. Add a 1-2 second delay before the response on a login failure. This makes it harder to do dictionary attacks.

392

defect

1288100826000000

1392917342653335

secondary manager

low

jinmei

DNS Outstanding Tasks

new

Xfrin.publish_xfrin_news is not tested explicitly

According to the coverage tool the case of xfr_result == XFRIN_OK isn’t tested. I also suspect the failure case just happens to be covered as a side effect of other test. We should test this method expliclty.

398

enhancement

1288221488000000

1300972860628475

Unclassified

low

jinmei

new

we should use more specific tests than EXPECT_TRUE

See http://bind10.isc.org/ticket/365#comment:8 In general, when we do EXPECT_TRUE(a b); it’s better to be changed to: EXPECT_(a, b); because when the test fails the latter will provide more detailed information (the values of a and b).

406

enhancement

1288921672000000

1392812405749819

xfrout

medium

UnAssigned

zzchen_pku

DNS Outstanding Tasks

assigned

Improve Xfrout unittest coverage

Add more unittest for Xfrout.

460

defect

1293580156000000

1394116778962443

b10-auth

low

jinmei

DNS Outstanding Tasks

new

constructors of b10-auth and b10-recurse are not exception safe

It should be obvious from the code. AuthSrv::AuthSrv(const bool use_cache, AbstractXfroutClient& xfrout_client) : impl), checkin(new ConfigChecker(this)), dns_lookup), dns_answer(new MessageAnswer(this)) {} Consider the case the allocation for checkin_ fails. Recursor::Recursor() has the same problem.

486

enhancement

1295044100521580

1392913290884624

resolver

low

shane

DNS Outstanding Tasks

new

De-duplication of client queries

490

enhancement

1295045246664093

1392913263487822

resolver

low

shane

DNS Outstanding Tasks

new

Handle packet errors from clients

Handle packet errors from clients

500

enhancement

1295047841160192

1392913236706074

resolver

low

shane

DNS Outstanding Tasks

new

Query tracing (design)

Query tracing * design (task V)

511

enhancement

1295272062607065

1379676478009811

statistics

medium

UnAssigned

stephen

assigned

Get list of authoritative domains

Part of the work required to instrument the authoritative server to collect per-zone data.

514

enhancement

1295364508294539

1394116250390967

Boss of BIND

low

jreed

DNS Outstanding Tasks

new

allow both the resolver and auth to run at same time

bind10 should allow both the resolver and auth to run at same time. For now they can listen on different address(es) or ports.

520

defect

1295544388306086

1396529218985091

xfrin

low

jinmei

DNS Outstanding Tasks

new

xfrin/zonemgr should handle command responses appropriately

This is a continuation of #516. We need to do a few more things on top of the urgent care fix: - We need more complete tests for the problem of #516. - xfrin and zonemgr should check the command response and take appropriate action, especially if the response indicates an error We should probably consider further extensions, too: - extend command spec to indicate whether it requests a response (see a review comment of #516) - making communication over CC channels asynchronous But these will even be beyond the scope of this follow up ticket.

525

enhancement

1295586131506860

1391488011554849

libdns++

medium

UnAssigned

jinmei

assigned

handle “singleton” RR types

Some types of RRs are “singleton”, i.e., only one RR of such type can exsit in the RRset for the tuple. It would be useful to provide an API that takes an RR type and returns if it’s singleton or not. It may also make sense to modify RRset::addRdata() so that it rejects adding more than one RDATA for single types of RRs. See also Trac #504.

528

enhancement

1295712778466636

1322007216658740

configuration

medium

UnAssigned

smann

assigned

getopt() c-lib function should be replaced with boost::program_options C++ function

Throughout the BIND 10 C++ code, getopt is used (probably because it is portable). But this raises an inconsistency in the command line options since getopt() cannot handle long options (e.g. —user=foo) while the python getopt() function can. Further, boost::program_options provides a fairly abstract mechanism for retrieving key/value pairs from either the command line or a file. See http://www.boost.org/doc/libs/1_45_0/doc/html/program_options.html for details.

531

defect

1295902288990249

1295902288990249

msgq

low

jreed

new

msgq not exiting

When cfgmgr couldn’t access config file, bind10 20101129 (BIND 10 20110120) [bind10] Checking for already running b10-msgq [bind10] Starting b10-msgq [bind10] Started b10-msgq (PID 26636) [bind10] Starting b10-cfgmgr [bind10] Started b10-cfgmgr (PID 8593) [b10-cfgmgr] Can’t read configuration file: [Errno 13] Permission denied: ‘/home/reed/opt/bind10/var/bind10-devel/b10-config.db’ [b10-msgq] Closing socket fd 5 [bind10] Starting ccsession … instead of waiting for this to timeout, I pressed Ctrl-C, resulting in: [b10-msgq] Receive error: EOF C[bind10] Received SIGINT. killing started processes: - b10-cfgmgr Traceback : File “/home/reed/opt/bind10/sbin/bind10”, line 544, in startup self.start_all_processes File “/home/reed/opt/bind10/sbin/bind10”, line 487, in start_all_processes self.start_ccsession File “/home/reed/opt/bind10/sbin/bind10”, line 378, in start_ccsession self.ccs.start File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 164, in start C[bind10] Received SIGINT. self.request_config File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 338, inrequest_config raise ModuleCCSessionError(“No answer from configuration manager”) isc.config.ccsession.ModuleCCSessionError: No answer from configuration manager During handling of the above exception, another exception occurred: Traceback (most recent call last): File “/home/reed/opt/bind10/sbin/bind10”, line 899, in main() File “/home/reed/opt/bind10/sbin/bind10”, line 838, in main startup_result = boss_of_bind.startup() File “/home/reed/opt/bind10/sbin/bind10”, line 546, in startup self.kill_started_processes() File “/home/reed/opt/bind10/sbin/bind10”, line 263, in kill_started_processes self.processes[pid].process.kill() File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill self.send_signal(signal.SIGKILL) File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal os.kill(self.pid, sig) OSError: [Errno 3] No such process t1:bind10$ [b10-msgq] Closing socket fd 4 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 5 [b10-msgq] Receive error: EOF What happened in the above is that everything was exited except msgq, it was left running so next time starting bind10 failed due to [bind10] Checking for already running b10-msgq [bind10] Error on startup: b10-msgq already running, or socket file not cleaned , cannot start If I do let it timeout on its own, bind10 just exit everything including b10-msgq. (Please ignore the permission denied in the above output; that is unrelated to my problem.) Also why SIGKILL?

532

enhancement

1295954356511535

1392913219301581

resolver

medium

jelte

DNS Outstanding Tasks

new

refactor resolver/asio interface

While probably not strictly necessary, I think this would be a good moment to make an actual resolver ‘library’, and move resolver-specific code out of asiolink. This may even be necessary for #494 (or at the very least very useful). See the thread at https://lists.isc.org/pipermail/bind10-dev/2011-January/001848.html Theoretically, this would mostly involve renaming and moving classes and methods, but there are inevitably going to be some hairy details around asio.

535

enhancement

1296066983705468

1392913526161945

resolver

low

stephen

DNS Outstanding Tasks

new

Aggregate NSAS HashTable and LruList classes

Both the NSAS and the main resolver cache use the NSAS LruList classes. In both cases, the hash table is used to store/locate objects and the LRU list used to track and remove expired objects. It would make sense to: * Create a single class that contains both the hash table and LRU list, and provide methods that do common processing, e.g. provide the hash table search function that automatically updates the position of the object in the LRU list if a match is found. (It also means that possible optimisations - such as using multiple LRU lists in multi-threaded applications - could be implemented without changing client code.) * Extract the code away from the NSAS into a separate library.

538

task

1296075787210206

1392825387586453

Unclassified

low

UnAssigned

vorner

DNS Outstanding Tasks

assigned

Make isc::dns::Name reside in continuous block of memory.

We have a lot operations with Names in the code, comparing names takes 16% of runtime, which is mostly caused by cache misses. The amount of cache misses could be lowered by factor of at last 3 if the whole Name and it’s data resides in one continuous block of memory (it will be either retrieved as a single cache line or at last predicted by CPU prediction heuristics). It can be accomplished for example by not using stl string and vector, but C strings and arrays. The memory can be allocated before calling the actual constructor, passing the pointer to memory both to new and using pointer arithmetics on this pointer in constructor to place the actual data behind it. The constructor should not be directly visible then and a wrapper function would have to be used to hide this, possibly error-prone, logic. As this is quite a lot of work, we should try handling the easier tasks first and see if it helps enough. Therefore I’m giving it a lower priority.

539

task

1296076487976341

1344438678460379

Unclassified

low

UnAssigned

vorner

assigned

Hash-based name compression

Name compression is expensive operation (isc::dns::MessageRenderer::writeName with it’s inlined functions takes 16% of our runtime (this includes NameCompare::operator() and NameCompare::nextPosition). The isc::dns::OutputBuffer::operator[] is used a lot inside these functions, which increases the cost of it even more). There’s idea to store positions of all already written names and suffixes of them to a hash table. When a new name is to be written, the hash table is queried first to see if it is already there. If yes, the address is taken and written. If not, the first label is written and noted into the hash table, then it is repeated with next label. It would be nice to get the hashes precomputed form the names. They can be provided by the datasource for example, or whenever the hash is needed, it is cached in the Name and if two names are compared and one does not have the cached hashes, while the other does, the ones for common parts are copied. This is a largish task, maybe we can put it off after we try the simpler ones.

540

task

1296077081317778

1330431286583890

Unclassified

medium

UnAssigned

vorner

assigned

Explore ways to eliminate extra shared_pointers in hot path

We spend 8% of runtime in boost::detail::shared_count::~shared_count(), which is related to shared pointers. Therefore it would be good to find the ones on the hot path (the one where normal processing happens and have the biggest impact on performance) which are not needed and eliminate them (or create additional tasks for each of them). Possible situations include: * It is completely unnecessary. * std::auto_ptr would be enough. * Candidate for using a memory pool idea. We have a block of memory. Each time we need a temporary variable, we just take it from the block. Once we finished a query, we „drop“ the whole block (reset the position where we take the memory from to the beginning). It is faster because: - We don’t need to call destructors at all. - We don’t need to care when we should run the destructors (counting references, etc). - The memory we use a lot is located close together, which is better for CPU caches and TLBs.

543

task

1296121589023721

1330115503339365

data source

medium

vorner

new

Chaining of CNAMEs in in-memory data-source.

Currently only the CNAME itself is returned to client if the in-memory datasource is used. The CNAME should be followed and the answer at the end returned as well if it is available in the same zone (or, in the datasource). Note that this could solve itself when we merge datasource APIs together.

546

enhancement

1296213153077274

1300972860628475

Unclassified

low

stephen

new

Support defined callouts to user-written code

This was discussed on bind10-dev in the thread starting at https://lists.isc.org/pipermail/bind10-dev/2011-January/001839.html. The idea is to define a set of points at which BIND-10 will call out to user-written code and provide a supported interface for it. For example, a user-written filter could be called when a query is received and accept or reject it according to logic based on business need. Ideally the code would load at run-time, avoiding the need for the user to edit BIND source code directly. Such a scheme would also open the way for upgrades to BIND-10 without the need to rebuild the user code.

556

enhancement

1296583817302371

1331038939391875

build system

medium

jreed

vorner

new

Request for feedback in ./configure

As we talked on todays call, it would be nice to have some request for feedback printed at the very end of the ./configure script. So people who try it out now probably use configure, and most probably run it manually and we need as much feedback as possible. I have no proposal for the exact wording, but something like to send any suggestions, ideas, what works for them, what doesn’t, why, and to drop an email or ticket or patch, what is best for them. It should be relatively easy to implement IMO.

557

enhancement

1296755443971648

1392913539618655

resolver

low

stephen

DNS Outstanding Tasks

new

Check additional data RRsets against rest of server response

See comments in #496, where the response scrubbing was introduced. In essence, the response scrubbing code should remove from the additional section anything that is not referenced in the rest of the message. This implies adding the ability to interpret the RDATA of RRs.

561

task

1297249810700581

1392825427624589

Unclassified

medium

stephen

DNS Outstanding Tasks

new

Functional testing of the resolver

This involves firing queries at different configurations and checking that the results are correct. We may be able to use the CNNIC test suite for this.

563

enhancement

1297261110546902

1392913580521380

resolver

medium

stephen

DNS Outstanding Tasks

new

Add command-line options to resolver

Problem: to enable resolver, the normal steps are: start bind10 (including auth server); use bindctl to configure bind10 to start resokver instead; stop bind10; start bind10 again (includes resolver); use bindctl to configure resolver to listen on correct interface/port, do forwarding, etc. (because couldn’t be configured before). Workaround: just like bind10 and b10-auth has a andp options for auth address and port, bind10 should have command-line options to choose address/port/forwarder and to enable the resolver too. b10-resolver could also have command line options for these too. Note that an early version of the resolver did have some command-line options. Now they are gone. This is inconsistent with b10-auth.

566

defect

1297373350141055

1392913592387515

resolver

medium

jreed

DNS Outstanding Tasks

new

forwarder and recursion desired not set

Using b10-resolver as a forwarder. When the incoming query does not have recursion desired (RD) bit set, the forwarder ignores this and will send on a query with RD now set and will return back its recursive results. The BIND 9 behaviour for forward only and RD not set is to not forward the query — it responds back with root-servers in the authority section (the only thing it knows).

567

enhancement

1297423851025095

1392999386258306

data source

low

UnAssigned

vorner

DNS Outstanding Tasks

assigned

RdataIterator::getCurrent() should throw if invalid.

When the RdataIterator points at the last entry and getCurrent is called, it should throw an exception. This way, we can just use the first Rdata in RRset and don’t need to care about empty RRsets (in case of DNAME, for example, empty DNAME rrset is wrong and the code makes no sense). After this is finished, the assert in CNAME synthesis code for DNAME in auth/query.cc should be removed (see #505).

568

enhancement

1297430406836414

1330097397847649

libdns++

low

UnAssigned

stephen

new

Extend RRset with copy constructor, assignment operator and comparison operator

A needs has arisen for these in the implementation of the resolver cache - see the comments on ticket #449.

570

defect

1297445683637748

1392913652570241

resolver

medium

jreed

DNS Outstanding Tasks

new

question duplicated results in servfail

First response is fine. But still has second query that has a servfail. See extra question added and multiple answers for same query: [b10-resolver] Got a DNS message [b10-resolver] received a message: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665 ;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;isc.org. IN A [b10-resolver] Processing normal query [b10-resolver] Sending upstream query (isc.org. IN A ) to 127.0.0.1 [b10-resolver] Sending ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 0 ;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;isc.org. IN A to 127.0.0.1 [b10-resolver] Received response from 127.0.0.1 [b10-resolver] [XX] got an answer [b10-resolver] Adding question isc.org. to message [b10-resolver] sending a response (272bytes): ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665 ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 6 ;; QUESTION SECTION: ;isc.org. IN A ;; ANSWER SECTION: isc.org. 883 IN A 149.20.64.42 ;; AUTHORITY SECTION: isc.org. 28131 IN NS ord.sns-pb.isc.org. isc.org. 28131 IN NS ams.sns-pb.isc.org. isc.org. 28131 IN NS sfba.sns-pb.isc.org. isc.org. 28131 IN NS ns.isc.afilias-nst.info. ;; ADDITIONAL SECTION: ams.sns-pb.isc.org. 28131 IN A 199.6.1.30 ams.sns-pb.isc.org. 28131 IN AAAA 2001:500:60::30 ord.sns-pb.isc.org. 28131 IN A 199.6.0.30 ord.sns-pb.isc.org. 28131 IN AAAA 2001:500:71::30 sfba.sns-pb.isc.org. 28131 IN A 149.20.64.3 sfba.sns-pb.isc.org. 28131 IN AAAA 2001:4f8:0:2::19 [b10-resolver] [XX] got an answer [b10-resolver] [XX] got an answer [b10-resolver] Adding question isc.org. to message [b10-resolver] sending a response (31bytes): ;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 63665 ;; flags: qr rd ra ; QUESTION: 2, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;isc.org. IN A ;isc.org. IN A 11:25:22.091100 IP 127.0.0.1.53645 > 127.0.0.1.53: 63665+ A? isc.org. (25) 0x0000: 4500 0035 0000 0000 4011 0000 7f00 0001 E..5…........<br> 0x0010: 7f00 0001 d18d 0035 0021 4791 f8b1 0100 .......5.!G.....<br> 0x0020: 0001 0000 0000 0000 0369 7363 036f 7267 .........isc.org<br> 0x0030: 0000 0100 01 .....<br>11:25:22.092289 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 1/4/6 A 149.20.64.42 (272)<br> 0x0000: 4500 012c 8f30 0000 4011 0000 7f00 0001 E..,.0..……. 0x0010: 7f00 0001 0035 d18d 0118 e507 f8b1 8180 …..5………. 0x0020: 0001 0001 0004 0006 0369 7363 036f 7267 ………isc.org 0x0030: 0000 0100 01c0 0c00 0100 0100 0003 7300 …………..s. 0x0040: 0495 1440 2ac0 0c00 0200 0100 006d e300 …*........m..<br> 0x0050: 0d03 6f72 6406 736e 732d 7062 ..ord.sns-pb<br>11:25:22.092601 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 ServFail [2q], 0/0/0 (31)<br> 0x0000: 4500 003b 0000 0000 4011 0000 7f00 0001 E..;....……. 0x0010: 7f00 0001 0035 d18d 0027 b841 f8b1 8182 …..5…’.A…. 0x0020: 0002 0000 0000 0000 0369 7363 036f 7267 ………isc.org 0x0030: 0000 0100 01c0 0c00 0100 01 ……….. This problem didn’t exist prior to Jan. 24. In this case the client (id 63665 or port 53645) was dig. It never displayed the additional response.

578

task

1297866808524022

1392999399550405

data source

low

UnAssigned

vorner

DNS Outstanding Tasks

assigned

Refactor of PARTIALMATCH in isc::datasrc::MemoryZone::MemoryZoneImpl::find.

It is getting rather long and unreadable. It would be nice to clean it up little bit, eg. by separating the PARTIALMATCH (which is the longest case label) into separate function.

579

task

1297933322527514

1392913205805053

resolver

medium

zhanglikun

DNS Outstanding Tasks

new

Add iterator interface to Hash Table

The iterator interface for Hash Table needs to be added, so that the content of it can be walked.

580

task

1297941415039838

1392914212200665

Unclassified

low

vorner

DNS Outstanding Tasks

new

More flexible isc::testutils::rrsetCheck

It would be handy if it could check only part of the equality (eg. only class, TTLs and data and ignore different names for example). The wildcard testcases in memory zone could be simplified by it.

581

task

1297952111140992

1392999421680956

data source

low

jreed

jreed

DNS Outstanding Tasks

assigned

src/lib/python/isc/datasrc/master.py source documentation

Convert existing comments in src/lib/python/isc/datasrc/master.py to doxygen style documentation. See http://git.bind10.isc.org/~jreed/pydoc/master.html for existing incomplete pydoc example. Also add more documentation for this. (Or maybe this code is going away?)

582

task

1297952294432839

1392837539252508

Unclassified

medium

jreed

DNS Outstanding Tasks

new

add more unit tests for src/lib/python/isc/datasrc/master.py

See http://bind10.isc.org/~tester/2011/02/20110217130443-57736fd/coverage-python-html/src_lib_python_isc_datasrc_master.html (only 9% coverage at this time). (Unrelated to this ticket, but why does it’s rrtypes set have RR types that libdns++ doesn’t know, including some obsolete that BIND 9 doesn’t even accept?)

585

task

1298043021255787

1300972860628475

data source

low

jreed

new

Make SQLIte3 dependency optional

Make the dependency on SQLite3 optional. ./configure should not fail if sqlite3 is not found. This also means that b10-auth, b10-xfrin, b10-xfrout, b10-loadzone, and b10-zonemgr need to use an abstracted data source backend. This depends on: #368, #374, #375, #376.

586

task

1298044224002248

1392913150462579

resolver

medium

jreed

DNS Outstanding Tasks

new

randomize source ports

Have an option so we can set our own source ports (instead of operating system). (For example, some operating systems use sequential source ports and not randomized.) (09:47:30) stephen: I’ve just had a look at the Boost documentation and it seems that we can create a native port, that ask Boost to use that for its I/O. So we should be able to control the port numbers ourselves.

596

task

1298382431550481

1317139349238781

Unclassified

medium

jreed

new

allow configurations without running services

Should be able to do configurations, especially for auth and resolver, without starting them first. This may mean being able to change configurations without running cmdctl too.

601

defect

1298448694146657

1392811406027717

libdns++

medium

UnAssigned

jinmei

DNS Outstanding Tasks

new

bug in handling out-of-range DNSSEC times

This is an (originally unintended) continuation of #174. According to Rob Austein our current implementation of DNSSEC time (which is actually compatible with BIND 9) isn’t correct: - we should allow pre-epoch time such as 19691231000000 as long as it’s in the valid 68-year range. - we should reject (in the 32-bit mode) out-of-range time format such as 21000101000000 In practice, these would be minor, but since we’ve recently completed #174, it would make sense to fix it using this opportunity.

619

task

1298497711930303

1330422593174356

cmd-ctl

low

jreed

new

pick a good default cmdctl port number

Decide on port for cmdctl; 8080 is too common?

628

defect

1298575416565604

1337691456593207

Unclassified

low

UnAssigned

jreed

assigned

switching from auth or resolver is too noisy

This was done with: > config diff {’Boss’: {’start_resolver’: True, ‘start_auth’: False}} > config commit See all this output: [b10-cmdctl] Begin send command ‘set_config’ to module ‘ConfigManager’ [bind10] Handling new configuration: {’start_resolver’: True, ‘start_auth’: False} [bind10] Starting b10-resolver [bind10] Started b10-resolver (PID 22058) [bind10] Asking b10-zonemgr to terminate [bind10] Asking b10-xfrin to terminate [bind10] Asking b10-xfrout to terminate [bind10] Asking b10-auth to terminate [b10-auth] Received ‘shutdown’ command [b10-msgq] Closing socket fd 8 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 9 [b10-msgq] Receive error: EOF 24-Feb-2011 14:19:32.111 Xfrout: INFO: Received shutdown command. [bind10] Process b10-auth (PID 22024) terminated, exit status = 0 [b10-msgq] Closing socket fd 7 [b10-msgq] Receive error: EOF [b10-cmdctl] Finish send command ‘set_config’ to module ‘ConfigManager’ [b10-cmdctl] Begin send command ‘get_config’ to module ‘ConfigManager’ [b10-resolver] Command line: b10-resolver -v [b10-resolver] Server created. [b10-resolver] IOService created. [b10-resolver] Configuration session channel created. [b10-cmdctl] Finish send command ‘get_config’ to module ‘ConfigManager’ [b10-resolver] Configuration channel established. [b10-resolver] Config loaded [b10-resolver] Server started. [bind10] Process b10-xfrin (PID 22026) terminated, exit status = 0 [b10-msgq] Closing socket fd 10 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 12 [b10-msgq] Receive error: EOF [bind10] Process b10-zonemgr (PID 22027) terminated, exit status = 0 [b10-msgq] Closing socket fd 14 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 15 [b10-msgq] Receive error: [bind10] Process b10-xfrout (PID 22025) terminated, exit status = 0 [b10-msgq] Closing socket fd 11 [b10-msgq] Receive error: While this is verbose, the many errors shouldn’t be there. This is not clean.

632

task

1298666735493161

1392913131851989

resolver

medium

jinmei

DNS Outstanding Tasks

new

“libcache” has too generic a name

As raised on jabber… I just noticed “cache” is too generic when I saw src/lib/cache (it also applies to the resulting library, libcache.{a,so}). Consider, e.g. the fact we already have the “hot spot cache” for data source. Also consider BIND 10 may not even specific to DNS. Even without taking these into account, “cache” still sounds too generic and can be quite ambiguous. So, IMO, it should have a more specific name. This is probably part of a larger packaging matter, though (e.g., whether we want to provide the cache library as a stand alone library that can be exclusively used by third party applications, or whether it’s intended to be used only as part of the resolver (library/server)). But I’m creating the ticket anyway so that we won’t forget it.

635

defect

1298980700682057

1330426424708472

build system

low

stephen

stephen

assigned

Presence of old version of BIND10 may cause new build to fail

Building from sources, if: * —prefix is specified on the ./configure command line * “make install” is run to install the software in the “prefix” directory … a subsequent build of a later version of BIND10 may fail. The set of commands that cause the build to fail on Ubuntu 10.04 are given in the attached file. Removing the “prefix” directory allows the subsequent build to succeed.

645

defect

1299072541726805

1330430795159535

Unclassified

low

vorner

new

Little errors hinted by valgrind

This is the rest of valgrind topics raised by #614. I believe this bunch is small and simple enough to handle them in one ticket. They are: - Invalid read in cc tests (the map there seems to be freed before the tests are done with it, but that’s only my guess) - There’s call to open with NULL pointer as the path in the dns tests, which probably shouldn’t happen. - Some memory leaks in auth tests. The two IOEndPoint ones are already topic covered by #644 (the same leak got to different tests), but there’s one more in changeUser. I think this one is minor, because the first two probably happen only in tests (but I’m not sure about it, that’s why I leave it here to examine), and the third one happens just once per run.

650

task

1299224653994828

1392812528597430

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s dnssec system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/dnssec.

651

task

1299224711538630

1392812546628371

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s masterfile system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/masterfile.

652

task

1299224751638636

1392812561419620

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s notify system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/notify.

653

task

1299224794714962

1392812576738283

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s xfer system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/xfer.

654

task

1299224832714631

1392812592156794

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s unknown system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/unknown.

655

task

1299224906799160

1392812608264326

resolver

medium

jinmei

DNS Outstanding Tasks

new

port BIND 9’s resolver system test

This is a continuation of #606. For the test scenario, see bind9/bin/tests/system/resolver. I’m giving this ticket to R-team (as an initial assignment).

659

enhancement

1299234839233509

1392913106528658

resolver

medium

jelte

DNS Outstanding Tasks

new

resolver priming

Ticket #495 introduces the use of the NSAS, but it doesn’t correctly prime the resolver yet. We really need this (at least a simple version of it), it should probably be a method of RecursiveQuery (which is in essence the ‘resolver’ object right now), called once initialized, and later at a regular interval (either when the priming result appears to expire or once a day). This might also need a way to simply send out one query and get back the result, without the full recursive process. Depending on what we do in #658, this may already be possible.

660

enhancement

1299235088120650

1392913035779181

resolver

medium

jelte

DNS Outstanding Tasks

new

options and/or commands to control cache behaviour

Ticket #491 introduced the use of a cache, but at this moment we have no method of controlling it; some initial nice options would be: - set maximum cache size - set maxmimum lru size - flush cache - flush cache for specific names - flush cache for specific zones and everything below it (though i’m not sure this is possible with the current cache implementation)

662

defect

1299245065169497

1392811258123648

b10-auth

medium

UnAssigned

jreed

DNS Outstanding Tasks

assigned

b10-auth wrongly falls back to default listen_on

As I noted in #657, b10-auth now falls back to default listen_on (from spec?) if the b10-config.db version fails. [bind10] BIND 10 started Setting listen addresses: 0.0.0.0:53 127.0.0.1:5300 Initialize TCP server at 0.0.0.0:53 Unable to set new address: Failed to initialize network servers: Permission denied [b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied [b10-auth] Configuration channel established. [b10-auth] Xfrin session channel created. [b10-auth] Xfrin session channel established. [b10-auth] Statistics session channel created. [b10-auth] Statistics session channel established. Setting listen addresses: ::1:5300 127.0.0.1:5300 Initialize TCP server at ::1:5300 Initialize UDP server at ::1:5300 Initialize TCP server at 127.0.0.1:5300 Initialize UDP server at 127.0.0.1:5300 [b10-auth] Set statistics timer to 60 seconds [b10-auth] Data source database file: /usr/home/jreed/opt/bind10/var/bind10-devel/zone.sqlite3 [b10-auth] Server started. I think the previous behaviour was for it to exit. bind10 (boss) would restart and the failure would continue looping. I don’t think that is good behaviour either. But using default values when a configuration is specifically defined is not correct. It may not be noticed and it may break some policies or other software (which wanted to use those). Maybe this will be fixed in #657, but I open this ticket just in case.

668

enhancement

1299497980496860

1299497980496860

Unclassified

low

stephen

new

Add formal randomness checking to unit tests of classes using random-number generators

We are currently using the Boost random number generators in classes where random numbers are required (e.g. QID generation). Although these should be random, we currently do not do formal testing of the randomness of generated values in our unit tests. This runs the risk of not noticing a loss of randomness if the implementation of such classes is changed. It is proposed that we formally check such cases using the NIST random number test suite [http://csrc.nist.gov/groups/ST/toolkit/rng/index.html]

674

defect

1299513343493610

1392912325412484

loadzone

low

jreed

DNS Outstanding Tasks

new

loadzone wrong RR count and percentage

From a couple tests, it looks like b10-loadzone RR count is one to many. For example it shows “2 RR (s) loaded” for a single line SOA only zone. Also sometimes the percentage shown is not 100% when completed. But that doesn’t match up to the count off by one.

677

defect

1299528731023605

1337591752864723

bind-ctl

low

jreed

new

bindctl doesn’t have readline/emacs-style editing

On some of my systems, bindctl doesn’t provide line editing (no arrow keys, no CTRL-A, CTRL-E, etc). Maybe the system is just missing some python module. The fix for this is probably just to document what is needed and/or where supported.

679

enhancement

1299599149442427

1344438138107723

Unclassified

medium

UnAssigned

vorner

assigned

More clever switching of listening addresses and ports

Currently, when user changes addresses and ports (listen_on), isc::server_common::portconfig::installAddresses is invoked. It closes all old sockets and create new ones. But if there are common sockets in old and new configuration, it is both unneeded and may cause a short break in service. So a more fancy way of switching them should be done. The idea is to open the new ports, then close the old ones and keep the same ones untouched. (In this order, we can check we can get the new ones without losing the old ones, so it is easier to rollback)

685

defect

1299688327340397

1392913014659093

resolver

medium

jreed

DNS Outstanding Tasks

new

resolver cached SERVFAIL becomes NOERROR

I had a DNAME that resulted in a synthesized CNAME that is too long. Using b10-resolver as a forwarder: on the first query the upstream sent back a SERVFAIL. On second query, the b10-resolver said “Message found in cache, returning that” and returned a status: NOERROR (ANSWER: 0). (I noticed this when researching #145.)

686

enhancement

1299761964159824

1389622076495221

build system

medium

jreed

jreed

assigned

set library version info

This was based on #635 issues. We need to set the version information (such as libtool’s current:revision:age) for each library that has changed. At the minimum we should do these at least for each tarball release. We will not use the BIND 10 release or individual module versions for the library versions. I will add more details to this ticket. This ticket should not be closed until a wiki page also documents our policy on this.

687

defect

1299797626444982

1394116289440406

Boss of BIND

low

jreed

Common Outstanding Tasks

new

suspend (stop) signal sent to boss doesn’t suspend children

I used to be able to suspend bind10 and it would suspend the children too. But now the parent is only suspended, children keep on running. I am doing this with Ctrl-Z from shell. This causes some confusion for me as I troubleshoot (especially if I am flooded with verbose output on same terminal).

692

defect

1300207928617670

1392999432267907

data source

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

response with NSEC3 for class ANY queries

This is a remaining task for #80. We first need to add tests about query logic (in general) for NSEC3 responses, and then make the same fix as the one we did for #80.

694

enhancement

1300229091452958

1300972799721442

msgq

low

jinmei

new

proposal: change timeout for SendNonblock (msg test) to 30sec

It’s currently 10sec def terminate_check(self, task, timeout = 10): (btw the space chars around = should be removed according to the style convention) Apparently this is too small for my personal slow server, and this test regularly fails. I propose changing this value to 30sec (yes, it’s an arbitrary choice that happens to work for that particular server). Normally the value shouldn’t affect testability; timeout doesn’t happen unless the test fails or for a very slow machine. So I think the change is acceptable.

702

defect

1300357203601211

1392912989810995

resolver

medium

jelte

DNS Outstanding Tasks

new

resolver/forwarder does not answer CH TXT version.bind and authors.bind

In fact, right now it crashes on such queries. Fixing the crash is trivial, but getting the right answers is not (they’re hidden in StaticDataSrc, and including that would imply including nearly everything that’s necessary for b10-auth). So I propose to move the actual creation of the ‘static’ data (i.e. the names and rrsets for authors.bind and version.bind) to a singleton in server_common, and use those from StaticDataSrc and bin/resolver.

705

enhancement

1300390542235100

1394116308396684

Boss of BIND

low

shane

Common Outstanding Tasks

new

Log more helpful status when process exits under the boss

Jeremy reported something exited with status 139. It turns out that the status value is as follows: a 16-bit number, whose low byte is the signal number that killed the process, and whose high byte is the exit status (if the signal number is zero); the high bit of the low byte is set if a core file was produced That is from the Python documentation here: http://docs.python.org/py3k/library/os.html#os.wait So, deciphering it we see that it is < 256, which means it is a signal. The high bit is set - meaning we have core. We can remove that by subtracting 128 and discover that this is signal 11 (SEGV). It would be nice if the boss process did this work and reported exactly what happened to the child process.

707

defect

1300391188623803

1392825456361357

Unclassified

medium

jreed

DNS Outstanding Tasks

new

b10-resolver (as forwarder) exit with SEGV

Not sure what caused this b10-resolver to exit with SEGV. I am confused why question generates different upstream questions and one question results in multiple responses. Is this an error too? Here is the closest lines in verbose output: [b10-resolver] Got a DNS message [b10-resolver] received a message: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919 ;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;external.ak.fbcdn.net. IN A [b10-resolver] Processing normal query [b10-resolver] Try out cache first (started by incoming event) [b10-resolver] Message not found in cache, starting recursive query [b10-resolver] doLookup: try cache [b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A ) to 127.0.0.1 [b10-resolver] Timeout, resending query [b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A ) to 127.0.0.1 [b10-resolver] Timeout, resending query [b10-resolver] Sending upstream query (photos-e.ak.fbcdn.net. IN A ) to 127.0.0.1 [b10-resolver] Timeout, resending query [b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A ) to 127.0.0.1 [b10-resolver] sending a response (442bytes): ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 3781 ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 11, AUTHORITY: 9, ADDITIONAL: 0 ;; QUESTION SECTION: ;photos-e.ak.fbcdn.net. IN A ;; ANSWER SECTION: photos-e.ak.fbcdn.net. 895 IN CNAME photos-a.ak.facebook.com.edgesuite.net. photos-a.ak.facebook.com.edgesuite.net. 4798 IN CNAME a995.mm1.akamai.net. a995.mm1.akamai.net. 20 IN A 69.31.72.194 a995.mm1.akamai.net. 20 IN A 69.31.72.139 a995.mm1.akamai.net. 20 IN A 69.31.72.145 a995.mm1.akamai.net. 20 IN A 69.31.72.147 a995.mm1.akamai.net. 20 IN A 69.31.72.169 a995.mm1.akamai.net. 20 IN A 69.31.72.176 a995.mm1.akamai.net. 20 IN A 69.31.72.178 a995.mm1.akamai.net. 20 IN A 69.31.72.184 a995.mm1.akamai.net. 20 IN A 69.31.72.193 ;; AUTHORITY SECTION: mm1.akamai.net. 1798 IN NS n7mm1.akamai.net. mm1.akamai.net. 1798 IN NS n4mm1.akamai.net. mm1.akamai.net. 1798 IN NS n3mm1.akamai.net. mm1.akamai.net. 1798 IN NS n2mm1.akamai.net. mm1.akamai.net. 1798 IN NS n5mm1.akamai.net. mm1.akamai.net. 1798 IN NS n0mm1.akamai.net. mm1.akamai.net. 1798 IN NS n6mm1.akamai.net. mm1.akamai.net. 1798 IN NS a0mm1.akamai.net. mm1.akamai.net. 1798 IN NS n1mm1.akamai.net. [b10-resolver] Timeout, resending query [b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A ) to 127.0.0.1 [b10-resolver] sending a response (308bytes): ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919 ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 0 ;; QUESTION SECTION: ;external.ak.fbcdn.net. IN A ;; ANSWER SECTION: external.ak.fbcdn.net. 2472 IN CNAME external.ak.fbcdn.net.edgesuite.net. external.ak.fbcdn.net.edgesuite.net. 4798 IN CNAME a1920.g.akamai.net. a1920.g.akamai.net. 20 IN A 63.80.138.48 a1920.g.akamai.net. 20 IN A 63.80.138.67 ;; AUTHORITY SECTION: g.akamai.net. 1799 IN NS n4g.akamai.net. g.akamai.net. 1799 IN NS n7g.akamai.net. g.akamai.net. 1799 IN NS n6g.akamai.net. g.akamai.net. 1799 IN NS a0g.akamai.net. g.akamai.net. 1799 IN NS n5g.akamai.net. g.akamai.net. 1799 IN NS n3g.akamai.net. g.akamai.net. 1799 IN NS n0g.akamai.net. g.akamai.net. 1799 IN NS n1g.akamai.net. g.akamai.net. 1799 IN NS n2g.akamai.net. [b10-resolver] sending a response (38bytes): ;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 24087 ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;profile.ak.fbcdn.net. IN A [bind10] Process b10-resolver (PID 16152) terminated, exit status = 139

709

enhancement

1300396709121370

1392914161716876

resolver

low

UnAssigned

shane

stephen@isc.org

DNS Outstanding Tasks

assigned

Improve RTT message from recursive resolver by using decimal

Stephen noted that the RTT: debug output would possibly be nicer with outputing using decimals. Stephen: We could change that to output it to three decimal places.

715

defect

1300452454216757

1301321712247554

configuration

low

jreed

new

cfgmgr errors need a new line or separator

I made a mistake: > config set Auth/datasources [{file “/Local/Users/jreed/J”, origin config commit Error: Error in config validation: Unknown item fileUnknown item origin Configuration not committed It is unknown because I forgot to use “zones” for this list. The problem is the error messages got merged together.

717

defect

1300453300858334

1300453300858334

bind-ctl

low

jreed

new

config diff output uses single quotes

config diff output uses single quotes. But bindctl and cfgmgr require double quotes. So if you attempt to copy and paste it will fail.

718

defect

1300453366384540

1377867759038750

bind-ctl

low

jreed

new

Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty.

Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty (such as piping in a command to it).

732

task

1300982884532984

1308086219578281

bind-ctl

medium

jreed

new

add more unittests for bindctl components

Get all of bindctl to at least 75 unit test code coverage. See: http://bind10.isc.org/~tester/LATEST_PYTHON_UNITTEST_COVERAGE/

734

task

1300983182591938

1308086254849558

Unclassified

medium

jreed

new

add more unit tests for lib/xfr

Add more unit tests for lib/xfr to get it to atleast 75% code coverage. See: http://bind10.isc.org/~tester/LATEST_UNITTEST_COVERAGE/xfr/index.html

748

enhancement

1301048430011042

1303288185742206

resolver

low

stephen

new

Remove coroutines from IOFetch

Remove the coroutine code from io_fetch.{cc,h}. This involves removing the inheritance from the “coroutine” objects and breaking down the operator() method into a number of separate methods corresponding to each phase of the I/O. (This may involve the use of boost::bind to specify the asynchronous I/O callbacks.)

750

enhancement

1301049551821677

1330704341390354

Unclassified

low

stephen

new

Remove coroutines from UDP server and TCP server

The work involved in this is similar to that in ticket #748, but is applied to the TCP and UDP server code.

752

enhancement

1301050626523132

1303288206489049

Unclassified

low

stephen

new

IOService Refactoring

Several points in the code access the boost ASIO “post” function through IOService by calling IOService::get_io_service().post(). Ideally IOService should supply a post() method itself. Owing to the use of templates, this may require removing the “pimpl” structure.

757

enhancement

1301163841383808

1330702682035017

logging

low

stephen

stephen

assigned

Python logging - understand configuration

The logging configuration is being defined in ticket #736, although the scope of that ticket is C++. This ticket involves producing Python code that understands the logging configuration and sets the options in the BIND-10 Python logging module accordingly,

776

enhancement

1301410070349491

1392999528377870

Unclassified

medium

stephen

DNS Outstanding Tasks

new

IXFR out: Share UDP Address/Port with b10-auth and xfrout

In many cases, different functions of BIND 10 should use the same address and port to receive communications. This task - which is also involved with using UDP in general - makes this possible.

778

enhancement

1301466559425504

1301466559425504

xfrout

medium

stephen

new

IXFR out: limit number of concurrent XFRs

Configuration of a wide limit on the number of concurrent transfers and implementation of the code to keep a track of the transfers and refuse a request that would cause this limit to be exceeded.

779

enhancement

1301466669718474

1301466738839037

xfrout

medium

stephen

new

IXFR out: cleanup configuration

Add configuration parameters to specify how many versions of the zone should be kept and how long the history should be kept for.

780

task

1301466900488102

1301466900488102

xfrout

medium

stephen

new

IXFR out: add housekeeping to clean up old history

Based on the configuration specified in #779, some form of housekeeping task is required to periodically clean up history.

785

task

1301484331910045

1301484331910045

Unclassified

medium

stephen

new

DNSSEC: read, document and understand BIND 9 handling of DNSSEC

Possibly the precursor to all DNSSEC related tasks, this is to make sure that we don’t lose knowledge of what BIND 9 has done with DNSSEC. The person doing this task should make sure that they interact with the BIND 9 programme manager, as the output will be a useful addition to the BIND 9 documentation set.

789

defect

1301503700873539

1394116322264037

Boss of BIND

medium

stephen

Common Outstanding Tasks

new

Make “shutdown” a hidden command for non-Boss processes

At the moment it is possible to shutdown components individually. Unfortunately, the Boss immediately restarts them because it does not know that they have been requested to terminate. This change removes the component shutdown command and ensures that they can only be shutdown through Boss - which, because it knows about the shutdown will not restart them.

791

enhancement

1301503869663869

1394116339620628

Boss of BIND

medium

stephen

Common Outstanding Tasks

new

Add command to Boss to see component configuration

Should be able to execute a command to see a list of running process and any relevant configuration information.

795

enhancement

1301504172842902

1394116356863046

Boss of BIND

medium

stephen

Common Outstanding Tasks

new

Stop/force-stop/restart/start a component (temporarily)

Sometimes a component will not shutdown. The cmdctl interface should allow the user to: * Stop a component (i.e. request it to shut down normally) * Force-stop (i.e. kill it) * Restart (i.e. shut down normally and get it to restart automatically) * Start (i.e. start a component that is currently not running)

803

enhancement

1301557630304648

1394116372443015

Boss of BIND

medium

stephen

Common Outstanding Tasks

new

Command to list currently used sockets

(Related to #802.)

804

enhancement

1301557671331241

1394116387627774

Boss of BIND

medium

stephen

Common Outstanding Tasks

reopened

Client side code to request new sockets (Python)

808

task

1301558082457798

1301558082457798

Unclassified

low

stephen

new

Research alternate strategy of using a lexer/parser to define record types

Rather than explicitly creating a class for each record type, is there some way that we can define the characteristics of a RR and automatically generate the code?

822

enhancement

1301560581841591

1301560581841591

data source

medium

stephen

new

Use first match data source

Modify so that first match instead of best match is used from multiple data sources

824

enhancement

1301560817541807

1317990348048159

data source

medium

stephen

new

Improve configuration of data sources

826

task

1301817156175350

1340899583918649

Unclassified

medium

fdupont

fdupont

assigned

Windows support

Windows support: - OS >= Vista/Windows Server 2008 - Visual Studio >= 2008 (aka 9.0) - google test (for validation) Individual item: - HOWTO (needed software and tools) - DLL exports - solution and projects (for VS 2008) others will be added

837

defect

1302099452093934

1392811598022391

Unclassified

medium

fdupont

DNS Outstanding Tasks

new

multiple include of initialized static constant members

In edns.h: class EDNS { /// } Each time the edns.h file is included this gives a new EDNS::SUPPORTED_VERSION symbol so linking raises “multiple defined” errors. There are two ways to fix it: - play with an #ifdef so only the initializing form in included in edns.cc - move the initialization to edns.cc I prefer the second way but there are still some choices: - keep the value in .h in a comment - what to do for this line is edns_unittest.cc: const uint8_t EDNS::SUPPORTED_VERSION; (I’d like to remove it)?

840

defect

1302140837373042

1304377436907887

Unclassified

medium

fdupont

new

Windows support for libcc

No chance: current libcc relies on asio::local which is not supported on Windows. Note the ASIO_HAS_LOCAL_SOCKETS flag should help according to the ASIO doc… Got a !WinSock.h double include error too (to be fixed in config.h for Windows). What is the plan? Add local TCP as an option?

841

task

1302162674129589

1305213407580130

Unclassified

medium

jelte

new

remove generated .py files

We have a number of python scripts that are generated from .in files at configure time. We also have a file src/lib/python/bind10_config.py[.in] that is supposed to act like the config.h file in cpp; we should put configure-time substitutions in this file instead of in all the generated .py files. ps. when we do this, it’ll cause a lot of git checkout ‘problems’ (files that were generated in one branch but are in the repository of another), we might want to add a small script that deletes them as an interim workaround until we have no old branches left after this is done.

842

defect

1302166140879988

1394114735280370

Unclassified

medium

zzchen_pku

Common Outstanding Tasks

new

Do range check within C++ class

Some of the long int variables can be a plain int: Message_init, Message_clear, MessageRenderer_setCompressMode. (although being long is not necessarily incorrect; it just consumes more (stack) space unnecessarily). Actually, in these cases it make more sense to do this check within the corresponding C++ class (Message, MessageRenderer?, etc) and delegate the check to it.

854

enhancement

1303204287914456

1305289926802818

Unclassified

low

stephen

new

Extend the badpacket generator

The “badpacket” generator is a program that generates (potentially) bad DNS packets for sending to a nameserver and testing its response. It is meant to be used as a testing tool for the BIND 10. Currently, the generator can: * Set any combination of flags in the DNS message header. * Vary the size of the DNS message (by truncating or extending with random data) * Set the DNS message section counts (independently of what is in the section). This ticket is for enhancements to the program to: * Actually insert data into the various message sections. * Modify the data in the message sections (e.g. by corrupting the label length fields). * Add a set of options for testing (bad) EDNS0 data.

856

task

1303252448822559

1304496626188282

libdns++

medium

UnAssigned

jinmei

assigned

add ability to send TSIG’ed query to src/bin/host

Unless I’m mistaken this is an additional task for the May03 sprint so that it will have one “user-visible feature”. What I meant is to add a small change to src/bin/host so that it accepts a new “-f ” option just like BIND 9 dig, and uses that information with the libdns++ API introduced in #812 to send TSIG signed queries. Should be pretty easy.

858

enhancement

1303293435055645

1305291723225946

Unclassified

low

fdupont

new

silent MSVC warnings on libdns++

I’ll collect MSVC warnings in VS2005/2008/2010 and try to address them. Some are spurious (as a warning for {} while(0) in macros) and should be avoided with a pragma, some are real (mainly incompatible integer operations) and should be fixed (for instance by a cast). As far as I know none is critical so I put this ticket in enhancements. Note at least a common one is related to C++: VS2010 complains about missing and impossible to generate copy operation in class definition…

860

task

1303452541864048

1392999445167461

data source

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

sqlite3 data source should separate DONE and other errors

See #851 (espeically its initial description). Conceptually, this means instead of doing this: rc = sqlite3_step(dbparameters>q_zone_); const int i = ? sqlite3_column_int :1; we should do it this way: rc = sqlite3_step(dbparameters>q_zone_); if const int i = ? sqlite3_column_int :1; It’s basically straightforward, but since a naive approach would result in the same patter repeated in various places, we’ll probably also need some kind of refactoring.

861

enhancement

1303453310640018

1305214361342052

Unclassified

medium

zhanglikun

new

Check max udp packet size(buffer size) carried by edns0 message

When resolver geting a query with DO bit from a client, the max udp packet size should be checked. Once the size of answer message is bigger the max size, tcp query should be triggered. Currently the simplest forwarder doesn’t check, always treate the max udp packet size of query client is 4096.(see more in ticket#598)

862

task

1303460875383770

1344438559841280

Unclassified

medium

UnAssigned

vorner

assigned

Properly encapsulate the output buffer in AbstractMessageRenderer

As discussed in #404, we shouldn’t expose the output buffer to descendants of `AbstractMessageRenderer` trough `getBuffer()`. The most problematic place that uses it is name compression in `MessageRenderer`, which needs some small refactoring. The rest should be trivial to replace.

864

task

1303815711705987

1392912967341617

resolver

low

vorner

DNS Outstanding Tasks

new

Simplification of ResponseScrubber::scrubSection

As noted in comment:5:ticket:847, the method would use some simplification (the suggestion about `nomatch` is already implemented).

874

task

1304087689458972

1305223378939417

Unclassified

medium

shane

new

Create tests for src/bin/host

We need tests for src/bin/host.

887

task

1304280532725770

1305270004460967

Unclassified

medium

shane

new

review code for undocumented functionality

Also meant as input for #884, but we probably need to break this down into smaller tasks.

891

enhancement

1304402768405000

1392912898819529

resolver

medium

zhanglikun

DNS Outstanding Tasks

new

Retry forward query over TCP when getting a truncated response.

Currently, the forward query doesn’t have the ability to retry over TCP when getting a truncated response. It should add the support for it. Following is the comments in ticket# 598 given by vorner. “What should the forwarder do with TCP anyway? Ask over UDP if the request come over UDP and use TCP if it comes over TCP? Is it possible with our current framework?”

892

enhancement

1304404513391522

1389749466423194

build system

medium

UnAssigned

jinmei

assigned

move generic test utils from lib/dns/tests to lib/util/unittests

As I commented in #813, I propose: - move things except DNS specific things (matchName and createRequestMessage) in lib/dns/tests/unittest_util to lib/util/unittests/ - unify addDataPath and (part of) readWireData with lib/util/unittests/testdata. basically I’d keep the latter and remove the duplicate functionality from the former. - in addition I’d change the interface of matchWireData() so that expected data is given before the actual data in the parameter list to be more comatible with other gtest interfaces (and variable names should be renamed to actual/expect, etc)

895

enhancement

1304444293674245

1307052968960904

build system

medium

UnAssigned

jinmei

assigned

“null” crypto module

It will help if we add an internal backend crypto module (used from libcryptolink) for environments where Botan is not available. It will also be helpful for users who don’t need any crypto related DNS operations (no TSIG, no DNSSEC) and don’t want to install Botan just to compile BIND 10. This should be configurable in configure.ac and should be disabled by default. It was also suggested that if the null module is enabled a warning message (that no TSIG or DNSSEC will be usable) be shown. Note also that when the null module is enabled some unit tests will fail. We’ll need to work around it in some way.

896

defect

1304446501946920

1305292100972925

bind-ctl

low

jreed

new

bindctl command history shows username and user name attempts

Username:fhdsjkdfshjk Password: [“user doesn’t exist”] Username:root Password: [“login success”] > fhdsjkdfshjk The above shows attempts and then command history. Command history also showed the real username. I think this is misleading to have the username in command history.

909

task

1304717919353537

1396529228792699

xfrin

medium

jreed

DNS Outstanding Tasks

new

Move command “retransfer” from Xfrin to zonemgr.

Move command “retransfer” from Xfrin to zonemgr. For background see https://lists.isc.org/pipermail/bind10-dev/2011-May/002235.html This is related to #908.

911

enhancement

1304754703435921

1341252007825965

Unclassified

low

fdupont

new

time64 & Y2038

Some systems (at least HPUX and Windows) provide a “time64” version of time_t, time(), etc, which will still work after 2038. I suggest 3 things: - use the 64 bit variant when it is available (e.g., twist a #define config.h and don’t forget to include it) - make the code compiling without warnings with the 64 bit variant - at low priority provide a 64 variant on systems which don’t have it. Even we have ~20 years to solve this issue it should be fine to not wait so long…

918

task

1305116578867933

1317139338430339

configuration

medium

vorner

new

Non-dict top-level configuration

Currently a module configuration must be a dict and with names hardcoded in the spec file (eg. we say that we’ll have module.a, module.b and that’s it). These items can have any type then. But for process-less configurations, it makes sense to have a different type for the whole module. An example would be tsig_keys configuration section, which would be shared between multiple processes. It would make sense for it to be just list of strings, each representing one TSIG key in the keyring. Current workaround in #875 is to put there one more level, but it’s inconvenient for the user. (I’m putting it to core, as the configuration is shared)

919

enhancement

1305140148511611

1317990940778622

libdns++

medium

UnAssigned

jinmei

assigned

define a header file for DNS protocol constants

See the discussion for the background: http://bind10.isc.org/ticket/893#comment:11 (around the paragraph beginning with “OK, although…”) The idea is to create a new header file, say, protocol_constants.h, in lib/dns to centrailze the definition of (mainly numeric) protocol constants such as the max wire length of domain names. We should begin with the discussion about whether this is a good idea in the first place, and, if so, which constants should be defined in that file.

920

enhancement

1305140328886955

1308058627479306

libdns++

medium

UnAssigned

jinmei

assigned

extension to TSIG: support truncated signature

This is a remaining task (for relatively minor cases) of #893 as noted in http://bind10.isc.org/ticket/893#comment:3 We need to support truncated signature in TSIGContext::verify() (and perhaps also in sign() - BIND 9 does something about this in its verify implementation. we need to check). We then need to revert the short term hack (and temporarily disabled tests) made in libcryptolink in #893 and #954.

921

enhancement

1305140551409948

1305295195674457

libdns++

low

jinmei

jinmei

new

extension to TSIG: support signed but no TSIG message over TCP

This is a remaining task (and covering a very minor case) of #893 as noted in http://bind10.isc.org/ticket/893#comment:3 This could probably have a very low priority. There’s probably no implementation of the sender side that does this. If so, the only meaning of implementating this is to be feature complete as a reference implementation of the protocol.

923

enhancement

1305226590899704

1305272688701612

logging

medium

vorner

new

Create a cross-breed between isc_throw and LOG_ERROR macro.

We often need to log an error message and throw an exception at the same place. We also generate similar message for them. So the proposal is to create a macro that creates the message like for logging (with the message ID and formatting), logs it and then throws an exception with the same message as one command.

932

defect

1305617161312654

1339226208051796

libdns++

medium

UnAssigned

jinmei

assigned

overall cleanups (including real bug fixes) for pydnspp

As I pointed out in #905, the current implementation of pydnspp seems to be fragile and contains some real bugs like memory leak or propagating C++ exceptions. I’d suggest applying overall cleanup using tools in src/lib/util/python to make the code more robust.

933

enhancement

1305617411892712

1344438451664443

documentation

medium

jreed

jinmei

assigned

introduce a framework to convert from doxygen to pydoc

I’d propose introducing a tool to convert XML output from doxygen to a template of embedded documentation string for our python bindings. This will help improve documentation of the python binding (specifically pydnspp) to the quality of pretty close to that of the original C++ doxygen doc. I’ve written a mostly complete python script to this job. So this ticket will be just to complete the work and get it reviewed and merged.

934

enhancement

1305617767636295

1306402982030665

libdns++

medium

UnAssigned

jinmei

assigned

use real constants (instead of proxy factory) in pydnspp

I noticed that pydnspp uses many proxy factory functions for constant objects like RRType.AAAA (), RRClass.IN(). In Python we don’t have to do that because there’s no worry for static initialization fiasco (which is the reason why we use the proxy functions in C++). We can simply define RRType.AAAA, etc, as class constant in initialization and use it throughout our applications. That will be more intuitive, and will be a bit more efficient (a call to a proxy function always involve an allocation of PyObject and subsequent deallocation; real constants are created only once in initialization). I’d propose making this change in the entire pydnspp. It will require changes to the applications (xfrin.py, etc), but the changes should be pretty straightforward.

935

enhancement

1305618161576064

1306403137199231

documentation

medium

jinmei

new

improve pydnspp documentation

Once #933 is completed and merged, we can use it to improve the actual documentation of our python bindings. I’d propose to create a task for improving pydnspp. Using the auto-generated template, the rest of the work should be a quite straightforward and small set of editorial changes.

941

enhancement

1305796792290507

1331638684393979

Inter-module communication

medium

jelte

new

‘internal’ commands in .spec/modules

There is the need to have ‘internal’ commands; i.e. commands that modules accept, but only from other modules, and not from an administrator. For instance, Xfrin currently has a ‘notify’ command, that is sent from zonemgr. This command is only used on incoming notifies, and for that reason is not in the specfile. However, this means that we have no way to automatically validate the arguments. The proposal is to extend the specification format with a ‘internal’ value for commands, and if this is true, it will not be exported to bindctl etc, but we can add argument validation to moduleccsession.

942

defect

1305796961573817

1306403320569133

Unclassified

medium

jelte

new

filling in default values for command arguments

ModuleCCSession currently offers support for getting the default values of configuration options, should they not be configured explicitely. We need the same for command arguments.

944

task

1305802004391137

1306403386613441

Unclassified

medium

jelte

new

some generalized checks

we don’t really have a python util afaik, but we could use some general set of checks (for instance that an integer is a valid port number, that a string represent a valid domain name, etc.); from #811: “this makes me think that maybe we do need a set of generalized check-calls like is_valid_port_number, etc. Preferably ones that do not raise, but do convert to specific type if necessary (and do provide the error if they can’t)” having a good place to put these and a somewhat general interface for this is more important than providing a complete set of specific checks, we can add them as we encounter the need for them later

948

defect

1305825426209235

1331645709045791

configuration

medium

jreed

new

old Xfrin/master_addr configuration is in the way

This is related to #945. zone-related info is in xfrin, not zonemgr. master_addr is not directly in xfrin anymore, but one of the values of Xfrin/zones. If you have old configuration in place, it gets in the way: > config show Xfrin Xfrin/transfers_in 10 integer (default) Xfrin/zones [] list (default) > config show_json Xfrin {master_addr “192.168.1.1”} I think something should loudly complain. And now bindctl is showing two different sets of values and doesn’t tell me which is real. jelte says I think we should have per-module config version numbers. Here is an example of problem: > config show_json Xfrin {master_addr “192.168.1.1”} > config add Xfrin/zones > config set Xfrin/zones[0]/name foo > config set Xfrin/zones[0]/master_addr 192.168.1.1 > config diff {’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}} > config commit Error: unknown item master_addr Configuration not committed > config show_json Xfrin {zones [{name “foo”, master_addr “192.168.1.1”}]} > config diff {’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}} Looks like “show_json” shows what is not committed yet. It does complain, only way too late. Jelte said “afraid the only quick workaround is to stop bind10 and manually remove that original master_addr from b10-config.db”. So that is what I did. Manually editing the config database is not what we want to do so I am opening ticket.

949

defect

1305839394492086

1331646600577714

build system

low

jreed

shane

new

./configure —prefix change requires “make clean” before “make install”

If I run: ./configure —prefix=OLD make ./configure —prefix=NEW make make install Then the install fails. I can fix it via “make clean” before the second make, but that costs a lot of time and indicates some problem with some dependency.

952

defect

1305896769953683

1394114699762318

Unclassified

medium

UnAssigned

jelte

Common Outstanding Tasks

assigned

msgq/cc multiple reads problem (and bad_alloc in b10-auth upon notify)

in ticket #931, Michal discovered that there is a problem with multiple reads in cc/session. A (partial?) fix was proposed, and a different workaround was counterproposed (see that ticket). However, I also see problems that look like they are caused by the same or a very similar issue; upon notify, sometimes b10-auth aborts with a bad_alloc. The bad_alloc is caused by it trying to create a buffer for a message of which the length was incorrectly read. I think we should have locks around the different reads in session.cc

958

defect

1306144810660046

1306404268369401

Unclassified

low

stephen

new

Provide more information on failing test if exception is thrown

Give more information in a failing test if an isc::Exception-derived exception is thrown. See https://lists.isc.org/pipermail/bind10-dev/2011-January/001891.html for more details.

959

enhancement

1306244936958027

1396529237609820

xfrin

medium

shane

DNS Outstanding Tasks

new

Allow multiple masters for a slave zone

Right now we can only have a single master for a zone. We need to be able to define more than one.

961

enhancement

1306245275716716

1306404102447876

configuration

medium

shane

new

Should be a way to see how to configure something

“help” does not help me to create a secondary zone: > config show Xfrin Xfrin/transfers_in 10 integer (default) Xfrin/zones/ list What is supposed to go in zones? Jelte has a workaround, which is to add a zone then look: > config help Xfrin/zones Error! Unknown parameter ‘Xfrin/zones’ to command ‘help’ of module ‘config’ Command help (Get help for module.) help (Get help for command) No parameters for the command > config add Xfrin/zones > config show Xfrin/zones Xfrin/zones[0]/name “” string (default) Xfrin/zones[0]/class “IN” string (default) Xfrin/zones[0]/master_addr “” string (default) Xfrin/zones[0]/master_port 53 integer (default) Xfrin/zones[0]/tsig_key null string This works okay, but it not ideal. :)

965

defect

1306328078086645

1318411518734941

xfrout

medium

shane

new

Xfrout should not notify itself

I have a machine that gets errors sending notifies to itself: 25-May-2011 12:52:44.878 Xfrout: INFO: sending notify to 78.47.15.240#53 25-May-2011 12:52:44.879 Xfrout: INFO: sending notify to 78.47.15.240#53 25-May-2011 12:52:44.880 Xfrout: INFO: sending notify to 78.47.15.240#53 25-May-2011 12:52:44.881 Xfrout: INFO: sending notify to 78.47.15.240#53 25-May-2011 12:52:44.882 Xfrout: INFO: sending notify to 78.47.15.240#53 25-May-2011 12:52:44.882 Xfrout: INFO: notify to 78.47.15.240#53: retried exceeded The server should be smart enough not to notify itself.

966

enhancement

1306328544150372

1306404156394645

xfrout

medium

shane

new

Notify should be configurable

We should be able to configure notify behavior, both on a server and per-zone level. It should be possible to set explicit IP:port values, as well as something like “figure out from NS RRSET” as a special target. Xfrout/default_notify [ { type } ] Xfrout/zones[0]/notify [ { type, IP, port } ] Xfrout/zones[1]/notify [] Here the default behavior would be to figure out who to notify from the NS RRSET, while the first zone would have only an explicit notify, and the second zone would not send any notifies at all.

968

task

1306332590204165

1331646546535527

build system

low

jreed

shane

new

separate configure.ac into specific .m4 files

From ticket #35: Should we consider moving our specific configure functions into a included m4 file? (at Labs we used a shared acx_nlnetlabs.m4 file, for two reasons, one might not be relevant for us and that is that we shared a lot of functions between different projects, but the other was to keep the main configure.ac more readable).

969

defect

1306336569652746

1306404309122532

bind-ctl

low

jreed

new

non-intuitive bindctl configuration for Auth/listen_on

This is a few problems. I want to be able to just change one default. Testing as non-root. Defaults have port 53 for :: and 127.0.0.1. For testing, I change one to 5300, but commit fails since the other “default” port 53 still does not work: > config set Auth/listen_on[0]/port 5300 > config commit Setting listen addresses: :::5300 0.0.0.0:53 Initialize TCP server at :::5300 Initialize UDP server at :::5300 Initialize TCP server at 0.0.0.0:53 Unable to set new address: Failed to initialize network servers: Permission denied [b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied Error: Server configuration failed: Failed to initialize network servers: Permission denied Configuration not committed It seems like if I change one configuration, then that one configuration should be used. Second problem (starting with my custom config removed so just defaults again): > config remove Auth/listen_on[0] > config diff {’Auth’: {’listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}} > config set Auth/listen_on[1]/port 5300 > config diff {’Auth’: {’listen_on[1]‘: {’port’: 5300}, ‘listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}} > config commit Error: Error in config validation: Unknown item listen_on[1] Configuration not committed I did not immediately realize that listen_on[1] became listen_on[0] Comments from jabber follow: (09:55:07) vorner: jreed: actually, it created new item called listen_on[0], which is a dict and didn’t touch the list in listen_on. And yes, you confused the poor tool. (09:55:56) jelte: well, in this specific case it’s not not intuitive, it’s plain buggy handling that command for an element that doesn’t exist

972

defect

1306350840779360

1392912875881081

resolver

medium

jinmei

DNS Outstanding Tasks

new

Resolver class is not exception safe

As I looked at the code for #971, I noticed another problem in the Resolver class: Its constructor is not exception safe: Resolver::Resolver() : impl), dnss(NULL), checkin), dns_lookup(new MessageLookup(this)), dns_answer, nsas(NULL), cache, configured(false) {} If, for example, “new ConfigCheck” fails, the allocated resource for impl_ will leak. It also looks quite awkward that it has specific member variables even if it adopts the pimpl idiom (although there may be a specific reason that can only be understood via deep understanding of the implementation details). Furthermore, due to the fact that dnss_/nsas_/cache_ are not set (to a non NULL value) at the construction time this class is quite fragile because some methods naively assumes they are non NULL. Example: void Resolver::setForwardAddresses(const AddressList& addresses) { impl_->setForwardAddresses(addresses, dnss_); } I’d suggest heavy refactoring and cleanup for this class so that it will be cleaner and safer.

973

enhancement

1306501010362252

1308579624913495

configuration

low

vorner

new

Separate methods for addRemoteConfig

Currently, there’s one method and it takes a name and a bool parameter. The parameter specifies if the name is filename or modulename (so the spec is loaded from config manager). This design isn’t exactly clean, so it was suggested this might be better separated into two methods (or, alternatively, some other solution might be thought of).

974

enhancement

1306501301050171

1394116792119803

b10-auth

low

vorner

DNS Outstanding Tasks

reopened

Pointer to shared pointer in `Auth::setTSIGKeyRing` is awkward and error prone

As discussed in #931, the design isn’t clean. We should come up with some solution that is simple and elegant.

975

defect

1306501611597398

1392811651433463

Unclassified

medium

vorner

DNS Outstanding Tasks

new

Non-primitive static object `server_common::keyring` is candidate for intialization problems

As noted in #931, this might be problematic if one non-primitive static object uses another one for it’s initialization, as the second one might be yet unitialized. This should be replaced by some function returning the instance or something to prevent such problems.

982

task

1306772645217077

1308064433369781

Unclassified

medium

vorner

new

Named ACL objects

It should be possible for the loader (#978) to remember the ACLs it loaded under a name. It could then either provide them directly or use them for sub-expression loading when the name is used in specification. Note that this needs a cycle protection (see notes at [wiki:AclSyntax]).

984

enhancement

1306828146083423

1308576861650272

Unclassified

medium

shane

new

Get list of zone timers from zonemgr

It would be nice for debugging to get a list of the timers from zonemgr, along with perhaps any other information being tracked (although I think that is it).

986

defect

1306830870989501

1314221339732657

bind-ctl

medium

shane

new

bindctl crash when removing unknown item

I was using a BIND 10 server with an old (pre-2011-05-17) configuration. It has a “master_addr” for all of Xfrin, instead of per-zone. I was unable to commit my database changes because of that: > config commit Error: unknown item master_addr Configuration not committed Here is the old configuration: shane@madras:/opt/bind10/var/bind10-devel$ cat b10-config.db {Xfrin {master_addr “85.17.60.159”}, version 2, Auth {listen_on [ { address “85.17.60.232”, port 53 } ]}} So I decided to remove the offending legacy configuration, with these results: > config unset Xfrin/master_addr Traceback (most recent call last): File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ‘do’ + cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’ During handling of the above exception, another exception occurred: Traceback : File “/opt/bind10/bin/bindctl”, line 138, in tool.run File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run self.cmdloop File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd Cmd.onecmd File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default self.parse_cmd(line) File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd self.handle_cmd(cmd) File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd self.apply_config_cmd(cmd) File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 673, in apply_config_cmd self.config_data.unset(identifier) AttributeError: ’UIModuleCCSession’ object has no attribute ‘unset’

995

enhancement

1306963399183164

1308059157201126

build system

medium

UnAssigned

jinmei

assigned

use “convenience libraries” to share .cc in multiple targets

Currently we compile some .cc files multiple times, once for a main target (such as b10-auth), and in other cases for tests and benchmarks. The additional compilation is simply redundant and (though maybe relatively marginal) contribute to increasing the already large build time of BIND 10. I propose we use the “convenience library” feature of automake to avoid the duplicate compilation. See this link for convenience libraries: http://sourceware.org/autobook/autobook/autobook_92.html (At least in theory) this should be a beneficial (and mostly trivial) change at no risk of regression. Both b10-auth and b10-recurse should be able to benefit from this, and there may be some others.

996

enhancement

1307102047876400

1392912857860556

resolver

medium

jelte

DNS Outstanding Tasks

new

keep track of nameserver ‘capabilities’ in nsas

We should keep track of capabilities of any nameserver in the NSAS. The first thing that comes to mind is whether it supports ENDS0, but also DNSSEC lameness, and path MTU to said server. This would also include either some form of probing if things seem off (while the resolver continues its resolving with another NS), or a direct fallback algorithm in the resolver.

1000

defect

1307560236025600

1392811723634386

Unclassified

medium

jinmei

DNS Outstanding Tasks

new

tools/query_cmp is IPv4 only

We should be ashamed we’re shipping an IPv4-only program even after the world IPv6 day:-)

1002

defect

1307579062301691

1321984100262904

xfrout

medium

jinmei

new

various glitches in notify_out

As I worked on #964 I found various glitches in the notify_out.py implementation. I suspect we’ll soon need fundamentally rewrite of it (even if done incrementally) due to its current overall quality of the code, but here are some specific points as a placeholder: - port number 53 is hardcoded - creating separate sockets for separate notify transaction seems to be a waste - a related note: it’s not clear whether the limit of concurrent of notifies (30) is reasonable. if not, and if we allow a larger number notifies at the same time, the second point will be severer. - it’s so heavily dependent on details of sqlite3 specific code (although not really the problem of notify_out itself) - it cannot send notifies to out-of-zone NSes.

1005

defect

1307630899261306

1310489785238739

logging

medium

jelte

new

check logger names in cfgmgr

You can configure any logger, but if you mistype the name, it will happily create a logger for a module that does not exist, and the ones that do will use defaults. So the plugin config checker should really check the name and see if it makes sense. However, there are a few problems; - right now the way those python checking scripts are called they have no knowledge of what modules there are, so they can’t really check the names of the loggers. - even if they could, you would only be able to configure logging for modules that are running (which is another symptom of the bigger ‘can’t configure non-running modules’) so right now, i think we should modify the calling design so you can actually check, but not error on a ‘wrong’ name, only log an error (yes that sounds weird, in effect this error log message would go to the ‘previous’ config, or the default if nothing has been configured yet).

1007

enhancement

1307670650283458

1308578603334225

Unclassified

medium

zzchen_pku

new

create a higher granularity of exceptions for xfrin/xfrout

See Jinmei’s comments below: xfrin and xfrout use the same single exception in so many places, obscuring the accuracy of test results. When we do self.assertRaises(XfrinException?, xxx), we cannot really be sure if the exception is really triggered at where it should be triggered. We could check the exception error message , but since the error message tends to be modified it will be unstable. I guess we’ll need a higher granularity of exceptions (or sub types of them) for these apps.

1015

task

1308092664999753

1392912833304993

resolver

medium

jinmei

DNS Outstanding Tasks

new

unify configuration/command code for auth and resolver

Looking at the (b10) resolver configuration code, I start feeling we should unify the server configuration code for both b10-auth and b10-resolver (and, probably the DHCP servers eventually). The current implementation for b10-resolver is a big single method that is responsible for everything: parsing config parameters, building internal configuration data from the passed param, and doing this for all parameters in the single function. Clearly this approach won’t scale as we add more parameters. My suggestion is to use the auth/auth_config.{h,cc} and auth/command.{h,cc} by moving them to lib/server_common (and rename them appropriately), adjusting them if necessary so that they can work with the resolver, and have the resolver use it. We should perhaps also consider making the hardcoded factory logic in auth_config.cc:createAuthConfigParser() more generic using this opportunity.

1019

defect

1308243218084975

1310770768972289

Unclassified

medium

jreed

new

catch specific exception types for logging

Continuation from closed #1018… We decided long ago to have unique log IDs. This log ID with “RESOLVER_FAILED”, “resolver failed, reason: %1” generated by src/bin/resolver/main.cc } catch (const std::exception& ex) { LOG_FATAL(resolver_logger, RESOLVER_FAILED).arg(ex.what()); is not unique. From jabber: (11:03:21) jelte: but i agree that the way we handle those catchalls leaves room for improvement, we should catch more specific exception types if we know they can happen

1042

enhancement

1308788003613420

1331739219688546

configuration

medium

cas

new

default value for sysconfdir

sysconfdir is currently set to /usr/local/etc by default. On some installations, the /usr filesystem is mounted read-only having sysconfdir set to /etc by default would align with the standards of other Unix daemons (such as BIND9)

1043

enhancement

1308788231160066

1309434361596028

bind-ctl

medium

cas

new

‘?’ as shortcut for ‘help’

it would be nice if bindctl would support ‘?’ as a shortcut for ‘help’ in the commandline. so ‘config ?’ would be the same as ‘config help’

1046

enhancement

1308789271340013

1332168519954869

bind-ctl

medium

cas

new

command completion/short commands in bindctl

it would be nice to have command completion (tab completion) on the bindctl commandline. shortened commands (similar to the cisco CLI) woudl also be useful: “co s” for “config set” the CLI commands should be selected so that the first chars of each level don’t overlap (‘show’ and ‘show-json’ are colliding, ‘json-show’ would be better, or ‘show-json’>‘show json’ and ‘show’>‘show config’ ), or short ‘s j’ and ‘s c’)

1047

task

1308833593778712

1309442615297978

logging

medium

jelte

new

introspection of current logging settings

When doing #1004, it occurred to me that to efficiently test it, i need to be able to see what the currently set loggers and outputoptions are. This is actually also needed for error recovery (if a new logger setup fails for some reason). The current implementation backend (log4cplus) does allow a list of current loggers to be requested. So we need to (names may be different): - create getCurrentLoggerSpecifications() that reads that out and puts them in a vector (of type LoggerSpecification, including the internal list of OutputOptions) - add equality operators to LoggerSpecification and OutputOptions - add equality for vectors of both (presumably by also adding an ordering to the classes) Then we can add real tests for default_logconfig_update, and make it recover the previous settings if it fails

1049

defect

1308838274465464

1394116412988143

Boss of BIND

medium

jreed

Common Outstanding Tasks

new

Processes not shutting down cleanly

I don’t think bind10 (boss) should fallback to SIGKILL. I see it often on multiple systems. Processes aren’t dieing with SIGTERM. So we brute force them to close. (General a “shutdown” sent over a command channel does work though.) I understand it is useful so everything dies, but it hides problems — why aren’t the processes closing correctly? We shouldn’t ever have real data loss on abrupt shutdown (because we should never respond about success until data has written and synced to final storage. But we do have data loss potential in log messages output. If we SIGKILL we may lose debugging output that may be useful. If the SIGKILL is still desired, please: - don’t do the SIGKILL only .1 second after SIGTERM. Wait much longer. Even check if children are still alive first and then wait a few seconds. - allow option to turn this off. I think that developers should never use SIGKILL or we won’t fix real exit problems.

1054

enhancement

1308919730033434

1394116425521908

Boss of BIND

low

shane

Common Outstanding Tasks

new

Replace get_signame() with errno.errorcode[]

The boss program has a routine to convert a signal number (like 2) into a symbolic name (like ENOENT). This is actually part of the standard errno module in Python, as the errorcode[] array. That should be used instead. http://stackoverflow.com/questions/1546882/how-to-convert-errno-in-unix-to-corresponding-string/1546901#1546901

1055

enhancement

1308925053836560

1330541957376270

logging

medium

shane

new

Utility for logging message maintenance

It would be useful to have a utility to manage our logging messages. It should have the following functionality: * Check that any defined message is actually used somewhere * Check that each message used is defined (a possible problem for Python) * Check that message IDs are not reused

1059

defect

1309224632889037

1309443785624850

xfrout

medium

zzchen_pku

new

notify-out shouldn’t look for slaves directly in the database

jelte’s comments: It is noted by TODO that it shouldn’t look for slaves directly in the database. Certainly true, and I think we might not want the code in notify to look for it at all (but rather have it passed by xfrout, which also has a better chance to discover which slaves it should not send to. I’m mainly thinking of the problem i have right now that my bind10 is sending notifies to itself)

1070

defect

1309258226594693

1309445219733443

logging

low

stephen

new

Automatically update logging test scripts when switching branches

There is another slightly annoying issue, in that the test /src/lib/log/tests/destination_test.sh keeps failing when you switch branches but don’t regenerate them by hand. The same goes for local_file_test.sh and severity_test.sh. Not sure if there is an easy automake target to let config.status update it, but if there is we might want to add that. Certainly not a showstopper though.

1073

defect

1309337746784812

1392912811893692

resolver

low

zhangcuiling

DNS Outstanding Tasks

new

root_addresses settings doesn’t work for resolver

use bind10 updated at this point: Date: Wed Jun 29 01:18:59 2011 +0000 what ip addresses are used by resolver? output of bindctl: > config show Resolver/listen_on Resolver/listen_on[0]/address “10.53.0.8” string Resolver/listen_on[0]/port 53 integer > config set Resolver/root_addresses [{ address “10.53.0.1”, port 53 }] > config commit output of bind10 2011-06-29 16:41:29.896 INFO [b10-resolver.resolver] RESOLVER_SET_ROOT_ADDRESS setting root address 10.53.0.1(53) results of ‘dig’ # dig nocmdnostat 10.53.0.8 example ns -b 127.0.0.1 <br>;; QUESTION SECTION:<br>;example. IN NS<br><br>;; AUTHORITY SECTION:<br>. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062801 1800 900 604800 86400<br><br><br># dig +nocmd +nostat 10.53.0.1 example ns b 127.0.0.1 ;; Got answer: ;;>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40302 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;example. IN NS ;; AUTHORITY SECTION: example. 300 IN NS ns2.example. ;; ADDITIONAL SECTION: ns2.example. 300 IN A 10.53.0.2 # dig nocmdnostat @10.53.0.2 example ns b 127.0.0.1 ;; Got answer: ;;>>HEADER<<- opcode: QUERY, status: NOERROR, id: 56793 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;example. IN NS ;; ANSWER SECTION: example. 300 IN NS ns2.example. example. 300 IN NS ns3.example. ;; ADDITIONAL SECTION: ns2.example. 300 IN A 10.53.0.2 ns3.example. 300 IN A 10.53.0.3

1076

defect

1309340449496557

1361802259331247

bind-ctl

very low

zhangcuiling

new

bindctl exit because of input in wrong format

use bind10 updated at this point: Date: Wed Jun 29 01:18:59 2011 +0000 > config show Resolver// Traceback (most recent call last): File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ’do‘+ cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’ During handling of the above exception, another exception occurred: Traceback : File “./bindctl”, line 138, in tool.run File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run self.cmdloop File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd Cmd.onecmd File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default self.parse_cmd(line) File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd self.handle_cmd(cmd) File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in handle_cmd self.apply_config_cmd File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 626, in apply_config_cmd values = self.config_data.get_value_maps File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 555, in get_value_maps spec_part = find_spec_part, id) File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 174, in find_spec_part cur_el =find_spec_part_single(cur_el, id_parts[–1]) IndexError: list index out of range

1079

defect

1309358894148235

1317201814572258

configuration

medium

jelte

new

bindctl ‘config add ’ should be a bit more lenient

‘config add’ takes a list and a value to add to the list, and the value is optional; if left out it’ll add an item with only defaults It should be a bit more lenient; ‘config add foo/bar[index]’ should also work, possibly checking if ‘index’ is indeed the next available index. This currently fails with a cryptic error message. There is a second problem that ‘config add’ does not work twice in a row (only if you commit in between)

1082

defect

1309386010377587

1332174338040267

logging

medium

jinmei

new

log file isn’t created when running bind10 with -u

If I started BIND10 with ’u bind’ with logging configuration for dumping logs to file: }} The file was not created and I saw this message from liblog4cplus: }} . Even though the directory is writable for the user of bind 2 jinmei bind 512 Jun 29 15:01 /home/jinmei/opt/var/log If I started BIND 10 withoutu bind 10 and with root permission, it created the bind10.log file. If I then changed the owner of the file to “bind”, this file is updated with new logs. These are very strange and inconvenient.

1083

defect

1309386261801153

1332174550140402

logging

medium

jinmei

new

log “destination” is seemingly ignored for some logs

With the logging (to file) setting I showed in #1082, I still see some messages on the console: 2011-06-29 15:07:15.461 INFO [b10-auth.datasrc] DATASRC_CACHE_ENABLE enabling the cache 2011-06-29 15:07:15.883 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created 2011-06-29 15:07:17.206 INFO [b10-auth.auth] AUTH_SERVER_STARTED server stated It’s counter intuive and noisy.

1085

task

1309451005371033

1313508590357376

Unclassified

medium

vorner

new

Document ACLs

We need a user documentation on how they can be specified and used, with some semi-formal definition, examples and list of what can be checked. It probably should be part of the big shipped documentation or a man page for just the ACLs. It should be specific to the DNS ACLs (the library is templated to support quite anything, but that would confuse users).

1087

defect

1309501752485300

1392912787015717

resolver

medium

zhangcuiling

DNS Outstanding Tasks

new

Resolver SERVFAIL when qtype is any

bind10 Resolver SERVFAIL # dig 10.53.0.8 www.google.com any -b 127.0.0.1 <br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com any b 127.0.0.1 ; ;; global options: +cmd ;; Got answer: ;;>>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53505 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN ANY ;; Query time: 61 msec ;; SERVER: 10.53.0.8#53(10.53.0.8) ;; WHEN: Fri Jul 1 14:13:31 2011 ;; MSG SIZE rcvd: 32 actually, it should give several RRs # dig 8.8.8.8 www.google.com any<br><br>; <<>> DiG 9.7.3 <<>> 8.8.8.8 www.google.com any ; (1 server found) ;; global options: +cmd ;; Got answer: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 47961 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN ANY ;; ANSWER SECTION: www.google.com. 86399 IN CNAME www.l.google.com. www.l.google.com. 299 IN A 74.125.71.104 www.l.google.com. 299 IN A 74.125.71.147 www.l.google.com. 299 IN A 74.125.71.105 www.l.google.com. 299 IN A 74.125.71.99 www.l.google.com. 299 IN A 74.125.71.106 www.l.google.com. 299 IN A 74.125.71.103 ;; Query time: 70 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Jul 1 14:13:40 2011 ;; MSG SIZE rcvd: 148 it’s ok when qtype is A # dig 10.53.0.8 www.google.com a -b 127.0.0.1<br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com a b 218.241.111.236 ; ;; global options: +cmd ;; Got answer: ;;>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40138 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 604658 IN CNAME www.l.google.com. www.l.google.com. 158 IN A 74.125.71.147 www.l.google.com. 158 IN A 74.125.71.99 www.l.google.com. 158 IN A 74.125.71.104 www.l.google.com. 158 IN A 74.125.71.105 www.l.google.com. 158 IN A 74.125.71.103 www.l.google.com. 158 IN A 74.125.71.106 ;; Query time: 0 msec ;; SERVER: 10.53.0.8#53(10.53.0.8) ;; WHEN: Fri Jul 1 14:13:54 2011 ;; MSG SIZE rcvd: 148

1088

task

1309517678383962

1394116491409821

Boss of BIND

medium

jelte

Common Outstanding Tasks

new

test(s) for bind10.py’s main loop

ticket #758 changed the behaviour of bind10.py’s main loop a little bit (actually stop if the msgq socket disappears), but there’s no test for that, and bind10.py needs a bit of refactoring in order to reach that part. We should pull the actual loop out of the current function and add tests for it

1089

defect

1309872492881989

1392912764692526

resolver

low

jreed

DNS Outstanding Tasks

new

RESOLVER_NO_ROOT_ADDRESS log message in forwarding mode

I don’t think the RESOLVER_NO_ROOT_ADDRESS log warning makes sense in forwarding mode. But since it is a “WARNING” it should be looked at by the admin.

1092

defect

1309886155365208

1361955325493727

Unclassified

medium

UnAssigned

jreed

assigned

NSAS_INVALID_RESPONSE is internal error?

My resolver logs are full of entries like the following: 2011-07-05 15:58:30.997 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for l.gtld-servers.net. but got invalid response 2011-07-05 15:58:31.000 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for aloe.arin.net. but got invalid response 2011-07-05 15:58:31.001 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for y.arin.net. but got invalid response 2011-07-05 15:58:31.019 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for e2.nstld.com. but got invalid response … 2011-07-05 16:34:07.448 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns1.pbi.NET. but got invalid response 2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS2.SWBELL.NET. but got invalid response 2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS1.SWBELL.NET. but got invalid response 2011-07-05 16:34:07.534 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS3.SBCGLOBAL.NET. but got invalid response I looked in log messages guide since this error was too vague to be useful to me. The messages guide says “This message indicates an internal error in the NSAS. Please raise a bug report.” So here is the report :)

1094

defect

1309950570517250

1392912750970695

resolver

low

stephen

DNS Outstanding Tasks

new

Separate programmer error from user error when processing configuration message

In the resolver (resolver.cc), the message RESOLVER_CONFIG_ERROR is output when an exception is caught during a configuration update. The exception may be the result of an error in the configuration message itself or an incorrect value that has been caught by a range check. Different messages should be output in the two cases as the corrective action for each is different.

1095

defect

1309952707175066

1392912730782253

resolver

low

stephen

DNS Outstanding Tasks

new

Log sender of NOTIFY queries to resolver

Specifically this is aimed at the resolver and the RESOLVER_NOTIFY_RECEIVED debug message. The message should include the IP address of the sender of the NOTIFY. (see #1078)

1098

defect

1309988686279777

1394116802333132

b10-auth

low

shane

DNS Outstanding Tasks

new

AuthCommandTest.loadUnreadableZone succeeds when run as root

I had the following test fail: [ RUN ] AuthCommandTest.loadUnreadableZone command_unittest.cc:58: Failure Value of: rcode Actual: 0 Expected: expected_code Which is: 1 [ FAILED ] AuthCommandTest.loadUnreadableZone (25 ms) This happens if the tests run as root, because the test creates a file with 000 permissions, which root can read anyway. Jinmei suggests just giving a non-existent file may be a better way that doesn’t depend on any particular permissions.

1103

defect

1310402021665576

1311341770675316

Unclassified

medium

jelte

new

catching import error in python libs

In some of the libraries, import errors (mainly for pydnspp, but also for a few others) are caught, at which point an error is printed. While converting to the new logging system we encountered a problem (see the comments in #763); the logging system is most likely not initialized More generally, we shouldn’t just log an error, as this is a fatal problem (it’ll crash the moment it needs said library anyway), so we should let it fail immediately anyway. src/lib/python/isc/notify/notify_out.py has a comment here now, but the rest of the libraries need to be checked as well.

1105

enhancement

1310473722839822

1310474454221938

libdns++

very low

UnAssigned

shane

assigned

RR type implementation: MD

Implement the obsolete MD type, from RFC 1035. See ticket #809 for more discussion.

1106

enhancement

1310473785333211

1313582676381837

libdns++

very low

UnAssigned

shane

new

RR type implementation: MF

Implement the obsolete MF type, from RFC 1035. See ticket #809 for more discussion.

1107

enhancement

1310473853848925

1313582681893664

libdns++

very low

UnAssigned

shane

new

RR type implementation: MB

Implement the experimental MB type, from RFC 1035. See ticket #809 for more discussion.

1108

enhancement

1310473955423418

1313582686292099

libdns++

very low

UnAssigned

shane

new

RR type implementation: MG

Implement the experimental MG type, from RFC 1035. See ticket #809 for more discussion.

1109

enhancement

1310474201832276

1313582691197308

libdns++

very low

UnAssigned

shane

new

RR type implementation: MR

Implement the experimental MR type, from RFC 1035. See ticket #809 for more discussion.

1110

enhancement

1310474284398978

1313582695437207

libdns++

very low

UnAssigned

shane

new

RR type implementation: NULL

Implement the experimental NULL type, from RFC 1035. See ticket #809 for more discussion.

1111

enhancement

1310474403634561

1313582537504788

libdns++

low

UnAssigned

shane

new

RR type implementation: WKS

Implement the obsolete WKS type, from RFC 1035. See ticket #809 for more discussion.

1115

enhancement

1310474824660331

1313582557711430

libdns++

low

UnAssigned

shane

new

RR type implementation: X25

Implement the X25 type, from RFC 1183. See ticket #809 for more discussion.

1116

enhancement

1310474895547774

1313582562531717

libdns++

low

UnAssigned

shane

new

RR type implementation: ISDN

Implement the ISDN type, from RFC 1183. See ticket #809 for more discussion.

1117

enhancement

1310474945010499

1313582567266142

libdns++

low

UnAssigned

shane

new

RR type implementation: RT

Implement the obsolete RT type, from RFC 1183. See ticket #809 for more discussion.

1118

enhancement

1310474993156733

1313582700717027

libdns++

very low

UnAssigned

shane

new

RR type implementation: NSAP

Implement the NSAP type, from RFC 1706. See ticket #809 for more discussion.

1119

enhancement

1310475065968108

1313582704985366

libdns++

very low

UnAssigned

shane

new

RR type implementation: NSAP-PTR

Implement the obsolete NSAP-PTR type, from RFC 1348. See ticket #809 for more discussion.

1120

enhancement

1310475159294084

1313582575283701

libdns++

low

UnAssigned

shane

new

RR type implementation: SIG

Implement the SIG type, from RFC 4034, RFC 3755, and RFC 2535. See ticket #809 for more discussion.

1121

enhancement

1310475443187757

1313582580513220

libdns++

low

UnAssigned

shane

new

RR type implementation: KEY

Implement the obsolete KEY type, from RFC 4034, RFC 3755, and RFC 2535. See ticket #809 for more discussion.

1122

enhancement

1310475517598220

1313582585337682

libdns++

low

UnAssigned

shane

new

RR type implementation: PX

Implement the PX type, from RFC 2163. See ticket #809 for more discussion.

1123

enhancement

1310475767183953

1313582590248389

libdns++

low

UnAssigned

shane

new

RR type implementation: GPOS

Implement the GPOS type, from RFC 1712. See ticket #809 for more discussion.

1124

enhancement

1310475871076257

1313582594865796

libdns++

low

UnAssigned

shane

new

RR type implementation: LOC

Implement the obsolete LOC type, from RFC 1876. See ticket #809 for more discussion.

1125

enhancement

1310475920791835

1313582709246387

libdns++

very low

UnAssigned

shane

new

RR type implementation: NXT

Implement the obsolete NXT type, from RFC 3755 and RFC 2535. See ticket #809 for more discussion.

1126

enhancement

1310476004246675

1313582713481903

libdns++

very low

UnAssigned

shane

new

RR type implementation: EID

Implement the proposed EID type. I think this is the document that describes it: http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt See ticket #809 for more discussion.

1127

enhancement

1310476068410202

1313517185584957

libdns++

very low

UnAssigned

shane

new

RR type implementation: NIMLOC

Implement the proposed NIMLOC type. I think this is the document that describes it: http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt See ticket #809 for more discussion.

1129

enhancement

1310476252872049

1313582618639231

libdns++

low

UnAssigned

shane

new

RR type implementation: ATMA

Implement the ATMA type, described here: http://broadband-forum.org/ftp/pub/approved-specs/af-saa-0069.000.pdf See ticket #809 for more discussion.

1131

enhancement

1310476401657054

1313582624301884

libdns++

low

UnAssigned

shane

new

RR type implementation: KX

Implement the KX type, from RFC 2230. See ticket #809 for more discussion.

1132

enhancement

1310476477176274

1313582628590271

libdns++

low

UnAssigned

shane

new

RR type implementation: CERT

Implement the CERT type, from RFC 4398. See ticket #809 for more discussion.

1133

enhancement

1310476544073758

1313517163948594

libdns++

very low

UnAssigned

shane

new

RR type implementation: A6

Implement the experimental A6 type, from RFC 3226 RFC 2874. See ticket #809 for more discussion.

1134

enhancement

1310476695279842

1313517007876097

libdns++

very low

UnAssigned

shane

new

RR type implementation: SINK

Implement the proposed SINK type. I think this describes it: http://tools.ietf.org/html/draft-eastlake-kitchen-sink-02 See ticket #809 for more discussion.

1135

enhancement

1310476782132668

1313582633294354

libdns++

low

UnAssigned

shane

new

RR type implementation: APL

Implement the APL type, from RFC 3123. See ticket #809 for more discussion.

1137

enhancement

1310476893334020

1313582642428401

libdns++

low

UnAssigned

shane

new

RR type implementation: IPSECKEY

Implement the IPSECKEY type, from RFC 4025. See ticket #809 for more discussion.

1139

enhancement

1310477088100786

1313582646855862

libdns++

low

UnAssigned

shane

new

RR type implementation: HIP

Implement the HIP type, from RFC 5205. See ticket #809 for more discussion.

1141

enhancement

1310478266979453

1313582651581469

libdns++

low

UnAssigned

shane

new

RR type implementation: TKEY

Implement the TKEY type, from RFC 2930. See ticket #809 for more discussion.

1142

enhancement

1310478398223087

1313516994898133

libdns++

very low

UnAssigned

shane

new

RR type implementation: MAILB

Implement the obsolete MAILB type, from RFC 1035. See ticket #809 for more discussion.

1143

enhancement

1310478470861172

1313516980715064

libdns++

very low

UnAssigned

shane

new

RR type implementation: MAILA

Implement the obsolete MAILA type, from RFC 1035. See ticket #809 for more discussion.

1146

defect

1310504783125117

1311345305995875

xfrout

low

vorner

new

Stop hiding errors in XfrOut

There’s this statement in the `xfrout.py.in` file: #!python try: from libutil_io_python import from pydnspp import except ImportError as e: # C++ loadable module may not be installed; even so the xfrout process # must keep running, so we warn about it and move forward. log.error(XFROUT_IMPORT, str(e)) This makes sure the process is started even if the DNS library can not be loaded. In such case, the process will be useless, because it won’t understand any requests and this exceptions only masks the real problem (the library is not properly installed or the installation is corrupt), pretending everything is OK and just not answering the queries. Besides having these bad properties, hiding errors in code kind of smells. As noted in the https://lists.isc.org/pipermail/bind10-dev/2011-July/002477.html email discussion, this is here because if there’s a problem, the boss keeps restarting it, which is annoying. But I believe this is problem of Boss, not every program that has a fatal unrecoverable problem. So I suggest we remove this thing and make XfrOut crash if it can’t perform its goal as every well behaved program.

1147

defect

1310505448222589

1394116504566314

Boss of BIND

low

vorner

Common Outstanding Tasks

new

Boss should give up after n unsuccessful attempts to start a module

If a module has a fatal problem and can not be started (eg. it crashes right after being started), boss keeps restarting it and is „jumping“. This isn’t a serious problem, but it eats resources unnecessarily and is annoying, because it fills logs. This sometimes leads to workarounds like the one in #1146. I suggest that if the started process dies in 10s from being started, we count it as an unsuccessful attempt to start it. If we do 5 of them in a row (without a successful one), we give up more attempts to start it, since it’s hopeless (for some value of 10 and 5). Then we would add a command an admin could use to ask boss to try again (after the admin thinks the problem was fixed) ‒ reset the count of unsuccessful attempts to 0 again.

1151

enhancement

1310765542268192

1310765542268192

xfrout

medium

jinmei

new

xfrout log should better include remote addresses

Currently xfrout’s log doesn’t show the remote address of xfr: 2011-07-15 02:36:05.649 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_STARTED transfer of zone jinmei.org./IN has started 2011-07-15 02:36:05.835 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_DONE transfer of jinmei.org./IN complete it is inconvenient. Once we merge #772, we can easily get access to the information of the remote address, so I propose including this information in logs wherever possible (not only for the above cases).

1156

enhancement

1311251670908353

1311345273476582

build system

medium

UnAssigned

shane

new

Script like ./configure which checks for libraries needed by BIND 10

We should make a script which works roughly like ./configure, but does not exit when it discovers a missing dependency. Instead it should report all missing dependencies. See the discussion here: http://bind10.isc.org/wiki/WeeklyMinutes20110719#DependencyManagementfromJinmei And the e-mail here: https://lists.isc.org/pipermail/bind10-dev/2011-July/002527.html For more information.

1158

defect

1311618412847778

1331918709253972

build system

medium

UnAssigned

jinmei

new

suggestion: avoid OS-specific switch in configure.ac

I noticed that in #1155 the following change was introduced to configure.ac: *solaris*) # In Solaris, IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT needWno-missing-braces B10_CXXFLAGS=“$B10_CXXFLAGS Wno-missing-braces" ;; I have a few concerns with this approach: In general, such OS specific switch is discouraged in autoconf. And, in fact, not all Solaris versions/installments have this problem as some of our buildbot showed. For such”cleaner" Solaris, this setting weakens compiler warning unnecessarily. A better test is to use AC_TRY_COMPILE with using the offending IN6ADDR_ macros and specify Wno-xxx only when it’s necessary. If I understand it correctly, this problem happens only where ASIO headers are directly included (mainly in libasiolink and libasiodns, with (inappropriate) a couple of possible exceptions). We should limit the place of weakening the warning to where it’s absolutely necessary.

1159

enhancement

1311861739400418

1312308273961656

data source

low

vorner

new

Make InMemoryClient::addZone take only InMemoryZoneFinder

Currently whatever zone finder can be stored there, which isn’t logical. But currently some tests (eg. for auth/query.cc) uses this to put mock zones in there. The tests should be changed to use mock client as well. See ticket #1060, comment 9 at the bottom.

1164

enhancement

1312323618366572

1392837303705767

ACL

medium

jinmei

DNS Outstanding Tasks

new

TSIG ACL should avoid matching TSIG key without validation

This is an open issue carried over from #1104. See the discussion at around http://bind10.isc.org/ticket/1104#comment:10 (look for “possilbe open issue”) and its follow ups. We should resolve this to make the operation safer. It may require some modifications to libdns++ TSIG APIs.

1169

defect

1313068383649776

1318437718131465

Unclassified

medium

jreed

new

some processes not exiting

I killed msgq… a little later bind10 parent exited. Some child processes were still left running: root 1791 0.0 0.3 15724 3348 ttyp4 Il Fri08AM 0:17.10 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-zonemgr root 3985 0.0 0.3 23188 3300 ttyp4 Il Fri08AM 0:00.40 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-xfrout root 4343 0.0 0.0 22268 3436 ttyp4 IWl Fri08AM 0:01.01 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-cmdctl root 15861 0.0 0.0 3856 4 ttyp4 IW Fri08AM 0:00.01 b10-sockcreator A SIGTERM killed sockcreator and cmdctl for me. I used SIGKILL to kill the zonemgr and xfrout. I did a ktrace but didn’t get any output. If anyone can share ideas on how to see where it is hanging (this is NetBSD), I can reproduce and provide more details.

1170

defect

1313072726548271

1392912709545070

resolver

low

shane

DNS Outstanding Tasks

new

TTL checks in resolver tests may be too restrictive

Jeremy pointed out a recent test failure: http://git.bind10.isc.org/~tester/builder//BIND10-systest/20110811124500-MacOS/logs/unittests.out Looked at the tests, and it seems like all of the values for TTL are based on whole second values. This means that if a test happens to run near the end of a given second, that the second may change during that second, and the TTL should go down by 1, as we see there. Note that this theory may be based on my poor understanding of how TTLs are tracked!

1173

defect

1313113829125671

1339225960135291

data source

medium

jinmei

new

DatabaseClientTest should also check best match for findZone

For example, the mock abstraction (or accessor) should support both “org” and “example.org”, and there should be a test checking findZone(“example.org”) should return a finder for “example.org”, not “org”. Same for “sub.example.org” to check it’s not only the case for an exact match. It should be quite easily be fixed. I consider it a kind of defect in that it’s a missing test case.

1185

defect

1313590040885055

1392912692217191

resolver

low

jreed

DNS Outstanding Tasks

new

Resolver/listen_on should not require a port

Port 53 should be a default and should not be required, for example this shows the problem: > config add Resolver/listen_on > config set Resolver/listen_on[2]/address “149.20.57.219” > config commit Error: Address must contain both the IPaddress and port Configuration not committed > config set Resolver/listen_on[2]/port 5301 > config commit

1188

enhancement

1314011547203507

1314258898983642

data source

medium

jelte

new

performance consideration in getRecords()/getAllRecords()

(this came out of discussion in #1083) Currently, in the refactored data source code, the sqlite version creates individual sqlite3_stmt structures for each call to getRecords() and getAllRecords(). This is pretty clean (as they are also finalized on the same level), and allows for multiple iterators over the data at the same time. However, should we not need that property, it is not necessary to prepare() the query for each statement, so we may want to reconsider this if we are looking for performance improvements.

1189

defect

1314023743154128

1327506596492553

logging

low

jreed

new

log output to console buffering

I was capturing stderr and stdout (tee’d into a file). After I enabled debug 100. And then did a tail of my output, no change. Then I did the dig resulting in a SERVFAIL and then my output suddenly had all the output over the past 5+ hours. Also sometimes log output wasn’t complete (like no newline). So some buffering problems when outputting to stdout or stderr. The following is from jabber: (05:48:33) stephen: I’ve had a very quick look at the log4cplus code and it appears logging output to the console ultimately ends up as a standard C+ call, something along the lines of “cerr << text”. stephen: So if there are problems with flushing buffers and the like, it points to a problem in the C+ library on that system. What operating system did these problems occur on? (05:49:43) jreed: I am surprised I needed to set flush to true. Not useful default for this. (05:49:58) jreed: This is on Debian Linux. (git.bind10.isc.org) (05:50:21) stephen: Hmm… (05:50:59) stephen: AFAIK, when logging to stderr you should not have to flush after each write, it is done for you. (05:51:34) jreed: The default is stdout. (05:51:59) jreed: If changing that fixes it, then that is fine. But too many things to change already. (05:52:14) stephen: Perhaps we ought to make stderr the default.

1191

defect

1314027258905447

1377700979401284

logging

low

jreed

new

logging needs “name”

> config add Logging/loggers > config set Logging/loggers[0]/severity DEBUG > config show Logging/loggers Logging/loggers[0]/name “” string (default) Logging/loggers[0]/severity “DEBUG” string (modified) Logging/loggers[0]/debuglevel 0 integer (default) Logging/loggers[0]/additive false boolean (default) Logging/loggers[0]/output_options [] list (default) > config set Logging/loggers[0]/debuglevel 100 > config show Logging/loggers[0]/output_options Logging/loggers[0]/output_options [] list (default) > config show Logging/loggers[0]/output_options/ Logging/loggers[0]/output_options/ [] list (default) > config commit Error: Exception: ‘name’ Configuration not committed Fixed with: > config set Logging/loggers[0]/name * > config commit In jabber, jelte said: (11:46:04) jelte: that’s an uncaught exception somewhere (and hence no decent error) (11:47:04) jelte: from the fix i gather the error should be “name must be set” :) I think it should just use some default for name (if not defined).

1196

defect

1314223320252340

1336072586386422

Unclassified

medium

jreed

new

respond using same source address

$ dig 2001:04f8:3:d::95 bind10.isc.org <br>;; reply from unexpected source: 2001:4f8:3:d::80#53, expected 2001:4f8:3:d::95#53<br><br><br><br>or<br><br><br><br>$ dig 149.20.48.80 bind10.isc.org ;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53 ;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53 I will copy some from jabber: (12:43:11) jinmei: in general, a DNS server implementation must either listen on a specific address or use the IPv6 pkthdr API to ensure query dest addr = response src addr. … (12:54:48) shane: Yes, I agree. Probably we can use the work of the DHCP team to give us interfaces and we can bind to them. (12:55:49) vorner: Can we add and remove them (eg. get notified of addition and removal) of interface at runtime? Because when I instruct it to bind to , I mean even future. (12:56:03) shane: Yes, that’s the idea. (12:56:36) shane: BIND 9 works that way; apparently IPv6 in Linux is a lot faster if you bind to specific interfaces instead of the wildcard. (12:56:46) shane: At least, it was in the past… not sure about now. … (13:04:45) jinmei: the solutions may be different for IPv4 and IPv6: for IPv6 we could use the help of API (with possible performance implication as Shane noted); for IPv4 there’s a similar API but it’s not so commonly available, we should probably need to introduce interface (address) scanning mechanism and listen-on every one of them as we find a new one. (13:05:57) jinmei: FYI: this is what BIND9 does. (13:06:57) shane: The DHCP code in BIND 10 already uses the technique, if you are interested to see how it works. (13:07:03) shane: (It’s DHCPv6 only right now.) (13:07:28) vorner: The scanning of IPv4 could be directly borrowed from bind9, no? (13:10:31) jinmei: in its essence, yes, I think so.

1203

defect

1314714317047834

1315225670073954

bind-ctl

medium

jreed

new

bindctl crash when setting a list item (under another list item) without using a index number

I can reproduce with: config set Logging/loggers[0]/output_options/flush true (assumimg the Logging/loggers[0] was already added. Note I forgot to add [0] for output_options[0] here. > config set Logging/loggers[0]/output_options flush Error: flush is not a list > config add Logging/loggers[0]/output_options > config show Logging/loggers[0]/output_options Logging/loggers[0]/output_options[0]/destination “console” string (default) Logging/loggers[0]/output_options[0]/output “stdout” string (default) Logging/loggers[0]/output_options[0]/flush false boolean (default) Logging/loggers[0]/output_options[0]/maxsize 0 integer (default) Logging/loggers[0]/output_options[0]/maxver 0 integer (default) > config set Logging/loggers[0]/output_options/flush true Traceback (most recent call last): File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ’do‘+ cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’ During handling of the above exception, another exception occurred: Traceback : File “work/isc/bind10-install/bin/bindctl”, line 149, in tool.run File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run self.cmdloop File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 452, in onecmd Cmd.onecmd File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 418, in default self.parse_cmd(line) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 556, in parse_cmd self.handle_cmd(cmd) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd self.apply_config_cmd(cmd) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 680, in apply_config_cmd self.config_data.set_value(identifier, parsed_value) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/config_data.py”, line 671, in set_value isc.cc.data.set(self._local_changes, identifier, value) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/data.py”, line 214, in set cur_el[id] = value TypeError: list indices must be integers, not str

1204

task

1314775155328362

1315225703396808

xfrout

low

jreed

new

setup a IXFR-only testing

Use BIND 9 to do IXFR only back and forth with our b10-xfrout and b10-xfrin. Automate this for new BIND 10 code.

1205

task

1314780064053048

1318350741680172

configuration

low

jreed

new

Import and export configurations from/to different JSON file

Create commands to import and export configurations from/to different JSON file. Or single command to set the filename. This would be done via bindctl and used by cfgmgr. In tandem with this, we will need a “check” function. Possibly each module would have its own check function. Need to be able to check even if process (module) is not running.

1211

task

1315387617660619

1396529246918315

xfrin

medium

stephen

DNS Outstanding Tasks

new

AXFR system test specification

Review [http://tools.ietf.org/html/rfc5936 RFC 5936] (the description of AXFR) and produce the specification for a set of system tests to check the implementation of AXFR-in and AXFR-out.

1214

task

1315389768523232

1318350619573428

Unclassified

medium

stephen

new

Implement AXFR system tests

This depends on #1211. It may be possible to re-use the BIND 9 tests for AXFR.

1219

defect

1315486600770106

1394116513993003

Boss of BIND

medium

jreed

Common Outstanding Tasks

new

ccsession error from boss when cfgmgr can’t parse its configuration

When the cfgmgr can’t parse its configuration, boss will kill all its processes which are sockcreator, msgq, and cfgmgr. But then it complains: 2011-09-07 17:16:45.476 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during startup: Unable to start ccsession: No answer from ConfigManager when asking about Remote module Logging This error is confusing. I don’t think it should happen.

1221

enhancement

1315492060598643

1392912675752174

resolver

very low

jreed

DNS Outstanding Tasks

new

log when changing / adding address

I had no default logging when I did: > config set Resolver/listen_on[1]/address “0.0.0.0” > config commit (sockstat and dig showed me it worked.)

1222

defect

1315493252698584

1392812456460100

resolver

high

jreed

DNS Outstanding Tasks

new

resolver problems with IPv6

I often have SERVFAILs when some nameservers are AAAA. But sometime later queries are successful. For example: $ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org ; (1 server found) ;; global options: printcmd ;; Got answer: ;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 18552 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bind10.isc.org. IN A ;; Query time: 4023 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Sep 8 09:41:12 2011 ;; MSG SIZE rcvd: 32 4.04s real 0.01s user 0.00s system $ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org ; (1 server found) ;; global options: printcmd ;; Got answer: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 12394 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 8, ADDITIONAL: 13 ;; QUESTION SECTION: ;bind10.isc.org. IN A ;; ANSWER SECTION: bind10.isc.org. 3600 IN A 149.20.48.40 ;; AUTHORITY SECTION: isc.org. 86396 IN NS sfba.sns-pb.isc.org. isc.org. 86396 IN NS ns.isc.afilias-nst.info. isc.org. 86396 IN NS ams.sns-pb.isc.org. isc.org. 86396 IN NS ord.sns-pb.isc.org. bind10.isc.org. 3600 IN NS ord.sns-pb.isc.org. bind10.isc.org. 3600 IN NS n10.isc.org. bind10.isc.org. 3600 IN NS ams.sns-pb.isc.org. bind10.isc.org. 3600 IN NS sfba.sns-pb.isc.org. ;; ADDITIONAL SECTION: ams.sns-pb.isc.org. 86396 IN A 199.6.1.30 ams.sns-pb.isc.org. 86396 IN AAAA 2001:500:60::30 ord.sns-pb.isc.org. 86396 IN A 199.6.0.30 ord.sns-pb.isc.org. 86396 IN AAAA 2001:500:71::30 sfba.sns-pb.isc.org. 86396 IN A 149.20.64.3 sfba.sns-pb.isc.org. 86396 IN AAAA 2001:4f8:0:2::19 ams.sns-pb.isc.org. 7200 IN A 199.6.1.30 ams.sns-pb.isc.org. 7200 IN AAAA 2001:500:60::30 n10.isc.org. 7200 IN A 149.20.48.59 ord.sns-pb.isc.org. 7200 IN A 199.6.0.30 ord.sns-pb.isc.org. 7200 IN AAAA 2001:500:71::30 sfba.sns-pb.isc.org. 7200 IN A 149.20.64.3 sfba.sns-pb.isc.org. 7200 IN AAAA 2001:4f8:0:2::19 ;; Query time: 2151 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Sep 8 09:41:14 2011 ;; MSG SIZE rcvd: 487 2.17s real 0.00s user 0.00s system And the logging: 2011-09-08 09:41:00.019 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20110809) 2011-09-08 09:41:00.025 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser 2011-09-08 09:41:00.031 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq 2011-09-08 09:41:00.258 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr 2011-09-08 09:41:01.267 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession 2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_READING_BOSS_CONFIGURATION reading boss configuration 2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_AUTH start authoritative server: False 2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_RESOLVER start resolver: True 2011-09-08 09:41:01.297 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver 2011-09-08 09:41:01.304 2011-09-08 09:41:01.345INFO INFO [ b10-boss.boss [] b10-resolver.resolverBIND10_STARTING_PROCESS starting process b10-stats] RESOLVER_STARTING starting resolver with command line ‘b10-resolver -v’ 2011-09-08 09:41:01.3532011-09-08 09:41:01.354 INFODEBUG [ [b10-resolver.resolverb10-boss.boss] ] RESOLVER_CREATED main resolver object createdBIND10_STARTING_PROCESS starting process b10-stats-httpd 2011-09-08 09:41:01.449 2011-09-08 09:41:01.455DEBUG [INFOb10-resolver.cache ] CACHE_RESOLVER_INIT initializing resolver cache for class IN [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cmdctl 2011-09-08 09:41:01.532 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 20000 RRsets of class IN 2011-09-08 09:41:01.533 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 10000 RRsets of class IN 2011-09-08 09:41:01.534 DEBUG [b10-resolver.cache] CACHE_MESSAGES_INIT initialized message cache for 10000 messages of class IN 2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_MSG updating message for ./NS/IN 2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_MESSAGES_UPDATE updating message entry ./NS/IN 2011-09-08 09:41:01.538 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache 2011-09-08 09:41:01.539 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache 2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for ./NS/IN in cache 2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache 2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache 2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./A/IN in cache 2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache 2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache 2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./AAAA/IN in cache 2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for ./NS/IN 2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key .2 2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache 2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache 2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ./NS/IN to make space for new one 2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./A/IN 2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.1 2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache 2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache 2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./A/IN to make space for new one 2011-09-08 09:41:01.545 INFO [b10-boss.boss] BIND10_STARTUP_COMPLETE BIND 10 started 2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./AAAA/IN 2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.28 2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache 2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache 2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./AAAA/IN to make space for new one 2011-09-08 09:41:01.546 DEBUG [b10-resolver.resolver] RESOLVER_SERVICE_CREATED service object created 2011-09-08 09:41:01.548 DEBUG [b10-resolver.cc] CC_ESTABLISH trying to establish connection with message queue daemon at /home/reed/work/isc/bind10-install/var/bind10-devel/msgq_socket 2011-09-08 09:41:01.606 DEBUG [b10-resolver.cc] CC_ESTABLISHED successfully connected to message queue daemon 2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_SUBSCRIBE subscribing to communication group Resolver 2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “module_spec”, { commands [ { command_args [ ], command_description “Shut down recursive DNS server”, command_name “shutdown” } ], config_data [ { item_default 2000, item_name “timeout_query”, item_optional false, item_type “integer” }, { item_default 4000, item_name “timeout_client”, item_optional false, item_type “integer” }, { item_default 30000, item_name “timeout_lookup”, item_optional false, item_type “integer” }, { item_default 3, item_name “retries”, item_optional false, item_type “integer” }, { item_default [ ], item_name “forward_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ ], item_name “root_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { address “::1”, port 53 }, { address “127.0.0.1”, port 53 } ], item_name “listen_on”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { action “ACCEPT”, from “127.0.0.1” }, { action “ACCEPT”, from “::1” } ], item_name “query_acl”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “rule”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “action”, item_optional false, item_type “string” }, { item_default “,”item_name “from”, item_optional false, item_type “string” } ] } } ], module_description “Recursive service”, module_name “Resolver” } ] }’ to group ‘ConfigManager’ 2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message 2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 0, seq 8, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0 ] }’) 2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’ 2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message 2011-09-08 09:41:01.717 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 1, seq 9, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] } ] }’) 2011-09-08 09:41:01.717 DEBUG [b10-resolver.resolver] RESOLVER_CONFIG_UPDATED configuration updated: { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] } 2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to 2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53 2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 0.0.0.0#53 2011-09-08 09:41:01.719 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured 2011-09-08 09:41:01.719 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_SETUP query setup 2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_module_spec”, { module_name “Logging” } ] }’ to group ‘ConfigManager’ 2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message 2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 2, seq 10, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { commands [ ], config_data [ { item_default [ ], item_name “loggers”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “logger”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “name”, item_optional false, item_type “string” }, { item_default “INFO”, item_name “severity”, item_optional false, item_type “string” }, { item_default 0, item_name “debuglevel”, item_optional false, item_type “integer” }, { item_default false, item_name “additive”, item_optional false, item_type “boolean” }, { item_default [ ], item_name “output_options”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “output_option”, item_optional false, item_type “map”, map_item_spec [ { item_default “console”, item_name “destination”, item_optional false, item_type “string” }, { item_default “stdout”, item_name “output”, item_optional false, item_type “string” }, { item_default false, item_name “flush”, item_optional false, item_type “boolean” }, { item_default 0, item_name “maxsize”, item_optional false, item_type “integer” }, { item_default 0, item_name “maxver”, item_optional false, item_type “integer” } ] } } ] } } ], module_description “Logging options”, module_name “Logging” } ] }’) 2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Logging” } ] }’ to group ‘ConfigManager’ 2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message 2011-09-08 09:41:01.727 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 3, seq 11, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { loggers [ { debuglevel 99, name “,”output_options [ { flush true } ] } ] } ] }’) 2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_RECURSIVE running in recursive mode 2011-09-08 09:41:01.728 WARN [b10-resolver.resolver] RESOLVER_NO_ROOT_ADDRESS no root addresses available 2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured 2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_STARTED resolver started 2011-09-08 09:41:01.908 DEBUG [b10-stats-httpd.stats-httpd] STATHTTPD_STARTING_CC_SESSION starting cc session 2011-09-08 09:41:02.028 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000 2011-09-08 09:41:02.034 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_CLOSING closing 127.0.0.1#8000 2011-09-08 09:41:02.036 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000 2011-09-08 09:41:08.850 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53) 2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53) 2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53) 2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53) 2011-09-08 09:41:12.793 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:4f8:0:2::19(53) 2011-09-08 09:41:12.958 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:6::79(53) 2011-09-08 09:41:12.961 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:a::79(53) 2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response 2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response (By the way, I thought at debuglevel 99 it would show my query also.)

1242

defect

1315512398960305

1317283148039437

Unclassified

low

jreed

new

removing zone entry from Zonemgr/secondary_zones and Xfrin/zones does not remove it from sqlite3 database

> config remove Zonemgr/secondary_zones[0] > config remove Xfrin/zones[0] > config commit > config show Zonemgr/secondary_zones Zonemgr/secondary_zones [] list > config show Xfrin/zones Xfrin/zones [] list I remove my single zone as above, but sqlite3 database still has it and it still can be served. I guess this is a technique to convert a slave to a master zone. But this should be documented. And maybe a warning should be logged about it too.

1249

enhancement

1317106857327061

1324150829912888

build system

medium

UnAssigned

jinmei

new

separate unittests with timeouts

As we discussed in f2f, it would be helpful if we can separate unittest cases that involves timeouts (at least for C++ google tests). What I’d do is - rename these tests so that they ca be distinguished by a gtest filter. (e.g. TIMEOUT_test_Something) - tweak Makefile.am’s so that if we do just ‘make check’ TIMEOUT tests will be excluded, and if we do something like ‘make check-all’ they will be included (this is an example idea. as long as the goal of the ticket is achieved how to do that doesn’t matter)

1250

task

1317107440290380

1317201824638530

xfrout

medium

jinmei

new

add system tests for xfrout ACL and update bind10-guide

This is a follow-up task of #1165. Adding a base of system tests will also help for further development of xfrout (revise AXFR using new data source API, supporting IXFR, etc)

1254

enhancement

1317131238268370

1317282481995621

Unclassified

medium

jelte

new

define LIBRARY_PATH_PLACEHOLDER more centrally

I just had to update nearly every test makefile because the placeholder for the library paths needed another value. Since these are nearly the same almost everywhere, I think we could better define it in configure.ac or somewhere up there (similar to COMMON_PYTHON_PATH)

1255

task

1317141818325243

1318411519335286

Unclassified

medium

jelte

new

Document how to add an RR type

What steps to take, what examples to steal from, what utility functions are available, and perhaps most important, what pitfalls to watch out for. anything to get someone started, etc

1256

defect

1317204574323066

1392912202997929

b10-auth

very low

shane

DNS Outstanding Tasks

new

Minor error in getopt() processing

According to the getopt() man page: If getopt() finds an option character in argv that was not included in optstring, or if it detects a missing option argument, it returns ‘?’ and sets the external variable optopt to the actual option character. If the first character (following any optional ‘+’ or ‘-’ described above) of optstring is a colon (‘:’), then getopt() returns ‘:’ instead of ‘?’ to indicate a missing option argument. If an error was detected, and the first character of optstring is not a colon, and the external variable opterr is nonzero (which is the default), getopt() prints an error message. We use the leading colon sometimes, I think in an effort to avoid the pre-defined error messages, which are ugly and not helpful. However, we then check for ‘?’ in our while() loop, which is an error. It doesn’t actually show up, since we then follow with the default: statement, however a restructuring of the code could break this. It’s a one-line fix.

1257

defect

1317215987760513

1318411523404056

Unclassified

low

jreed

new

configure require at least sqlite3 3.3.9 for sqlite3_prepare_v2 API

The error is: ImportError: /home/jreed/builder/work/BIND10/20110928074701-CentOS5-x86_64-GCC/build/src/lib/datasrc/.libs/libdatasrc.so.0: undefined symbol: sqlite3_prepare_v2 That sqlite3_prepare_v2 API was added in sqlite3 3.3.9 (2007 January 4) and the CentOS version was sqlite-3.3.6-5.

1269

defect

1317316653413624

1318411519920776

Unclassified

medium

jreed

new

NameError: global name ‘EINTR’ is not defined (via Ctrl-C)

Pressing Ctrl-C caused Traceback: [b10-msgq] Receive error: EOF 2011-09-29 15:35:04.152 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-msgq (PID 62572) 2011-09-29 15:35:04.154 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 62575) Exception in thread Thread-1: Traceback (most recent call last): File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 71, in serve_forever r, w, e = select.select([self, self.read_sock], ) select.error: During handling of the above exception, another exception occurred: Traceback : File “/usr/local/lib/python3.1/threading.py”, line 516, inbootstrap_inner self.run File “/usr/local/lib/python3.1/threading.py”, line 469, in run self.target(*self.args, **self.kwargs) File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 73, in serve_forever if err.args[0] == EINTR: NameError: global name ‘EINTR’ is not defined This is August release and I didn’t test latest. This is on FreeBSD 8.2-RELEASE on amd64. I did see similar bugs, but not the same.

1270

defect

1317316885754664

1318411520449707

data source

medium

jreed

new

Failed to set up schema … sqlite3.OperationalError: no such table: zones

Note this was from running bind10 as installed using a FreeBSD ports package which was built with CONFIGURE_ARGS= —localstatedir=/var Notice that the xfrout traceback got interspersed with real b10-auth logging output: 2011-09-29 15:34:59.696 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Failed to set up schema CREATE TABLE zones (id INTEGER PRIMARY KEY, name STRING NOT NULL COLLATE NOCASE, rdclass STRING NOT NULL COLLATE NOCASE DEFAULT ‘IN’, dnssec BOOLEAN NOT NULL DEFAULT 0) Traceback (most recent call last): File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 723, in xfrout_server = XfroutServer() File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 616, in init self.start_notifier File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 628, instart_notifier self.notifier = notify_out.NotifyOut File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 120, ininit 2011-09-29 15:34:59.731 INFO AUTH_SERVER_STARTED server started self.init_notify_out(datasrc_file) File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 132, in _init_notify_out for zone_name, zone_class in sqlite3_ds.get_zones_info(datasrc_file): File “/usr/local/lib/python3.1/site-packages/isc/datasrc/sqlite3_ds.py”, line 161, in get_zones_info cur.execute(“SELECT name, rdclass FROM zones”) sqlite3.OperationalError: no such table: zones sqlite3 shows: freebsd8-64-4# sqlite3 /var/bind10-devel/zone.sqlite3 SQLite version 3.7.4 Enter “.help” for instructions Enter SQL statements terminated with a “;” sqlite> .tables schema_version Maybe different components are using different path to the database? Some suggestions: - log output give more information like the path to the database. - sqlite3_ds.py check before using - xfrout fail cleanly on failures (no traceback) The problem is in both components.

1284

defect

1318067328550878

1337188385146694

Unclassified

low

erickom

new

Debian SID: Missing file liblog.so.0 library

Hello, I configured and compiled Bind10 successfully on Debian Sid. but during starting precess of bind10, I received the error mentioned below: root@kom:/bind10# /usr/local/sbin/bind10 Traceback : File “/usr/local/sbin/bind10”, line 65, in import isc.cc File “/usr/local/lib/python3/dist-packages/isc/init.py”, line 6, in import isc.config File “/usr/local/lib/python3/dist-packages/isc/config/init.py”, line 1, in from isc.config.ccsession import * File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 44, in from isc.log import log_config_update ImportError: liblog.so.0: cannot open shared object file: No such file or directory root@kom:/bind10# ps auxww

grep bind10 root 26107 0.0 0.2 3476 752 pts/0 S+ 11:49 0:00 grep bind10 root@kom:~/bind10# the python package dependency mentioned above is present; please how to ignore the error message?

liblog.so.0

1291

defect

1318362589493900

1331918477360839

Unclassified

medium

jreed

new

bad config database results in unclean shutdown

I made a mistake in my config database (removed starting brace). This resulted in: 2011-10-11 14:44:14.197 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr 2011-10-11 14:44:14.698 FATAL [b10-cfgmgr.cfgmgr] CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/reed/work/isc/bind10-install/var/bind10-devel/b10-config.db 2011-10-11 14:44:14.725 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession 2011-10-11 14:44:18.767 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes 2011-10-11 14:44:18.768 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator 2011-10-11 14:44:18.769 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process b10-cfgmgr Traceback (most recent call last): File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer self.receive_len_data() File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 322, in add_remote_config answer, env = self.session.group_recvmsg(False, seq) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg env, msg = self.recvmsg(nonblock, seq) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg data = self.receive_full_buffer File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 218, inreceive_full_buffer raise SessionTimeout(“recv() on cc session timed out”) isc.cc.session.SessionTimeout: recv() on cc session timed out During handling of the above exception, another exception occurred: Traceback (most recent call last): File “./sbin/bind10”, line 682, in startup self.start_all_processes() File “./sbin/bind10”, line 618, in start_all_processes self.start_ccsession(c_channel_env) File “./sbin/bind10”, line 501, in start_ccsession self.command_handler) File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 188, in init default_logconfig_handler) ile “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 326, in add_remote_config module_name) isc.config.ccsession.ModuleCCSessionError: No answer from ConfigManager when asking about Remote module Logging During handling of the above exception, another exception occurred: Traceback (most recent call last): File “./sbin/bind10”, line 1087, in main() File “./sbin/bind10”, line 1036, in main startup_result = boss_of_bind.startup() File “./sbin/bind10”, line 684, in startup self.kill_started_processes() File “./sbin/bind10”, line 382, in kill_started_processes self.processes[pid].process.kill() File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill self.send_signal(signal.SIGKILL) File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal os.kill(self.pid, sig) OSError: [Errno 3] No such process Also left running: root 13671 0.0 1.2 22568 12100 ttyp7 S 2:44PM 0:00.49 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-msgq

1296

enhancement

1318406506891556

1318587118159926

dhcp

very low

UnAssigned

tomek

DHCP Outstanding Tasks

new

Kea: Pkt an Option should provide interators besides of getOption()

Pkt6 and Option classes currently provide getOption() methods. They should also provide iterator for option container. This required a bit of thought as such iterator may become invalid if option is modified in the meantime.

1297

enhancement

1318409947165927

1318497930789309

Unclassified

low

UnAssigned

tomek

DHCP Outstanding Tasks

new

Kea: Methods for printing out option content

Currently toText() in all option classes print out all info about option (type, length, number of addresses etc.). That is useful for debugging to print out content of the whole message. However, that is less useful for casual logging. toText() should return short version of the content (e.g. space separated addresses). A new set of methods (toTextDetailed?) should be added.

1302

defect

1318516112811014

1319112489945206

documentation

medium

jreed

new

add bindctl configuration examples to guide

The README previously had usage examples of using bindctl with “config”. Put these into the guide.

1304

defect

1318545078673702

1396529256167943

xfrin

medium

jinmei

DNS Outstanding Tasks

new

xfrin test should retrieve config defaults from the spec file

Right now, it’s hardcording some default values, which just happen to be consistent with the spec file: class MockCC(): def get_default_value(self, identifier): # The returned values should be identical to the spec file # XXX: these should be retrieved from the spec file # (see MyCCSession of xfrout_test.py.in) if identifier "zones/master_port":<br> return TEST_MASTER_PORT<br> if identifier zones/class return TEST_RRCLASS_STR if identifier == zones/use_ixfr return False Obviously it’s ugly and more difficult to maintain. As commented the mock class should retrieve the defaults from the spec file. We should also have some tests to check whether the default values are really used in other cases (such as “max transfer in”).

1312

task

1318591339707868

1364499059808920

dhcp

low

tomek

DHCP Outstanding Tasks

new

Kea: Pkt6 and OutputBuffer merge should be investigated

DHCP component uses Pkt6 class. There is OutputBuffer that is used in DNS that provides covenient way of writing to a buffer that automatically expands as needed. Pkt6, Pkt6::data_ replacement to OutputBuffer or other unification should be investigated.

1315

task

1318932830445413

1396529291116443

xfrin

medium

stephen

DNS Outstanding Tasks

new

IXFR system test - SOA Expiry

#1213 started the process of producing system tests for IXFR-in. At the time, the generation of an IXFR request by a slave server when the zone expired was not supported, and so the production of a system test for this functionality has been deferred to this ticket. (The specification for the IXFR system tests can be found [wiki:IxfrSystemTests here].)

1316

task

1318932997247028

1396529300004921

xfrin

medium

stephen

DNS Outstanding Tasks

new

IXFR-in System Test - UDP transfers

#1213 started the process of producing system tests for IXFR-in. At the time, handling IXFRs over UDP was not supported, and so the production of a system test for this functionality has been deferred to this ticket. (The [wiki:IxfrSystemTests specification] for the IXFR system tests can be found here.)

1317

task

1318933248158868

1396529309298751

xfrin

medium

stephen

DNS Outstanding Tasks

new

IXFR-in System Test - special cases

#1213 started the process of producing system tests for IXFR. Not included in that ticket were tests for two cases: * Interruption of an IXFR transfer over TCP aborts the update to the zone. * Checking that additions and deletions are applied in the right order. … as special code is required to create the abnormal conditions to test them. (Details of these cases can be found in the comments to #1213.) This ticket requires the creation of the appropriate test framework.

1319

defect

1318958440950029

1320940878874911

Unclassified

low

jreed

new

systest can’t find stop.pl on failure

(Note: I don’t think this issue is specific to ixfr nor ixfr/in-2.) If a b10-config.db file has a syntax problem it will cause fatal issues when starting up bind10. I saw within ixfr/in-2 (when I introduced the error), it attempted to stop: I:starting server nsx2 I:Couldn’t start server nsx2 R:FAIL Can’t open perl script /b/work/BIND10-systest/20111018144505-MacOS/build/tests/system/ixfr/stop.pl No such file or directory stop.pl is located in directory below that. I think it is because it is referenced from $topdir instead of $SYSTEMTOP.

1335

enhancement

1319188850845259

1319188850845259

dhcp

low

stephen

DHCP Outstanding Tasks

new

Extend DHCP benchmarking to ramp up packet send rate

The DHCP benchmarking tool should be extended to allow the rate at which packets are sent to be ramped up over a period of time. This will allow the maximum packet rate the DHCP server can handle to be determined.

1337

enhancement

1319192543738139

1319201872095106

dhcp

low

stephen

DHCP Outstanding Tasks

new

DHCP benchmarking - enhanced reply verification

From a [ticket:1263#comment:2 a comment 2 in ticket 1263]: It would be useful to elaborate on reply verification. V4 server responding with NACK is ok or not? What about v6 server sending REPLY with status-code=no-addrs-avail? That is another thing we could eventually add as a feature. In some scenarios negative response as considered a proper one (test passed) and in others it is not (test failed). Make sure that the verification could be tuneable. For now it can be simple, but it will be more complex later.

1338

enhancement

1319200506808850

1324552147778802

dhcp

low

tomek

DHCP Outstanding Tasks

new

perfdhcp should have the ability to dump sent/received traffic to file

Even though we will work on making this tool as smart as possible, there always be cases when manual investigation is required. Traffic should be dumped in pcap (tcpdump) format. Ideally, it would use some existing library to write traffic in proper format. Due to time constraints, I don’t think we will be able to do this in the November 2011 milestone. We could consider temporary solution that could work, though: Before test: fork() + system(“tcpdump -i eth0 dhcp”) Run tests as usual After test: kill tcpdump

1339

enhancement

1319200820485863

1319200820485863

dhcp

low

tomek

DHCP Outstanding Tasks

new

perfdhcp should warn if there are any DHCP clients running

A small, but useful feature. If there are any clients running, we should warn about this. This may save us from having strange statistics, like receiving more responses than we sent queries.

1348

defect

1319534720783127

1321962568946624

build system

low

UnAssigned

tomek

new

make check fails on a fresh tree

The likely problem is with dependencies. datasrc test includes isc.log that is not built yet. A simple workaround is to do “make” before “make check”. Error message: lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/.libs:/home/thomson/devel/bind10-libdhcp4/src/lib/dns/python/.libs br> TESTDATA_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests br> /usr/bin/python3.1 /home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/$pytest

exit ; br> done Running test: datasrc_test.py Traceback (most recent call last): File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/datasrc_test.py”, line 16, in import isc.log File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/init.py”, line 6, in import isc.config File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/init.py”, line 1, in from isc.config.ccsession import File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/ccsession.py”, line 44, in from isc.log import log_config_update File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log/init.py”, line 33, in from log import ImportError: No module named log

1352

defect

1319706995872430

1321962564467197

bind-ctl

medium

vorner

new

Config go allows setting unusable path

It is possible to enter invalid place in the configuration by config go. The following error message when used makes sense after small thinking what happens inside, but users shouldn’t need to care about that. What happened to me was this: /Logging/loggers> config go [0] /Logging/loggers[0]> config show Logging/loggers[0]/name “‘*’” string (modified) Logging/loggers[0]/severity “DEBUG” string (modified) Logging/loggers[0]/debuglevel 100 integer (modified) Logging/loggers[0]/additive false boolean (default) Logging/loggers[0]/output_options/ list (modified) /Logging/loggers[0]> config show output_options Error: Bad format in identifier (extra ]): loggers[0]output_options Eg. it does show me local values, but it does not add the slash when needed. The config go should probably add one (eg. go directly to loggers[0]/) just like cd in shell does.

1353

defect

1319707427373568

1396529317167555

xfrin

low

vorner

DNS Outstanding Tasks

new

Wrong reason for transfer failure logged when TSIG fails

This log message appears whenever validation of TSIG fails for some reason: 2011-10-26 12:35:52.460 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone example.com./IN failed: TSIG verify fail: FORMERR However, the FORMERR is misleading. In this exact case, the signature was missing completely (because it was a servfail), but AFAIK it happened at other situations as well. It should tell more details.

1355

defect

1319707819418639

1396529324975048

xfrin

low

vorner

DNS Outstanding Tasks

new

Xfrin mistakes EOF with timeout

When the remote shuts down a connection prematurely (for example it crashes attempting to serve the transfer), Xfrin detects this and reports an error right away. However, it logs it was a timeout (which it wasn’t, as the transfer failed in less than 1 second). This may lead the administrator to look for wrong errors.

1373

defect

1320472719592176

1339225194377791

data source

medium

jinmei

new

DataSourceClient::getIterator should differentiate no-such-zone case

Currently it throws a generic DataSourceError exception (and the python version raises isc.datasrc.Error). Since this can be thrown for other reasons than the case where the specified zone doesn’t exisit, xfrout cannot decide whether it should return NOTAUTH or other Rcode. The bottom line is we should differentiate this case with other errors. Possibilities include a separate error code with NULL/None (like find()) and a dedicated exception. I personally prefer the former especially for C++, but that’s debatable.

1374

task

1320473299432823

1322985171982419

data source

medium

jinmei

new

implement “ZoneTableIterator”

To completely replace the old data source API, we need some more interfaces to manage “zone tables”. One of them is the “ZoneTableIterator” (tentaively named) class. It would be created via DataSourceClient, and provides an interface to iterate over all stored zones in the data source. (maybe we should divide this task into a few sub tasks).

1375

task

1320473352815196

1320769939143599

data source

medium

jinmei

new

implement “ZoneTableUpdater”

To completely replace the old data source API, we need some more interfaces to manage “zone tables”. One of them is the “ZoneTableUpdater” (tentaively named) class. It would be created via DataSourceClient, and provides an interface to add or delete a zone to/from the data source. (maybe we should divide this task into a few sub tasks).

1379

enhancement

1320599686548510

1320769939542694

Unclassified

low

jelte

new

move zone/address formatters for logging to some util lib

When done, #1298 introduced two functions to format zone/class and ipaddress/port information for easier use when logging or printing them. These functions should be moved to a separate library (and for the address one, we should consider what argument type(s) it should get), like src/lib/python/isc/util/format.py or something. When done, the logging calls in other modules should be checked and modified to use these functions so we have a consistency in our logging output. We may need to add these in c++ as well.

1380

task

1320599810674309

1320769940073753

Unclassified

medium

jelte

new

move ixfr system tests to lettuce

#1290 introduces a lettuce framework for system tests. If that one has been done, we should try and convert the current IXFR system tests to that framework, as a base for the rest of the IXFR system tests.

1382

enhancement

1320657651881930

1320940411224675

data source

medium

jelte

new

datasource interface for signaling capabilities

We do not expect every data source implementation to support every type of action; some will be ‘read-only’, and hence will not support things like updating etc. We can (and do) already throw NotImplemented exceptions if these functions are called, but we should really not call them in the first place if the implementation is not able to do it anyway. So the proposal is to add a method that returns what the datasource can and cannot do (iteration, updating, journaling, perhaps more) so any callers can more cleanly handle cases where these are not supported.

1385

defect

1320988192785322

1321962565560548

data source

medium

kevin_tes

new

Sqlite3ClientBadConfig unit test fail

‘’’make check:’‘’ make[7]: Entering directory `/home/xiejiagui/bind10/src/lib/datasrc/tests’ [] Running 313 tests from 19 test cases.<br>[----------] Global test environment set-up.<br>[----------] 3 tests from FactoryTest<br>[ RUN ] FactoryTest.sqlite3ClientBadConfig<br>factory_unittest.cc:84: Failure<br>Value of: result1.code<br> Actual: 2<br>Expected: result::SUCCESS<br>Which is: 0<br>/bin/bash: line 5: 26559 Segmentation fault ${dir}$tst<br>FAIL: run_unittests<br>= 1 of 1 test failed Please report to bind10-dev@isc.org =<br><br>'''gdb:'''<br>.......<br>Starting program: /home/xiejiagui/bind10/src/lib/datasrc/tests/.libs/run_unittests <br>[Thread debugging using libthread_db enabled]<br>[] Running 313 tests from 19 test cases. [———-] Global test environment set-up. [———-] 3 tests from FactoryTest [ RUN ] FactoryTest.sqlite3ClientBadConfig [New Thread 0x7ffff4086700 (LWP 24771)] [Thread 0x7ffff4086700 (LWP 24771) exited] factory_unittest.cc:84: Failure Value of: result1.code Actual: 2 Expected: result::SUCCESS Which is: 0 Program received signal SIGSEGV, Segmentation fault. 0x00007ffff795254d in sqlite3_finalize () from /usr/lib/libsqlite3.so.0 my computer: ubuntu-10.0.4, 64bit

1391

defect

1321817047238332

1321962567921516

configuration

medium

jinmei

new

“config add” for a list doesn’t always work

For example, this is okay: > config add Xfrout/zone_config (zone_config[0] will be created) but this doesn’t work: > config add Xfrout/zone_config[0]/transfer_acl Error: No value given and no default for /Xfrout/zone_config[0]/transfer_acl and this doesn’t work either: > config add Xfrout/zone_config[0]/transfer_acl {action “ACCEPT”} Traceback (most recent call last): File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ‘do’ + cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’ During handling of the above exception, another exception occurred: Traceback : File “/Users/jinmei/opt/bin/bindctl”, line 149, in result = tool.run File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run self.cmdloop File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd Cmd.onecmd File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default self.parse_cmd(line) File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 569, in parse_cmd self.handle_cmd(cmd) File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 410, in handle_cmd self.apply_config_cmd File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 677, in apply_config_cmd cmd.params.get) File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 503, in add_value self.add_value_to_list(identifier, value, module_spec) File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 456, in _add_value_to_list + identifier) TypeError: unsupported operand type(s) for +: ’dict’ and ‘str’

1393

enhancement

1321817734588585

1339829049552844

logging

medium

jinmei

new

reduce overhead in python logging

See this: https://bind10.isc.org/ticket/1359#comment:11 On a related note, it would be better to pass the original object to logger rather than passing a string based on the object whenever possible. Then we can avoid the expensive conversion if the specified level of logging is disabled. Example: do this isc.dns.Name name(‘example.com’) logger.debug(VERY_MINOR, SOME_NOISY_LOG, name) instead of isc.dns.Name name(‘example.com’) logger.debug(VERY_MINOR, SOME_NOISY_LOG, name.to_text()) Another related note is that we should generally try to provide str() for Python classes defined in BIND 10.

1394

enhancement

1321818244235633

1339259969883910

logging

medium

jinmei

new

unify format_zone_str and format_addrinfo

These were introduced in xfrin and subsequently copied to xfrout and notify_out. They should be moved to some utility library and applications should refer to it. Also, in the sense of a note in #1393, I’d suggest making this classes: #!python class ZoneFormatter: def init(self, zone_name, zone_class): self.zone_name = zone_name self.zone_class = zone_class def str(self): return self.__zone_name.to_text(True) + ‘/’ + str(self.__zone_class) And the applicaton pass Formatter objects to logger: logger.debug(VERY_MINOR, SOME_NOISY_LOG, ZoneFormatter(zname, zclass)) ddns.logger.py defines `ClientFormatter` and `ZoneFormatter`. These should be unified, too.

1395

defect

1321818672626016

1322756346092314

logging

medium

jinmei

new

python isc.datasrc should be usable without logging

See src/bin/xfrout/tests/testdata/creatediff.py of trac1371 (or master when merged). If we don’t import isc.org or call isc.log.init(), it fails: Traceback (most recent call last): File “creatediff.py”, line 58, in ‘{ database_file “test.sqlite3” }’) isc.datasrc.Error: Failed to create DataSourceClient of type sqlite3:Unknown uncaught exception from sqlite3 createInstance: Error creating sqlite3 datasource: attempt to access logging function before logging has been initialized even though this script doesn’t use any logging in it. This is incovenient. I believe generic BIND 10 libraries should be usable without logging setup. I’m not sure if it’s specific to isc.datasrc or common for other cases such as isc.acl (not tested). But if it’s the latter, the same comment applies to them, too.

1400

task

1321820450438137

1328631164980120

statistics

medium

UnAssigned

jinmei

assigned

auth per qtype statistics

1402

task

1321820484571629

1321962575882605

statistics

medium

jinmei

new

auth query statistics (referral, nxdomain, etc)

1403

task

1321820501164239

1321962576500971

statistics

medium

jinmei

new

auth TSIG/EDNS related statistics

1406

defect

1321913575345053

1394116525914230

Boss of BIND

low

jreed

Common Outstanding Tasks

new

boss show_processes format

Currently we have for example: > Boss show_processes [ [ 3722, “b10-xfrin” ], [ 6802, “msgq” ], … We should be consistent with formats as much as we can. This should probably be JSON. Here is an idea: { boss_processes { pid 3722, name “b10-xfrin” }, { pid 6802, name “msgq” } ….

1408

task

1321962730068690

1394116540316153

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Configurable parameters for components

Currently, the configuration on Boss/components allows setting the command line parameters. But these are ignored by boss, they need to be propagated through the isc.bind10.Component to the started process.

1409

defect

1321964195762413

1394116552403378

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Better checks of Boss/components configuration validity

Currently, the boss doesn’t perform any checks on the configuration, it just uses it. It should at last validate it against the spec file and the isc.bind10.Component check it makes sense and throw some better exceptions than the usual „key error“ and like. However, it’s not that critical, as bindctl seems to perform some basic checks.

1410

enhancement

1321964662534494

1322560922805321

Unclassified

medium

vorner

new

Remove command line parameters from processes

Some of our processes (like b10-auth) need parameters computed by boss at startup. This is wrong, for two reasons: * It is impossible to change such settings at runtime. * We need to handle such processes as special components, making it harder for user to grasp and configure. So, I think all such parameters should be removed and special components eliminated (at last the ones that aren’t really that special, keeping msgq as special seems inevitable).

1411

enhancement

1321964944968568

1394116563971759

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

More component states in boss

Currently, each component in boss can be either stopped, started or failed. We should extend it to allow more accurate control, notably about: * Components that are starting up, but they didn’t initialize yet. That would allow to wait for one component to complete startup before starting another one depending on it. * Waiting to being restarted. Currently it pretends to be stopped and boss itself keeps it in some list. * Components that were asked to terminate, but didn’t do it yet. This will allow to kill a component that fails to stop after some time.

1412

enhancement

1321965103756754

1394116577753373

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Boss should be more reluctant to abort shutdown.

Currently, when boss shuts down and a component raises an exception when it is stopped, the shutdown is aborted and the rest of processes are just mercilessly killed. We should catch exceptions, keep stopping the other components and then after everything is stopped, rethrow them. This will allow killing only the components that are broken.

1413

enhancement

1321966062429119

1394116596697670

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Runtime change of component configuration

Currently, if a configuration of boss component is changed, the boss complains it can’t handle it and suggests to remove the component and then add it again. But the changes should be handled transparently, either by changing local variables in boss (if a core components becomes dispensable, etc) or by restarting the component behind the scene with new parameters, so the user isn’t bothered.

1416

task

1321986603556273

1323178776389778

data source

medium

jinmei

new

buffered read of journal

I believe !DatabaseJournalReader should do buffered read so that it can minimize the period of holding the database lock. While it’s a kind of optimization, I think it’s quite crucial for production-like environment, and suggest doing so earlier.

1417

defect

1322060080496444

1323178777012801

configuration

low

jreed

new

config show and missing index number and slash results in not found for single list entry

> config show Auth/listen_on/ Error: Auth/listen_on/[0]/address not found Notice above is missing index number like [0] and has a slash which results in showing a list item (address) not found. (Really address and port do exist for [0].)

1418

defect

1322060624107872

1394116814482704

b10-auth

low

jreed

DNS Outstanding Tasks

new

no logging by default when changing Auth/listen_on

I removed some Auth/listen_on entries and changed some values there too. On commit, no logs (default configuration). I think it should log this. I thought there was logging for this, but now I can’t find it.

1419

defect

1322061105903298

1323178777674777

configuration

medium

jreed

new

confusing and unrelated auth listen_on logging

I did the following in bindctl: > config add Auth/listen_on/ > config show Auth/listen_on Auth/listen_on[0]/address “::” string (modified) Auth/listen_on[0]/port 53 integer (modified) Auth/listen_on[1]/address “0.0.0.0” string (modified) Auth/listen_on[1]/port 53 integer (modified) Auth/listen_on[2]/address “::1” string (default) Auth/listen_on[2]/port 53 integer (default) > config set Auth/listen_on[0]/port 5353 > config commit Error: Server configuration failed: Address must contain both the IPaddress and port Configuration not committed The default logging showed: 2011-11-23 08:50:05.696 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_MISSING address specification is missing “address” or “port” element in { } 2011-11-23 08:50:05.699 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Address must contain both the IPaddress and port 2011-11-23 08:50:05.702 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Address must contain both the IPaddress and port 1. SRVCOMM_ADDRESS_MISSING what is this { } element? 2. Why does it suggest I am missing an address or port? 3. Why is there an unrelated b10-cmdctl.cmdctl log message here? Here is an example after starting with no configuration: > config set Auth/listen_on[0]/port 5353 > config commit Error: Server configuration failed: Failed to initialize network servers: Permission denied Configuration not committed Results in: 2011-11-23 09:08:44.650 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Permission denied) 2011-11-23 09:08:44.652 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Permission denied 2011-11-23 09:08:44.656 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Failed to initialize network servers: Permission denied I will ignore permission denied for b10-auth as I understand that (I am non-root), but what is this CMDCTL_COMMAND_ERROR message? Oh… it is the previous error seen by cmdctl. This is quite confusing.

1422

defect

1322066511138520

1332238414333689

configuration

low

jreed

new

config remove /Boss/components/foo and not a list or a named set

> config remove Boss/components/b10-xfrin Error: /Boss/components/b10-xfrin is not a list or a named_set > config remove Boss/components b10-xfrin The first example does not work. The second example is accepted. I think it is confusing because config show does show it like “/Boss/components/b10-xfrin”.

1423

defect

1322067772031162

1331998412575006

configuration

low

jreed

new

config show Boss/components is missing entries

> config show Boss/components Boss/components/b10-cmdctl/special “cmdctl” string Boss/components/b10-cmdctl/process null string Boss/components/b10-cmdctl/kind “needed” string Boss/components/b10-cmdctl/address null string Boss/components/b10-cmdctl/params/ list Boss/components/b10-cmdctl/priority 99 integer (modified) > config show /Boss/components/setuid Boss/components/setuid/special “setuid” string Boss/components/setuid/process null string Boss/components/setuid/kind “dispensable” string Boss/components/setuid/address null string Boss/components/setuid/params/ list Boss/components/setuid/priority 5 integer Notice first only shows b10-cmdctl but setuid exists too. When I restart bindctl, “config show Boss/components” shows over a screenful of many settings. I can get into this broken state by doing: > config set Boss/components/b10-stats-httpd/priority 99 (Without commit and note commit does not work anyways for that.) A “config revert” will fix also.

1425

defect

1322087911350698

1396529357041668

xfrin

medium

shane

DNS Outstanding Tasks

new

Need backoff algorithm when AXFR refused

I was configuring BIND 10 as a secondary, and had not yet updated my master to allow transfers. Every 5 seconds I got this in my log files: 2011-11-23 22:35:54.849 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED 2011-11-23 22:36:00.690 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED 2011-11-23 22:36:05.319 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED This needs to be made a bit less aggressive.

1438

enhancement

1322502345556404

1392999578081708

Unclassified

medium

stephen

DNS Outstanding Tasks

new

NSEC3: consistent selection of NSEC3PARAM

Consistent selection of NSEC3PARAM record for use in all subsequent NSEC3 code. [http://tools.ietf.org/html/rfc5155 RFC 5155] does not prohibit multiple NSEC3PARAM RRs at the apex of the zone and leaves flexibility in which one is used. The purpose of this ticket is to review the NSEC3 code and to ensure if multiple NSEC3PARAM records are present, the parameters of the same record are used throughout one query. (See [http://tools.ietf.org/html/rfc5155#section-7.3 RFC 5155 section 7.3].) This relies on the completion of tickets #1431 through #1437.

1441

task

1322598538096248

1323178784715843

Unclassified

medium

shane

new

Requirements for sharing a socket

This ticket is to document the requirements that we have for sharing a socket, for example to handle both AXFR and queries on a single IP+port, or to handle both DDNS and queries on a single IP+port, or to handle both authoritative and recursive servers on a single machine, and so on. This may end up being a receptionist, but that is design, and this ticket is about requirements.

1445

defect

1322669839124408

1323357901608466

logging

very low

jreed

new

inconsistent use of “SQLite3” in log messages

Log messages have “SQLite3Database” (no space), “sqlite”, “SQLite3” and maybe others. Let’s be consistent.

1459

task

1322857184069690

1339516603763329

DDNS

medium

jelte

new

Consistency checks in DDNS module

(Updating based on jabber chat) Before the (final) commit in a DDNS update, there is a number of consistency checks we should do. It was not really clear what “consistency checks” mean, so I’m going to list additional checks BIND 9 does, which don’t seem to be implemented in BIND 10 yet (not even in #1457). Note that they are not only “final” checks, but also checks in prescan or actually updating the zone. Some of the checks may not make sense for us (or too advanced at the moment), so we should discuss any suspicious ones. Also, if we try to include most of the checks, it may be too big for a single ticket. Since each individual check is generally independent, we should be easily able to separate them into multiple tasks. In prescan: - reject any meta types including MAILA/MAILB - reject any attempt of updating NSEC/NSEC3/RRSIG When adding an RR: - ignore MD/MF - ignore wildcard NS/DNAME - be careful with the coexistence of CNAME and DNSSEC related records - ignore a 2nd SOA (okay if explicitly deleting the existing one first) - ignore NSEC3PARAM records with any flags other than OPTOUT. - merge new RRs with existing RRset: in particular, if a new RR is being added which is only different with an existing one in TTL, make sure just the new TTL is used (note that the new TTL may be larger than the existing one) When deleting all any type of RRs of a name: - do not delete RRSIG or NSEC (or NSEC3?) - in addition, if the name is zone origin, do not delete NSEC3PARAM (or SOA or NS) After applying all changes: - check DNSSEC: Prevent the zone entering a inconsistent state where NSEC only DNSKEYs are present with NSEC3 chains. - zone apex has NS, and if the NS name is a subdomain of the zone, there’s AAAA or A for it. - check_mx: (depending on configuration) whether MX has AAAA or A, the mx name is reasonable (not “x.y.z.w”) - remove_orphaned_ds: “DS records are not allowed to exist without corresponding NS records” - if ‘dnssec-secure-to-insecure’ is false, whether at least one DNSKEY exists. - if changing from secure to insecure, delete all NSEC3s - also log it if all changes result in no-op: “redundant request”

1463

task

1322985484551436

1396529365842456

xfrin

medium

jinmei

DNS Outstanding Tasks

new

use ixfr-in by default

Now we support IXFR to AXFR, we should change the default mode of xfrin protocol from AXFR to IXFR. (Note: It’s probably better to hold off until #1299 is completed to avoid conflicts)

1464

task

1322985744645661

1396529373849828

xfrin

medium

jinmei

DNS Outstanding Tasks

new

do AXFR by ‘retransfer’ command

I suggest we do unconditionally AXFR if zone transfer is invoked via bindctl’s ‘retransfer’ command. It’s more compatible to BIND 9’s ‘rndc retransfer’. (Or maybe we can add an optional ‘type’ parameter for this command whose default is AXFR) (Note: It’s probably better to hold off until #1299 is completed to avoid conflicts)

1465

task

1323019258434804

1323019258434804

Unclassified

medium

larissas

new

DDNS User Story: DDNS Analysis Tools

“[I need] Analysis tools that could aid me in getting more data on what is really going on in our systems. For example, I have a problem that I’m trying to figure out and do not have the tools, or do not know where to find access to what is happening in the”right now" interaction of our DNS with our DHCP and DDNS other than trying to read logs that fly by."

1466

task

1323019367019041

1323019367019041

Unclassified

medium

larissas

new

DDNS User Stories: No DDNS Option

User request is to have a way to run without DDNS at all: “Please be conservative & modular with features. If I don’t want something (say dynamic DNS), then I should be able to run without it.”

1469

defect

1323101532101380

1323352586911784

dhcp

medium

tomek

DHCP Outstanding Tasks

new

SocketInfo may be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket

It was pointed out in #1238 review (comment 6) that SocketInfo in IfaceMgr in dhcp can be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket.

1473

task

1323174884190713

1323174884190713

Unclassified

medium

larissas

new

DDNS User Stories: Finding inactive DDNS machines

“[As an administrator] I need some way to go through DNS and find inactive DDNS machines.”

1474

task

1323174966408510

1338013399079949

Unclassified

medium

larissas

new

DDNS User Stories: Make it fast

“[As an administrator, I need] for dynamic updates [to take] less time to configure”

1475

task

1323175124648575

1323352683698735

Unclassified

medium

larissas

larissas

assigned

DDNS User Stories: Samba4 Interoperability

“[I need there to be]less issues when running [DDNS] alongside Samba4”

1476

task

1323175219546909

1338013370225107

Unclassified

medium

larissas

larissas

assigned

DDNS User Stories: ADDNS interoperability

“[As an administrator using DDNS], I need interoperability with Microsoft ADDNS”

1477

task

1323175388880578

1339829595814921

Unclassified

medium

larissas

new

DDNS User Stories: TSIG

“[As an administrator I want] DDNS with TSIG so I can make sure no one unauthorized is altering my zone data”

1478

task

1323175532090406

1323175532090406

Unclassified

medium

larissas

new

DDNS User Stories: Requirements for high volume

“[As a large scale domain host] rate of dynamic updates DNSSEC with dynamic updates is very high for us, need configuration parameters to customize for this and logging to track it”

1479

task

1323175854242600

1323175854242600

Unclassified

medium

larissas

new

DDNS User Storie: Crash-safe journal

“Dynamic updates journal should really become crash-safe.”

1480

task

1323176229810631

1323176229810631

Unclassified

medium

larissas

new

DDNS User Stories: Dynamic Updates to specific view

“[As an administrator I need] Views and dynamic updates to specific view [so that I can update specific interally or externally facing zones (or other view specific zone data).”

1481

enhancement

1323176461104253

1323356001589423

xfrout

low

shane

new

Optimize size on XFR-out

https://lists.isc.org/pipermail/bind10-dev/2011-December/002851.html During review of #1389, it was discovered, that xfrout splits the stream into messages in an suboptimal way. Currently, it keeps a sum of RR sizes and if this overflows, it renders the message and starts a new one. But, the rendering compresses names. This means few more RRs could fit in, if we are lucky and there are lots of similar names (which there usually are, at last the names of the RRs, if not inside the real data). This is not really a big deal, it doesn’t break anything. But it generates more messages and can increase the size of the whole stream, as we can’t compress names across message boundary. Having less messages mean having less boundaries and more compression. So, I’d like to ask, is it worth fixing? There surely are ways to do it completely right and fill the messages up to the edge. One would be like this: message = * Iterate over the RRs to transfer: * new_message = message * new_message.add(rr) * try to render * if it overflows: * send out message * message = * message.add(rr) * else: * message = new_message That is, of course, slow. However, if we could save the renderer state and could „continue“ with another rr added to the message, it could be made fast (it wouldn’t make the counts in the headers right, but otherwise, we add RRs to the end of message). So, do you think, is it worth fixing?

1482

task

1323208794472721

1389878915635667

logging

medium

jinmei

new

simple logging format checker using unittests

To catch some trivial errors in logging like this: https://lists.isc.org/pipermail/bind10-dev/2011-December/002897.html I’d propose the following: - make sure all python unit tests call `isc.log.resetUnitTestRootLogger()` - make sure all C++ unit tests call `isc::log::initLogger(); - add a top level make target, e.g. check-logformat, which would do B10_LOGGER_DESTINATION=stdout make check

grep ‘^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]’

grep ‘%’ and exits with a non 0 code if the output is not empty - fix any current problems that make this target fail - configure a buildbot with enabling this target as a regular test

1487

defect

1323234902695730

1323234902695730

documentation

medium

jinmei

new

BIND 10 guide should explain more about zonemgr configuration

At least - explain configuring it is (in practice) mandatory for a secondary server to make zone transfers - provide a configuration example

1490

defect

1323270428663135

1324388409115033

Unclassified

medium

jreed

new

redundant logging with SRVCOMM_ADDRESS_FAIL and AUTH_CONFIG_UPDATE_FAIL and missing example

This ticket has multiple problems, all related. If I need more tickets, please let me know. This is related to #1419 but in this case I already had configuration in place so not using bindctl. I loaded a configuration that listed an IPv6 address that no longer existed on the interface. This resulted in: 2011-12-07 14:26:38.q ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address) 2011-12-07 14:26:38.q ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Can’t assign requested address (Ignore the “q” in timestamp due to out of date log4cplus.) 1) Why log twice? 2) Please have it list the address(es) that has the problem. In my case, it was working with IPv4 and so I was initially confused. 3) Why AUTH_CONFIG_UPDATE_FAIL — this is not an attempt to “update the configuration”. This configuration has been in place for over a month. Also the description for the AUTH_CONFIG_UPDATE_FAIL in the message file does not make sense: “At attempt to update the configuration the server with information from the configuration database has failed, the reason being given in the message.” I think it is missing some words or has wrong grammar. In addition I had a configuration with both IPv6 and IPv4 addresses that weren’t configured on any interface: 2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to 2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 2001:4f8:3:d::95#53 2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 149.20.48.80#53 2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53 2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 127.0.0.1#53 2011-12-07 14:48:53.q ERROR [b10-resolver.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address) 2011-12-07 14:48:53.q ERROR [b10-resolver.resolver] RESOLVER_CONFIG_ERROR error in configuration: Failed to initialize network servers: Can’t assign requested address This doesn’t tell me which ones failed. And notice the SRVCOMM_SET_LISTEN line is incomplete or wrong grammar. Listen “on”? And why does the auth server have one log message that is quite different from the resolver’s message?

1492

defect

1323277092325829

1324388410159588

Unclassified

low

jreed

new

add debug logging for when timer is triggered to notify xfrin

Xfrin logs XFRIN_XFR_TRANSFER_STARTED but I don’t know what triggered that. Please add DEBUG level logging to zonemgr for when the timer is triggered to notify xfrin. Please add DEBUG level logging to xfrin for when it receives notify and other commands.

1493

defect

1323278376179515

1324388410516405

Unclassified

low

jreed

new

tests/system/ixfr/in-2 is missing bind10.run output

tests/system/ixfr/in-2 is missing bind10.run output either it was removed or never saved. please make sure it is kept around so it can be analyzed. Note there is the corresponding: tests/system/ixfr/in-2/ns1/named.run

1494

task

1323338178346051

1324388411185427

Unclassified

medium

shane

new

Review environment variable use in BIND 10

BIND 10 has inconsistent use of environment variables. This ticket is to review the research Jeremy did in May and update it: https://lists.isc.org/pipermail/bind10-dev/2011-May/002288.html A follow-up ticket will actually implement any agreed-upon changes.

1495

enhancement

1323345408263358

1394116826100586

b10-auth

low

jreed

DNS Outstanding Tasks

new

DEBUG log when NOTIFY is received

In addition to #1492, have b10-auth log at some DEBUG level when a NOTIFY is received.

1496

enhancement

1323427164192949

1323955380563870

xfrout

low

vorner

new

Making the xfrout messages really full

Currently, the xfrout decides when to start a new message based on the size of uncompressed RRs. But the RRs are sent compressed, so this leads to messages that are not completely filled. It should be possible to do something like incremental message rendering to know the final compressed size. The actuall benefit of this is unknown, but beleived to be low anyway, so this probably is a low-priority task.

1497

enhancement

1323427485658178

1394116608027166

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Chroot for socket creator

The socket creator should be able to create a temporary (empty) directory, chroot there and delete the directory. As the socket creator should be the only component running with elevated privileges, it should increase the trust in its safety, even as chroot itself is not primarily security related feature.

1498

enhancement

1323427701350145

1394116620114584

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Droping root in socket creator

On system where it is possible, the socket creator should drop all the privileges except only the ones needed to bind privileged sockets. Together with #1497, it should provide good trust in its security.

1499

enhancement

1323427995949111

1392912640058718

resolver

low

stephen

DNS Outstanding Tasks

new

Add upstream nameserver information to debug messages

Ticket #1383 improved the debug messages available to diagnose problems in responses received from upstream nameservers. However, missing from each message is information about the nameserver from which the response was received. This ticket involves making that information available to the debug messages and updating the messages to include it.

1506

task

1324055666064594

1328717731614489

Unclassified

medium

jelte

new

extract the common patterns from python modules

We have a number of python modules now, and most of those use very similar code (for instance for startup, option parsing, catching signals, etc.), or their code can be made to be very similar. The suggestion is to extract those pieces, and not have duplicate code. An addendum is that the dummy module for b10-ddns does a few things a tiny bit differently (for instance no global for catching signals, and a separate main() function), that we should apply to other modules too. This should automatically take care of that (Assuming those things are used in this ‘extracted’ code)

1507

task

1324055909292358

1328621887114801

Unclassified

medium

jelte

new

Extract the common dummy classes for python (module) tests

We have a number of python tests where we have created dummy classes, for example MySocket, MyCCSession and MockDataSrc, MockDataSourceClient, etc. It would be nice to have these extracted, not only to prevent duplicate code now, but also to be able to quickly use them when adding new tests (or tests for new modules).

1511

task

1324229809916537

1324388415717726

DDNS

medium

jelte

new

Documentation for b10-ddns

Write or complete the b10-ddns manpage and section in the bind10 guide

1521

defect

1324464330071317

1394116634419436

Boss of BIND

medium

jelte

Common Outstanding Tasks

new

Make boss process close children on SIGHUP and internal fatal errors

There are some scenarios where child processes of the boss are not cleaned up well, notable cases are sending a SIGHUP and uncaught exceptions in the boss code. In either case, we should always close all child processes if the boss exits, so if it isn’t available yet, we need exception-free process cleanup code (and point the correct handlers to it). For SIGHUP, this has been more-or-less addressed in #642, but at the time it turned out to be more work than we had time for. The changes made there are probably not applicable anymore, but have been kept around for reference in branches/trac642-historic.

1525

defect

1324557521847740

1331917011391166

build system

low

UnAssigned

jreed

new

configure should fail immediately if no pkg-config?

checking for pkg-config… no checking for botan-config… no ./configure: line 16580: —libs: command not found ./configure: line 16581: —cflags: command not found … [failure later] botan-config-1.10 is my executable name. Note that later configure.ac does have check and failure for pkg-config (used to for sqlite3), so just move this earlier.

1529

defect

1325077429812275

1326903459326515

libdhcp

medium

tomek

DHCP Outstanding Tasks

new

ifconfig parser improvements

libdhcp+ currently have interface detection implemented that uses netlink. It works on linux only. To validate its correctness, tests parse ifconfig output and match with list returned by libdhcp+. Unfortunately, this approach has 2 problems: - some ifconfig outputs vary between Linux versions, e.g. Gentoo version produces slightly different output than Ubuntu - In case of several addresses assigned to a single interface, ifconfig report alias interfaces while netlink reports a single interface with several addresses assigned. Jeremy suggested to write an awk script that will produce a consistent output. Shane suggested that Python would be better, as we already use Python.

1530

defect

1325090564832766

1328621888606606

Unclassified

medium

jreed

new

BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: ‘xfrin’

I had this strange failure: 2011-12-23 21:16:46.001 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: ‘xfrin’ Notice is says b10-cfgmgr and ‘xfrin’. I removed the Boss config for the b10-xfrin. On next attempt I then got same error for xfrout, so removed its configuration also: b10-xfrout {kind “dispensable”, special “xfrout”}, Then it worked. I don’t understand the error message. And I don’t understand what caused these configurations to be there. As a reminder, see #1219 ticket — I also didn’t understand the same error message. (I created a new ticket instead since this is different.) Also see #1443 — since I can’t even start components to fix the problem.

1536

task

1325287488003233

1327400937432913

data source

medium

jinmei

new

ZoneFinder::find should (probably) throw for out-of-zone name

See discussions at #1430. In short, calling find() for (clearly) out-of-zone name should be considered a caller’s bug, so it would make more sense to indicate it via an exception. Note: this should be done after #1535. Otherwise it will accidentally kill notify_out (and xfrout as a result).

1537

defect

1325521971174272

1340064910295911

Unclassified

medium

shane

new

Handle error receiving file descriptors

I was seeing this in my log file: 2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection 2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection 2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection Also, b10-xfrout then uses 100% of CPU once this condition occurs. I discovered that this ultimately comes from fd_share.cc: const int cc = recvmsg(sock, &msghdr, 0); if (cc <= 0) { free(msghdr.msg_control); if (cc == 0) { errno = ECONNRESET; } return (FD_SYSTEM_ERROR); } Looking via strace I find: select(13, [9 12], [], [], NULL) = 1 (in [12]) recvmsg(12, {msg_name(0)=NULL, msg_iov(1)=[{“”, 1}], msg_controllen=0, msg_flags=0}, 0) = 0 My guess is that is what is happening is that the process on the other side of the Unix domain socket has closed the connection (perhaps due to dying), and that the xfrout gets stuck in a loop. What I think we should do is: 1. Check for this condition everywhere in the code and re-connect (or error in some meaningful way) when we discover it. 2. Update the documentation to specify that this is necessary.

1544

task

1325761490369172

1328718119508541

statistics

medium

naokikambe

new

Resolve the design issues about names in MIB of stats-snmp

As result of #930 we found at least two possible issues about names in MIB of stats-snmp in the current design as described in the prototype implement in the experiment branch(kambe-SNMP-stats) and in the document StatsModule#StatsSnmp(#1448). * The MIB of stats-snmp is statically generated when the BIND 10 is made. And if we change the daemons to run, for example, when we disable the Auth daemon and enable the Resolver daemon, there may be an inconsistency between such static MIB and the statistics list which is dynamically answered by the Stats daemon. * There might be name duplication in MIB. For example, if one name authQueriestcp is defined in MIB as two different OIDs .1.3.6.1.4.1.2021.255.0.0 and .1.3.6.1.4.1.2021.255.0.2.0.2, we can access to the object firstly matched in MIB by authQueriestcp but we cannot access secondly matched one by same way. Improve current data mapping between specfile and MIB to resolve these design issues, and then revise the document StatsModule#StatsSnmp.

1569

defect

1326821487398082

1328718154706396

Unclassified

medium

jelte

DHCP Outstanding Tasks

new

IFaceMgrTest fails on some systems

It may be the ifconfig output format, or perhaps that some systems have a few non-default virtual interfaces). It certainly fails on my Ubuntu system, and apparently on vorner’s gentoo as well. [ RUN ] IfaceMgrTest.getIface Interface checks. Please ignore socket binding errors. IfaceMgr initialization. Linux: detecting interfaces. Detected interface lo/1, hwtype=772, maclen=6, mac=00:00:00:00:00:00, flags=10049(LOOPBACK UP RUNNING ) 2 addr(s): 127.0.0.1 ::1 Detected interface eth0/2, hwtype=1, maclen=6, mac=20:cf:30:db:d9:19, flags=11043(UP RUNNING MULTICAST BROADCAST ) 3 addr(s): 192.168.8.30 2001:470:1f15:17ba:22cf:30ff:fedb:d919 fe80::22cf:30ff:fedb:d919 Detected interface virbr0/3, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST ) 1 addr(s): 192.168.122.1 Detected interface vnet0/5, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST ) 1 addr(s): fe80::fc54:ff:fe49:3c6f There are 8 interfaces. lo/1 eth0/2 virbr0/3 vnet0/5 lo1/1 eth5/2 en3/5 e1000g0/3 iface_mgr_unittest.cc:207: Failure Value of: tmp->getName() Actual: “vnet0” Expected: “en3” [ FAILED ] IfaceMgrTest.getIface (1 ms) If this isn’t fixed for the release, I propose we simply disable it in the release branch.

1572

task

1326868754682390

1389878540361599

data source

medium

jinmei

new

DS query handling in database data source

See #1571. We need to do the same thing for the `DatabaseClient`. (But this should go to the backlog for the moment, according to our current task priorities).

1589

task

1326889420293980

1328718171476250

Unclassified

medium

vorner

new

Portconfig redesign

The isc::server_common::portconfig would need a little bit of redesigning. The logic with the state is not entirely clean, it might become an object holding the configuration and be able to apply it. Also a better error handling might be helpful. And it would be good if the portconfig::test_mode wouldn’t be necessary.

1590

defect

1326889474949114

1328718355583811

Unclassified

medium

vorner

new

Make SocketCreator not a singleton

It might be cleaner to have a local object.

1591

defect

1326889550549884

1328718371895885

Unclassified

medium

vorner

new

Handle the case when application can’t inform boss about released socket.

If the communication with the boss fails, it might end up in inconsistent state. We should at last kill the application and start over.

1592

task

1326889631478056

1328718386656768

Unclassified

medium

vorner

new

Move testutils/socket_request.h

Moving it somewhere from testutils (possibly server_common/tests) will make it possible to have a corresponding .cc file and hide the details and gtest.h header.

1594

task

1326889844284424

1328718406743593

Unclassified

medium

vorner

new

Use different place for socketcreator master socket

The unix domain socket is currently placed under /tmp. This might arguably not the best place for it, at last because of consistency. We should discuss it and move it somewhere else.

1609

task

1327054489254688

1368439257140873

dhcp

medium

UnAssigned

stephen

DHCP Outstanding Tasks

assigned

Review object breakdown of DHCP code

Review the object structure of the BIND 10 DHCP code to date and make recommendations about any refactoring needed.

1624

defect

1327415052754054

1329823712899211

Unclassified

medium

jreed

new

Unable to start b10-msgq, but it is started and running

I started bind10 —verbose: 2012-01-24 08:15:22.099 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20111129) 2012-01-24 08:15:22.119 DEBUG [b10-boss.boss] BIND10_CHECK_MSGQ_ALREADY_RUNNING checking if msgq is already running 2012-01-24 08:15:22.138 INFO [b10-boss.boss] BIND10_CONFIGURATOR_START bind10 component configurator is starting up 2012-01-24 08:15:22.158 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_BUILD building plan ‘{}’ -> ‘{’sockcreator’: {’priority’: 200, ‘kind’: ‘core’, ‘special’: ‘sockcreator’}, ‘msgq’: {’priority’: 199, ‘kind’: ‘core’, ‘special’: ‘msgq’}, ‘cfgmgr’: {’priority’: 198, ‘kind’: ‘core’, ‘special’: ‘cfgmgr’}}’ 2012-01-24 08:15:22.176 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_RUN running plan of 3 tasks 2012-01-24 08:15:22.192 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on Socket creator 2012-01-24 08:15:22.214 INFO [b10-boss.boss] BIND10_COMPONENT_START component Socket creator is starting 2012-01-24 08:15:22.294 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser 2012-01-24 08:15:22.314 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-sockcreator (PID 8761) 2012-01-24 08:15:22.334 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on msgq 2012-01-24 08:15:22.354 INFO [b10-boss.boss] BIND10_COMPONENT_START component msgq is starting 2012-01-24 08:15:22.371 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq 2012-01-24 08:15:22.619 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-msgq (PID 6349) 2012-01-24 08:15:27.753 ERROR [b10-boss.boss] BIND10_COMPONENT_START_EXCEPTION component msgq failed to start: Unable to connect to c-channel after 5 seconds 2012-01-24 08:15:27.757 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component msgq (pid None) failed with unknown exit status 2012-01-24 08:15:27.758 FATAL [b10-boss.boss] BIND10_COMPONENT_UNSATISFIED component msgq is required to run and failed 2012-01-24 08:15:27.759 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 1 of 3 done 2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes 2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process Socket creator 2012-01-24 08:15:27.761 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator 2012-01-24 08:15:27.769 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during startup: Unable to start b10-msgq: Component failed during startup Now it has been a few minutes b10-msgq hasn’t exited yet. I sent a term signal to it and it exited. I could repeat this.

1625

defect

1327420316714945

1333469720780363

bind-ctl

low

jreed

new

config go to a list confusion

> config go Auth/listen_on /Auth/listen_on> config show Auth/listen_on[0]/address “::” string (default) Auth/listen_on[0]/port 53 integer (default) Auth/listen_on[1]/address “0.0.0.0” string (default) Auth/listen_on[1]/port 53 integer (default) /Auth/listen_on> config set Auth/listen_on[0]/port 5300 Error: /Auth/listen_on/Auth/listen_on[0]/port not found /Auth/listen_on> config go / > config show Auth Auth/database_file “/home/reed/builder/work/BIND10/20120124093934-NetBSD5-i386/install/var/bind10-devel/zone.sqlite3” string (default) Auth/datasources [] list (default) Auth/statistics-interval 60 integer (default) Auth/listen_on/ list (default) > config go Auth/listen_on /Auth/listen_on> config set [0]/port 5300 The show output is not prefixed with a slash, that makes it appear that the “go” didn’t work or that is configurables below current location. Maybe it should prefix a slash or only show the item, for example: > config go /Auth/listen_on /Auth/listen_on> config show [0]/address “::” string (default) [0]/port 53 integer (default) [1]/address “0.0.0.0” string (default) [1]/port 53 integer (default) (Note above does not exist yet.)

1629

defect

1327506670328527

1359562886790256

logging

medium

UnAssigned

jreed

assigned

logging with garbage in it

See https://lists.isc.org/pipermail/bind10-dev/2011-December/002901.html There was a timeout in a lettuce test on December 6. Wait for bind10 stderr message CMDCTL_STARTED The stderr output has garbage in it. (I piped through cat v so I could paste it.) }} Today on same system I saw another corrupted log file : macmini:system jreed$ grepa –1 ‘[[:cntrl:]]’ ./ixfr/in-2/nsx2/bind10.run

cat -v 2012-01-25 03:58:52.408 DEBUG [b10-cmdctl.cmdctl] CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080 2012-01-25 03:58:52.429 012-01-25 03:58:52.428IINFO ^^ @^XFROUT_NEW_CONFIG Update xfrout configuration^^^^^^^^^^^^^^^^^^^^^^^<br>^2012-01-25 03:58:52.429 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done 2012-01-25 03:59:07.946 INFO [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_STARTED IXFR transfer of zone example/IN started Looks like corruption in same place.

1630

task

1327515699493178

1327515699493178

Unclassified

low

jreed

shane

new

Change automatic unit test reporter to warn if percentage of coverage goes down

This item came up from the face to face meeting. With our current policies, any new code should have unit tests. This means that our test coverage percentage should never go down. The idea of this ticket is for the scripts that we run automatically to produce coverage reports to send an e-mail if it discovers that our test coverage has declined.

1631

task

1327516267222093

1329463682149414

Unclassified

medium

shane

new

Turn goals for documentation into a plan to produce

This ticket comes from the BIND 10 face to face meeting. We came up with a proposed structure of documentation, and need to create a plan to actually making that happen.

1632

task

1327516567137440

1343912070022677

Unclassified

medium

jreed

shane

new

Experiment using Doxygen for Python

This action came out of the BIND 10 face to face meeting. We currently use pydoc for our Python documentation, and doxygen for our C++ documentation. However, apparently doxygen can work for both. We need to investigate what is needed to use doxygen for our Python documentation.

1636

task

1327565743235142

1344438981978028

Unclassified

medium

shane

shane

accepted

Redesign the BIND 10 Wiki

The BIND 10 wiki is not helpful for most people landing there. This needs to be redesigned.

1645

task

1328271184994582

1328271184994582

Unclassified

medium

shane

new

Add anti-spam facilities to Trac

We are starting to have non-trivial amounts of Trac spam, so we need to investigate tools to block this when possible, or minimize the effects in some way.

1647

defect

1328523121240668

1328805729377714

xfrout

medium

jelte

new

logging in xfrout is incomplete

Some error conditions in xfrout should be logged, such as tsig key mismatch. See for starters https://lists.isc.org/pipermail/bind10-users/2012-February/000168.html but we should probably go through the module and add other log messages as well.

1652

enhancement

1328620423271737

1328820919398110

msgq

low

jreed

new

msgq write to stderr on startup and exit status

If msgq has a failure when it attempts to start, it should write to stderr and also have return some exit status indicating the problem. (As mentioned in F2F 2012-01.)

1653

defect

1328620761245706

1394116652575675

Boss of BIND

very low

jreed

Common Outstanding Tasks

new

too much output at startup

(As discussed at F2F 2012-01.) Reduce the logging output for startup of bind10. For example has both BIND10_COMPONENT_START and BIND10_STARTING_PROCESS at INFO. And other components indicate own startup too like RESOLVER_STARTING. Maybe use a DEBUG level for these?

1654

defect

1328620862874551

1328828613174652

xfrout

very low

jreed

new

reduce xfrout logging

Reduce xfrout logging. For example both of these are INFO: 2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration 2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done Maybe one or both can be DEBUG.

1656

defect

1328621163310965

1392911711044514

Unclassified

low

jreed

DNS Outstanding Tasks

new

ZONEMGR_NO_SOA should not warn when adding new zone

It should not WARN the ZONEMGR_NO_SOA when adding a new zone.

1657

defect

1328621237107039

1328810368022696

Unclassified

medium

jreed

new

zonemgr should not ask for IXFR on new zone

zonemgr should not ask for IXFR on new zone. It should do AXFR.

1658

enhancement

1328621723577463

1328821085547843

logging

low

jreed

new

log when adding new configuring new logging

When adding or changing to a new logging configuration (loggers, output), then log about it to that new output — that is a single line to introduce it.

1659

defect

1328621858996557

1328812632272980

configuration

medium

jreed

new

be able to view default list configurations

If using bindctl, you can view a list that has the default configurations. You should be able to view all configurations even if defaults (so don’t have to go find the spec file and interpret it manually).

1661

defect

1328622693273693

1328821109597944

bind-ctl

low

jreed

new

config go strangeness

Check this out: > config go Xfrin/transfers_in /Xfrin/transfers_in> config go .. /Xfrin> config go zones/ /Xfrin/zones> config go .. /Xfrin> config go zones /Xfrin/zones> config show Xfrin/zones[0]/name “foo” string Xfrin/zones[0]/class “IN” string (default) Xfrin/zones[0]/master_addr “192.168.2.3” string Xfrin/zones[0]/master_port 53 integer (default) Xfrin/zones[0]/tsig_key null string Xfrin/zones[0]/use_ixfr false boolean (default) /Xfrin/zones> config go zones[0]/use_ixfr Error: /Xfrin/zones/zones[0]/use_ixfr not found /Xfrin/zones> config go [0] /Xfrin/zones[0]> config show Xfrin/zones[0]/name “foo” string Xfrin/zones[0]/class “IN” string (default) Xfrin/zones[0]/master_addr “192.168.2.3” string Xfrin/zones[0]/master_port 53 integer (default) Xfrin/zones[0]/tsig_key null string Xfrin/zones[0]/use_ixfr false boolean (default) /Xfrin/zones[0]> config go tsig_key Error: /Xfrin/zones[0]/tsig_key not found /Xfrin/zones[0]> config go /Xfrin/zones[0]/master_addr /Xfrin/zones[0]/master_addr> config show Xfrin/zones[0]/master_addr “192.168.2.3” string /Xfrin/zones[0]/master_addr> config go .. /Xfrin/zones[0]> config go master_addr /Xfrin/zones[0]/master_addr> config go .. /Xfrin/zones[0]> config go /Xfrin/zones[0]/tsig_key Error: /Xfrin/zones[0]/tsig_key not found /Xfrin/zones[0]> config show /Xfrin/zones[0]/tsig_key Error: Xfrin not found /Xfrin/zones[0]> config show /Xfrin Error: Xfrin not found /Xfrin/zones[0]> config go .. /Xfrin> config go .. > config show /Xfrin Xfrin/transfers_in 10 integer (default) Xfrin/zones/ list Sometimes it works and sometimes it doesn’t. Notice how it can’t go into tsig_key. Also noitce that /Xfrin is not found.

1662

task

1328622766732752

1329823713576974

documentation

medium

jreed

new

documentation: logging quick start examples

For the guide, have some quick start examples for logging in addition or instead of the tutorial.

1663

task

1328623332829622

1328627735816334

Unclassified

medium

jreed

new

doxygen generation automated on builder

Add a doxygen build task to one system on the build farm. The verbose output may need to be parsed or reduced and trigger failure on some types of issues.

1664

enhancement

1328623686802418

1328821126663106

build system

low

UnAssigned

jreed

new

configure provide more help for building

Have configure have some output about “If having problem building …” even in —help output. Maybe point to documentation, websites, list addresses.

1670

enhancement

1328882972995808

1394116840891047

b10-auth

medium

Dr. Jeffry A. Spain

DNS Outstanding Tasks

new

Ability to control version.bind output

Question from the users mailing list: In bind10-devel-20120119, how can the response to ‘dig @server version.bind. CH TXT’ be disabled in a manner equivalent to ‘options { version none; };’ in bind9? Thanks. https://lists.isc.org/pipermail/bind10-users/2012-February/000184.html AFAIK this is not possible, but it should be easy and useful to add.

1672

defect

1329168961119532

1392912620635197

resolver

low

Jeffry A. Spain

DNS Outstanding Tasks

new

b10-resolver crashing with status 11 when compiled with —enable-boost-threads

In my most recent build of bind10-devel-20110119, built according to http://bind10.isc.org/wiki/SystemNotesUbuntuOneiric, b10-resolver is failing after being given the query ‘dig @localhost jaspain.net a’, or any query for that matter. Most of the installed prerequisites are newer versions than those in the standard Ubuntu packages that I have used previously with success, so I will try to figure out which one may be causing the problem. Based on the following log excerpts, if you have a sense of where the problem lies, would you please let me know. Thanks. The following is log from bind10-users mailing list. https://lists.isc.org/pipermail/bind10-users/2012-February/000216.html Apparently any query caused resolver to crash. 2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_ACCEPTED query accepted: ‘jaspain.net./A/IN’ from 127.0.0.1#37965 2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_NORMAL_QUERY processing normal query 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 2) 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RECQ_CACHE_NO_FIND did not find in the cache, starting RunningQuery (resolve() instance 2) 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone . in the NSAS 2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone . 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve <. IN NS> (resolve() instance 1) 2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_FIND_NS_ADDRESS asking resolver to obtain A and AAAA records for l.root-servers.net. 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1) 2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1) 2012-02-12 23:00:20.676 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone net. 2012-02-12 23:00:20.676 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1) 2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 20 of sockets disconnected, considering all its sockets closed 2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1855 of b10-resolver ended with status 11 2012-02-12 23:00:20.678 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 1855) failed with 11 exit status 2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting 2012-02-12 23:00:20.678 WARN [b10-boss.boss] BIND10_START_AS_NON_ROOT_RESOLVER starting b10-resolver as a user, not root. This might fail. 2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver 2012-02-12 23:00:20.685 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-resolver (PID 1867)

1674

defect

1329257610581110

1392912596662655

resolver

low

jreed

DNS Outstanding Tasks

new

confusing CACHE_RRSET_REMOVE_OLD

2012-02-14 18:32:18.196 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ams.sns-pb.isc.org./AAAA/IN to make space for new one Why remove old RRSet on first query?

1675

enhancement

1329296537935503

1394116664953487

Boss of BIND

medium

vorner

Common Outstanding Tasks

new

Allow specifying count in an component configuration

Currently, if a user wants to run multiple instances of a component (eg. an auth for each core), multiple copies of the component configuration must be specified in Boss/components. It would be more convenient to have a `count` configuration variable and the system would start so many instances by itself. If the isc.bind10.components.Component class is modified to take care of multiple processes or if multiple component objects are generated from single configuration element is to be decided.

1676

enhancement

1329296772886889

1329823718431454

Unclassified

medium

vorner

new

Differentiate instances of the same components in logs

If multiple instances of a single component are running, it would be convenient to differentiate them in logs in case the outputs are mixed up (eg. have b10-auth-1, b10-auth-2, etc). This might turn out to be an easy extension of #1675, when the system knows it should start n instances of single component, it could provide a different number as a command line argument to each of the instances and the component would modify its name in logs according to this.

1677

enhancement

1329297072638129

1329390620126168

Unclassified

medium

vorner

new

Remove local log level constants

We defined the consistent debug levels (eg. `DBGLVL_START_SHUT`). However, when switching to them, we just redefined the constants used in the existing code to point to these, like this: #!c++ const int DBG_AUTH_START = DBGLVL_START_SHUT; This should be cleaned up and the local constants replaced by the global ones. This should be an easy search&replace, but it could be convenient to split it up into multiple tickets by the components, to have smaller diffs to review.

1679

enhancement

1329298384374814

1336568071055568

Unclassified

medium

vorner

new

Auto-generate backtraces & crash reports

It would be good if whenever a process crashes, a crash report with some useful information is produced and saved somewhere, noted in a log and the admin is asked to send it. The idea is to use whatever is available in the system to get the information, for example use gdb to attach to the process and get the information or use some built-in methods. The crashing process could have a handler for registered all reasonable fatal signals and call a shell script with it’s PID and name and the script would write down system information, call gdb on the PID, produce the backtrace, etc… It might make sense to register the signals for python too (in case it crashes in the wrapper code) and make sure any uncaught exceptions are caught at the highest level and written down to a file. I attach a file which does that (from one of my own projects), it is slightly different, it produces the backtrace to the screen and leaves the gdb running, but it can illustrate the idea. While this relies on having gdb installed on the system and having debug information compiled in (which we could enable by default), it would at least increase the chance of getting useful bug report and make it easier for a user to generate them.

1683

task

1329315225571717

1332237437723377

Unclassified

medium

shane

shane

new

Review all Trac tickets

We need to go through our tickets on the Trac site and check the status of them all. Here’s a link: http://bind10.isc.org/query?status=accepted&status=assigned&status=new&status=reopened&status=reviewing&max=1000&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&col=component&col=time&col=changetime&col=feature&order=id There are over 600, so this will take awhile. Spending a couple hours a day will hopefully get this done in a month or so.

1685

task

1329315368637216

1329315368637216

Unclassified

medium

shane

new

Document and test security procedures

We need to write down how we handle security bugs discovered in BIND 10.

1689

defect

1329387513525977

1392999621271534

Unclassified

medium

shane

DNS Outstanding Tasks

new

Handle RRSIG TTL properly when combining multiple RRSIG into a single RRSet

Apparently we improperly modify the TTL when we are dealing with RRSIG within an RRSet. This came out of discussion on ticket #152: MessageImpl::parseSection() would still need to consider RRSIG type covered when it combines multiple RRSIGs into a single RRset. That would go to a separate ticket.

1694

enhancement

1329402017073627

1330431728587315

bind-ctl

medium

shane

new

bindctl should be able to run when BIND 10 is down

This is a result of a comment in ticket #304. Basically, bindctl should be able to do some things when BIND 10 is not running.

1700

task

1329906336862876

1329906336862876

Unclassified

medium

shane

new

Trac ticket dependency plugin

We should try to get one of the plugins which supports dependencies between Trac tickets

1706

defect

1329928997058676

1330431986105718

msgq

medium

jreed

new

msgq exiting early? socket.error: [Errno 104] Connection reset by peer

2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 23285) 2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-auth (PID 23286) 2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-zonemgr (PID 23287) 2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats (PID 23288) Traceback (most recent call last): File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 1040, in xfrout_server = XfroutServer() File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 922, in init self.cc.start File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 211, in start self.send_spec File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 389, insend_spec answer, env = self.session.group_recvmsg(False, seq) File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg env, msg = self.recvmsg(nonblock, seq) File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg data = self.receive_full_buffer File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, inreceive_full_buffer raise se File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer self.receive_len_data() File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, inreceive_bytes data = self.socket.recv socket.error: Connection reset by peer Traceback : File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 692, in zonemgrd = Zonemgr File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 517, ininit self.setup_session() File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 536, in setup_session self.module_cc.add_remote_config(AUTH_SPECFILE_LOCATION) File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 349, in add_remote_config answer, env = self.session.group_recvmsg File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg env, msg = self.recvmsg File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, in receive_full_buffer raise se File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, inreceive_full_buffer self.receive_len_data File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, inreceive_len_data new_data = self.receive_bytes File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, inreceive_bytes data = self._socket.recv(size) socket.error: [Errno 104] Connection reset by peer 2012-02-22 11:20:34.443 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 23278 of msgq ended with status 0

1707

defect

1329939626794526

1394116855912999

b10-auth

medium

jreed

DNS Outstanding Tasks

new

Default configuration was used when mistake in different configuration

Default configuration was used when mistake in different configuration: 2012-02-22 13:09:04.846 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created 2012-02-22 13:09:04.855 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to open master file: /home/jreed/dnsbenchsuite/tests/root/root.zone.file-canonical 2012-02-22 13:09:04.887 INFO [b10-boss.boss] BIND10_SOCKET_GET requesting socket [::]:53 of type TCP from the creator 2012-02-22 13:09:04.888 ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 13/Permission denied 2012-02-22 13:09:04.889 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”) 2012-02-22 13:09:04.889 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load of configuration failed: Server configuration failed: “Error creating socket on bind” The only change was the wrong name of the database filename. The config is: {version 2, Auth {datasources [{zones [{origin “.”, file “/home/jreed/dnsbenchsuite/tests/root/root.zone-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]}} So why did the second error above happen? Why did it use port 53? Once I renamed the file, it started fine using port 5300 as expected. I am not sure if this problem is in cfgmgr or auth.

1709

task

1330001822014872

1336467375269802

dhcp

medium

stephen

DHCP Outstanding Tasks

new

Consider alternatives to IOAddress for DHCP

DHCP code needs to get to low-level features of the address object and often needs to know if it is V6 or V4 and get information depending on the result. For this reason, a general IOAddress may not be the best address abstraction to use in DHCP. This ticket will propose an alternative.

1710

enhancement

1330003336406236

1330432045258370

bind-ctl

low

vorner

new

Sort output of config show

Just look at config show of, let’s say, Boss/components. The components are not sorted, which makes it harder to get oriented in the output.

1716

defect

1330094081569678

1366910527020037

Boss of BIND

very low

jreed

new

use DEBUG for BIND10_LOST_SOCKET_CONSUMER and BIND10_SOCKET_CREATED instead of INFO

2012-02-24 08:13:53.616 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 23 2012-02-24 08:24:35.165 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 23 of sockets disconnected, considering all its sockets closed Please use DEBUG instead. (Also it would be nice if the “consumer 23” was identified by name or PID.)

1718

defect

1330109246747787

1330432064257185

data source

low

jreed

new

null data source

From January 2012 face-to-face meeting: Idea: create a null data source to check efficiency of the code. A null data source could also serve as an example if people want to build their own.

1719

task

1330109811186048

1330109811186048

Unclassified

low

jreed

new

Test with bad packets

See #703 Automate tests/tools/badpacket to test auth and resolver with bad packets

1720

task

1330111359741972

1330111359741972

Unclassified

medium

jreed

new

add profiling make target

As discussed at January 2012 face-to-face, make a —with-gprof configure option, and a make profile target which runs query_bench with some set of data.

1723

enhancement

1330524467215903

1331636636281371

statistics

low

jreed

new

access to stats via bindctl

It is not very intuitive for accessing stats. For example to see some entries I tried: Stats show Auth rcode, Stats show Auth.rcode, Stats show auth.rcode.nxrrset, and some others before I learned that I should use “Stats show Auth rcode.refused” I suggest we allow showing a group of stats like Stats show auth, Stats show auth.rcode, and specifically like Stats show auth.rcode.nxrrset.

1724

enhancement

1330524561795476

1331636645298930

statistics

low

jreed

new

access to stats via stats-httpd

This is related to #1723, but want same for the HTTP interface. It would be nice if the following would work to show all items under auth.queries. http://n10.isc.org:8000/bind10/statistics/xml/Auth/queries

1729

defect

1330530157958703

1331571605832006

statistics

medium

jreed

new

cc session timeout causes noisy traceback from b10-stats-httpd

Traceback (most recent call last): File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 203, in receive_full_buffer self.receive_len_data() File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 163, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 149, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 827, in stats_httpd = StatsHttpd File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 187, inin it self.open_mccs File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 199, in open_mccs SPECFILE_LOCATION, self.config_handler, self.command_handler) File “/home/jreed/src/bind10/src/lib/python/isc/config/ccsession.py”, line 186, ininit self.session = Session(socket_file) File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 57, in init env, msg = self.recvmsg(False) File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 121, in recvmsg data = self.receive_full_buffer File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 218, inreceive_full_buffer raise SessionTimeout(“recv() on cc session timed out”) isc.cc.session.SessionTimeout: recv() on cc session timed out Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘_session’” in > ignored 2012-02-29 15:27:37.994 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 13233 of b10-stats-httpd ended with status 256 This is due to same problem as #1726. But I open a new ticket since I think its failure should be friendlier, such as: 2012-02-29 15:27:46.824 ERROR [b10-xfrin.xfrin] XFRIN_UNKNOWN_ERROR unknown error: recv() on cc session timed out or 2012-02-29 15:27:46.854 ERROR [b10-zonemgr.zonemgr] ZONEMGR_SESSION_TIMEOUT timeout on session to command channel daemon By the way, those two examples maybe should use identical format for same error? So original problem to be fixed in #1726. Make the output clean in this ticket.

1730

defect

1330531611749244

1332509420767998

Unclassified

medium

jreed

new

OpenBSD meta ticket

OpenBSD openbsd5-64 5.0 amd64 But it is not enabled in the build farm yet due to some issues: system include header ordering needs #1644 incomplete pc file for botan and wrong filename for botan-config #1640 perfdhcp.c uses pselect #1639 IntervalTimerTest.invalidArgumentToIntervalTimer failure #1727 python import and versioned modules #1728 HashTest tests fail on OpenBSD #1812 IfaceMgrTest.sendReceive6 test hangs on OpenBSD #1824 CC Session timeouts / ConfigManager not responding (on OpenBSD) #1829 install-sh issue on OpenBSD #1835

1734

defect

1330551648536980

1331571692456641

Boss of BIND

medium

jreed

new

ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component … failed with 0 exit status

I noticed this when I restart resolver and auth as in #1733. I did: > Resolver shutdown > Auth shutdown The logs showed: … 2012-02-29 15:23:40.820 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “stopping”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’ 2012-02-29 15:23:40.820 INFO [b10-resolver.resolver] RESOLVER_SHUTDOWN resolver shutdown complete 2012-02-29 15:23:40.827 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Resolver’ was sent 2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 11275 of b10-resolver ended with status 0 2012-02-29 15:23:40.828 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 11275) failed with 0 exit status 2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting Notice the “ERROR” for 0 exit status. That seems wrong. I don’t see any error here. Then: … 2012-02-29 15:23:45.847 DEBUG [b10-auth.datasrc] DATASRC_SQLITE_CLOSE closing SQLite database 2012-02-29 15:23:45.848 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache 2012-02-29 15:23:45.848 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Auth’ was sent 2012-02-29 15:23:45.868 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 17 of sockets disconnected, considering all its sockets closed 2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 12084 of b10-auth ended with status 0 2012-02-29 15:23:45.870 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth (pid 12084) failed with 0 exit status 2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-auth is starting Same thing again: ERROR for 0 exit status. These don’t seem to be errors to me.

1737

enhancement

1330563639383383

1331636855978016

statistics

low

jreed

new

store statistics data on shutdown

Feature request: store statistics data on shutdown and maybe re-use it on next startup. Not sure yet. Just opening this ticket so this idea can be recorded. This is not a high priority, since other tools can fetch the XML and then manage how they want.

1740

defect

1330640620273079

1331577732027152

bind-ctl

medium

jreed

new

bindctl crash on stats set

> Stats set Boss boot_time 2012-02-03T22:49:49Z Traceback (most recent call last): File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ‘do’ + cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_Stats’ During handling of the above exception, another exception occurred: Traceback : File “/home/reed/opt/bind10/bin/bindctl”, line 149, in result = tool.run File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run self.cmdloop File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd Cmd.onecmd File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default self.parse_cmd(line) File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 568, in parse_cmd self.validate_cmd(cmd) File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 399, in _validate_cmd cmd.params[param_name] = isc.config.config_data.convert_type(param_spec, cmd.params[param_name]) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 112, in convert_type map = ast.literal_eval(value) File “/usr/pkg/lib/python3.1/ast.py”, line 49, in literal_eval node_or_string = parse(node_or_string, mode=’eval’) File “/usr/pkg/lib/python3.1/ast.py”, line 37, in parse return compile(source, filename, mode, PyCF_ONLY_AST) File “”, line 1 boot_time2012-02-03T22:49:49Z ^ SyntaxError: invalid token Here is another different example: … File “”, line 1 last_update_time“2012-03-01T22:21:42Z” ^ SyntaxError: invalid syntax

1742

enhancement

1330693514506461

1331038947010571

message-library

low

stephen

new

Have message compiler exit with an error if a duplicate message ID is detected

Ticket #1741 reports a case where a duplicate ID is used in a message file. This was only noticed by chance, as the message compiler outputs a warning message but otherwise exits normally. The message compiler should be modified to output an error message when this condition is detected, and to exit with a non-zero status. That would cause a build to stop when a duplicate ID is found and so make the problem more obvious.

1743

task

1330700156041242

1391544186391937

data source

medium

jreed

new

[meta] support NSEC in in-memory datasource

NXDOMAIN result only returns RRSIG for the SOA, but no NSEC. (Additional task is lettuce test(s) — open new tickets as needed.)

1753

task

1330793748465085

1392999461740805

data source

medium

jinmei

jinmei

DNS Outstanding Tasks

assigned

use object pool for in-memory finder contexts

By default ZoneFinder::Context needs to be allocated from heap (by `new`) for every call to find(). The cost would not be negligible for performance sensitive version like the one for the in-memory data source. I’d suggest introducing an object pool such as boost::object_pool so the major resource of Context can be resused over multiple calls to find(). I’d maintain the pool in the `InMemoryClient` that created the finder and use the same pool for all zones. The in-memory version of Context class will need to be “resettable” so we release resources in the context when it goes back to the pool. It will also require some modifications to the base Context call.

1755

defect

1330939939098902

1347891866607468

data source

medium

jinmei

new

“ANY_SUB” query in sqlite3_accessor needs to be updated

See https://lists.isc.org/pipermail/bind10-dev/2012-March/003167.html In short: - we need to revise the query so ‘' will be placed last (and so we'll<br> probably have to use rname instead of name)<br>- let the caller append the '’ I also wonder whether this can correctly detect the following case: Zone has b.example.com. *.example.com. Query a.b.example.com must result in NXDOMAIN, not wildcard match. It’s nicer if we can confirm that too. .

1761

enhancement

1331030390320577

1331635774132797

data source

medium

shane

new

Change the SQLite data source so that it supports binary labels

See the thread started here: https://lists.isc.org/pipermail/bind10-dev/2011-September/002630.html

1765

defect

1331144039722679

1331636583333687

bind-ctl

medium

jreed

new

config go, then config show datasources does no work

> config go Auth /Auth> config show database_file listen_on datasources statistics-interval /Auth> config show datasources /Auth> config show Auth /Auth> config show /Auth Error: Auth not found /Auth> config show data database_file datasources /Auth> config show_json {datasources [{zones [{origin “smallzone”, file “/home/jreed/dnsbenchsuite/tests/smallzone/master.zone.file-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]} /Auth> config show datasources /Auth> config go / > config show Auth/data database_file datasources > config show Auth/data database_file datasources > config show Auth/datasources Auth/datasources[0]/type “memory” string Auth/datasources[0]/class “IN” string (default) Auth/datasources[0]/zones/ list > (notice tab completion in output above) An additional problem is config show /Auth doesn’t work.

1766

enhancement

1331158406719092

1331636915476954

data source

low

jinmei

new

placeholder: python binding for ZoneFinder::Context

It’s currently only in C++. As discussed in http://bind10.isc.org/ticket/1607#comment:11 python binding wasn’t provided because it was not clear if we need it. This ticket is a placeholder for it so we can revisit this point later.

1770

enhancement

1331287704347235

1396529381183472

xfrin

medium

jelte

DNS Outstanding Tasks

new

xfrin command to show transfers in progress

It would be nice to have a command that shows transfers in progress in the xfrin module; possibly with some extended information from the information collected in #1280.

xfrin bindctl

1776

task

1331719471784379

1331917664425822

build system

medium

UnAssigned

shane

assigned

git repository should set version to something

Jeremy proposed that we should set the version string in our software to something. Right now it is whatever the last release was, or sometimes updated since then, but it is not helpful and sometimes misleading. Some notes are available in our [wiki:WeeklyMinutes20120313#Versioninthemasterconfigure.acJeremy5minutes meeting minutes]. Ideally we would set the version string to something like: git-259eea4da2d634ee7cbf28eb34ac076d2a8ed50d We would need a way to override this on our release branches, of course. If we cannot do that, then possibly using just “git” or “master” as the version identifier is okay.

1777

enhancement

1331733353163112

1336592052344382

Unclassified

medium

jelte

new

resetting vectors in auth::Query

#1747 and its predecessors introduced three vectors for storing the rrsets that get added to response messages. These vectors currectly get reserved to contain 64 rrsets each, but in theory they might grow. It was suggested that if they ever become larger than this, it might be good to reset them (back to a reserved size of 64, or whatever value turns out to be good). The idea is that if they are abnormally large, the are replaced by new vectors during reset(). In normal cases this wouldn’t happen (and the overhead is a size check for each). If much larger, the replacement should clear up unused memory for these. But see the discussion in #1747

1797

defect

1331972495039357

1392811741870737

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

CNAME should include auth and additional

b10-auth doesn’t include the authority and additional section in the case of CNAME. This does not necessarily be incorrect per the spec, but I don’t think it’s intentional but rather a bug. I propose we handle it just like the SUCCESS case. (As a bonus) this will also make the big, ugly switch of Query::process() a bit more concise. This should be a pretty easy task.

1801

task

1331999509260329

1336748005828429

Unclassified

medium

jelte

new

NSEC in-mem; lettuce tests for NSEC responses

Create lettuce tests for NSEC responses. On the one hand it should be relatively easy; the framework is already there (we have lettuce tests for NSEC3). OTOH, there may not be a clear (rfc-based) list on what tests to write. Technically, this depends on #1800 (and #1799 and #1798), but in theory these could be written in parallel (or even before; BDD-style).

1811

task

1332132785079358

1336577058868652

Inter-module communication

medium

naokikambe

new

Consider how to address multiple instances

As a result of #1751, each auth instance uses its own PID for addressing itself so that stats would identify one of multiple auth instances. But that way is a short-term narrow solution as discussed in [comment:ticket:1751:10] Furthermore we need a long-term wide solution, not only between auth and stats, for addressing multiple instances.

1817

task

1332236902882641

1336577260560153

data source

medium

vorner

new

Cleanup object for SQLite3 statements

We manually reset a SQLite3 statement each time it is used. This is both little bit too much code and can keep the statement not reset on some unexpected exception (which is not fatal, as we reset the statement before use again, but it is clearly not optimal). The task is to create a class that would hold the statement and reset it on destruction and use it to hold the statements inside the methods using them.

1821

defect

1332341006212027

1336577914147394

Unclassified

medium

jreed

new

inconsistent verbose logging

Some components honor a -v (or —verbose) switch to enable maximum debug logging. But not all is set to maximum. For example, it provides complete logging for “auth” but not “datasrc”. This is confusing. One fix is to either clearly document this. Another fix is to make everything “*” logged at DEBUG 99 when using —verbose.

1822

task

1332342771530688

1336577964165257

logging

medium

jreed

new

review logging details

The task(s) to review existing logging was discussed at the January 2012 F2F. http://bind10.isc.org/wiki/January2012MeetingMinutes#LoggingIssues This probably needs to be broken up into separate tasks maybe by component level. This is to: Review readability and understandability of the log descriptions. Confirm that the log severity is correct. Confirm that debug levels are correct (for example 30 and below is useful for admins, but we have non-developer details at higher levels). Do we have excess messages? Too many messages for same issue? Missing useful logging?

1827

defect

1332430142589214

1340809921054942

build system

medium

UnAssigned

muks

new

Install bind10 shared objects and other resources in versioned directories

bind10 modules (.so) used to have a version in their filenames. Due to issues on OpenBSD, now they’re created without the version. Currently, bind10 modules are installed in `$prefix/libexec/bind10-devel/modules` whereas they should be installed in `$prefix/lib/bind10-devel-/modules` (note the change from libexec to lib and the version added to the directory name). The same should be done for the installation paths of any version-specific resources. Whether we want to implement this should be discussed, and a list of what all need to be versioned should be made. This work would involve build system changes and also some minor changes to code for using the correct paths.

1830

defect

1332444460478829

1336644551015538

Unclassified

medium

jreed

new

traceback in cfgmgr shutdown

The initial problem was caused by some cc session timeouts / cfgmgr not listening as seen in ticket #1829. But shutdown stills seems wrong: 2012-03-22 19:11:34.701 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component cfgmgr is being stopped 2012-03-22 19:11:34.702 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking cfgmgr to shut down … 2012-03-22 19:11:35.729 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to cfgmgr (PID 25628) … 2012-03-22 19:11:35.832 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to b10-cmdctl (PID 7154) 2012-03-22 19:11:35.837 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to msgq (PID 16242) Traceback (most recent call last): 2012-03-22 19:11:35.842 File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 107, in sys.exit(main()) INFO File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 95, in main cm.run() [ File “/home/jreed/src/bind10/src/lib/python/isc/config/cfgmgr.py”, line 526, in run b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to cfgmgr (PID 25628) 2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 7154 of b10-cmdctl ended with status 9 2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 25628 of cfgmgr ended with status 9 2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 16242 of msgq ended with status 9 2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete (Notice how logs are mixed. That is ticket #1704)

1835

task

1332509337004142

1389102214188351

build system

medium

jreed

jreed

accepted

install-sh issue on OpenBSD

/bin/sh /bin/sh /home/jreed/src/bind10/install-sh d //home/jreed/opt/bind10/var/bind10-devel Caused by: $c m 644 install_sh_PROGRAM = ${SHELL} $c install_sh_SCRIPT = ${SHELL} $(install_sh) c mkinstalldirs = $ $d install_sh = ${SHELL} /home/jreed/src/bind10/install-sh $ /bin/sh /bin/sh /bin/sh[2]: syntax error: `(’ unexpected The problem is caused by http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-lib_am_header-vars_am and http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-automake_in I reported this to their ports team. I am opening this ticket to track it from our side too.

1837

task

1332770526219153

1336652421972022

Unclassified

medium

jelte

new

log/print b10-dbutil command when db is out of date

If any module (most probably b10-auth) finds that the sqlite3 database it is trying to use is out of date, it should log (or print, if it is a printed error) the command needed to upgrade it, including the full path to the database file(s) e.g. ‘please run b10-dbutil —upgrade /foo/bar/bind10-zones.sqlite3’

1840

task

1332841559982496

1336654818626401

Unclassified

medium

jelte

new

handling several databases at once in b10-dbutil

Right now b10-dbutil can only upgrade one database at a time. It was suggested that it should perhaps be able to do multiple (as you can technically have several database backends at the same time). But it did not seem much of a priority when doing #963, so here is the deferred task.

1841

task

1332841736950079

1336745465447674

Unclassified

low

jelte

new

port b10-dbutil tests to lettuce

The tests created for b10-dbutil in #963 were done in shellscript. We should port them to lettuce tests (these really are system tests anyway)

1842

task

1332850908086397

1336654981957369

Unclassified

medium

vorner

new

Integrate the b10-dbutil into system start

Currently, if the database schema is old, the system starts, but will complain about the problem somewhere in the middle of logs. That is too late. We should integrate a call to `b10-dbutil —check` into the startup, before anything that would provide service is attempted and if it fails, don’t attempt to start it. This task will probably need to be split into smaller ones: * Support for „synchronous“ commands in the boss (currently, a component is forked off and we don’t care much any more until it fails, but this should start it and wait for the process to terminate, either successfully or fail). * Add support to dbutil to read the list of databases from configuration through the message queue. * Include the dbutil invocation in the guide how to enable and start auth.

1844

defect

1332851322907622

1336655517870037

bind-ctl

medium

vorner

new

The config unset help is wrong

If I execute the above command, it prints this: > config unset help Command unset (Unset a configuration value (i.e. revert to the default, if any).) help (Get help for command) Parameters: identifier (string, mandatory) The identifier specifies the config item. Child elements are separated with the ‘/’ character. List indices can be specified with ‘[i]’, where i is an integer specifying the index, starting with 0. Examples: ‘Boss/start_auth’, ‘Recurse/listen_on[0]/address’. If no identifier is given, shows the item at the current location. Which is wrong for several reasons: * The examples are outdated, these no longer exist. * It says it is mandatory, but still includes the „If no identifier is given“ condition. * Talks about showing the item, not clearing it.

1848

defect

1332859129521998

1355947936419631

Unclassified

medium

jreed

new

msgq disappeared causes great shutdown confusion

I received: 2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared I don’t know what caused this. This ticket is mostly about what happens next. It is “fatal” so boss starts a BIND10_SHUTDOWN as expected. 2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared 2012-03-27 07:22:22.964 INFO [b10-boss.boss] BIND10_SHUTDOWN stopping the server 2012-03-27 07:22:22.965 ERROR [b10-boss.config] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe 2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_CONFIGURATOR_STOP bind10 component configurator is shutting down 2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component Socket creator is being stopped 2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_SOCKCREATOR_TERMINATE terminating socket creator Traceback (most recent call last): File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in sys.exit(main()) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main cm.run() File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run answer = self.handle_msg(msg); File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg 2012-03-27 07:22:22.967 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component msgq is being stopped answer = self.handle_module_spec) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, inhandle_module_spec spec.get_full_spec()) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in send_module_spec_to_cmdctl self.cc.group_sendmsg File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg }, isc.cc.message.to_wire) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg cc = self.socket.send(data) socket.error: [Errno 32] Broken pipe 2012-03-27 07:22:22.967 ERROR [b10-auth.cc] CC_READ_ERROR er2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component b10-auth is being stopped 2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking b10-auth to shut down 2012-03-27 07:22:22.977 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 7 done ror reading data from command channel (End of file.)2012-03-27 07:22:22.977 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe) 2012-03-27 07:22:22.977 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe 2012-03-27 07:22:22.980 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file. 2012-03-27 07:22:22.982 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe) 2012-03-27 07:22:22.982 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe 2012-03-27 07:22:22.970 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.) 2012-03-27 07:22:22.984 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file. 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56861 of b10-auth-4 ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56860 of b10-auth-2 ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56859 of b10-auth-3 ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56858 of b10-auth ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56851 of cfgmgr ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56850 of msgq ended with status 256 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56849 of Socket creator ended with status 0 2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete The above is much to noisy and doesn’t give me much clue on what happened.

1849

defect

1332876790346463

1336661869166721

Unclassified

medium

jreed

new

traceback in msgq self.sendbuffs

(as previously mentioned in #1847) This is on the macmini system: Traceback (most recent call last): File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 551, in msgq.run() File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 460, in run self.run_poller() File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 479, in run_poller self.process_write File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 391, inprocess_write (_, msg) = self.sendbuffs[fileno] KeyError: 8323074 I have it configured for four b10-auth components. This happens maybe one out of every five times I try. I have seen it maybe 6 times.

1850

defect

1332877306895467

1336729330422770

Unclassified

medium

jreed

new

core dump at isc::server_common::portconfig::installListenAddresses when Error while reading data from cc session

on macmini: core from b10-auth #0 0x930a3176 in __kill () #1 0x930a3168 in kill$UNIX2003 () #2 0x9313589d in raise () #3 0x9314b9bc in abort () #4 0x00653347 in isc::server_common::portconfig::installListenAddresses () #5 0x0000d29d in AuthSrv::setListenAddresses () #6 0x0001bccc in (anonymous namespace)::ListenAddressConfig::build () #7 0x0001b0e3 in configureAuthServer () #8 0x0000dce6 in AuthSrv::updateConfig () #9 0x00024f89 in (anonymous namespace)::my_config_handler () #10 0x00396760 in isc::config::ModuleCCSession::handleConfigUpdate () #11 0x003985c1 in isc::config::ModuleCCSession::ModuleCCSession () #12 0x00025846 in main () This was configured with four b10-auth components. I think the corresponding logging is: 2012-03-27 12:32:10.427 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file. There were several “Error while reading data from cc session” and CC_READ_ERROR and a traceback in b10-cfgmgr at same time: Traceback (most recent call last): File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in sys.exit(main()) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main cm.run() File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run answer = self.handle_msg(msg); File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg answer = self.handle_module_spec) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, inhandle_module_spec spec.get_full_spec()) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in _send_module_spec_to_cmdctl rver_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file. self.cc.group_sendmsg(spec_update, “Cmdctl”) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg 2012-03-27 12:32:10.427 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth-4 (pid 34532) failed: process exited normally with exit status 256 }, isc.cc.message.to_wire(msg)) File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg (note that some regular logging is mixed in above)

1851

defect

1332881865392315

1360930892151771

Unclassified

medium

UnAssigned

jreed

assigned

finding python modules should not append

for example my installed bind10 has: import sys; sys.path.append (‘/var/users/jreed/dnsbench/work/master/201203272003 37/install/lib/python3.1/site-packages’) … from bind10_config import LIBEXECPATH But the LIBEXECPATH is defined from the /usr/local/lib/ version of bind10_config.py and not my version in my path above. This causes all types of confusion when communicating with wrong msgq and cfgmgr so gets wrong configurations.

1854

enhancement

1332944504898895

1336730512437894

Unclassified

medium

jreed

new

directory for configuration files

Currently for in-memory datasource (and other configurations), the file may be an absolute path to the master zone file or it is relative to the directory BIND 10 is started from. That behavior may be dangerous I think since you never know where the admin will be located when running bind10 boss. But it is useful for testing. We should have some default directory configurable. And if not set this means relative. (jelte’s idea from jabber) (Or maybe set to “.” for relative?)

1855

defect

1332945511404703

1336730692492694

Unclassified

medium

jreed

new

Error: Unknown configuration identifier: datasources/

Reporting error… should say what is missing or wrong: > config set Auth/datasources[0]/type “” > config commit Error: Unknown configuration identifier: datasources/ Configuration not committed 2012-03-28 10:17:07.641 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Unknown configuration identifier: datasources/ 2012-03-28 10:17:07.642 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Unknown configuration identifier: datasources/ I was attempting to change a working “memory” zone to “” to disable it (as a test).

1859

defect

1333031352406559

1336731045404127

Unclassified

medium

jreed

new

many auth servers results in Unable to open domain socket on macmini

I can reproduce the following frequently on the macmini system by attempting to run around 15 b10-auth components: 2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 19, to “4f746d5e_12@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3455974382” } ] }’) 2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 18, to “4f746d5e_11@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3513635662” } ] }’) 2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused 2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused 2012-03-29 07:10:38.819 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 37 Other times I get other failures like in #1850 or like: 2012-03-29 07:13:47.201 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.) 2012-03-29 07:13:47.201 DEBUG [b10-auth.cc] CC_DISCONNECT disconnecting from message queue daemon 2012-03-29 07:13:47.202 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file. 2012-03-29 07:13:47.202 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache (Also often my sockcreator is left running.) I used the following script to generate my configuration: #!/usr/bin/awk -f BEGIN{ print “{ersion 2,”; print “uth {atasources [”; print “{ones [{rigin xample ile ests/smallzone/master.zone.file-canonical}], ype emory}],”; print “isten_on [{ort 5300, ddress 27.0.0.1}]},”; print “oss {omponents {”; for (i = 1; i <= ARGV[1]; i++) { print “10-auth-” i “ {ind eeded pecial uth}”; if (i < ARGV[1]) { print “,”; } } print “”; } The command line argument is the number of b10-auth components to run. I think this is a macmini or portability issue. I can run 50 of the b10-auth server components on Linux fine.

1861

defect

1333129676122232

1350619070112693

data source

medium

jinmei

new

SQLite3 DB creation code should be consolidated

With the introduction of b10-dbutil, we now have 4 places that create initial DB file for the SQLite3 data source: - isc.datasrc.sqlite3_ds Python module (used by b10-loadzone) - two places in C++ libdatasrc (old and new APIs) - b10-dbutil (although, technically, it only does ‘upgrade’ rather than ‘create’) This is obviously bad. Although some of the above will be retired (hopefully) soon, we should basically maintain the DB schema only in a single place. My suggestion is to introduce a python module that defines the latest SQLite3 schema, and have dbutil use it. b10-dbutil wold also have a “create” option, and on ‘make install’ we not only check compatibility but also create a new one if the DB file doesn’t exist. After that, remove the DB creation code from libdatasrc.

1862

enhancement

1333129799230681

1336126333995496

data source

medium

jinmei

new

have b10-dbutil reports upgrade progress

It could take long time to upgrade a large SQLite3 DB file to a new version. It would be nice if it could keep showing the progress like b10-loadzone.

1864

defect

1333137073260916

1336731070940783

Unclassified

medium

jreed

new

bindctl help help is indented too many

help in bindctl shows indented “help”. It has one too many tabs: $ echo Stats show help

bindctl

cat -tv Command show I (Show the specified/all statistics data) I^Ihelp (Get help for command) Parameters: owner (string, optional) module name of the owner of the statistics data name (string, optional) statistics item name of the owner Exit from bindctl

1865

task

1333139411442035

1336126350407522

libdns++

medium

UnAssigned

jinmei

new

python wrapper for findNSEC3

Not for any urgency, but for completeness. Shouldn’t be difficult.

1867

task

1333175462970721

1394116865894633

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

use util::io::SocketSessionForwarder for passing xfr from auth to xfrout

I believe this will also help resolve various issues in xfrout such as busy loop-like problem. Both auth and xfrout need to be updated, but that will probably be too big for a single task, so I propose we first update auth, only with unittests, and keeping the current code for the actual operation. xfrout part is #1868. Once the xfrout part is completed, we’ll switch the auth part too.

1868

task

1333175654854404

1334677602625827

xfrout

medium

jinmei

new

use SocketSessionReceiver for receiving xfr messages from b10-auth at xfrout

This is the xfrout part of #1867 (and depends on it). With this change, we can also eliminate the hack of `_guess_remote()` because the `SocketSession` framework also forwards the source address information. We’ll also update b10-auth to enable the code using `SocketSessionForwarder` for forwarding xfr messages.

1871

defect

1333237139536879

1353314743437578

build system

medium

UnAssigned

jinmei

new

cleanup: unify pydnspp and isc.dns to the latter

Just as we agreed before. Also, it’s probably better to move src/lib/dns/python to src/lib/python/isc/dns.

1874

defect

1333551385070802

1336731318521911

Unclassified

medium

jreed

new

xfrout traceback EOF read where not expected

This is on OpenBSD. I started bind10 as non-root using no custom configuration. 2012-04-04 14:46:24.649 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-xfrout is starting 2012-04-04 14:46:24.743 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-xfrout … 2012-04-04 14:46:25.229 INFO [b10-boss.boss] BIND10_SOCKET_GET requesting socket [::]:53 of type TCP from the creator 2012-04-04 14:46:25.229 ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 1/Operation not permitted 2012-04-04 14:46:25.231 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”) 2012-04-04 14:46:25.231 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load of configuration failed: Server configuration failed: “Error creating socket on bind” 2012-04-04 14:46:25.233 INFO [b10-auth.auth] AUTH_SERVER_STARTED server started Traceback (most recent call last): File “/home/jreed/builder/work/BIND10/20120404131458-OpenBSD5-amd64/install/libexec/bind10-devel/b10-xfrout”, line 30, in from isc.notify import notify_out 2012-04-04 14:46:25.470 File “/home/jreed/builder/work/BIND10/20120404131458-OpenBSD5-amd64/install/lib/python3.2/site-packages/isc/notify/init.py”, line 1, in from isc.notify.notify_out import * INFOEOFError: EOF read where not expected [2012-04-04 14:46:25.535b10-stats.stats2012-04-04 14:46:25.540] STATS_STARTING startingINFO [b10-boss.boss] BIND10_PROCESS_ENDED process 8258 of b10-xfrout ended with status 256 2012-04-04 14:46:25.545 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-xfrout (pid 8258) failed: process exited normally with exit status 256 DEBUG [b10-cmdctl.cmdctl] CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080 2012-04-04 14:46:25.614 DEBUG [b10-stats-httpd.stats-httpd] STATHTTPD_STARTING_CC_SESSION starting cc session 2012-04-04 14:46:25.637 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000 2012-04-04 14:46:34.751 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-xfrout is starting 2012-04-04 14:46:34.751 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-xfrout 2012-04-04 14:46:35.068 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration 2012-04-04 14:46:35.069 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done First time xfrout failed, but it was restarted.

1875

enhancement

1333551990124337

1392999665435486

Unclassified

medium

jreed

DNS Outstanding Tasks

new

bindctl query zone database

For troubleshooting, it may be useful to allow bindctl to query the zone database(s) to bypass DNS server, bypass ACLs, etc. Maybe a DataSrc module, such as: $ echo datasrc query name=www.example.net class=IN type=A

bindctl { Zone “example.net.”, Datasrc “in-memory”, name “www.example.net.”, class “IN”, ttl 1200, type “A” } (Something like that.) This is a low priority feature request.

1876

enhancement

1333552555735348

1373458366327233

configuration

medium

jreed

new

consistent and lowercase configuration command names, module names

Configuration command names should match the executable names or maybe the name without the b10-prefix. Or allow both to work. For example: “stats-httpd show”. Lower case bindctl commands should work. And related (from jinmei): I’d also suggest we generally be more consistent about “Auth” vs “auth” etc, and I’d rather use the latter more consistently. For example, the module name for auth in the spec file could be “auth”, instead of Auth module_name “Auth”, I think this is one task, but if not, then make a separate ticket for this.

1877

enhancement

1333552920154173

1336731623052919

bind-ctl

medium

jreed

new

bindctl: help module command

bindctl “help” should be more intuitive. “Stats help show” does not work. “Stats show help” does work. Jelte suggested: “help stats show” — we have three other votes for this feature suggestion of “help module command”. (The lowercase module name is ticket #1876.) Also while here maybe the help output should restate the module name: > help stats show stats Command show (Show the specified/all statistics data) help (Get help for command) Parameters: owner (string, optional) module name of the owner of the statistics data name (string, optional) statistics item name of the owner Not sure what to do with the “help” in example above if we’d keep that syntax too.

1879

defect

1333576723604465

1339224705535780

Unclassified

medium

jinmei

new

unify “scoped socket” helper class

We have several copies of something like `ScopedSocket` (see, e.g., src/lib/util/io/socketsession.cc). To avoid having duplicate code we should unify them. maybe it makes most sense to be moved from inside socketsession.cc to a separate header file under util/io, and have all others refer to it. See also http://bind10.isc.org/ticket/1820#comment:8

1881

enhancement

1333646112010919

1394116881176322

b10-auth

medium

jreed

DNS Outstanding Tasks

new

b10-auth behavior when XFR not expected to answer

This is from this https://lists.isc.org/pipermail/bind10-dev/2011-December/002961.html thread on bind10-dev mailing list: On Tue, 20 Dec 2011, JINMEI Tatuya / ???? wrote: > It’s also strange to me that b10-auth still doesn’t consume 100% CPU > time even if it should be too busy and actually drops queries. > > Maybe related to this point, I guess we should allow b10-auth simply > returns REFUSED or some other error to xfr requests immediately if > it’s not expected to answer them. The ability of disabling xfrout is > nice, but what it currently means that b10-auth tries to forward the > requests but fails to establish a connection to xfrout (resulting in > an exception) for every request. That’s an obvious waste, and maybe > that’s the reason for the idle time.

1886

defect

1334253307817980

1336745646607449

Unclassified

very low

jreed

new

CACHE_LOCALZONE_UNKNOWN and CACHE_MESSAGES_UNKNOWN key should show the RR type

2012-04-12 17:43:40.363 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UNKNOWN entry with key k1.isc.org.28 not found in local zone data 2012-04-12 17:43:40.363 DEBUG [b10-resolver.cache] CACHE_MESSAGES_UNKNOWN no entry for k1.isc.org.28 found in the message cache So instead of “28” should show “/AAAA” (see CACHE_RESOLVER_LOOKUP_MSG for example).

1887

defect

1334266643626730

1336732005305853

bind-ctl

medium

jreed

new

config show junk does not fail

> config show kfhdkjdfhkj > I think this should say: Error: kfhdkjdfhkj not found On a related note: > config show Auth/lkfsdhkjdshjk Error: lkfsdhkjdshjk not found > I think that should say: Error: /Auth/lkfsdhkjdshjk not found

1888

defect

1334266955271552

1391062406615661

Unclassified

low

jreed

new

What is IncompleteName?

> config add Xfrout/zone_config > config diff {’Xfrout’: {’zone_config’: [{’origin’: ’’}]}} > config commit 2012-04-12 21:40:56.298 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration 2012-04-12 21:40:56.302 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Failed to handle new configuration: IncompleteName Error: Failed to handle new configuration: IncompleteName Configuration not committed Maybe the error should be more precise on what is incomplete? (origin)

1898

defect

1334680812652536

1355845517550153

logging

medium

jreed

new

losing startup and ongoing bind10 logs

Even if all logging is configured to go to a defined file destination, at startup (-verbose) 130 lines were still output to console. Also later logs may still go to it; see #1897 and #1190. This is noisy and the admin will need own way to manage these separate logs. See http://bind10.isc.org/wiki/WeeklyMinutes20120326 and https://lists.isc.org/pipermail/bind10-dev/2012-March/003281.html for discussion. (Not yet putting suggestions into this ticket. Just opened this ticket so not forgotten.)

1902

defect

1334921275984501

1336126493899654

libdns++

medium

UnAssigned

muks

new

pydnspp should implement wrapper for NameParserException

pydnspp should implement wrapper for NameParserException so that Python scripts can catch NameParserException instead of providing a tuple of various child exceptions.

1903

enhancement

1334943597459011

1336743058191068

Boss of BIND

low

jreed

new

allow bind10 —data-path to be used for msgq_socket (and others)

Ran “bind10 p ~/tmp" fails with: }} That doesn’t tell why. Also why is BIND10_SOCKCREATOR_KILL done? Run it again withv: Traceback (most recent call last): File”/usr/local/libexec/bind10-devel/b10-msgq“, line 545, in setup_result = msgq.setup() File”/usr/local/libexec/bind10-devel/b10-msgq“, line 194, in setup self.setup_listener() File”/usr/local/libexec/bind10-devel/b10-msgq“, line 180, in setup_listener raise e File”/usr/local/libexec/bind10-devel/b10-msgq", line 173, in setup_listener self.listen_socket.bind(self.socket_file) socket.error: [Errno 13] Permission denied Now I see the manual page already mentions that —data-path doesn’t support it yet but may be extended. I am opening this ticket as a feature request so it will work for msgq and other files.

1904

defect

1334951192497114

1336745705538784

cmd-ctl

very low

jreed

new

cmdctl configurations and non-root

If trying to run bind10 without privileges but was installed to system directories then cmdctl can’t read its data files. And so can’t use bindctl to modify the cmdctl configurable settings to select different cmdctl data files. (BIND 10 was installed by someone else and I did’t have root permission on the system when I tried.) There probably should be an easier way. This is low priority. But just opening this so it is not forgot.

1905

defect

1335168057204932

1398197069485483

build system

medium

UnAssigned

cas

assigned

error compiling BIND 10 on Solaris 10 x86pc

High level error: configure:15298: error: Can’t compile against Python.h error in config.log: /opt/csw/lib/gcc/i386-pc-solaris2.10/4.6.3/include-fixed/sys/feature_tests.h:341:2: error: #error “Compiler or options invalid for pre-UN IX 03 X/Open applications and pre-2001 POSIX applications”

1910

defect

1335306460292381

1384947936854931

build system

high

jreed

shane

assigned

“make install” failure

I am trying to install BIND 10 and it fails, complaining about py-compile: test -z “/tmp/bind10/lib/python3.2/site-packages/isc/datasrc”

/bin/mkdir p “/tmp/bind10/lib/python3.2/site-packages/isc/datasrc” /usr/bin/installc -m 644 init.py master.py sqlite3_ds.py ‘/tmp/bind10/lib/python3.2/site-packages/isc/datasrc’ ../../../../../py-compile: Missing argument to —destdir. make[7]: * Error 1 make[7]: Leaving directory `/home/shane/tmp/bind10/src/lib/python/isc/datasrc’ make[6]:* [install-am] Error 2 make[6]: Leaving directory `/home/shane/tmp/bind10/src/lib/python/isc/datasrc’ make[5]: * [install-recursive] Error 1

1913

task

1335400589251896

1335400589251896

libdns++

medium

UnAssigned

jinmei

new

task breakdown for MasterLexer class

Assuming we agreed with introducing something like the `MasterLexer` class (the name is still tentative) briefly described in http://bind10.isc.org/wiki/ZoneLoadingAPIDesign we’ll break its implementation into actual task(s) of a bitable size. What we do is: - understand BIND9’s lib/isc/lex.c, especially its isc_lex_gettoken() - fix the class definition, simplifying the BIND 9 version for our purpose - define a set of tasks to implement it

1915

task

1335691466166465

1366960973250933

msgq

medium

vorner

new

Convenient way of receiving and sending notifications

The CC library should have a function to: * Send a notification by the name of the notification and possibly parameters (slim wrapper around group_sendmsg, mostly just mangling the recipient name). * Register a callback which will be called whenever there’s a notification of a given name. * Unregister a notification. We said the notifications will use some part of the channel namespace, so for example to notify about a new zone, we’d send a message to the address `notifications/new-zone-data` with parameter containing the zone origin and class, maybe even which datasource it is in. The used convention should be documented. The receiving of notifications might depend on #1914, but it is maybe easier to solve by a CC-global map of channels and callbacks independently. Maybe at least the callback class (or whatever it will be) from #1914 should be reused. It should be considered what happens when the same notification is registered multiple times with different callbacks and how to unregister them. While being able to receive multiple callbacks from the same event is more convenient as independent parts of code need not to worry about it, it might also be more complex inside CC then. The decision should be clarified in documentation.

1916

task

1335691891330235

1363702793258173

msgq

medium

vorner

new

Convenient RPC

We need methods `remote_call_sync` and `remote_call_async` on the CC session. They will be mostly wrappers around `group_sendmsg`, `group_recvmsg` and whatever the new method of #1914 will be called. The synchronous one should take the name of module, the command and parameters. The result should be returned as the return value of the method. If an error is returned, it should be turned into an exception. The asynchronous one should get a callback which will be called with either the result or error, but the case should be signalled by a boolean parameter (so it doesn’t have to parse the result). This will rely on #1914.

1917

task

1335692134735404

1337097952242646

msgq

low

vorner

new

Python wrappers for C++ version of CC session

As we want to get rid of separate implementations of python and C+ libraries for this communication, we need to implement the wrapper of the C+ code. The interface should be similar to the current python one, to minimize the amount of porting of modules to the new interface. It should include new methods from #1914, #1915 and #1916. This ticket should either wait for them to finish or it can be split into two parts, one of which is implemented beforehead to allow more parallelism.

1919

task

1335692619296160

1335692619296160

msgq

medium

vorner

new

Shutdown command of msgq

After #1918, we want to add a command to shut down the message queue. This one can then be used in boss on system shutdown. We don’t want to quit the message queue until the shutdown is sent to all modules. This should be solved by some smart ordering inside the boss in the long term, but we may want to have a short delay in the msgq shutdown just for now.

1921

task

1335693198161257

1335693198161257

msgq

medium

vorner

new

Connection and disconnection notifications

The system needs to be notified of modules connecting and disconnecting from the msgq. It should be reported by the msgq daemon itself. This depends on #1918.

1922

defect

1335693380290015

1335693380290015

configuration

medium

vorner

new

Get rid of the „Shutting down“ message

Currently, the config manager needs to know when a module shuts down. The notification is now sent by the module itself, before it shouts down. This is unreliable. We should switch to the notifications from ticket #1921 and drop the current shutting down command.

1923

task

1335696977149216

1337097957711134

msgq

low

vorner

new

Multi-component addressing

This task should expand the addressing capabilities of msgq. Assume that `xyz` is the name of one of the channels there. A message sent there will be delivered to all clients subscribed to the channel. A message sent to `xyz[i]` (variable `i`, for example `xyz[1]`) should be delivered to `i`-th client subscribed to the channel (in some deterministic ordering of the clients). A message sent to `xyz[*]` (literal `*`) is sent to a randomly chosen client subscribed to the channel (new random choice for each message sent there).

1925

task

1335698065785955

1335698065785955

msgq

medium

vorner

new

Answer tracking in msgq

If a message contains `’needs-answer’: true`, the message queue needs to track the message and the answer to it. If the recipient does not send an answer and disconnects, or if a (configurable, with large default) timeout happens, the recipient should be notified by an error. This will help remove the tracking of timeouts from all modules and also make them centrally configurable. Majority of the error cases will be solved without timeouts.

1926

task

1335698530464408

1335698530464408

msgq

medium

vorner

new

RPC reliability

The goal here is to take the methods of #1916 and include the `’needs-answer’: true` in the header part of the messages sent out. Also, we want to remove the timeout handling from modules, as all errors should be handled in msgq in tickets #1924 and #1925. Also, to make sense with multi-instance components, the recipient of RPC message should be done with `[*]`, as we want exactly one answer (as per #1923). The dependency on #1924 and #1925 is soft ‒ the code will work without the changes, but the errors wouldn’t be handled.

1928

task

1335699740527867

1367825737994614

msgq

medium

vorner

new

Msgq tests: failure modes

In addition to #1927 (which should be done first, as we may want to reuse a lot of the code there), we should also test the failure modes, like unclean connection drops (in the middle of receiving or sending a message), protocol violations, infinite blocking, sending a message to self, etc. We need to make sure the daemon will not crash and will continue to provide service to at least other connections.

1929

task

1335700387752667

1335700387752667

msgq

medium

vorner

new

Msgq tests: stresstesting

This is continuation of #1926. The goal here is to test the situation where the message system is under stress and check it doesn’t crash or misbehave. This includes: * Some very large messages. * A lot of messages. * A lot of concurrent connections. * A message that is sent or received only partially and there’s other traffic going elsewhere.

1933

defect

1335914409993651

1394116912240678

b10-auth

medium

jreed

DNS Outstanding Tasks

new

very high load and bad performance with REFUSED

As seen in ticket #1932, all zones were refused due to an error in 1 out of 19 zones. Thsi was a very busy server getting around 17000 packets per second. With one auth server it could only send out around 1300 packets per second. When I added seven other auth servers it could send out 2600 packets per second. (8 CPU system.) The processes all had 100 CPU or very near.<br><br>In most cases, my queries resulted in timeouts or in refused.<br><br>Once the one zone was fixed and reconfigured (I set the file name to same file and ran config commit), the CPU load dropped to 33 for each b10-auth and the no more timeouts.

1935

enhancement

1335915522355632

1336740343315200

logging

medium

jreed

new

test logging

This is a feature request. Add a way for bindctl to test logging. Maybe: > Logging log string name severity debuglevel Logging log “this is a test” “foo.bar” INFO 0 Or use string=“” name=“” severity=“” and debuglevel=“” and some can be optional. It is not friendly or reliable to temporarily configure some high debugging just to verify it works. This would be useful to troubleshoot logging configurations.

1936

enhancement

1335916022356619

1336740941872895

Unclassified

medium

jreed

new

What packet resulted in AUTH_PACKET_PARSE_ERROR ?

2012-05-01 23:27:33.825 DEBUG [b10-auth.auth] AUTH_PACKET_PARSE_ERROR unable to parse received DNS packet: RDLENGTH mismatch: 2 != 0 What packet resulted in AUTH_PACKET_PARSE_ERROR? Getting around 17000 queries per second so hard to know. I got this error 984 times in about 11 seconds. (1000 SERVFAILs were sent.) Documentation has: AUTH_PACKET_PARSE_ERROR unable to parse received DNS packet: %1 This is a debug message, generated by the authoritative server when an attempt to parse a received DNS packet has failed due to something other than a protocol error. The reason for the failure is given in the message; the server will return a SERVFAIL error code to the sender.

1940

task

1335966634974018

1336741891209535

Unclassified

medium

jelte

new

document bindctl execute commands

There is internal documentation on the command (and the directives it handles from its input file/data), but I forgot to include external docs (guide, manpage). Needs to describe: - the command itself - the various built-in commands (currently there is just one) - the file and input format; - lines are simply commands - directives (echo and #comments)

1941

defect

1335985254056418

1346126699229061

statistics

medium

jreed

new

stats lossage (multiple auth servers)

Hopefully this diff shows the problem. A few hours later: — stats.2012-05-02 2012-05-02 14:18:12.000000000 0000 + stats.2012-05-02-b 2012-05-02 18:39:44.0000000000000 @ -2,7 +2,7 <br> "Auth": {<br> "opcode.iquery": 0, <br> "opcode.notify": 0, <br>- "opcode.query": 197712176, <br>+ "opcode.query": 64437582, <br> "opcode.reserved10": 0, <br> "opcode.reserved11": 0, <br> "opcode.reserved12": 0, <br>@ –15,24 15,24 @<br> "opcode.reserved8": 0, <br> "opcode.reserved9": 0, <br> "opcode.status": 0, <br>- "opcode.update": 2174024, <br>- "queries.tcp": 39456, <br>- "queries.udp": 197672720, <br>+ "opcode.update": 670391, <br>+ "queries.tcp": 492, <br>+ "queries.udp": 64437090, <br> "rcode.badvers": 0, <br>- "rcode.formerr": 25186, <br>- "rcode.noerror": 7110972, <br>+ "rcode.formerr": 9432, <br>+ "rcode.noerror": 2167568, <br> "rcode.notauth": 0, <br>- "rcode.notimp": 2174024, <br>+ "rcode.notimp": 670391, <br> "rcode.notzone": 0, <br>- "rcode.nxdomain": 190529535, <br>+ "rcode.nxdomain": 62249923, <br> "rcode.nxrrset": 0, <br>- "rcode.refused": 71657, <br>+ "rcode.refused": 20091, <br> "rcode.reserved11": 0, <br> "rcode.reserved12": 0, <br> "rcode.reserved13": 0, <br> "rcode.reserved14": 0, <br> "rcode.reserved15": 0, <br>- "rcode.servfail": 2295891, <br>+ "rcode.servfail": 693537, <br> "rcode.yxdomain": 0, <br> "rcode.yxrrset": 0<br> }, <br>@ –41,1041,10 @<br> }, <br> "Stats": {<br> "boot_time": "2012-04-26T18:26:48Z", <br>- "last_update_time": "2012-05-02T14:18:10Z", <br>+ "last_update_time": "2012-05-02T18:39:36Z", <br> "lname": "4f999368_7ethel.isc.org“, -”report_time“:”2012-05-02T14:18:12Z“, -”timestamp“: 1335968292.523756 +”report_time“:”2012-05-02T18:39:44Z“, +”timestamp": 1335983984.223934 } } Note that auth servers are restarting often, see ticket #1937.

1943

defect

1336047980463678

1336742012803978

bind-ctl

medium

jreed

new

confusing Error: Bad format in identifier in bindctl

I made two mistakes (add instead of set and typo for closing bracket): > config add Auth/listen_on[22/address 192.175.48.1 Error: Bad format in identifier (] before [): listen_on[Auth But error message is confusing: - ] is not before [, maybe say missing ] ? - what is listen_on[Auth ?

1945

defect

1336119921975999

1339481035769313

build system

medium

UnAssigned

jelte

new

LDADD order in makefiles

In a number of makefiles (mostly for unittests), we link to dependencies (such as gtest) before linking to the bind10 libraries. Since we don’t version every single merge on our libraries, this causes problems on test systems where bind10 happens to be installed to one of the system directories. So we should go through all the Makefiles, and reorder the LDADD directives. Oh and probably put in a comment like # link to bind10 libraries before dependencies

1946

defect

1336140274349390

1336742484061996

Unclassified

medium

jreed

new

log requested address (listen_on config) that failed

At least one of these three log messages should specifically tell me what configuration or requested address failed. With many configured it is difficult to know what causes problem: 2012-05-04 13:19:30.q ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 49/Can’t assign requested address 2012-05-04 13:19:30.q ERROR [b10-resolver.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”) 2012-05-04 13:19:30.q ERROR [b10-resolver.resolver] RESOLVER_CONFIG_ERROR error in configuration: “Error creating socket on bind” Also see #1094 as maybe that should be solved at the same time.

1947

task

1336140761893048

1336742514942722

configuration

medium

jelte

new

‘diffs’ for configuration

Currently, changes in configuration are handled quite ad-hoc; for ‘basic’ items such as strings or numbers, this is not much of a problem, as they are either changed or not. But for lists and maps, it would be better to have specific diffs (values added, removed, updated). Right now when a list item is changed, the whole list is considered to be modified (for instance when you add a listen_on port). This may end up being more than one ticket worth of effort, in which case it’ll become a meta-ticket. It may also be part of a bigger effort (as discussed in the april 2012 F2F) to change how configuration works. Depending on the work we end up creating for that, this ticket should be included (or, if this is included by other ticket(s) for that work, invalidated).

1949

task

1336448139294803

1336742583292277

data source

medium

jinmei

new

proposed sqlite3 schema cleanups

As discussed on https://lists.isc.org/pipermail/bind10-dev/2012-April/003373.html I propose some schema cleanups for the SQLite3 data source: - remove the ‘owner’ column from the nsec3 table - remove the ‘sigtype’ column from the records table - rename ‘rdtype’ to ‘rrtype’ in the records table The first one will require extending the zone iterator API for the database-based data sources. Also, if we do this cleanup before replacing the loadzone tool using the generic API, the second and third ones (especially the latter) will require updating it (more specifically, the isc.datasrc.sqlite3_ds module). dbutil will also need to be updated.

1961

task

1336491574429147

1336745519063483

documentation

low

tomek

new

Doxygen/Developer’s guide improvements

Developer’s guide should: 1. include Python code 2. Maybe link on left list to BIND10 Developer’s Guide should say Index or front page. 3. Do something with “Related Pages” link on the left panel. See ticket #1531 for brief discussion.

1963

task

1336500817439486

1336500817439486

data source

medium

jinmei

new

in-memory NSEC cleanups

As we are now going to start concurrent development for this feature, it’s quite likely that we’ll end up having some duplicate or otherwise redundant code. This ticket is a placeholder to clean up these things. Feature wise it’s not absolutely mandatory, so I’m placing it in the next sprint proposed queue, rather than to the current sprint. This task depends on #1803, #1804, #1805, #1806, #1807, #1808, #1809, (maybe #1810), and #1962.

1965

defect

1336516214430848

1392912565119726

resolver

medium

jreed

DNS Outstanding Tasks

new

resolver returning SERVFAIL

Queries for isc.org/A or related return SERVFAIL from b10-resolver: 2012-05-08 22:19:46.q DEBUG [b10-resolver.resolver] RESOLVER_QUERY_ACCEPTED query accepted: ‘www.isc.org./A/IN’ from 149.20.57.188#64225 2012-05-08 22:19:46.q DEBUG [b10-resolver.resolver] RESOLVER_NORMAL_QUERY processing normal query 2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 2) 2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_RECQ_CACHE_NO_FIND did not find in the cache, starting RunningQuery (resolve() instance 2) 2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS 2012-05-08 22:19:46.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org. 2012-05-08 22:19:48.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS 2012-05-08 22:19:48.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org. 2012-05-08 22:19:50.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS 2012-05-08 22:19:50.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org. 2012-05-08 22:19:52.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS 2012-05-08 22:19:52.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.

1966

defect

1336522632391664

1391068203548032

logging

medium

jinmei

new

logger formatter does too much in the destructor

While working on #1964, I noticed the destructor of the log::Formater class had quite a lot of responsibility. In the context of #1964, the check mode can throw an exception, which is obviously bad. Even with forgetting it, the destructor calls Logger::output(), which internally calls log4cplus modules that we cannot directly control and cannot be really sure if it’s really safe. Although I agree it’s a neat trick to let the destructor finish the output, it seems to me quite fragile to rely on at such a sensitive place as a destructor. I propose an alternative approach, which should be much safer in this regard, and hopefully will not damage the convenience of the current notation too much: - introduce another method to `Formatter`, say, output(). It calls logger_>output. In the check mode, it also performs the “excess placeholder” check, and throws an exception if it finds an error. It records the fact it’s called so that it cannot be called more than once . (not absolutely necessary but for convenience) also introduce another additional method, say, endarg(). It’s similar to arg(), but it also calls the newly introduced output(). - the `Formatter` constructor now only does simpler and safer cleanup, such as deleting the message (btw, it seems to be possible that the message can leak depending on how the formatter is constructed. We should also fix that). Also, in the check mode, it checks whether output() has been called (or an exception has been thrown due to the format check error), and if not, abort the program by assert() (note that we cannot throw here). - The caller is responsible for completing the logging statements with either endarg() or explicit output(). If broken, we’ll lose that log message in the normal mode, and we should be able to detect that via an automated test that uses the check mode. A bonus of this approach is that we can now use exception for the “excess placeholder” check, which was changed to assert() in #1964 as an urgent care regression fix.

1970

defect

1336722259437328

1336742930232087

xfrout

medium

jelte

new

xfrout only reads zone list on startup

If you add a zone in any way, xfrout does not now about it until it is restarted, which is obviously wrong and annoying for users. This has been reported: https://lists.isc.org/pipermail/bind10-users/2012-May/000328.html I am not sure when we intended to do the more general xfrout fixes, if not soon I suggest we come up with a workaround for this (for instance trigger a reload if it sees a config update containing zones going to auth, but any approach is fine with me, maybe even a fixed ‘reread zones’ command)

1972

task

1336803332893735

1338309195499652

statistics

high

jinmei

new

redesign statistics spec

The current way of defining statistics counters is not really manageable. See auth.spec: we repeat something like this for 16 times: { item_name “opcode.query”, item_type “integer”, item_optional true, item_default 0, item_title “Received query requests”, item_description “The number of total request counts whose opcode is query” }, for the 16 per-opcode statistics counters. This approach won’t be feasible for larger scale counters such as per RR-type ones. It’s also not clear how we define the spec of per zone counters. This is a design task where we revisit the spec design so that it will be applicable to various types of counters including the above ones.

1973

task

1336803507427252

1341217911811311

statistics

medium

jinmei

new

reimplement the current set of statistics counters with new design

See #1972. In this task we’ll re-implement the currently supported auth statistics counters based on the revised spec.

1977

defect

1337098706962540

1392912546508628

resolver

medium

jreed

DNS Outstanding Tasks

new

b10-resolver crash in asio

b10-resolver cored with signal 11, Segmentation fault. The logs had: 2012-05-11 23:31:56.q DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1) 2012-05-11 23:31:58.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org. 2012-05-11 23:31:58.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org. 2012-05-11 23:31:58.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS 2012-05-11 23:31:58.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS started again here 2012-05-11 23:32:00.q DEBUG [b10-resolver.asiodns] ASIODNS_FD_ADD_TCP adding a new TCP server by opened fd 10 (gdb) bt #0 isc::nsas::ZoneEntry::ResolverCallback::success (this=0x803162280, response_message=0x7fffffffcf80) at shared_ptr.hpp:169<br>#1 0x000000080188a255 in callCallback (this=0x803159400, success=Variable "success" is not available.<br>)<br> at recursive_query.cc:784<br>#2 0x000000080188d3a9 in clientTimeout (this=0x803159400)<br> at recursive_query.cc:750<br>#3 0x000000080188994a in asio_handler_invoke<asio::detail::binder1<boost::_bi::bind_t<void, boost::_mfi::mf0<void, isc::asiodns::<unnamed>::RunningQuery>, boost::_bi::list1<boost::_bi::value<isc::asiodns::<unnamed>::RunningQuery*> > >, asio::error_code> > (function=<br> {handler_ = {f_ = {f_ = {__pfn = 0x80188d320 <clientTimeout>, __delta = 0}}, l_ = {<boost::_bi::storage1<boost::_bi::value<isc::asiodns::<unnamed>::RunningQuery*> >> = {a1_ = {t_ = 0x803159400}}, <No data fields>}}, arg1_ = {value_ = 0, category_ = asio::error::system_category}}) at mem_fn_template.hpp:49<br>#4 0x0000000801889d7c in do_complete (owner=0x80301f080, base=Variable "base" is not available.<br>)<br> at handler_invoke_helpers.hpp:39<br>#5 0x0000000800f98508 in asio::detail::task_io_service::do_one (<br> this=0x80301f080, lock=0x7fffffffe170, this_idle_thread=0x7fffffffe180) at task_io_service_operation.hpp:34 #6 0x0000000800f979b4 in isc::asiolink::IOService::run (this=Variable “this” is not available. ) at task_io_service.ipp:129 #7 0x0000000000423c7b in main (argc=2, argv=Variable “argv” is not available. ) at main.cc:248 It also happened on May 10, but I don’t have logging before that. (I rotate every 50 files and it is logging a lot.)

1979

enhancement

1337146220342434

1337762298156579

build system

medium

UnAssigned

muks

new

Make utility functions for finding common resources

This bug comes from #1628. Currently, a lot of the components have code like this: # If B10_FROM_SOURCE is set in the environment, we use data files # from a directory relative to that, otherwise we use the ones # installed on the system if “B10_FROM_SOURCE” in os.environ: SPECFILE_LOCATION = os.environ[“B10_FROM_SOURCE”] + os.sep + br> “src” + os.sep + “bin” + os.sep + “ddns” + os.sep + “ddns.spec” else: PREFIX = “prefix” DATAROOTDIR = “datarootdir” SPECFILE_LOCATION = “datadir” + os.sep + “PACKAGE” + os.sep + “ddns.spec” SPECFILE_LOCATION = SPECFILE_LOCATION.replace(“${datarootdir}”, DATAROOTDIR)br> .replace(“${prefix}”, PREFIX) SOCKET_FILE = bind10_config.DATA_PATH + ‘/ddns_socket’ if “B10_FROM_BUILD” in os.environ: if “B10_FROM_SOURCE_LOCALSTATEDIR” in os.environ: SOCKET_FILE = os.environ[“B10_FROM_SOURCE_LOCALSTATEDIR”] + br> “/ddns_socket” else: SOCKET_FILE = os.environ[“B10_FROM_BUILD”] + “/ddns_socket” It is duplicated code, which is inconsistent in the various copies. Any change in our process (where we install things, or the env variable we use to override settings) would mean editing many files. We should ideally have utility functions such as one that returns a path to the spec file when passed the name of the component.

1980

enhancement

1337146728894040

1363790236078313

build system

low

UnAssigned

muks

reviewing

Make a way to populate /AUTHORS and the authors.bind code from a single list of authors

This ticket is to generate both /AUTHORS and the authors.bind code in static_datasrc.cc, tests, and any other places (such as manual) from a single list of authors. I’ve set the priority low, and assigned it to myself as I want to do it and get it reviewed (hence the bug).

1981

defect

1337244632650871

1339541588379494

Unclassified

medium

muks

reopened

Investigate ForwardTest failure (occured just once)

Someone should investigate why this failure occured: [———-] 7 tests from ForwardTest [ RUN ] ForwardTest.construct [ OK ] ForwardTest.construct (6 ms) [ RUN ] ForwardTest.connect [ OK ] ForwardTest.connect (29 ms) [ RUN ] ForwardTest.close [ OK ] ForwardTest.close (0 ms) [ RUN ] ForwardTest.pushAndPop ../../../../../src/lib/util/tests/socketsession_unittest.cc:537: Failure Value of: recv(client_sock.fd, recvbuf, sizeof(recvbuf), setRecvDelay(client_sock.fd)) Actual: 11 Expected: sizeof(recvbuf) Which is: 12 Google Test trace: ../../../../../src/lib/util/tests/socketsession_unittest.cc:553: Passing TCP/IPv6 session ../../../../../src/lib/util/tests/socketsession_unittest.cc:539: Failure Value of: string(recvbuf) Actual: “IND10 test” Expected: string(TEST_DATA) Which is: “BIND10 test” Google Test trace: ../../../../../src/lib/util/tests/socketsession_unittest.cc:553: Passing TCP/IPv6 session [ FAILED ] ForwardTest.pushAndPop (27 ms) [ RUN ] ForwardTest.badPush [ OK ] ForwardTest.badPush (1 ms) [ RUN ] ForwardTest.pushTooFast [ OK ] ForwardTest.pushTooFast (2 ms) [ RUN ] ForwardTest.badPop [ OK ] ForwardTest.badPop (4 ms) [———-] 7 tests from ForwardTest (70 ms total) Full log: http://git.bind10.isc.org/~tester/builder/BIND10-distcheck/20120517015444-FreeBSD8-i386/logs/distcheck.out

1983

defect

1337396107469804

1394116928887294

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

asiolink::IOMessage should contain the local endpoint

See http://bind10.isc.org/ticket/1539#comment:8 We need to add a ‘local endpoint’ parameter to the `IOMessage` constructor and implement the trivial getter method for it. The DNS server classes in asiodns should set the local endpoint, too. Then, assuming #1539 has been merged by then, update b10-auth so it uses the correct local endpoint when forwarding update requests.

1985

defect

1337396553488284

1394117001298027

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

eliminate duplicate hardcoding for ddns UNIX socket file both in auth and ddns

(Updating the ticket based on some followup discussion). Right now both b10-auth and b10-ddns hardcode the constant for the UNIX domain socket between them. We should unify it some way based on the principle of “don’t repeat yourself”. Specifying it in the b10-ddns configuration was one idea to solve this issue, but that idea seemed to be controversial. Other possible approaches are - have b10-ddns tells b10-auth its existence with additional information including the file path. #1986 will also be resolved this way. - introduce some C++ header file for commonly used constants like this, also introduce a python wrapper that defines corresponding python constants, and have ddns and auth refer to these. Now this task would be requiring some design level considerations, and any prior estimations would be unreliable. Maybe this should be a topic of the 1-week hardening sprint later.

1987

task

1337626721807376

1338312687306077

bind-ctl

medium

jelte

new

‘wait for’ command in bindctl execute handling (or something similar)

As pointed out on bind10-users (https://lists.isc.org/pipermail/bind10-users/2012-May/000339.html), the execute command has a limitation (which is partially called by not supporting commands/configuration for non-running moduels); it is not possible to start a module and immediately configure it, since the module is just started, it is not known by bindctl yet, so configuration and commands to said module would result in a ‘Module Unknown’ error. The proposed solution is to add a !wait for [time] command, which would call self.__update_all_modules() (we currently have no more efficient update mechanism), and then check if the module that is waited for has appeared yet. The optional time argument would give a timeout, at which point execute should just give up. If we have this as a command, we should consider adding ‘config commit’ to init_auth_server, and then call that new command for each module init_auth_server starts, so that anyone who includes init_auth_server in other scripts can be assured that the new modules are running afterwards.

1988

defect

1337667310447181

1337828757654641

Unclassified

medium

bettydreamit

new

auth module is missing???

> config add Auth/datasources Error: Module ‘Auth’ unknown or not running

1990

enhancement

1337811966497632

1338204144740418

Unclassified

medium

jinmei

new

customize EqualityFunc of python tests

assertEqual() of python tests are not helpful for user defined classes. See, e.g. this: http://bind10.isc.org/ticket/1512#comment:15 I’ve looked into the unittest implementation and found that we need to customize the builtin equality-check method. The following diff is an example for such customization. #!diff diff —git a/src/lib/python/isc/ddns/tests/session_tests.py b/src/lib/python/isc/ddns/tests/session_tests.py index 1bf4e40..caefa97 100644 — a/src/lib/python/isc/ddns/tests/session_tests.py + b/src/lib/python/isc/ddns/tests/session_tests.py @ -67,9 +67,13 @ class SessionTest: def check_response: ‘’’Perform common checks on update resposne message.’‘’ + def opcode_equality_func(opcode1, opcode2, msg): + if not opcode1 == opcode2: + raise AssertionError(str(opcode1) +’ != ’ str) self.assertTrue) # note: we convert opcode to text it’d be more helpful on failure. - self.assertEqual.to_text, msg.get_opcode.to_text) self.addTypeEqualityFunc(Opcode, opcode_equality_func) + self.assertEqual(Opcode.UPDATE (), msg.get_opcode()) self.assertEqual(expected_rcode.to_text(), msg.get_rcode().to_text()) # All sections should be cleared self.assertEqual(0, msg.get_rr_count(SECTION_ZONE)) I propose defining such customized functions for some major isc.dns (and some other) classes such as Name, RRType, RRClass, introduce an easy to use it (some kind of mixin), and use it for some of existing tests.

1992

enhancement

1337884061278528

1340870927699257

xfrout

medium

jinmei

new

support “also-notify”

Roughly speaking, it’s a way to allow a user to specify a list of secondary servers to which BIND 10 needs to send notifies (even if they are not explicitly listed in the zone’s NS or the address of them cannot easily be got from the zone itself). Some other configuration details need to be considered, too. See https://lists.isc.org/pipermail/bind10-users/2012-May/000347.html

1993

task

1337885900197669

1338278221560591

Unclassified

medium

jinmei

new

simple style checker

I’ve noticed we often find some coding style/guidline issues in code review. Spending too much time for this level of thing is not really productive (the overhead of each specific case may be marginal, but if it repeats the total cost could be substantial) and as we have more new developers, it’ll be more likely/more often to happen. So I propose some simple checker tool that warns about possible issues that are against the documented guideline. The developer is expected to run it on the branch diff before asking review. The script doesn’t have to eliminate false positives completely, as it’s only expected to be run by human. And it doesn’t have to be comprehensive; it should be sufficient to catch some common issues: - line length - (if possible) naming convention (camel or ’_’concatinated etc) - brace position - redundant space at EOL or in blank lines - parenthesis policy (in particular, use them for return) - spacing It would be something similar to google cpplint http://google-styleguide.googlecode.com/svn/trunk/cpplint/cpplint.py but can be much simpler and more ad hoc.

1994

enhancement

1337895894537206

1338261911169896

Unclassified

medium

shane

new

RFC 5001 (NSID) support, configuration

This ticket covers part of implementing RFC 5001. http://tools.ietf.org/html/rfc5001 The RFC identifies a lot of information that could be returned. I propose that we provide configuration that supports: 1. Disabling NSID completely 2. Specifying a fixed string to be returned 3. Returning gethostname() BIND 9’s default is disabled, so possibly this is what BIND 10 should default to. Although I tend to think that option 3 is the best.

1995

enhancement

1337896212845751

1338261997261388

Unclassified

medium

shane

new

RFC 5001 (NSID) support, protocol support

This ticket covers part of implementing RFC 5001. http://tools.ietf.org/html/rfc5001 This ticket covers the actual packet processing, of detecting the EDNS0 option on a query and then appending the EDNS0 information on the answer.

1996

enhancement

1337896396643604

1338262109947504

Unclassified

low

shane

new

RFC 5001 (NSID) support, ACL

This ticket covers part of implementing RFC 5001. http://tools.ietf.org/html/rfc5001 This ticket covers using ACLs to restrict access to NSID information.

1998

task

1337951136715043

1341220988396261

Unclassified

medium

jelte

new

move Formatter classes from DDNS to util

The DDNS work introduces a few Formatter classes used in logging code. These seem general enough to move to util. They also contain a bit of controversy; their implementation may cause slowdown instead of speed-up, but this needs to be looked into.

2001

enhancement

1338012040512908

1338012441225910

libdns++

medium

UnAssigned

jinmei

new

extend libdns++ EDNS class for EDNS options

For NSID support, we’ll (probably) need additional interfaces for the EDNS class so the application of the class can get/set the options (and for operator’s convenience update toText to include options). The documentation currently states: #!cpp /// This class is also supposed to support %EDNS options such as NSID, /// but the initial implementation does not include it. This is a near term /// TODO item. Note our famous “near term TODO”.

2002

enhancement

1338012516779776

1338012516779776

libdns++

medium

UnAssigned

jinmei

new

python wrapper for EDNS option extensions

This is python wrappers for #2001. Would not necessarily urgent for the NSID support in practice, but will be necessary for completion.

2006

task

1338014094971275

1338483356070368

Unclassified

medium

jinmei

new

create a meta ticket for NSID

otherwise we’ll easily forget some once something is dropped from a sprint.

2007

task

1338014433625130

1338014433625130

data source

medium

jinmei

new

redesign in-memory data source structure

So we can substantially reduce memory footprint, and eventually extend it to a shared-memory version. In some sense it shouldn’t be much different from the current data structure. But we need to use some “serialized” representations instead of directly holding higher level libdns++ objects.

2008

task

1338281807489713

1341221033241770

Unclassified

medium

jelte

new

remove equal additions and deletions from diff.py

As noted in the review of #1456 (http://bind10.isc.org/ticket/1456?replyto=11#comment:11), it would be nice if the ‘single update mode’ of the isc.xfrin.diff.Diff class (or wherever we may move it to), would remove reverse duplicates (i.e. where the same exact record is both added and deleted). So when adding a record, if that exact record is in delete already, remove it from delete, and vice versa (or alternatively, if you also want to do duplicate checking, collect them all and filter them later). Care has to be taken around the SOA record though. This way, the class would also be usable for ixfr-from-differences, where usually most of the contents are the same. Otherwise it’d delete the entire zone data an add it again, which would make it unsuitable for later ixfr-out.

2010

defect

1338305459167076

1341221052606456

Unclassified

medium

jreed

new

lettuce test that runs auth and resolver at same time

Task is to add a lettuce test that runs both b10-auth and b10-resolver simultaneously.

2011

defect

1338325030366430

1338325030366430

logging

medium

jinmei

new

setUnitTestRootLoggerCharacteristics has been removed?

There’s code comment mentioning a seeming function called `setUnitTestRootLoggerCharacteristics`: // Now set reset the output destination of the root logger, overriding // the default severity, debug level and destination with those specified // in the environment variables. (The two-step approach is used as the // setUnitTestRootLoggerCharacteristics() function is used in several // places in the BIND 10 tests, and it avoid duplicating code.) But it doesn’t even seem to be declared anywhere. Maybe it’s some leftover? If so, the comment should be updated. I guess it’s a good topic for hardening.

2012

defect

1338408260078736

1344342249933354

bind-ctl

very low

jreed

new

bindctl needs a home

bindctl assumes home directory exists (or writable): Could not chdir to home directory /home/jreed: No such file or directory jreed@oldgit:/$ bindctl [TEMP MESSAGE]: username :root password :bind10 Username:root Password: [“login success”] Traceback (most recent call last): File “/usr/local/bin/bindctl”, line 151, in result = tool.run() File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 137, in run if not self.login_to_cmdctl(): File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 242, in login_to_cmdctl CSV_FILE_NAME) File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 183, in _save_user_info os.mkdir(dir, 0o700) OSError: [Errno 2] No such file or directory: ‘/home/jreed/.bind10/’ This is an odd/rare case so low priority. But traceback output is unfriendly.

2015

defect

1338530771008910

1344258783353101

build system

low

UnAssigned

muks

new

Use AM_V_GEN where applicable in the build system

We generate files in several places in our build system (such as .cc and .h from .mes files, etc.). Because we use silent rules with automake, the Makefile.am rules to build these targets should be preceded with AM_V_GEN so they are run silently. This bug is filed as an offshoot from #1704.

2021

task

1338833669300835

1340123540777779

DDNS

very low

jinmei

new

make config handler of b10-ddns more friendly

This is a deferred task from #2013. The config handler for b10-ddns (the only configurable thing is ACL right now) is pretty primitive and not very user friendly: - It doesn’t indicate which part of the given configuration is wrong (e.g., try adding multiple ACLs for several zones, including one typo in a zone name so it won’t be a valid domain name; or even leave it as an empty string). It should be more helpful by being as specific as possible. Such a problem actually exists in other applications, so we might even consider some generalized framework and apply it here (but it may be a subject of a bigger task of config cleanups) - Duplicate zone (ACL) configuration is currently just ignored. It’s probably better to reject it or at least make a local log a message (see also the test_config_handler test, searching for “duplicate”) I’m pushing it to the current sprint with a lower priority in case we run out of open tasks. But I don’t think this is a critical missing feature, so it can wait.

2022

enhancement

1338890135885082

1341222454906020

Unclassified

medium

jelte

new

DDNS improvement: destroy transaction within handle()

Current, in the DDNS Session class, after _create_diff() is called within handle(), the DDNS Session has a ongoing transaction until it it either completed or the session itself is destroyed. This should not prove much of a problem, since we are not expecting to keep these objects around, but it would be cleaner if the transaction was only valid within the handle() call. Best approach is probably to use the Context interface and a with statement.

2029

defect

1339093344883510

1392917410794714

resolver

medium

jreed

DNS Outstanding Tasks

new

NSAS repeating same tasks near simultaneously

Check this out: 2012-06-07 17:46:39.093 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.093 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.142 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.143 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.146 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.147 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.199 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.200 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one 2012-06-07 17:46:39.201 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one The complete logs including entries in between is at http://git.bind10.isc.org/~jreed/J.yahoo.txt It appears to be doing the same job over and over again even in the same tenth of a second. (As you can see from the log this happened for other queries too.)

2030

defect

1339093412028712

1392917494149615

resolver

medium

jreed

DNS Outstanding Tasks

new

NSAS wrongly recording nameservers are unreachable

I think a problem with looking up “yahoo.org. IN MX” 2012-06-07 17:46:39.058 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for 2012-06-07 17:46:39.058 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns3.yahoo.com. returned an empty answer section caused all the other nameservers associated with it to be marked as “unreachable”. The full log is 793 lines so I put it here: http://git.bind10.isc.org/~jreed/J.yahoo.txt This is related to #2029.

2031

defect

1339093559189871

1392917434350600

resolver

medium

jreed

DNS Outstanding Tasks

new

NSAS permanently cache unreachable namservers?

A query continually resulted with SERVFAIL even 6 days after the first problem. The initial logs showed: 2012-06-01 00:12:44.449 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for 2012-06-01 00:12:44.449 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns.norplex-communications.net. returned an empty answer section … 2012-06-01 00:12:44.458 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for 2012-06-01 00:12:44.458 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns.norplex-communications.com. returned an empty answer section … 2012-06-01 00:12:48.286 DEBUG [b10-resolver.nsas] NSAS_ERROR_RESPONSE error response of SERVFAIL returned in query for ns.norplex-communications.com. 2012-06-01 00:12:48.286 DEBUG [b10-resolver.nsas] NSAS_ERROR_RESPONSE error response of SERVFAIL returned in query for ns.norplex-communications.net. 2012-06-01 00:12:48.286 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback - nameservers are unreachable 2012-06-01 00:12:48.286 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback nameservers are unreachable So then later queries would not even attempt to use the nameservers recorded with problems: 2012-06-06 00:10:56.084 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback - nameservers are unreachable This ticket is not about wrongly recording that they are unreachable when they were but about recording this info for long time. (When I restarted b10-resolver it worked correctly for my lookup.) The goal of this ticket is so the NSAS doesn’t permanently cache the problem and let it attempt again later to reach the nameservers. As for the issues that caused this problem to happen in the first place, see #2030 and #2029.

2032

enhancement

1339122813726830

1339607723599071

Unclassified

medium

corbachev

new

Request for web interface to configure bind

Please consider adding option to enable simple web interface to edit main configs, add and reconfigure zones from web interface

2034

enhancement

1339441837677952

1339441837677952

dhcp4

medium

UnAssigned

tomek

DHCP Outstanding Tasks

new

msgq tests for DHCPv4 and DHCPv6 components

Currently there are no tests for msgq integration in dhcpv4 and dhcpv6 components. The same is true for auth. There are only tests that verify callbacks that handle commands received over msgq, not the actual message passing over msgq. Jelte confirmed on jabber that there are no such tests for auth and suggested that perhaps lettuce tests would be the easiest way to write them.

2037

defect

1339547993165937

1341224666868728

configuration

medium

jinmei

new

remote config handler (python) always gets full config

(I don’t know if it’s python specific. I’ve not checked it with the C++ version) I’ve noticed if I specify a callback to add_remote_config() or add_remote_config_by_name(), the new_config parameter of the update always contains full configuration of the remote module, not just the latest update. One specific way to confirm this is: - configure zonemgr with some non default secondary_zones - run b10-ddns on trac2020 (or master when it’s merged) - see the DDNS_SECONDARY_ZONES_UPDATE log message (it’s for that non default config value for zonemgr) - tweak some other config value of zonemgr (e.g. lowerbound_retry) and commit it on bindctl - see the DDNS_SECONDARY_ZONES_UPDATE log message, even if secondary_zones is not updated. I don’t know what’s the expected behavior, but this seems to be suboptimal (b10-ddns expects to get only updates, although having redundant updates don’t do harm except for the unnecessary overhead of updating). From a quick look at the code, one way to change this behavior would be to add remove_identical() for the remote config case in ccsession.py:check_command_without_recvmsg(). But I’m not sure if it’s actually okay that cfgmgr sends the entire config, not only the update. So, depending on that, we might rather fix cfgmgr. Further, if we make more fundamental cleanups to the config framework, maybe we should solve it as part of it.

2038

defect

1339621750397732

1392812476406513

secondary manager

high

jinmei

DNS Outstanding Tasks

new

zonemgr’s config_handler doesn’t provide strong exception guarantee

If I read it correct, zonemgr can partially update its internal configuration when it encounters an error in the middle of the update handler. In particular, it can even partially update the “secondary_zones” list if there’s an error in the middle of the list. This is generally bad, but now that ddns shares the config info it’s even more serious: zonemgr and ddns could keep running with inconsistent information. (And I misunderstood another related point: I thought cfgmr sent updates to “observer” modules that shows their interest in remote configs via add_remote_config only after the “real” module validated it, but on a closer look I realized cfgmgr doesn’t actually distinguish the “real” module and “observers”, and just broadcasts updates to all registered modules. IMO this behavior is also bad and should be fixed, but that’s another topic).

2039

defect

1339630028471121

1339630028471121

Inter-module communication

medium

jinmei

new

cfgmgr returns “success” to GET_MODULE_SPEC if the module is not found

see its `__handle_get_module_spec` method: #= ‘’: module_name = cmd[’module_name’] spec = self.get_module_spec(cmd[‘module_name’]) if type(spec) != type({}): # this is a ModuleSpec object. Extract the # internal spec. spec = spec.get_full_spec() answer = ccsession.create_answer(0, spec) If get_module_spec cannot find the given name of module, it returns the code of 0 (success) with an empty dict. I don’t know if it’s the intended (or good) behavior, but at least it doesn’t seem to be something different from what add_remote_config_by_name() expects. It tries to construct `ModuleSpec` with whatever is returned by cfgmgr as long as the result code is 0: #!python if rcode == 0: module_spec = isc.config.module_spec.ModuleSpec(value) if module_spec.get_module_name() != module_name: raise ModuleCCSessionError(“Module name mismatch:” module_name " and " + module_spec.get_module_name()) self._add_remote_config_internal(module_spec, config_update_callback) Then the constructor fails and raises an exception of `ModuleSpecError`, which will be propagated to the calling application. I’d say it’s quite surprising for the application, which would generally expect either success or getting `ModuleCCSessionError`. My first suggestion is to revise cfgmgr so it returns an error to GET_MODULE_SPEC if it cannot find the module. The current behavior doesn’t make sense to me at all because there shouldn’t be any valid empty spec (there should be at least the module name). But if this behavior is really deemed to be reasonable, my second suggestion is to update add_remote_config_by_name() so it checks the returned spec and raises `ModuleCCSessionError` if it’s empty. Having apps handle both exceptions just doesn’t make sense to me.

2043

defect

1339708084575262

1354013288245025

Unclassified

low

muks

new

Fix remaining Python warnings about unclosed files and sockets

File and socket objects must be explicitly closed with `.close()` when done using them, otherwise they generate warnings (and depending on the interpreter, may be destroyed much later than expected, keeping the underlying fd alive). As part of bug #1828, we fixed many of these warnings. There are still a few non-obvious ones left. There are also some which have been introduced since the time when the trac1828 branch was created. This is a new bug to fix those issues.

2045

task

1339763907747064

1340085297099865

data source

medium

vorner

new

Reuse data source clients on reconfiguration of ClientList

When the configure function is called, we may want to use the existing data sources from previous configuration. This is important because we don’t want to reload all the cached zones. The idea is to store the configuration in DataSourceInfo and search the previous ones to look if there’s one with the same configuration.

2047

enhancement

1339764313669637

1343687828422211

data source

medium

vorner

new

Abstract base for DataSourceClientContainer

It would be nice to have an abstract base class for `DataSourceClientContainer`, so we can have a separate implementation for the tests. We don’t want to do the dynamic loading in tests of something using the data source factory. Then we can remove the `DataSourcePair` trick in `ConfigurableClientList`.

2049

task

1339828105269906

1339828105269906

data source

medium

jinmei

new

“exclusive” mode of DataSourceClient

In the current implementation of database-based data source clients, the zone iterator and updater use a separate database accessor (by “cloning”) so that it can be used separate from the factory client. In general cases it’s probably okay, but it doesn’t have to be so if the client is used by a single thread and iterator or updater isn’t used in parallel with other client features such as zone finders. “cloning” would normally mean opening a separate connection to the database server and can be expensive, so it probably makes sense if we allow an application to skip it based on application’s choice. For xfrin or xfrout this may not be that a big deal, but for ddns I guess it can be substantial for performance. My suggestion is to introduce a notion of “exclusive” mode for the `DataSourceClient` object, and allows an app to specify it by, e.g., calling `setExclusive(bool)` method. When enabled, getIterator() and getUpdater() don’t clone the accessor, and it’s app’s responsibility to use it safely.

2050

task

1339828173807099

1339828173807099

DDNS

medium

jinmei

new

use the “exclusive” mode of DataSourceClient in b10-ddns

See #2049. It probably makes sense for b10-ddns to use this mode.

2055

task

1339975561793615

1339975561793615

Unclassified

medium

jinmei

new

asiolink wrapper for io_service::post()

We’ll need this for non-I/O asynchronous operations, such as “background” reloading of a zone into memory or “background” releasing of the old version of the zone afterwards. It would be something simple like `asiolink::IOService::post(boost::function)`. (note: as a last resort we could refer to the underlying asio io_service object using get_io_service() and call post() on it, but that breaks the whole purpose of asiolink and should be basically avoided).

2056

task

1340007585822908

1349502584750412

data source

medium

jinmei

new

ZoneFinder::Context::getNegativeProof

When we revise the in-memory zone data in a memory-efficient manner, getting the owner name of an RRset will probably become relatively expensive because it’s quite likely that the underlying specialized `RRset` implementation doesn’t hold it in the form of dns::Name object. So, in order to make this revision without sacrificing lookup performance too much, we’ll probably need to make it possible for the in-memory implementation to customize post-lookup operation where the default behavior would rely on using the owner name of the returned RRset of the initial lookup. This is one such case, and already experimentally tried in trac1607exp branch. Referring to that branch, what should be implemented is: #!cpp // Called for NXDOMAIN/NXRRSET cases and return NSEC/NSEC3 RRsets // for the corresponding DNSSEC proof. It (will) consist of small helper // private methods for specific cases (NSEC or NSEC3, NXDOMAIN or NXRRSET). // // - NSEC + NXRRSET // find() already returns the direct proof. So it should already // be efficient. The ramining issue is the corresponding wildcard // proof. // Default version: calls find() for the qname again, with the // NO_WILDCARD option and add the returned NSEC. // Optimized in-memory version: it should know where in the rbtree the // original (non wildcard) search stopped and can use the information // to get the NSEC proof for the non existence of the qname itself. // - NSEC + NXDOMAIN // find() already returns the NSEC for the non existent proof, so it // should be already efficient. The ramining issue is the proof that // there’s even no wildcard match. // Default version: construct the best possible wildcard name from qname // and the NSEC that proves non-existent of the name, and internally // calls find(NSEC) for that name. // Optimized in-memory version: it should know the closest encloser in // the previous search and can identify the wildcard name and its // previous name, then subsequently its NSEC. // // - NSEC3 + NXDOMAIN // Default version: use findNSEC3() to get closest encloser proof, use // the result to identify the possible wildcard, and use findNSEC3() // to get proof for its non-existence. // Optimized in-memory version: it should know the closest encloser in // the original search. get corresponding NSEC3 directly, construct // next closer and wildcard from the closest encloser, calculate hash // and get the covering NSEC3. // - NSEC3 + NXRRSET (no wildcard) // Default version: use findNSEC3() to get either closest encloser proof // (optout DS case) or matching NSEC3. // Optimized in-memory version: it knows the corresponding rbtnode // for the qname. Get the hash value from it and get its NSEC3. // If it doesn’t exist and qtype was DS, search the tree back toward // the root until it finds a matching NSEC3. // - NSEC3 + NXRRSET (wildcard) // Default version: use findNSEC3() to get the closest encloser proof, // construct the wildcard name based on the result, and get the NSEC3 // for it. // Optimized in-memory version: similar to the NSEC3 + NXDOMAIN case. // But the wildcard name should exist so it could even more optimize // it by directly getting the wildcard node and its NSEC3. And in this ticket we’ll only need to do the “default version”. It should be essentially straightforward refactoring. When done, also update `auth::Query` so it uses this implementation. It’s better to do it before trying to implement the in-memory optimization in case we miss something in the interface.

2057

task

1340007672808736

1349502603456158

data source

medium

jinmei

new

ZoneFinder::Context::getWildcardProof

See #2056 for background. This is another one of such things, referring to trac1607exp branch: #!cpp // Called for SUCCESS/CNAME cases when it’s wildcard substitution // and return NSEC/NSEC3 RRset that proves the original qname doesn’t // exist in the zone. // - With NSEC // Default version: calls find() for the qname again, with the // NO_WILDCARD option and add the returned NSEC. // Optimized in-memory version: same for the NSEC + NXRRSET case above. // - With NSEC3 // Default version: call findNSEC3() in the recursive mode and returns // the NSEC3 covering the next closer name. // Optimized in-memory version: Like the NSEC case it should know the // closest encloser in the original search and easily construct the // next closer name from it. Then calculate hash for it and search // for the covering NSEC3. And in this ticket we’ll only need to do the “default version”. It should be essentially straightforward refactoring. When done, also update `auth::Query` so it uses this implementation. It’s better to do it before trying to implement the in-memory optimization in case we miss something in the interface.

2058

task

1340007745301834

1392999474913479

data source

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

ZoneFinder::Context::getDelegationProof

See #2056 for background. This is another one of such things, referring to trac1607exp branch: #!cpp // Called for DELEGATION case. Return either DS (if it’s signed // delegation), NSEC/NSEC3 (if unsigned delegation and the parent is // signed with NSEC/NSEC3). // // Default version: internally calls find() for the delegation name/DS. // On SUCCESS return the answer RRset; On NXRRSET + NSEC (and if NSEC // returned), return the returned (NSEC) RRset; On NXRRSET + NSEC3, // call findNSEC3() recursive mode for the delegation name, and return // exact or closest encloser proof. // Optimized in-memory version: it should know the rbtree node for the // delegation point. If it has DS, return it; if not but it has NSEC, // return it; otherwise same as NSEC3 + NXRRSET (no wild) case for // getNegativeProof(). And in this ticket we’ll only need to do the “default version”. It should be essentially straightforward refactoring.

2059

task

1340007843573584

1349502616913693

data source

medium

jinmei

new

ZoneFinder::Context::getSynthesizedCNAME

See #2056 for background. This is another one of such things, referring to trac1607exp branch: #!cpp // Called for DNAME case. (Somehow) construct the synthesized CNAME // for the qname with the DNAME. Return Rcode of NOERROR () normally,<br> // but YXDOMAIN() if CNAME cannot be constructed because the name would // be too long. // // Default version: extract the DNAME RDATA, construct the synthesized // cname by splitting and concatinating labels, create a new standard // CNAME RRset and sets its (only) RDATA to the created cname. // Optimized in-memory version: construct the synthesized cname // essentially same way, but possibly more efficiently exploiting the // internal representation of the in-memory RDATA (without involving // expensive name splitting and concatinating). To avoid resource // allocation it might use some pool of “free (and empty)” internal // RRset. And in this ticket we’ll only need to do the “default version”. It should be essentially straightforward refactoring. When done, also update `auth::Query` so it uses this implementation. It’s better to do it before trying to implement the in-memory optimization in case we miss something in the interface.

2061

defect

1340021443124274

1364222742550492

DDNS

medium

UnAssigned

muks

assigned

Add custom update tool for use in DDNS tests, and finish DDNS tests

This comes from bug #1461 comment 7: Jelte said: >Right, so i made test for the first 2 test sets (the system ones), and an outline for the third, but it needs better xfrout-notify control. > >I have taken a look at the compliance tests as well, but for those we are going to need a custom update tool, since a lot of them require malformed updates that nsupdate will not send :) > >Anyway, changes in trac1461, i made one more general change in the lettuce setup, bind10 is now always invoked with -n (no hotspot cache). I thought about making it optional but at this time I could not think of much reasons not to set it. > >I’ll create a ticket for the tool and compliance tests, perhaps said tool can also be a base for our own nsupdate implementation, should we want one. As I’ve been tasked to merge #1461, I’m creating this new bug. Assigning it to Jelte. Also marking it as next-sprint proposed so it doesn’t get lost.

2063

enhancement

1340050232013828

1343999697340466

DDNS

medium

jinmei

new

support DDNS update forwarding

what the summary says (we may need to break this down into multiple sub tickets).

2064

defect

1340058331522531

1347892372632275

Unclassified

medium

jinmei

new

components “kind” needs to be specified explicitly even for default

> config add Boss/components b10-ddns > config show Boss/components … Boss/components/b10-ddns/special null string Boss/components/b10-ddns/process null string Boss/components/b10-ddns/kind “dispensable” string (default) Boss/components/b10-ddns/address null string Boss/components/b10-ddns/params/ list Boss/components/b10-ddns/priority null integer … > config commit Error: ‘kind’ Configuration not committed > config set Boss/components/b10-ddns/kind dispensable > config commit (succeeds) This is confusing at best. Another matter, piggybacked: it accepts it even if “address” is unspecified. But without this the bind10 process cannot tell ddns a shutdown and needs to fall back to SIGTERM. This is also not good. p.s. Frankly, I’m reluctant to fix each and every one of such peculiar thing one-by-one. This seems to be a general issue of the config/bindctl framework. If we have a clearer definition of which is default, which is mandatory, relationship “optional” vs “default” etc and provides generic framework based on it, this kind of thing should be automatically avoidable by the framework and the spec definition. See also #1489.

2065

enhancement

1340059601449163

1343999729595134

DDNS

medium

jinmei

new

support BIND9-compatible update-policy ACL for DDNS

For controlling the permission for specific domain names, specific type of RRs, etc. See the corresponding BIND 9 option: http://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html#dynamic_update_policies This ticket doesn’t intend to provide a full compatibility to the BIND 9 counter part, but it should at least support the “name” and “subdomain” nametype. For example, we should be able to specify the following in some zone specific configuration of b10-ddns: grant key.dyn.example.com name foo.dyn.example.com AAAA which would allow updates to foo.dyn.example.com/AAAA by a DDNS request signed with a TSIG key whose key name is key.dyn.example.com. This task will probably have to be broken down into multiple subtasks: at least it would (probably) need to update the generic ACL framework to allow this to happen and update b10-ddns and python ddns module so they understand and handle this fine-grained access control.

2068

defect

1340132472855708

1340132472855708

logging

medium

jinmei

new

a convenient interface to choose lock policy for logging

It’s annoying that interprocess file lock is required by default. for example, b10-dbutil will fail if the lock file can be created only by a specific group of users. There should be some easy way for each application can specify which lock policy (at least including “none”) should be used for logging at the initialization time. We also need a python interface for that. On top of that, I suggest we use the “none” policy by default, and require explicit setting for those who need interprocess locking. The only benefit the lock provides is to avoid mixed logging output by multiple processes. While it’s nice, but not crucial for the system to work. It’s much, much worse that some tool cannot even start due to the failure of getting access to the unnecessary lock file. The default should prevent that from happening.

2069

defect

1340169825729785

1343999939762506

xfrout

medium

muks

new

Xfrout’s “notify” command handler needs a unit test

Xfrout’s “notify” command handler needs a unit test. The command handler used to do a comparison with notify_out.ZONE_NEW_DATA_READY_CMD, but that is incorrect as notify_out.ZONE_NEW_DATA_READY_CMD is no longer “notify”. This has been fixed in master, but `make check` passed even otherwise, so we really should have a unit test to check if the “notify” command is handled by xfrout.

2070

defect

1340200674636222

1363707326433028

Unclassified

medium

muks

new

UDPDNSServiceTest.defaultUDPServerFromFD fails on NetBSD

UDPDNSServiceTest.defaultUDPServerFromFD fails on NetBSD: [———-] 4 tests from UDPDNSServiceTest [ RUN ] UDPDNSServiceTest.defaultUDPServerFromFD unknown file: Failure C+ exception with description “Socket is already connected” thrown in the test body. [ FAILED ] UDPDNSServiceTest.defaultUDPServerFromFD [ RUN ] UDPDNSServiceTest.explicitDefaultUDPServerFromFD unknown file: Failure C+ exception with description “Socket is already connected” thrown in the test body. [ FAILED ] UDPDNSServiceTest.explicitDefaultUDPServerFromFD (0 ms) [ RUN ] UDPDNSServiceTest.syncUDPServerFromFD unknown file: Failure C++ exception with description “Socket is already connected” thrown in the test body. [ FAILED ] UDPDNSServiceTest.syncUDPServerFromFD (0 ms) [ RUN ] UDPDNSServiceTest.addUDPServerFromFDWithUnknownOption [ OK ] UDPDNSServiceTest.addUDPServerFromFDWithUnknownOption (1 ms) [———-] 4 tests from UDPDNSServiceTest (1 ms total) Full log: http://git.bind10.isc.org/~tester/builder//BIND10/20120620122512-NetBSD6-i386-GCC/logs/unittests.out This is in src/lib/asiodns/tests/ Setting Next-Sprint-Proposed milestone so we don’t forget to talk about it.

2072

defect

1340629688917551

1341322996122238

Unclassified

medium

jreed

new

b10-ddns and Broken pipe on component removal

b10-ddns can be enabled to be started even though its dependencies are not enabled. So it will start and stop continually. So when stopping it, it may not be running: > config remove Boss/components b10-ddns > config commit Error: [Errno 32] Broken pipe Configuration not committed I think this was caused by: boss asking it to shut down, but it already was not running due to no zonemgr, and timed just right since hadn’t re-started again.

2073

defect

1340630182332925

1341228551885938

configuration

medium

jreed

new

unified way to define zones with attributes

This ticket is to track tasks for designing and implementing a unified way to define zones with attributes (like BIND 9’s “zone” configuration). Also it may be useful to consider this known maybe by cfgmgr and not zonemgr. (That is have access to this configuration without needing otherwise-unused daemon handling timers.)

2074

defect

1340630446417143

1341323012787554

DDNS

medium

jreed

new

b10-ddns requires zonemgr even if doesn’t use secondary timers

Currently b10-ddns requires b10-zonemgr; it will exit soon after starting if zonemgr is not running. (And boss will restart again and again.) b10-ddns should not need zonemgr in the case when it does not need a list of secondary zones because it is a primary only server. (It needs no zone timers.) See ticket #2073 about unified way to configure zones.

2075

defect

1340636558439227

1343999992107800

Boss of BIND

medium

jreed

new

simplify components address syntax

Currently the guide documents about the address setting for Boss/components: ``It is the address used by the component on the b10-msgq message bus. The special components already know their address, but the usual ones don’t. The address is by convention the thing after b10-, with the first letter capitalized (eg. b10-stats would have “Stats” as its address).‘’ And later about using “DDNS” for DDNS: ``Likewise, “address” may look unnecessary because b10-ddns would start and work without specifying it. But for it to shutdown gracefully this parameter should also be specified.’’ I think it should be more automatic; we should not need to manually define address “FOO” for “b10-foo”. Maybe it should be case insensitive and get rid of that convention “with the first letter capitalized”).

2076

enhancement

1340707744327952

1341217549078115

documentation

low

jreed

fdupont

accepted

bind10 guide needs some updates

doc/guide/bind10-guide.xml needs some updates: - (1.1) it is dubious bind10 is not supported on debian 6 - (1.2) there is nothing about boost: has someone checked if bind10 can be run without an installed boost? and on all supported systems?)

2077

enhancement

1340796378392537

1344000011453380

Unclassified

medium

fdupont

new

add NO_EXPECT_DEATH

I suggest to add a NO_EXPECT_DEATH C++ compilation flag in order to handle systems where runtime checks are configuration dependent. For instance WIN32 with its Release and Debug versions, here with NO_EXPECT_DEATH for Release only the EXPECT_DEATH() macro of gtest works as expected. PS: the change is: #ifdef EXPECT_DEATH -> #if defined(EXPECT_DEATH) && !defined(NO_EXPECT_DEATH)

2078

task

1340812563541638

1344000777521570

Boss of BIND

medium

jreed

new

lettuce test for bind10 -u

See ticket #2067 for background. Add a feature test for bind10 -u. There is now a unittest that also tests the gid too.

2079

defect

1340835794964978

1347891098005004

data source

medium

jinmei

new

ZoneFinder’s FIND_GLUE_OK should better be named FIND_IGNORE_ZONECUT

See http://bind10.isc.org/ticket/1771#comment:25 I’m pushing this to the next-sprint-proposed queue to see if others think it’s worth changing. If not, I’m okay just closing this ticket without a change. Note: if we decide to work on it, we’ll need to do related, maybe not so obvious cleanups, too. For example, it’s better to rename variables like “glue_ok”.

2080

enhancement

1340849226910860

1341323076073668

Unclassified

medium

muks

new

Python 3.2 as dependency

We currently have Python 3.1 as a dependency. Bumping it to Python 3.2 gives us some new features such as use of `with` statement on socket objects and verbosity options in unit tests (among others). We have to check if Python 3.2 is old enough that it is available in various distros. Maybe we should also ask our users what they think about moving to Python 3.2.

2081

defect

1340872037991238

1341355616387606

libdns++

medium

UnAssigned

fdupont

new

EXPECT_EQ worry

Another EXPECT_EQ() which doesn’t compile on Windows. src/lib/dns/tests/rdata_nsec3param_like_unittest.cc (new file)

2082

defect

1340883378291836

1357551390414613

Unclassified

medium

fdupont

new

bad ASIO update

the asio/detail/impl/socket_ops.ipp was updated this year but to an incorrect version of close() on not Unix systems. I updated it according to the last ASIO distrib in trac826, commit 352788b..3aa5044

2085

task

1340930847288893

1360150243778105

Unclassified

medium

muks

new

[meta bug] Add isc.sysinfo.SysInfo implementations for various operating systems

See bug #2062. This bug should be worked on only after #2062 is in master. Currently #2062 only has a Linux implementation of `isc.sysinfo.SysInfo` to gather system information. We should add implementations for other operating systems such as BSDs, MacOS and Solaris. * #2062 - Linux * #2121 - OpenBSD * #2122 - FreeBSD * #2172 - MacOS * #2691 - Solaris * #2692 - NetBSD See also a related ticket, #2693, which changes the behavior in the face of unknown systems.

2101

task

1340960971663886

1345616806816802

data source

medium

jinmei

new

[meta] memory-efficient version of InMemory Zone

This feature consists of some other subfeatures: - Updates to libdns++ `LabelSequence`: #2086, #2087 - Introduce `MemorySegment`: #2088 - `RBTree` updates so it will be more memory efficient, using offset pointer and provide other support methods: #2089, #2090, #2091, #2092, #2093 - Memory efficient `Rdata` encoding: #2094, #2095, #2096 - Introduce `RdataSet` and define new `RRset`: #2097, #2098 - `InMemoryZone` client/finder update: #2107, #2108, #2109, #2110, #2218 - Update `ZoneTable`: #2100 - Integration: #2219 (when all others are done) General notes: when we complete this, we’ll have a slightly different version of the proposed design http://bind10.isc.org/wiki/InMemoryZoneDesign - It will encode names in RDATA as raw data for `LabelSequence`, not a pointer to the corresponding tree node - As a result, it doesn’t support additional section shortcut I thought the above tasks are already pretty big, so it’s probably better to complete a suboptimal but workable version first. It’s unlikely that we’ll revise the existing in-memory data source implementation incrementally without making it unworkable for the moment. So, realistically, we should implement these while keeping the current version intact (using a slightly different name or separate subdirectory, etc), and when everything is done, replace the existing one with the new one (that itself will probably have to be a separate task - which is #2219). Also, we may want to rename `RBTree` more generic using this opportunity, such as `DomainTree` so that if and when we want to change the internal tree algorithm from RB tree the class name won’t be affected.

2102

enhancement

1340967814023962

1344267943630342

Unclassified

low

fdupont

new

type of test is bool

in if (test) then (true_branch) else (false_branch) the type of is bool (and branches have compatible types). Windows C++ compiler emits a warning when the test has another type, i.e., it is checked against 0, because it can impact the performance (and BTW is bad style). An example is the ASSERT_TRUE()s in src/lib/acl/tests/loader_test.cc which are against pointers (so ASSERT_TRUE(foo) -> ASSERT_TRUE(foo != NULL))

2111

task

1341047150737960

1345615919151980

data source

medium

jinmei

new

Define a dedicated result context and additional record handling.

This is a revised version of current `RBNodeResultContext` and `InMemoryZoneFinder::Context`. But right now additional shortcut is not available, so it’s actually pretty simple. Iterate over each RDATA of the given RRset using the encoded version of iterator, and use findNode() to get the node for each name field of the RDATA whose attribute indicates additional handling is needed. Then go through the nodes’ `RdataSet` to find specified type of data. Construct `TreeNodeRRset` for them and push them to the result. One open question is whether we should distinguish “glue ok” case or not. I’m now inclined to skip this differentiation, but we can discuss it. Depend on #2096, and in practice, on #2107, #2108 and #2109 (and even #2110 for comprehensive support).

2117

enhancement

1341390485944063

1345214203180295

Unclassified

medium

fdupont

fdupont

new

win32 DLLs

Private ticket to experiment again the build of libraries as DLLs on WIN32 (currently they are static which greatly minimize diffs but raise some issues for datasrc (minor) and python (severe)).

2118

enhancement

1341426209525716

1394117013611767

b10-auth

medium

shane

DNS Outstanding Tasks

new

use some additional polling in SyncUDPServer

Jinmei discovered that he could improve efficiency by checking for multiple packets in our UDP packet handler. The discussion is on the mailing list: https://lists.isc.org/pipermail/bind10-dev/2012-July/003623.html

2125

defect

1342135631141938

1344004668256835

configuration

medium

jreed

new

cannot add update_acl and then set

The guide says for update_acl “Due to a limitation of the current implementation, it doesn’t work if you first try to just add a new entry and then set it to a given rule.” Probably needs to be fixed at higher level and no specific to update_acl.

2127

task

1342184987644846

1342184987644846

data source

medium

vorner

new

Remove old data sources

After #1976 is merged, nothing would be using the old data sources. We should remove the dead code from the libraries and aliminate the old sqlite3 data source.

2129

task

1342185167612103

1396529388626513

xfrin

medium

vorner

DNS Outstanding Tasks

new

Migrate XfrIn to use ClientList

The XfrIn uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list. This depends on #2051. Needed by #2132.

2130

task

1342185213203996

1349716216445398

xfrout

medium

vorner

new

Migrate XfrOut to use Client List

The XfrOut uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list. This depends on #2051. Needed by #2132.

2131

task

1342185402427592

1349716253572416

DDNS

medium

vorner

new

Migrate DDNS to use Client List

The DDNS uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list. This depends on #2051. Needed by #2132.

2132

task

1342185639341008

1342185639341008

Unclassified

medium

vorner

new

Remove Auth/database_file configuration

Once the tickets #2129, #2130 and #2131 are merged, no component would be using the Auth/database_file configuration option. It should be removed then (both from the spec file, from documentation and from all the test configurations through the source tree.

2134

task

1342208430704438

1344004696911587

Unclassified

medium

shane

new

Library organization

We had a discussion about the BIND 10 libraries, which have many names that are too generic and/or likely to collide with system libraries: http://bind10.isc.org/wiki/WeeklyMinutes20120712#Renamelibraries We decided that while a specific rename (libutil #2071) would be a short term solution, we need to consider the organization and naming of our libraries in general. This task of this ticket is to create a proposal around that issue. See wiki page at http://bind10.isc.org/wiki/LibraryNaming for brainstorming.

2144

enhancement

1342613197126933

1365279674125677

Unclassified

medium

fdupont

fdupont

reviewing

add nonassignable super class

When a class is defined with a const member and no explicit assignment operator the compiler can’t build the operator and some raise a warning (4512 with MSVC). The idea is to clone the noncopyable super class from boost and to derived all impacted classes (and structures?) from it. BTW I suggest to do the same for noncopyable (where both the copy constructor and the operator = are declared but left undefined). include files should be in util. I’ll provide the list of classes and structures.

2146

enhancement

1343053652656661

1364490687183305

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Investigate dhcp{4,6} start-up merge possiblity

DHCPv4 and DHCPv6 servers have many similarities: - main() functions in src/bin/dhcp{4,6}/main.cc - ControlledDhcpv{4,6}Srv classes. - TestDhcpv6Daemon from srv/bin/dhcp{4,6}/tests/dhcp{4,6}_test.py Some form of merge should be investigated. A common base class, or perhaps template would be helpful. It should be noted that in some cases the code is similar now, but is expected to grow differently in the future, so unification should not be the automatic answer and some thought should be given.

2149

defect

1343122626859625

1344004972004547

DDNS

medium

jelte

new

retry send ‘setup connection’ in b10-ddns

ticket 1986 added a command that is sent from b10-ddns to b10-auth, which sets up the internal connection to forward packets. It also contains a message from auth to ddns should auth be restarted. However, on startup, if ddns is just slightly faster than auth in getting started, auth never gets the message, and b10-ddns hangs for 4 seconds waiting for an answer (the connection does get set up eventually, but it will cause errors if it is attempted to be used initially, b10-ddns is dead in the water for the full 4 second, not answering to commands and updates). Fundamentally, the problem is the lack of real async io in b10-ddns, however, a quick workaround would be to set the internal timeout lower than the default, and retry a few times before erroring. We also need an option for the ‘nonblocking’ version of check_command to check for multiple commands I think. (I have some code, which i’ll put in the branch, but it may need some unit tests, and now my lettuce tests fail on an entirely different cmdctl error)

2153

defect

1343337795566338

1389660643648801

libdns++

medium

UnAssigned

jinmei

new

change Message::addRRset param to ConstRRsetPtr

I believe, after #254, we can make the `rrset` parameter of Message::addRRset() to `ConstRRsetPtr`: #!cpp void addRRset(const Section section, RRsetPtr rrset, bool sign = false); And then we can get rid of const_pointer_cast from auth/query.cc. Would also depend on #2161.

2156

enhancement

1343369210028990

1380606572666551

b10-auth

medium

UnAssigned

y-aharen

StatsRedesign

assigned

Collect socket statistics items in Auth module

Collect socket statistics items (e.g. opcode, qtype, edns0) in Auth module, and increment counters. To collect information, some investigation on boost::asio library is required. This ticket depends on #2154.

2162

defect

1343429086134221

1359700877022331

data source

medium

jinmei

new

rename datasrc/zone.h to datasrc/iterator.h

“zone.h” sounds too generic (historically it indeed defined a `Zone` class, but not any more). I propose: - rename zone.h to zone_finder.h and only define `ZoneFinder` there - create zone_updater.h and zone_journal_reader.h, and move the definitions of `ZoneUpdater` and `ZoneJournalReader` to the new files, respectively. - rename iterator.h to zone_iterator.h (for consistency, and “iterator” is also pretty generic)

2167

defect

1343537466343590

1343720618503683

data source

medium

jinmei

new

clarify whether to keep inmemory datasrc as a loadable module

After #1976 the in-memory data source implementation is now part of libdatasrc, rather than a separate loadable module. If that’s the course we’re taking, it’d be better to clean up the loadable module setup (remove _link.cc, stop creating .so, etc).

2170

task

1343734502281945

1352286024992189

Unclassified

medium

shane

new

Consistent place to configure socket file paths

This came up during a recent BIND 10 team call: WeeklyMinutes20120712#Consistentwaytodefinepathstosocketfilesforalluses There are several places where this type of information is stored: - src/lib/python/bind10_config.py - in specific python scripts like xfrout.py - in some C++ files like auth/common.{h,cc} Jinmei reports: It’s just a mess. When you need to know the path, you’ll need to find multiple places. When you need to add a new path, there can be several ways and it’s also possible that you invent yet another place. Also, there are some inconsistent cases like #1903. So, what exactly I would envision is: - introduce a unified place to define this information for all modules. ideally this should be the only source for both Python and C. - Python scripts and C sources refer to this place and use the information appropriately. - Document the policy and how you add new things to the unified place.

2174

defect

1343832196323445

1392917463577802

resolver

medium

jreed

DNS Outstanding Tasks

new

Various issues with NSAS_WRONG_ANSWER log message

The messages documentation has: NSAS_WRONG_ANSWER queried for 1 RR of type/class 2/%3, received response 4/5 A NSAS (nameserver address store - part of the resolver) made a query for a resource record of a particular type and class, but instead received an answer with a different given type and class. This message indicates an internal error in the NSAS. Please raise a bug report. The definition of ERROR is: Something has happened such that the program can continue but the results for the current (or future) operations cannot be guaranteed to be correct, or the results will be correct but the service is impaired. For example, the program started but attempts to open one or more network interfaces failed. The log message I saw is: 2012-07-31 15:21:20.q ERROR [b10-resolver.nsas] NSAS_WRONG_ANSWER queried for dns1.nj2.dns-roots.net. RR of type/class AAAA/IN, received response CNAME/IN Well I can manually see that a query for AAAA using @dns1.nyc.dns-roots.net. does answer with a CNAME. And following that CNAME does not have a AAAA. I am opening this ticket for: 1) docs says it “indicates an internal error in the NSAS. Please raise a bug report.” 2) Maybe ERROR is the wrong logging severity. Why is it an ERROR because a response (or query) from outside should not cause the program to misbehave. 3) The log message itself is confusing. Is it wrong to receive a CNAME response? 4) The log message doesn’t tell us what server it queried and received the answer from.

2192

defect

1345054990930274

1364462652152271

Inter-module communication

medium

jinmei

new

look into openbsd socket error

See this http://git.bind10.isc.org/~tester/builder/BIND10/20120815131128-OpenBSD5-amd64/logs/unittests.out This happens periodically, and the only effective workaround seems to be to reboot the machine. It looks like a kernel bug, but we are not very sure about that. We should at least figure out (if possible) a simpler way to reproduce the problem. My guess is that if we repeat forwarding FDs via unix domain sockets some resource leaks in the kernel and it eventually triggers the problem.

2193

defect

1345147419116720

1352302954085665

sysinfo

medium

jinmei

new

unnecessary warning about ‘being non root’ from sysinfo

I saw this warning from isc-sysinfo ran on a FreeBSD server: NOTE: You have to run this program as the root user so that it can collect all the information it requires. Some information is only available to the root user. but, as far as I can see, there’s no information that is missing whether or not I run it as a root. I further suspect it’s applicable to all BSD variants (I see this note on MacOS too). I suspect it’s another example of the Linux-centric mindset. we need to fix it; the top level behavior must be generic.

2195

defect

1345160808725129

1352303180669216

sysinfo

medium

jinmei

new

sysinfo leaks ‘Broken pipe’ exception

If I pass the output of isc-sysinfo to another process via a pipe and that process doesn’t consume all input from sysinfo, sysinfo itself dies with an uncaught exception of IOError (Broken pipe): % isc-sysinfo

head –1 ISC Sysinfo tool Traceback (most recent call last): File “/home/jinmei/opt/bin/isc-sysinfo”, line 136, in main() File “/home/jinmei/opt/bin/isc-sysinfo”, line 121, in main write_value(f, ’s', s.get_net_connections)<br> File "/home/jinmei/opt/bin/isc-sysinfo", line 42, in write_value<br> out.write(fmt value) IOError: [Errno 32] Broken pipe This is not really grace.

2196

enhancement

1345171155895164

1380606604009221

b10-auth

medium

UnAssigned

fujiwara

StatsRedesign

assigned

Update Auth to support differential statistics updates

Add a new command “getstats_delta” which returns differences of statistics data from previous command. It suppresses items which values are zero. “getstats” and “getstats_delta” commands should be used exclusively.

2199

enhancement

1345181298018249

1379679554271664

b10-auth

medium

UnAssigned

y-aharen

StatsRedesign

assigned

Add a configuration item to specify zones to collect statistics in Auth module

Add a configuration item ‘statistics_zones’ into Auth module. ‘statistics_zones’ is a list item. It can specify a set of zone names to collect per-zone statistics items. If the list is empty, no per-zone statistics item is collected.

2200

enhancement

1345181299847212

1379679562707672

b10-auth

medium

UnAssigned

y-aharen

StatsRedesign

assigned

Collect per-zone query/response statistics items in Auth module

Collect query/response statistics items (e.g. opcode, qtype, edns0) in Auth module, and increment counters. Zone origin of processing query can be get with isc::datasrc::ZoneFinder::getOrigin(). Modify isc::auth::statistics::Counters::inc() to add a functionality to identify zones and increment corresponding counters.

2214

enhancement

1345278333284841

1349877405338151

Unclassified

medium

fdupont

new

import/export decoration for DLLs

DLLs require import/export decoration, !declspec/!declspec(dllexport) on WIN32 for instance. The idea is: - add a dll.h in all library directories - decorate external symbols - in rare cases force the instantiation of classes (e.g., util/buffer.cc) (current reference is trac2117)

2215

enhancement

1345286271103687

1353005386496311

Unclassified

medium

fdupont

new

make socket code portable

the socket code makes too often the assumption the OS is Unix: - “file descriptor” - use of PF_UNIX - int > asio/detail/socket_types.hpp fdshare -> socketshare etc

2217

enhancement

1345498657967631

1352989248493593

Unclassified

medium

fdupont

new

portable timing functions

gettimeofday() and *sleep() are Unix bound. Equivalents exist for Windows, do I propose to factorate them in the util library…

2221

enhancement

1345781571215368

1361955721744470

build system

low

UnAssigned

muks

assigned

Add verbosity=2 as an argument when running Python unittests

In #2165, we had a case where Python test output was printed in the order in which the tests occurred in the file, but were run in a different order. I looked at the wrong testcase as the cause of later failures for some time. Currently the test names are not printed as they are run. Adding `verbosity=2` to the `unittests.main()` call should make these be printed. But this argument is available on Python 3.2+ only. So we should use a try/except block and make it verbose where it’s available.

2224

enhancement

1346115172112820

1355231466251207

configuration

low

naokikambe

new

Remove b10-stats from default startup modules

As discussed at https://lists.isc.org/pipermail/bind10-dev/2012-August/003747.html, after #2136,#2137, and #2138, b10-stats is no longer needed as a default startup module. So remove b10-stats from there. That is, remove the following setting from bob.spec: #!patch diff —git a/src/bin/bind10/bob.spec b/src/bin/bind10/bob.spec index 442d46f..840aa8e 100644 — a/src/bin/bind10/bob.spec + b/src/bin/bind10/bob.spec @ -8,7 +8,6 @ item_type “named_set”, item_optional false, item_default { - b10-stats { address “Stats”, kind “dispensable” }, b10-cmdctl { special “cmdctl”, kind “needed” } }, named_set_item_spec { Also we need to update the lettuce test and the document related to this. This task is similar to #1885.

2227

defect

1346329692253160

1353960131571037

data source

medium

jreed

new

re-add a temporary hotspot cache

ChangeLog 455 (I think) removed the existing hot spot cache mechanism. Attached to this ticket is a graph showing a drop after when the default hotcache was removed. I mark this ticket as a defect (versus a task or feature) due to this performance regression. It is useful in case of huge external databases that cannot be loaded into in-memory. vorner suggested: I think an query-answer cache (with rendered response packets) would make more sense.

2228

task

1346349954425253

1352399046149632

Unclassified

medium

larissas

jinmei

assigned

research requirements for DB-based data source performance

I’ve never heard specific requirements on the performance of DB-based zones and expected operational environments, including: - what kind of setup it is: number of zones, size of zones, type of zones (e.g. delegation-centric or leaf, with or without DNSSEC, with or without wildcards), usual query patterns (whether it has a lot of NXDOMAIN results, whether there are many wildcard substitutions, etc) - which level of response performance is requested: less than 1Kqps? several thousands qps? more than 10K? I don’t think it a good strategy just to try to do any possible improvement techniques like #2227 without knowing these. We should clarify that first.

2239

task

1346761860036830

1394117025375992

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

change UDP/TCP/SyncUDPServer so they don’t pass query message object

In #2160, we changed `SyncUDPServer` so it doesn’t clear the query_ `Message` object. In fact, it could even remove that member variable if it wasn’t requested by the API contract. Unfortunately we cannot simply remove them without making non trivial changes to `UDPServer` and `TCPServer` classes and the b10-resolver implementation. IMO, it’s better to make the xxx server classes independent from `Message` management. This ticket is a placeholder to do this task. Specifically: - remove the “query” parameter from the callback functions - remove the “query” member variables from XXX server classes - update b10-auth so it maintains `Message` internally (now that it’s not given via the callbacks). This should be easy. - Same for b10-resolver. This may be a bit trickier due to the recursive-resume operations.

2240

enhancement

1346933828268607

1352375924286591

data source

medium

jreed

new

add all zones by default with data_sources cache-enable

Currently when cache-enable is true for a data source, then all the zones not listed in cache-zones become unavailable. vorner suggested loading all by default.

2241

enhancement

1346936395646672

1352375972570814

Unclassified

medium

jreed

new

version components?

I upgraded a running version (from June 21) but didn’t restart all, just did a “Auth shutdown” to restart a single component: 2012-09-06 07:48:24.569 DEBUG [b10-auth.cc] CC_GROUP_SEND sending message ‘{ co mmand [ “get_module_spec”, { module_name “data_sources” } ] }’ to group ‘Co nfigManager’ 2012-09-06 07:48:24.569 DEBUG [b10-auth.cc] CC_GROUP_RECEIVE trying to receive a message 2012-09-06 07:48:24.570 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘ { from “4fe3ae00_2@t1.m.reedmedia.net”, group “ConfigManager”, instance “*”, reply 10, seq 214121, to “50489b97_68@t1.m.reedmedia.net”, “type” : “send” }’, ‘{ result [ 0, { } ] }’) 2012-09-06 07:48:24.591 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: module_name missing in { } I know it is not safe behaviour to do this with a development version after a big upgrade, but maybe we should have the components identify themselves or otherwise have some way to know what they are compatible with. So instead of confusing fatal error message it could say it is an incompatible version?

2242

defect

1346937302724276

1352376248594117

Unclassified

medium

jreed

new

what is specifically wrong with “Bad config data for Auth”?

I shutdown BIND 10 from June and restarted today’s master with my old configuration. 2012-09-06 07:49:22.523 ERROR [b10-xfrout.xfrout] XFROUT_MODULECC_SESSION_ERROR error encountered by configuration/command module: Bad config data for Auth: {’statistics-interval’: 62, ‘datasources’: [{’zones’: [{’origin’: ‘example.org’, ‘file’: ‘/home/reed/work/isc/bind10/all-types.zone-canonical’}], ‘type’: ‘memory’}], ‘listen_on’: [{’port’: 5300, ‘address’: ‘::’}, {’port’: 5300, ‘address’: ‘0.0 .0.0’}]} The same thing also happens for DDNS_GET_REMOTE_CONFIG_FAIL (two times, three times) and then DDNS_MODULECC_SESSION_ERROR for trying to use Auth’s configuration. The starting of xfrout and ddns repeatedly are trying to start now. The b10-auth process is running though. It doesn’t say what part is bad. If this was a very long configuration, it could be very difficult to track down. I may have tracked it down: > config remove Auth/datasources[0] > config commit Error: Error in config validation: Unknown item statistics-interval Configuration not committed But config show Auth doesn’t show it. (I see it is mentioned in changelog 468.) Maybe a new ticket is needed to allow to remove an unknown item. So I stopped all of bind10 and manually edited the file to remove statistics-interval.

2243

defect

1346937538678402

1352376301873141

DDNS

medium

jreed

new

what is “no module_name in module_spec”?

I restarted all of bind10 master; my previous configuration was from a June instance. 2012-09-06 08:10:55.840 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed to get Zonemgr module configuration 1 times: no module_name in module_spec 2012-09-06 08:10:56.846 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed to get Zonemgr module configuration 2 times: no module_name in module_spec 2012-09-06 08:10:57.856 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed to get Zonemgr module configuration 3 times: no module_name in module_spec 2012-09-06 08:10:58.865 ERROR [b10-ddns.ddns] DDNS_MODULECC_SESSION_ERROR error encountered by configuration/command module: no module_name in module_spec This loops. What is no “module_name in module_spec”? It doesn’t tell me what to fix so I can get it running again. Also the last ERROR should be FATAL, since the process ends.

2245

defect

1346963704798241

1357751153173337

Unclassified

medium

jreed

new

cache-enable true causes crash at startup

Setting cache-enable true at run-time doesn’t fail. Later (stop and then) start of bind10 fails. A similar detailed example was posted to the bind10-users list; see https://lists.isc.org/pipermail/bind10-users/2012-September/000391.html My own example failed with: 2012-09-06 15:22:12.758 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Auto-detection of zones to cache is not yet implemented, supply cache-zones parameter 2012-09-06 15:22:12.758 DEBUG [b10-auth.cc] CC_DISCONNECT disconnecting from message queue daemon 2012-09-06 15:22:12.758 DEBUG [b10-auth.cc] CC_UNSUBSCRIBE unsubscribing from communication group data_sources … 2012-09-06 15:22:13.811 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to msgq (PID 20075) 2012-09-06 15:22:13.812 [b10-msgq] Closing socket fd 9 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 8 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 5 [b10-msgq] Receive error: EOF [b10-msgq] Closing socket fd 7 [b10-msgq] Receive error: EOF INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats-httpd (PID 19437) 2012-09-06 15:22:13.822 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 20911) 2012-09-06 15:22:13.829 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-cmdctl (PID 7189) 2012-09-06 15:22:13.829 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats (PID 28795) Traceback (most recent call last): File “/home/reed/opt/bind10/libexec/bind10-devel/b10-xfrout”, line 1065, in xfrout_server = XfroutServer() File “/home/reed/opt/bind10/libexec/bind10-devel/b10-xfrout”, line 936, in init self.cc.start File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 212, in start self.send_spec File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 442, insend_spec seq = self.session.group_sendmsg(msg, “ConfigManager”) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg }, isc.cc.message.to_wire(msg)) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg cc = self.socket.send socket.error: Broken pipe Traceback : File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 626, in run File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 585, in run CommandControl, idle_timeout, verbose) File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 483, ininit self.cmdctl = CommandControlClass File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 234, ininit self.setup_session() File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 250, in setup_session self.command_handler) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 198, ininit File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 419, in add_remote_config self.add_remote_config_internal(module_spec, config_update_callback) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 343, in add_remote_config_internal answer, = self.session.group_recvmsg File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg env, msg = self.recvmsg File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer self.receive_len_data() File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 160, inreceive_bytes raise ProtocolError(“Read of 0 bytes: connection closed”) isc.cc.session.ProtocolError: Read of 0 bytes: connection closed Exception socket.error: error(32, ‘Broken pipe’) in > ignored 2012-09-06 15:22:13.930 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 7189 of b10-cmdctl ended with status 256 2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 20911 of b10-xfrout ended with status 256 2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 19437 of b10-stats-httpd ended with status 15 2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 28795 of b10-stats ended with status 15 2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 20075 of msgq ended with status 0 2012-09-06 15:22:13.932 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete The msgq shutdown before users of it. The second problem is that the error is fatal, but was no fatal when set via bindctl. Third problem is that I can’t run bindctl to fix it now.

2249

defect

1347292197641927

1352376365413504

Boss of BIND

medium

jreed

new

order of shutdowns should not allow msgq or cfgmgr to exit before other components

See https://lists.isc.org/pipermail/bind10-dev/2012-September/003793.html The order of the logging and timestamps may be misleading, but it seemed to show that the cfgmgr shutdown cleanly and msgq received a SIGTERM before b10-xfrin tried to use them. 2012-09-03 16:03:18.877 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking cfgmgr to shut down … 2012-09-03 16:03:18.877 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking b10-xfrin to shut down … 2012-09-03 16:03:19.878 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1953 of cfgmgr ended with status 0 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1957 of b10-auth-1 ended with status 256 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1959 of b10-stats ended with status 0 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to msgq (PID 1952) 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrin (PID 1954) 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-zonemgr (PID 1955) 2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-cmdctl (PID 1958) … 2012-09-03 16:03:19.884 ERROR [b10-xfrin.config] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe 2012-09-03 16:03:19.887 ERROR [b10-zonemgr.config] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe Then zonemgr crashes (as seen at https://lists.isc.org/pipermail/bind10-users/2012-September/000391.html): Traceback (most recent call last): File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 699, in zonemgrd = Zonemgr() File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 523, in init self.setup_session File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 542, in setup_session self.module_cc.add_remote_config File “/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 419, in add_remote_config self.add_remote_config_internal(module_spec, config_update_callback) File “/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 343, in add_remote_config_internal answer, = self.session.group_recvmsg File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 275, in group_recvmsg env, msg = self.recvmsg File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 130, in recvmsg data = self.receive_full_buffer(nonblock) File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 239, in receive_full_buffer raise se File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 212, inreceive_full_buffer self.receive_len_data File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 172, inreceive_len_data new_data = self.receive_bytes File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 158, inreceive_bytes data = self.socket.recv ConnectionResetError: Connection reset by peer Exception BrokenPipeError: BrokenPipeError in method ModuleCCSession.del_ of object at 0x7f4106438390>> ignored From the logging above it appears that stopping the msqg and cfgmgr didn’t get postponed. Also see ticket #2245 which has similar example.

2253

defect

1347371970104106

1352376418499589

configuration

medium

jreed

new

new start logging about CFGMGR_CONFIG_FILE but doesn’t really exist

Starting bind10 for the first time says: 2012-09-11 06:55:49.001 INFO [b10-cfgmgr.cfgmgr] CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /usr/local/var/bind10-devel/b10-config.db Actually the file does not exist. Maybe reword this? Or create a file and say it was created?

2256

task

1347383687931778

1348582252121413

data source

medium

jreed

new

postgresql data source design

This task is to research, design, and create new work tickets as applicable for implementing a new datasource for Postgresql. This could consider a closed database and derive it on the existing sqlite3 datasource. This is for the first October 2012 sprint.

2257

defect

1347394145953157

1352376497054190

Unclassified

medium

jreed

new

noisy Boss shutdown — socket.error: [Errno 104] Connection reset by peer

This is not master but latest snapshot. Brand new install, first time ran: jreed@debian-64-4:~/src/bind10-devel-20120816$ echo Boss shutdown

bindctl Exit from bindctl jreed@debian-64-4:~/src/bind10-devel-20120816$ Exception in thread Thread-1: Traceback (most recent call last): File “/usr/lib/python3.1/threading.py”, line 516, in bootstrap_inner self.run File “/usr/lib/python3.1/threading.py”, line 469, in run self.target(*self.args, **self.kwargs) File “/usr/local/libexec/bind10-devel/b10-cmdctl”, line 351, in handle_msg_from_msgq self.module_cc.check_command(False) File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 259, in check_command msg, env = self.session.group_recvmsg File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 275, in group_recvmsg env, msg = self.recvmsg File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 130, in recvmsg data = self.receive_full_buffer(nonblock) File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 239, in receive_full_buffer raise se File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 212, inreceive_full_buffer self.receive_len_data File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 172, inreceive_len_data new_data = self.receive_bytes File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 158, inreceive_bytes data = self._socket.recv(size) socket.error: [Errno 104] Connection reset by peer

2259

defect

1347394484523301

1352376578620496

build system

medium

UnAssigned

jreed

new

linking know about rpath for shared libraries

It would be nice to have it linked so it knows the rpath of its libraries. jreed@debian-64-4:~/src/bind10-devel-20120816$ /usr/local/sbin/bind10 Traceback (most recent call last): File “/usr/local/sbin/bind10”, line 68, in import isc.cc File “/usr/local/lib/python3/dist-packages/isc/init.py”, line 6, in import isc.config File “/usr/local/lib/python3/dist-packages/isc/config/init.py”, line 1, in from isc.config.ccsession import * File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 45, in from isc.log import log_config_update ImportError: libb10-cfgclient.so.0: cannot open shared object file: No such file or directory A workaround is to run “ldconfig”. This problem is common on Linux systems, but not on all other systems,

2260

defect

1347397995391278

1352376618720595

build system

medium

UnAssigned

jreed

new

datasrc_test.py can’t find log library

The library name and location is known. How about allowing having the linker include the rpath information? for pytest in datasrc_test.py sqlite3_ds_test.py clientlist_test.py ; do br> echo Running test: $pytest ; br> LD_LIBRARY_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/datasrc/.libs: LD_LIBRARY_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/datasrc/.libs:$LD_LIBRARY_PATH br> PYTHONPATH=:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log_messages:/home/jreed/src/bind10-devel-20120816/src/lib/python:/home/jreed/src/bind10-devel-20120816/src/lib/python:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/.libs:/home/jreed/src/bind10-devel-20120816/src/lib/dns/python/.libs br> TESTDATA_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests br> GLOBAL_TESTDATA_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/testutils/testdata br> B10_FROM_BUILD=/home/jreed/src/bind10-devel-20120816 br> /usr/bin/python3 /home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/$pytest

exit ; br> done Running test: datasrc_test.py Traceback (most recent call last): File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/atasrc_test.py”, line 16, in import isc.log File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/init.py”, line 6, in import isc.config File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/config/init.py”, line 1, in from isc.config.ccsession import File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/config/ccsession.py”, line 45, in from isc.log import log_config_update File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log/init.py”, line 33, in from log import ImportError: No module named log make[7]: * Error 1 make[7]: Leaving directory `/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests’ make[6]:* [check-am This is similar to #2259.

2261

task

1347460185245460

1365688994937772

data source

medium

jreed

new

move data_sources category and flatten configuration

Lets abbreviate the data_sources configuration so it doesn’t have any “classes” intermediate item. Also let’s move and/or rename the data_sources so it is not at the top level — it is specific to DNS at this time. Some ideas: dns_data/IN[0] data_sources/dns/IN[0] dns/data_sources/IN[0] dns/zones/… This is based on a conversation vorner and I had in jabber over a week ago. He said our spec doesn’t have a way to put the IN or CH classes directly below the top-level. (For example data_sources/IN[0] doesn’t currently work?)

2262

task

1347460531379972

1365688943454064

configuration

medium

jreed

new

move tsig_keys from top level of configuration

Similar to #2261 … Let’s move tsig_keys from the configuration top level. It is not a generic feature. Maybe put to /dns/tsig_keys ? Also consider flattening it (to remove intermediate “keys”), like /dns/tsig_keys[0] ? But that probably does not matter.

2263

task

1347461008670872

1364422096767280

configuration

medium

jreed

new

be able to select cfgmgr plugins

Maybe allow the admin to enable/disable cfgmgr plugins. Or maybe even the loading (and unloading) of a specific plugin can be automated, such as when a user of the plugin is started (or stopped). For example if b10-auth starts, then the cfgmgr can be told that the data_sources plugin is needed? Currently the configurations are always available not matter if they aren’t needed; for example the DNS specific code is loaded even if running a DHCP server only. It is loaded at startup and plugins can’t currently be unloaded. It just looks in a directory and loads everything there. For example, share/bind10-devel/config_plugins/ currently contains b10logging, datasrc_config_plugin, and tsig_keys. I don’t know if it is possible to never load the b10logging plugin, but the others could be skipped. Also while here consider using a consistent naming scheme for these plugin files. Even their corresponding spec files may have different base names.

2265

task

1347885919245418

1347986992488636

Unclassified

medium

jelte

new

cleanup: remove Renderer::clear() calls

In 1357, we found that essentially it is always mandatory to call Renderer::clear() before Message::toWire(), so we put it in there at the start. Not doing clear() overwrites the header as the start of the already rendered message, leaving the new header uninitialized, and it creates bad compressed domain names in the new packets. Apart from that, truncation may go wrong, and in case of truncation, the renderer is cleared anyway (So there isn’t even a reliable contract on whether or not the renderer is cleared). There are however probably quite a few now unnecessary calls to Renderer::clear() that could now be cleaned up.

2271

defect

1347991347011911

1389878238332575

data source

medium

jinmei

new

complete in-memory zone iterator

From code inspection there seem to be some open issues for the in-memory zone iterator (I’m referring to the new version). - #1666 - It doesn’t cover NSEC3 RRsets. - It doesn’t seem to cover RRSIGs in the “separate RRs” mode. - #2539 - It doesn’t implement getSOA(). We’ll need these, e.g., if we want to allow xfrout to use the in-memory iterator for AXFR. Note: if we complete this ticket we should be able to close #1666.

2277

task

1348211552352583

1396529414606376

xfrin

high

vorner

DNS Outstanding Tasks

new

Lettuce tests for partially signed xfrin

We need lettuce tests for the feature in #1357. What it should contain: • A valid transfer with some messages in the middle being unsigned. Possibly both AXFR and IXFR. • An invalid IXFR transfer ‒ the first message is signed, then there’s bunch of unsigned messages. The last one is missing signature or the signature is wrong. Check nothing is committed into the database. This either needs some kind of fake server which we can instruct to send invalid data, or by having the wire data ready in a file and answering it using some kind of socat or nc.

2279

task

1348237353326097

1348237353326097

Unclassified

medium

jelte

new

requirements for configuration framework improvements

There are at least 3 ‘topics’ of configuration improvements we can make: 1 the general framework (classes that hold/transfer/act on configuration data) 2 bindctl itself 3 the layout of configuration In principe, the 3rd is somewhat separate (though no less important); and 2 kind of depends in a lot of things on 1 (due to the lowlevel datatypes we have used for both specs and data, bindctl and config_data on the python side have gotten quite muddled, and ugly). So the first task is to reboot the framework discussion I started some time ago; and I think the real very first task is to identify, now that we have experience with the current system, and what it can and cannot do, the requirements, for there turned out to be quite a few more than the current system was designed for; For instance, we would probably like to have custom data types (to add, for instance, an IP address or range, something DHCP certainly needs, and which would also be usable in ACLs; if these would be compounds, they may also fill the requirement of ‘repeated’ configuration bits, where different configurable things have the same layout (listen ports for auth and resolver, to name one). Another thing that is sorely lacking is diffs. We also need a more generalized way of checking them, and recover from errors. But there is probably much, much more.

2280

defect

1348244167352358

1348244167352358

dhcp

medium

UnAssigned

tomek

DHCP Outstanding Tasks

new

Subnet/Pool collections should be ordered by first address

Performance improvement. See Shephen’s comment (comment:7:ticket:2238) about ordering subnet6. The same principle applies to Pool6, Subnet6, Pool4 and Subnet4.

2283

task

1348295723628260

1394117057886307

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

[meta] avoid using getName() and getRdataIterator() for in-memory

In the new version of in-memory data source `RRset::getName()` and `RRset::getRdataIterator()` are more expensive than the generic versions. So we’ll need to allow specialization for the in-memory data source where we can skip these expensive methods in the query processing. The basic idea is to extend the finder context class so it will have specific methods for these cases, and implement optimized in-memory version. We can do this incrementally. The specific tickets are: - (This won’t work) #2060 ZoneFinder::Context::getAtOrigin, #2284 for in-memory - #2309 define ZoneFinder::findAtOrigin(), #2310 for in-memory - #2058 ZoneFinder::Context::getDelegationProof, #2286 for in-memory - #2056 ZoneFinder::Context::getNegativeProof, #2336 and #2337 for in-memory - #2057 ZoneFinder::Context::getWildcardProof, #2288 for in-memory - #2059 ZoneFinder::Context::getSynthesizedCNAME, #2287 for in-memory

2286

task

1348295990912804

1394117069998309

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

in-memory version of ZoneFinder::Context::getDelegationProof

See #2283 and #2058. This is the optimized version of #2058. Depends on #2058, and on completion update auth Query::process().

2287

task

1348296076724293

1394117088223823

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

in-memory version of ZoneFinder::Context::getSynthesizedCNAME

See #2283 and #2059. This is the optimized version of #2059. Depends on #2059.

2288

task

1348296135092736

1394117098567268

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

in-memory version of ZoneFinder::Context::getWildcardProof

See #2283 and #2057. This is the optimized version of #2057. Depends on #2057.

2293

defect

1348586476831646

1352377040906624

build system

medium

UnAssigned

jreed

new

solve frequent BenchMarkTest.run failures

We have had near 100 timing failures in BenchMarkTest. This is on virtual machines: FreeBSD, NetBSD, and Debian5 (but none of the other VMs) and on physical Solaris Sparc machine (but no other physical systems). Here is an example: [ RUN ] BenchMarkTest.run benchmark_unittest.cc:119: Failure Expected: (sleep_time + duration_margin) > (bench.getDuration() * ONE_MILLION), actual: 75000 vs 75077 benchmark_unittest.cc:125: Failure Expected: ((sleep_time + duration_margin) / static_cast(sub_iterations)) > (bench.getAverageTime() * ONE_MILLION), actual: 3260.8695652173915 vs 3264.217391304348 benchmark_unittest.cc:128: Failure Expected: (static_cast(sub_iterations) / (sleep_time + duration_margin)) < (bench.getIterationPerSecond() / ONE_MILLION), actual: 0.00030666666666666668 vs 0.00030635214513099882 [ FAILED ] BenchMarkTest.run (129 ms) Let’s rework this so BenchMarkTest.run does not fail like this anymore.

2294

task

1348645424320065

1352377071334219

xfrout

medium

vorner

new

Lettuce test for long-running xfr-out

It turned out in #2222 that it’s hard to test the fact that statistics number of currently running transfers is incremented when the transfer starts and then decremented after the transfer. We need a support to have a longer-running transfer. The proposal is to have larger zone and a client that starts the transfer, but does not eat the data off the TCP connection, so the buffers fill. We then can wait as long we need to check the statistics counters. This capability could be used for more things than just that, for example, we could try running more transfers in parallel.

2295

defect

1348705901541729

1352377091964987

data source

medium

jinmei

new

clarify the semantics of datasrc/memory/ZoneData::isSigned()

Currently, different parts of the in-memory data source related classes use different semantics: - the zone loader (memory_client.cc) set it to true when it adds NSEC/NSEC3 or NSEC3PARAM RRs to the zone - the zone finder implementation considers the zone is “NSEC3 signed” regardless of the value of “is signed” flag (so the zone loader behavior for NSEC3/NSECPARAM is meaningless) - in the zone data documentation, it’s (intentionally) left open, but hinted as if it means the zone has a DNSKEY RR (at the origin). The difference is not an immediate issue, but when we support incremental zone signing or migration between NSEC and NSEC3, there can be an intermediate state where the zone should rather be considered “unsigned” even if it contains some NSEC or NSEC3 RRs. And then the difference and the current assumption may cause real troubles. So my suggestion is to adopt the hint policy in the zone data documentation: set the “signed” flag of zone to true iff the has a DNSKEY RR at the origin (and make sure this condition is preserved when we add incremental zone updates). The zone finder implementation should check both “signed” and `isNSEC3Signed()` conditions to set the “NSEC3 signed” flag.

2296

defect

1348751559318985

1355231529482491

statistics

low

jreed

jreed

assigned

b10-stats-httpd reset when missing files

I will have to research further, but when b10-stats-httpd was missing some file, it didn’t respond via HTTP and connection was just reset. It should at least provide some http error code or some friendly message. Nothing was logged about it. In fact, I have no stats logging. So it should log when missing file too.

2303

task

1349155518681419

1352385934219841

build system

medium

UnAssigned

jinmei

new

disable generating static link library objects (.a’s)

because BIND 10 generally relies on dynamic links (and some only work with dynamic links, such as loadable modules). Building library objects for static links and using it for tests have been known to be useful for finding some kinds of bugs, so I think it still makes sense to keep the mode of generating .a’s, but the default should probably be better to be changed. I’ve not confirmed that myself, but there’s a suggestion of adding this to configure.ac: LT_INIT([disable-static])

2308

task

1349301567802181

1356550999624950

Unclassified

medium

jreed

new

[meta] beta ticket

This ticket is to track other tickets toward the first production release. (As discussed on http://bind10.isc.org/wiki/WeeklyMinutes20121003 — actually one day earlier.) Add ticket numbers as needed for the following: * #2368 complete and generic zone file parser and loader This is the most feature that we will put into the beta * docs: how to run unittests and more about lettuce tests (we don’t release lettuces tests currently, they are only in repos); see #2341 - #2305 bindctl documentation also document that bindctl is a low-level interface and that we plan a more intuitive simple interface too? - Upgrade docs (how to restart) - document what is not “production quality” - document if dhcp is supported, or where should be used (and how) - #2306 document “execute” - quick start guide — update it - #1044 ssl cert generation - #1622 logging still in multiple files after rotation document we need a certain log4cplus minimum version? configure abort or complain if old version? - #1190 output or logging from msgq maybe stick in separate log file? - get rid of any asserts during shutdown - #1049 get rid of kill 9 during shutdown #1858 sockcreator still running (after bind10 not running) or hanging - #2367 select features to build and install - #1901 (and ?) consistent naming, like Auth or auth or b10-auth; and plugin spec files that don’t match feature names; boss or Boss or “bind10”. - #1898 bind10 logging should go to configured logger - #680 awkward [TEMP MESSAGE] from bindctl The following items would be great to have, but are very unlikely to be done before the beta & subsequent release: * UI improvements? need refactoring/rewriting of internal code there * #2256 SQL database backend * BIND 9/10 configuration interoperability - #2307 perfdhcp manual - system/architecture documentation (not user) — need to decide - versions for components — remove them? or update them currently we just ignore the versions what are the values of the separate versions? if just is a release version, confusing to bump for no reason (if no code changed) if do ship independently, having versions may or may not be good bump all versions? ask the list (the would be users) … - #2255 get rid of multiple data source configurations (also see #2261) - #1351 get rid of multiple TSIG configurations (also see #2262)

2328

task

1349493491373965

1349493920215789

Unclassified

medium

jinmei

new

Designing incremental updates to in-memory zone data

We need to extend the in-memory data source implementation so we can incrementally update existing data after DDNS or IXFR-in. Several things have to be considered: - “merge” and “subtract” interface for `RdataSet`. Regarding merge, we also need to avoid having duplicate RDATAs. - removing names from `DomainTree` - making sure a name is removed from `DomainTree` when all its `RdataSet`s are removed - inter module protocol for updates (in particular, DDNS/xfrin and auth) - extend `datasrc::ClientList` class to support updates - update auth/DDNS/xfrin to implement these - (there should be more) The goal of this ticket is to have these discussions, led by someone with initial proposals, and create specific development tickets.

2329

task

1349494343760692

1352386404688231

data source

medium

jinmei

new

SQL schema update design

We recently had a discussion of updating the DB schema for SQL-based data sources, mainly for performance reasons. We’ll need to have discussions on more specific ideas, and (if we agree on the need for some change) create tickets for actually updating it. But it doesn’t make much sense to have this discussion without knowing performance requirements. This should be clarified first.

2330

task

1349494768880002

1349494768880002

data source

medium

jinmei

new

design of “zone table” APIs

We need to define a set of additional interfaces to manipulate (conceptual) “zone tables”, which include: - interfaces for adding/deleting a specific zone in the underlying data source - getting a full list of zones (of a specific class, maybe) of the underlying data source - if we store more attributes of zones in the underlying data source (e.g., whether it’s primary or secondary, in case of secondary a list of primary servers, etc), interfaces for getting access to or updating these The goal of this ticket is to have discussions on these topics, maybe led by someone with initial proposals, and create specific development tickets.

2333

task

1349500109643077

1349500109643077

data source

medium

jinmei

new

add tests about type NSEC query at a parent zone cut

See this thread http://www.ietf.org/mail-archive/web/dnsext/current/msg12756.html The BIND 10 implementation (either from in-memory or database) always returns the referral, just like other ordinary types. It’s still not clear (to me) what the server should do, but the sense seems to be “it’s implementation dependent”. Assuming that’s the consensus, this ticket is to add some unit (and maybe system) tests to explicitly confirm the behavior, and describe why we behave that way somewhere.

2334

task

1349500313336605

1349500313336605

data source

medium

jinmei

new

MySQL data source (client) design

This is MySQL variant of #2256, depending on which one we implement first. We first need actual user requirements though. Designing DB backend details without knowing them would be a waste of time.

2336

task

1349502093415262

1349502290213025

data source

medium

jinmei

new

in-memory version of ZoneFinder::Context::getNegativeProof, NSEC case

See #2283 and #2056. This is the optimized version of #2056, only for the NSEC part. When the zone is NSEC3 signed, simply forward the processing to the default method implemented in #2056 until we complete the NSEC3 part of the optimization (#2337).

2337

task

1349502257628406

1349502257628406

data source

medium

jinmei

new

in-memory version of ZoneFinder::Context::getNegativeProof, NSEC3 case

See #2283, #2056, and #2336 This is the optimized version of #2056, only for the NSEC3 part. Depends on #2336. It completes the optimization by implementing the NSEC3 part and using that instead of the default version.

2338

defect

1349635009931702

1352389395354184

data source

medium

muks

new

Add tests for ZoneDataUpdater

Bug #2268 introduced the `ZoneDataUpdater` class. It did not add tests as these are covered already by `InMemoryClient`’s tests. There are many testcases to do with validation that are in `InMemoryClient`’s tests (the `ZoneDataUpdater` code used to first be a part of `InMemoryClient`). This bug is to add direct tests for `ZoneDataUpdater` by porting all the data related tests from `InMemoryClient`’s tests. In addition to these tests, be sure to add a test that checks that `ZoneDataUpdater::add()` throws when a NULL `ConstRRSetPtr` is passed in the `rrset` arg. This test was removed in the memory client as it’s not possible to get this condition there. But you can get this condition when directly using the `ZoneDataUpdater::add()` method.

2341

enhancement

1349687938078247

1391178713040892

documentation

medium

fdupont

new

lettuce doc

About lettuce: - it is not included into dev distribs (I can’t see a good reason?) - the documentation must stress the fact it is a python2 (vs python3) tool (BTW with botan build it gives a second dependency on python2) - it requires the ~/.bind10/default_user.csv either install explicitely (from tests/system/common) or by a call to bindctl I propose to include the last two points into the lettuce doc.

2343

task

1349696498818998

1352471972382693

dhcp4

medium

stephen

DHCP Outstanding Tasks

new

Delayed-ack for IPv4 DHCP Server

To avoid the bottleneck concerned with disk accesses, ACKs back to clients will be queued. Only when the database update for a batch of ACKs has been committed will they be sent. This is essentially an implementation of the ISC DHCP “delayed-ack” feature in Kea.

2344

task

1349696556430671

1352472031375212

dhcp6

medium

stephen

DHCP Outstanding Tasks

new

Delayed-ack for IPv6 DHCP Server

Implementation of #2343 but for IPv6

2345

enhancement

1349696671719426

1397640730796484

dhcpdb

low

stephen

DHCP Outstanding Tasks

new

Expired lease housekeeper routines

Leases in the database have an expiry time. Rather than have the server processes worry about them, a separate “housekeeper” process will run periodically and deleted expired leases. Depending on the approach, this will be a separate process or periodically called routine in the main process (or both, depending on configuration).

2346

defect

1349790997987212

1349791038429087

dhcpconf

medium

tomek

DHCP Outstanding Tasks

new

DHCP CfgMgr: sanity checks

Add checks that forbid: - adding pools to a subnet that overlap with other pools - adding subnets to CfgMgr that overlap with existing subnets

2350

task

1349803363313998

1349803363313998

documentation

medium

tomek

DHCP Outstanding Tasks

new

Define a framework for unit-test documentation

Many unit-tests lack description of their scope and purpose. It would be useful to have a consistent way to document them. One simple approach to that problem is to define a macro that will call TEST and TEST_F macros from gtest, but will take additional parameter(s). Such additional parameter would be test description. Another parameter to consider would be the component the test is covering (auth, resolver, dhcp4, dhcp6 etc.) With such extension, it would be possible to write a script that will parse all unit-test code and generate test report. Together with GTEST_OUTPUT=xml:results.xml passed to unit-tests, it would allow us to generate a proper test report that could be further processed.

2351

enhancement

1349816754827449

1350004645365372

build system

low

UnAssigned

fdupont

new

src/lib/exceptions WIN32 port

src/lib/exceptions (include its tests subdir) WIN32 port. Note this will be mainly about the win32build stuff as the port is nearly trivial. (please: - include it into a sprint as soon as it is ready - assign a reviewer)

2352

defect

1349882126257390

1349889953030269

dhcp6

medium

tomek

DHCP Outstanding Tasks

new

Improve DUID handling

1. Implement OptionDUID class and start using it for client-id and server-id 2. Support other DUID types 3. Improve src/lib/dhcp/tests/duid_unittest.cc to cover data in LLT and LL formats. The code from Dhcpv6Srv::setServerID() in src/bin/dhcp6/dhcp6_srv.cc can be refactored/reused.

2354

defect

1349956974347120

1349957000488054

dhcp

very low

tomek

DHCP Outstanding Tasks

new

Implement DUID-based client-id for DHCPv4

We may want to implement client-id based on DUID (RFC4361). See [comment:7:ticket:2140 Shawn’s comment].

2358

defect

1350341323876465

1350341557789119

logging

medium

jinmei

new

DBGLVL_xxx should be in .cc, and in specific name space

`DBGLVL_xxx` constants defined in log_dbglevels.h break a couple of fundamental rules of C++. - It shouldn’t be in unnamed namespace (`namespace {}`). Having it in a shared header file easily leads to breaking the one definition rule. - It shouldn’t be defined in the header file. Since they are constants smart linkers may avoid generating duplicate copies, but as far as I know it’s not guaranteed by the language. Solution is easy: - Declare them in a specific namespace, like isc::log - Only declare them in the header file; define them in a separate .cc: #cpp // in log_dbglevels.cc const int DBGLVL_START_SHUT = 0;

2359

defect

1350368392771235

1350368392771235

build system

medium

UnAssigned

jinmei

new

restruct libb10-util

In #1870, I noticed only buffer.h from lib/util (headers) was really necessary to build sample b10-host program. Some others are used internally in libb10-dns, but I suspect many others are not necessary. In particular, it shouldn’t need interprocess locks or memory segment stuff. Since we’ve been wanting to make dns as standalone as possible it’s not really a good trend. I suggest we reorganize lib(b10)util as follows: - libb10-util: containing minimal set that is necessary to be published - libb10-util-internal (or something): all others Further, I suggest merging libb10-exceptions to libb10-util. Now that having generic “util” library, which would be needed to be linked for any BIND 10 related programs I don’t see advantage of keeping the very tiny separate library for the exception definitions. And, if possible, I suggest we revisit the current way of creating ad hoc sub libraries like util-io or util-thread, clarifying the categorization policy (and document it). But that would be a topic of a separate ticket.

2362

task

1350493197895896

1352389532432683

Unclassified

medium

jreed

new

add system test to load a simple zone into sqlite3 and then query in it

Add lettuce test to load a simple zone into sqlite3 and then query in it.

2368

task

1350624854745111

1358891183357441

Unclassified

medium

jinmei

new

[meta] complete and generic zone file parser and loader

This will eventually replace b10-loadzone and revise dns masterLoad. In the very initial phase, I propose introducing a generic lexer and master file parser using the lexer. The parser initially only handles a limited set of entire syntax. Then update the data source loader and b10-loadzone using them. In the next phase we’ll support more variations of master file syntax . For the initial phase, we’ll need to do: - generic lexer: #2369, #2370, #2371, #2372, #2373, #2375, - generic parser: #2376, #2377 - zone loader: #2378, #2379, #2380 Absolute minimum for the beta release: - all of the “initial phase” tasks listed above - `MasterLoader` enhancements: #2427, #2428, #2429, #2431 - rdata updates: #2382, #2442, #2497, #2498 , #2523) - in-memory load extensions : #2470 - datasrc updates: #2541, #2542 Possible bonus features for beta. Either of the following two: - basic zone validation: #2432, #2433, #2435, #2436, #2499 - in-memory load extensions : #2440, #2441 Or maybe consider for small visible enhancements: #2518, #2519, #2520 Post beta features: - other libdns objects updates: #2383 (more important/urgent), #2384, #2381 (less important), #2518, #2519, #2520, #2534 - complete rdata updates: #2386(NSEC,DS), #2387(DNSKEY,NSEC3,NSEC3PARAM), #2389(A,AAAA), #2390(NS,MX,PTR), #2391(AFSDB,DLV), #2426(generic), #2521(RRSIG, DHCID, OPT), #2522(RP, MINFO, TSIG), #2656(CNAME,DNAME,SRV) - advanced `MasterLoader` feature: #2430 ($GENERATE) - advanced zone validation: #2434 - zone validation after xfrin: #2437, #2438, #2439

2394

defect

1350680533360621

1352900214403596

Unclassified

medium

jinmei

new

clarify the use case for some basic exceptions

As discussed in #2207 (see, e.g., the relevant part of http://bind10.isc.org/ticket/2207#comment:14), it the intended usage of the some exceptions defined exceptions/exceptions.h doesn’t seem clear and different developers use it for different purposes. That’s particularly so for `Unexpected`. When I first introduced it (I believe it was me who added it), I intended it to mean really “exceptional” events where we’d rather assert() the condition. An example (not limited to that) would be failure of some system level API that would basically be expected to succeed. Another case is an indication of inconsistent state of a class but when we cannot 100% eliminate the possibility that it’s triggered by a (misbehaving) application. Something like `Unexpected` tends to be a kitchen sink (after all, any exception should generally indicate an “unexpected” event, isn’t it?), so I wanted to limit the use case of it. Whether or not this intent makes sense, the reality in our code is that it’s used for other purposes like when an application passes a NULL pointer when it shouldn’t. So, there’s at least some confusion here. The bottom line goal of this ticket is to document the intended purpose of `Unexpected`. If there are other confusing exception types, we should also clarify it in documentation. Then, my personal proposal for `Unexpected` is the one I originally intended as described above. But we can discuss that. I also suggest unifying `InvalidParameter` and `BadValue` in this ticket. I don’t remember how we end up having these two, but it doesn’t make sense to me to separate these cases (I actually don’t even understand what’s the difference between these).

2395

defect

1350932119567239

1394117303087834

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

introduce a simpler way of using faked data source from auth tests

Some of the current tests in auth_srv_unittest tweaks existing data source clients by bruteforcing its contents (using the `getDataSources()` interface and directly rewrites the internal). IMO it relies too much on the internal of data source clients and makes both the class and tests fragile. For tests of client-list itself it might be considered a necessary evil, but for tests of their users I think it goes too far. This also one major reason we currently need (in #2211, hopefully soon in master) the `swapDataSrcClientLists`, which also makes the `DataSrcClientsMgr` integrity weaker. It’s also the reason why we need to return a shared pointer from `DataSrcClientsMgr::Holder.findClientList()` (because this test internally destroys the original due to the brutteforce replacement) even though it could return a bare pointer based on its nature. What we actually need is, IMO, a cleaner way for tests like `AuthSrvTest` to use some faked data source clients (e.. one that throws on `findZone()`, instead of relying on the low level internal details of the client list implementation. This task is to design such a way and implement it.

2397

task

1351014426324480

1352900273164276

data source

medium

jelte

new

exception hierarchy within datasources

In #2210, we discovered we could use an exception hierarchy (or at the very least a clear distinction) within datasources, mainly to distinguish between configuration problems, setup problems (config ok but something is wrong, like bad connection or inconsistent data), and internal problems such as bugs. Right now most of it is generalized into the DataSourceError. This may also be related to zone loading.

2399

defect

1351049559561246

1352092606869957

logging

medium

jinmei

new

make Logger::getLoggerPtr() thread safe

If I understand it correctly, the delayed initialization of the `Logger` class is not thread safe: #!cpp LoggerImpl* getLoggerPtr() { if (!loggerptr_) { initLoggerImpl(); } return (loggerptr_); } initLoggerImpl() could be called by multiple threads at the same time, and due to this: #!cpp void Logger::initLoggerImpl() { if (isLoggingInitialized()) { loggerptr_ = new LoggerImpl(name_); } else { isc_throw(LoggingNotInitialized, “attempt to access logging function” “before logging has been initialized”); } } creating `LoggerImpl` could be done multiple times. (btw: the implementation of isLoggingInitialized could also be controversial, but this is probably safe in practice due to the assumption of initLogger()). The (bad) effect of this is probably not catastrophic: maybe it’s just losing some fixed (and small) amount of memory in the worst case, at least in practice. But I may be wrong, and in any case such leak isn’t good anyway. One way of fixing this would be to introduce some global mutex that is initialized at the time of initLogger(), and do something like this: #!cpp if (isLoggingInitialized()) { Locker locker(the_global_mutex); if (loggerptr_ == NULL) { loggerptr_ = new LoggerImpl(name_); }

2400

defect

1351050190372171

1394117313724402

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

notify auth::DataSrcClientsMgr when the builder thread dies

Currently, there’s no effective way to notify the main thread of b10-auth that runs the `DataSrcClientsMgr` object when the separate thread running `DataSrcClientsBuilder` object dies due to an unexpected exception. This is not good: the auth server keeps running with older zone data without noticing it, and the communication queue is growing. So the current implementation takes a harsh way: the builder thread terminates the entire process by `assert(false)`. This is still suboptimal. We should provide a way to notify the main thread when the builder thread needs to terminate itself due to an unexpected exception. My current idea is something like this: - introduce another shared variable (of boolean), say, builder_ok_. it’s a member of the manager, set to true initially, and its pointer will be passed to the builder. - on unexpected termination, the builder sets it to false. (this could be protected by a mutex, but that’s not absolutely necessary) - the manager checks variable every time it sends a new command to the builder or allow the application to access the client lists via the holder. If the value has been changed to false, it takes an appropriate action (in practice, it would throw a fatal exception to terminate the process anyway).

2401

task

1351050568839511

1394117111284765

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

synchronous communication between DataSrcClientsMgr and DataSrcClientsBuilder

I think we need to provide a “synchronous mode” of command exchange between the `auth::DataSrcClientsMgr` and `auth::DataSrcClientsBuilder` classes. Test and benchmark code will need this for deterministic behavior, and I guess in some cases the main auth server will need it. For example, in the very initial startup it may rather block than prematurely returning REFUSED to all queries. One possible approach is to introduce sequence numbers for commands and another communication queue between the manager and builder. When the manager wants a specific command to be done in the synchronous mode, it sends it to the builder with a valid (non 0 or something) sequence number. If a command has a valid sequence number, the builder notifies the manager of its completion via the separate queue with that number (and probably some result code).

2402

enhancement

1351081352160614

1352907454056092

Unclassified

medium

fdupont

fdupont

new

split cryptolink sign/verify

As discussed in the bind10-dev mailing list, PKCS!#11 and some other crypto libraries make a difference between a context for a signing or for a verify operation, so typically the update() function has two different and incompatible instances. There are two ways to fix this in crypto link: - the hard/heavy but statically checked way by split classes into a verify and a sign variants - the soft but dynamically checked way but just adding a 2 item enum about the expected operation The bind 9 PKCS!#11 only experiment showed the second/soft way is enough.

2403

task

1351084699857220

1369645377203862

documentation

medium

stephen

DHCP Outstanding Tasks

new

Provide developer documentation for DHCP MySQL back end

Need to provide some developer documentation for the DHCP MySQl backend.

2405

enhancement

1351113196187775

1351113196187775

dhcp

medium

stephen

DHCP Outstanding Tasks

new

Extend Lease4/Lease6 classes with checks on valid data

The Lease4/6 classes are current “structs”. They should be promoted to classes and access to the members concealed behind methods, to allow for the checking of data being put into the class.

2406

enhancement

1351167511983747

1397640667196087

Unclassified

low

fdupont

fdupont

Common Outstanding Tasks

new

alternative crypto provider

A ticket for my own R&D/learning. The idea is to replace Botan by another crypto provider. Of course it is easier today with only HMAC then it will be with RSA & co.

2407

defect

1351177344496958

1352902326530476

bind-ctl

medium

jreed

new

quit should work for bind10 even if no logged in

I had a bindctl running. I guess at some point it became disconnected but I didn’t know. Anyways I typed “quit” at its prompt“ > quit Error reading saved username and password from /home/jreed/.bind10/default_user.csv: [Errno 13] Permission denied: ‘/home/jreed/.bind10/default_user.csv’ [TEMP MESSAGE]: username :root password :bind10 Username: So I log in again and it does quit (Exit from bindctl) automatically. Please ignore the context of the problem with no default user/password saved. I understand that. But it does provide a way to show the problem. Please allow a”quit" in bindctl to quit bindctl without the round-trip to cmdctl (and beyond).

2408

defect

1351177556434480

1352902335254225

bind-ctl

medium

jreed

new

tab completion not working for named_set

Tab completion here does not work: config show data_sources/classes/IN Even if I type “[” or “[0” it does not work. I expect it to show me IN[0]. Same problem with CH. I don’t see the problem with Logging/loggers — it adds [0] automatically.

2411

defect

1351264422812210

1352910014733868

build system

medium

UnAssigned

jreed

new

BIND 10 build doesn’t find and link to Valgrind library

The valgrind runs on the centos system didn’t HAVE_VALGRIND_HEADERS. This ticket is to do one of the following: add —with-valgrind-include=PATH option or include the huge valgrind.h file in the bind10 tree (please do not!) or do not use the valgrind macros and just use a SKIP_DEATH_TESTS environment variable (such as LETTUCE_SETUP_COMPLETED). I file this as a defect since some failures reported by valgrind builder.

2413

defect

1351511664829597

1368439375765197

dhcp

medium

stephen

DHCP Outstanding Tasks

new

Handle time overflow in lease structures

Currently the cltt in a lease structure is expressed as a time_t, and the valid lifetime field as a uint32_t. The expiration time of the lease is stored in the database and is calculated as expiration = cltt + valid_lifetime With no restriction on valid_lifetime, it is easy for the time calculation to overflow. (On a 32-bit system, time_t is 32-bits).

2419

defect

1351689998333770

1373457948889567

configuration

medium

UnAssigned

tomek

assigned

ConfigData::getFullConfig() should return child elements content

ConfigData::getFullConfig() currently returns only list of elements on top level, but it should return all child elements as well. This will likely be trivial to implement as stringValue() -> str() change.

2423

defect

1351795830694974

1352910036776504

Unclassified

medium

jreed

new

log4cplus threads and python Segmentation fault in notify_out_test.py

On three NetBSD 6.0 systems, when log4cplus-1.1.0 is built with threads (the default) it fails like: Running test: notify_out_test.py …………..[1] Segmentation fault (core dumped) PYTHONPATH=/home… * Error code 139 For example: http://git.bind10.isc.org/~tester/builder/BIND10/20121030163907-NetBSD6-i386-GCC/logs/unittests.out This happens with python31 and python32. Here is a backtrace: Core was generated by `python3.2’. Program terminated with signal 11, Segmentation fault. #0 0xbae55082 in std::string::assign(char const*, unsigned int) () from /usr/lib/libstdc.so.7 bt #0 0xbae55082 in std::string::assign from /usr/lib/libstdc.so.7 #1 0xbb0721a1 in log4cplus::detail::clear_tostringstream(std::basic_ostringstreamstd::char_traits, std::allocator >&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #2 0xbb072285 in log4cplus::detail::get_macro_body_oss() () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #3 0xbb242dfd in isc::log::LoggerImpl::outputRaw (this=0xba75b500, severity=0xba3ff444, message=...) at logger_impl.cc:141<br>#4 0xbb241854 in isc::log::Logger::output (this=0xbb5e5b20, <br> severity=0xba3ff444, message=…) at logger.cc:129 #5 0xbb81b451 in ~Formatter (this=0xba3ff440, in_chrg=out>) at ../../../../../src/lib/log/log_formatter.h:167 #6 ::Logger_performOutput:log::Logger>, boost::mfi::mf1, isc::log::Logger, char const* const&>, boost::bi::list2, boost::arg<2> > > > at log.cc:538 #7 0xbb81bd1f in ::Logger_info at log.cc:581 #8 0xbbabf054 in PyCFunction_Call from /usr/pkg/lib/libpython3.2.so.1.0 #9 0xbbb121ed in PyEval_EvalFrameEx from /usr/pkg/lib/libpython3.2.so.1.0 #10 0xbbb12066 in PyEval_EvalFrameEx from /usr/pkg/lib/libpython3.2.so.1.0 #11 0xbbb13ba1 in PyEval_EvalCodeEx from /usr/pkg/lib/libpython3.2.so.1.0 #12 0xbbaad599 in function_call from /usr/pkg/lib/libpython3.2.so.1.0 #13 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0 #14 0xbbb10e93 in PyEval_EvalFrameEx from /usr/pkg/lib/libpython3.2.so.1.0 #15 0xbbb12066 in PyEval_EvalFrameEx from /usr/pkg/lib/libpython3.2.so.1.0 #16 0xbbb12066 in PyEval_EvalFrameEx from /usr/pkg/lib/libpython3.2.so.1.0 #17 0xbbb13ba1 in PyEval_EvalCodeEx from /usr/pkg/lib/libpython3.2.so.1.0 #18 0xbbaad4b1 in function_call from /usr/pkg/lib/libpython3.2.so.1.0 #19 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0 #20 0xbba9d195 in method_call from /usr/pkg/lib/libpython3.2.so.1.0 #21 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0 #22 0xbbb0c381 in PyEval_CallObjectWithKeywords from /usr/pkg/lib/libpython3.2.so.1.0 #23 0xbbb445c8 in t_bootstrap from /usr/pkg/lib/libpython3.2.so.1.0 #24 0xbba514ea in ?? from /usr/lib/libpthread.so.1 #25 0xbb968ea0 in_lwp_park50 () from /usr/lib/libc.so.12 #26 0xba200000 in ?? () #27 0xbbac0b2e in PyObject_GetAttr () from /usr/pkg/lib/libpython3.2.so.1.0 #28 0xbbb0dd30 in PyEval_EvalFrameEx () from /usr/pkg/lib/libpython3.2.so.1.0 #29 0xbb99487b in free () from /usr/lib/libc.so.12 #30 0xbbb44058 in PyObject_GC_Del () from /usr/pkg/lib/libpython3.2.so.1.0 #31 0xbbaac830 in PyFrame_BlockPop () from /usr/pkg/lib/libpython3.2.so.1.0 #32 0xbb9925b0 in ?? () from /usr/lib/libc.so.12 —Type to continue, or q to quit— Backtrace stopped: previous frame inner to this frame (corrupt stack?) This problem does not happen with log4cplus-1.0.4 nor when log4cplus-1.1.0 is built —without-threads. I do not see the problem on a FreeBSD system. I first brought this up on mailing list; here is the thread: https://lists.isc.org/pipermail/bind10-dev/2012-October/004011.html

2424

defect

1351796004415290

1355230432630181

Unclassified

medium

jreed

new

seg fault in src/bin/auth/tests

On my NetBSD 6.0 system with log4cplus 1.1.0 built —without-threads (see #2423), sometimes make check fails in src/bin/auth/tests/. One example is: [ RUN ] AuthSrvTest.DDNSForwardClose log4cplus:ERROR Error in strftime(): 0 [1] Segmentation fault (core dumped) B10_FROM_BUILD=/… * Error code 139 It has also failed in AuthSrvTest.DDNSForwardCreateDestroy and also failed when all tests complete. It cored about 7 out of 45 tries. Here is a backtrace: Reading symbols from /home/reed/work/isc/bind10/git/bind10-CLEAN/src/bin/auth/tests/.libs/run_unittests…done. [New process 77] [New process 76] [New process 1] Core was generated by `run_unittests’. Program terminated with signal 11, Segmentation fault. #0 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5 (gdb) bt #0 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #1 0x00007f7ff48413ac in ?? () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #2 0x00007f7ff4841c80 in ?? () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #3 0x00007f7ff4841ebb in log4cplus::PatternLayout::formatAndAppend(std::ostream&, log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #4 0x00007f7ff482de6a in log4cplus::FileAppender::append(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #5 0x00007f7ff482554c in log4cplus::Appender::doAppend(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #6 0x00007f7ff48223be in log4cplus::helpers::AppenderAttachableImpl::appendLoopOnAppenders(log4cplus::spi::InternalLoggingEvent const&) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #7 0x00007f7ff483b613 in log4cplus::spi::LoggerImpl::callAppenders(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5 #8 0x00007f7ff540e78c in isc::log::LoggerImpl::outputRaw ( this=0x7f7ff7b56580, severity=, message=) at logger_impl.cc:141 #9 0x000000000042ed88 in ~Formatter (this=0x7f7ff13ffa00, in_chrg=) at ../../../../src/lib/log/log_formatter.h:167 #10 isc::auth::datasrc_clientmgr_internal::DataSrcClientsBuilderBase::run at ../../../../src/bin/auth/datasrc_clients_mgr.h:473 #11 0x00007f7ff32086ba in operator at /usr/pkg/include/boost/function/function_template.hpp:760 #12 isc::util::thread::Thread::Impl::run at thread.cc:71 #13 0x00007f7ff2609d75 in ?? from /usr/lib/libpthread.so.1 #14 0x00007f7ff1a759f0 in_lwp_park50 () from /usr/lib/libc.so.12 Cannot access memory at address 0x7f7ff1400000 (gdb) info threads Id Target Id Frame * 1 LWP 1 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5 The current thread has terminated. See `help thread’.

2425

defect

1351806520630337

1355230458867272

Unclassified

medium

jreed

new

IOFetchTest.TcpSendReceive33 failure

Today, on the FreeBSD git server I hit: [ RUN ] IOFetchTest.TcpSendReceive33 io_fetch_unittest.cc:435: Failure Value of: result Actual: 1 Expected: expected Which is: 0 io_fetch_unittest.cc:450: Failure Value of: result_buff->getLength() Actual: 0 Expected: return_data.size Which is: 33 io_fetch_unittest.cc:458: Failure Value of: equal, return_data.end(), start) Actual: false Expected: true I can not repeat it. but looking at other failure logs, I found: http://git.bind10.isc.org/~tester/builder/BIND10/20110511195001-NetBSD5-amd64/logs/unittests.out http://git.bind10.isc.org/~tester/builder/BIND10/20110511195001-NetBSD5-amd64/logs/unittests.out http://git.bind10.isc.org/~tester/builder/BIND10/20121010043500-FreeBSD8-i386/logs/unittests.out http://git.bind10.isc.org/~tester/builder/BIND10/20121010043500-FreeBSD8-i386/logs/unittests.out So I open this ticket.

2434

task

1351836462430077

1355230610396324

libdns++

medium

UnAssigned

jinmei

new

implement validateZone, advanced part

Subtask of #2368, and part of post-load checker. Depend on #2432, and would be better to do it after #2433. Regarding the checks, see BIND 9’s lib/dns/zone.c:integrity_checks(). The checks include: - out of zone owner-name - existence of glue for each delegation NS - same for MX, SRV Note that this task requires `RRsetCollection`s foreach interface.

2444

task

1351838707895518

1355230678479343

data source

medium

jinmei

new

task breakdown for shared-memory and/or mmap support

2446

task

1351840432189436

1355230683505899

data source

medium

jinmei

new

task breakdown for incremental in-memory zone update

so we don’t have to do full reload after IXFR-in or DDNS.

2448

task

1351848128308568

1355384003065505

build system

medium

UnAssigned

jelte

new

configure.ac missing checks for —enable-generate-docs

This is really mostly only relevant for devs updating documentation, but the configure checks done when doing —enable-generate-docs have some room for improvement: on debian, if you do —enable-generate-docs, but don’t have the ‘xmlto’ package installed, you get a rather cryptic error (I had only installed docbook and xsltproc initially): checking for xsltproc… /usr/bin/xsltproc checking if /usr/bin/xsltproc works… I/O error : Attempt to load network entity http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl warning: failed to load external entity “http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl” cannot parse http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl configure: error: “Error with /usr/bin/xsltproc using release/xsl/current/manpages/docbook.xsl” Also, elinks is needed in the build process we probably want a few checks for both of these in configure.ac :)

2452

enhancement

1351849300525441

1353959324159342

Boss of BIND

medium

shane

new

Deal with persistent instistence that we have a deamon mode

Jeremy keeps complaining because we don’t daemonize. We’ve discussed this several times at great length, but it seems the fact that we don’t is a real concern. One possibility is to add a section to the documentation explaining how to run as a daemon, for example: $ nohup bind10 >/dev/null 2>&1 & Another possibility is for the rest of the BIND 10 team to hold me down and just implement a daemon mode while I can’t stop them. Were this to happen, we should probably use the mechanism proposed in PEP 3143: http://www.python.org/dev/peps/pep-3143/ Which will likely become a part of standard Python soonish. (For now, we can just ship the python-daemon library with our code.)

2453

task

1351851087918955

1394117121016571

b10-auth

medium

jelte

DNS Outstanding Tasks

new

immediate feedback when mistyping zone name with Auth loadzone

Now that zones are (re)loaded in the background, the system may seem to succesfully load a zone when doing ‘Auth loadzone ’ in bindctl. It does log an error, but it would be much better to check immediately. The proposal is to factor out the initial code from doLoadZone() in datasrc_clients_mgr.h, and call it both in doLoadZone, and in the loadZone that does the other checks (but only to see if the zone is known). This means doing the lookup twice, but for a loadzone command, I do not believe that this overhead is so much we should not check. Note that the clients map probably needs to be locked.

2454

defect

1351875585562440

1355231570788842

build system

very low

UnAssigned

jreed

new

./configure —with-lcov skips gtest detection

Using ./configure —with-lcov enables gtest but skips the detection so later the gtest.h header is not found. This is low priority. The workaround is simply to use —with-gtest-source=PATH or —with-gtest=PATH

2455

defect

1351878963561794

1355232338080309

Boss of BIND

medium

jreed

new

bind10 parent should not exit if b10-auth exits with fatal

This is similar to #2393. I reproduced by “execute init_authoritative_server” and “config commit”. Due to bug #2457, b10-auth crashed. (It should not have. That is #2393.) This ticket is so bind10 boss should not exit either.

2457

defect

1351879118611991

1355230911686057

data source

medium

jreed

new

in-tree b10-auth fails due to missing static.zone

Running run_bind10.sh and bind10 is not installed and starting auth server, I received: 2012-11-02 10:45:24.969 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Unknown uncaught exception from static createInstance: Failed to open master file: /Local/Users/jreed/opt/bind10/share/bind10-devel/static.zone: No such file or directory This is basically the same as #2159. Make sure when running in-tree it can access static zone. Also this should not be fatal — missing access to a zone file should not crash b10-auth and bind10. That is tickets #2393 and #2455 respectively.

2460

defect

1351998161796609

1392812501652178

data source

high

jinmei

DNS Outstanding Tasks

new

make ConfigurableClientList::getCachedZoneWriter thread safe

This is a continuation of #2459. While the suggested solution in #2459 solves the immediate problem by a relatively simple patch, it’s suboptimal performance-wise because getCachedZoneWriter() involves expensive DB accesses several times, some may be even blocking: one is findZone(), and the other is getIterator(). The latter is especially problematic in that it opens a new DB connection. Fortunately, getIterator() itself should be thread safe as long as `DatabaseAccessor::clone()` of the underlying DB accessor implementation is thread safe (which is the case for our SQLite3 version). So my suggested better (but requiring larger changes) solution is as follows: - extend `ConfigurableClientList` so the caller can know if a specified zone is “cached” (and no, I don’t like to use `getDataSources()` for this purpose. IMO it discloses too much internal details of the class and restricts future changes of the implementation). One possibility is to extend find() (like extending exact_match_ to a generic flags). - revise getCachedZoneWriter() so it only looks for in-memory data sources. findZone() on in-memory data source should be thread safe, so there’s no risk of race here. We’ll need to extend findInternal() a bit to make this possible. - in b10-auth (or any other possible user of getCachedZoneWriter()), the builder thread first checks if it really needs to do reload using the first extension. It protects this operation by the mutex. If it does, the builder calls the revised getCachedZoneWriter() without the protection of mutex.

2461

task

1351999231784042

1355231026387521

data source

medium

jinmei

new

clarify thread consideration for DataSourceClient

This is a related topic of #2459, at a bit higher level. Even the issue of #2459 aside, b10-auth now breaks a design assumption of `DataSourceClient`: #!cpp /// If the application uses multiple threads, each thread will need to /// create and use a separate DataSourceClient. This is because some /// database backend doesn’t allow multiple threads to share the same /// connection to the database. because it shared the same client object by multiple threads through `ConfigurableClientList`. But, actually, the above note may be a bit too strong. Due to the introduction of `DatabaseAccessor::clone() and the use of it in many of its methods (of its database version of derived class) `DataSourceClient` should now be pretty thread safe except for findZone(). (As noted in #2460, based on the assumption that `DatabaseAccessor::clone()` is thread safe). Considering these facts, I think we should revise the thread consideration. My basic suggestion is: - The derived class implementation must ensure all methods are thread safe except for findZone() (and subsequent use of `ZoneFinder`) - If `DataSourceClient` is shared by multiple threads, the application is responsible for protecting calls to findZone() (and subsequent use of `ZoneFinder`) by multiple threads. On top of this, we might also make some extensions: - introduce a thread-safe mode to findZone(). It will internally clone() the accessor (in the case of the DB-based version). - on the other hand, introduce a share-mode to other methods. For example, DDNS would probably like to keep the same connection for updating zones; it would be expensive if it needs to open a new DB connection for every update message. It would apply to xfrin, too, (although probably less critical, assuming xfr-in events are less frequent). In this ticket I suggest just making documentation clarification as suggested above. doc for `ConfigurableClientList` should also be updated.

2466

defect

1352222250038057

1355524321407882

Unclassified

medium

jinmei

new

define public static class const integral members explicitly

See http://bind10.isc.org/ticket/2371#comment:19 In summary, if we define things like this #cpp // in foo.cc const int foo_const; // no need for initialization; it’s in the declaration Note that all of “public, static, const, and integral” matter. And we should remove some workaround we did in tests, such as that for `Name::MAX_WIRE` in name_unittest. From a quick grep, the candidate constants are as follows: bin/dhcp6/dhcp6_srv.h: static const size_t MIN_MAC_LEN = 6; lib/bench/benchmark.h: static const int TIME_FAILURE = 1; lib/bench/benchmark.h: static const int ITERATION_FAILURE =1; lib/datasrc/memory/zone_data.h: static const ZoneNode::Flags WILDCARD_NODE = ZoneNode::FLAG_USER2; lib/dhcp/duid.h: static const size_t MAX_DUID_LEN = 128; lib/dhcp/iface_mgr.h: static const unsigned int MAX_MAC_LEN = 20; lib/dhcp/iface_mgr.h: static const uint32_t RCVBUFSIZE = 1500; lib/dhcp/iface_mgr.h: static const int INVALID_SOCKET = –1; lib/dhcp/option6_iaaddr.h: static const size_t OPTION6_IAADDR_LEN = 24; lib/dhcp/option_data_types.h: static const bool valid = false; lib/dhcp/option_data_types.h: static const int len = 0; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 1; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 2; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 4; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 1; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 2; lib/dhcp/option_data_types.h: static const bool valid = true; lib/dhcp/option_data_types.h: static const int len = 4; lib/dns/edns.h: static const uint8_t SUPPORTED_VERSION = 0; lib/dns/labelsequence.h: static const size_t MAX_SERIALIZED_LENGTH = lib/dns/message.h: static const uint16_t DEFAULT_MAX_UDPSIZE = 512; lib/dns/message.h: static const uint16_t DEFAULT_MAX_EDNS0_UDPSIZE = 4096; lib/dns/name.h: static const size_t MAX_WIRE = 255; lib/dns/name.h: static const size_t MAX_LABELS = 128; lib/dns/name.h: static const size_t MAX_LABELLEN = 63; lib/dns/name.h: static const uint16_t MAX_COMPRESS_POINTER = 0x3fff; lib/dns/name.h: static const uint16_t COMPRESS_POINTER_MARK8 = 0xc0; lib/dns/name.h: static const uint16_t COMPRESS_POINTER_MARK16 = 0xc000; lib/dns/tsigrecord.h: static const uint32_t TSIG_TTL = 0; lib/log/logger.h: static const size_t MAX_LOGGER_NAME_SIZE = 31; lib/log/message_initializer.h: static const size_t MAX_MESSAGE_ARRAYS = 256;

2469

defect

1352395162307188

1352472050129443

dhcpconf

medium

marcin

DHCP Outstanding Tasks

new

DHCPv6 Config Parser: when setting global value, values in subnets should be changed.

The following scenario will not work properly with DHCPv6 config parser: 1. Set global configuration values 2. Add new subnet without any values other than subnet and pool (this makes the subnet inherit global values) 3. Change any of the global values - this should force change of the particular value in the subnet object but it doesn’t. In the step 3. function that does configuration will receive the request to change global value and only global value is changed. Another thing that should happen at this point is the check that global value has been changed and all corresponding values within subnets should be affected but parsing algorithm does not force this by itself. We need to implement a logic that will iterate through all existing subnets and if their configuration is inherited from global configuration they should be updated accordingly. The major problem here is that when we create a subnet we do not record whether it is dependent on global values or local values. This has to be recorded on subnet object creation.

2474

defect

1352474026543734

1352474026543734

dhcp

low

stephen

DHCP Outstanding Tasks

new

Extend comments in DHCPv6 server unit test

From #2414#comment:10 In the advertiseOptions test, here are some comments needed in the new code that sets up the Solicit message. In particular: why do we have to set the link local address: fe80::abcd? What are the magic numbers 234, 1500, 3000? This ticket covers the addition of those comments.

2477

enhancement

1352732290742385

1353420108479371

Unclassified

very low

jreed

new

add a timeout to b10-host example

Add a timeout to examples/host/b10-host command.

2478

enhancement

1352801052400699

1355231552410399

libdns++

low

UnAssigned

shane

new

ILNP RR types

The IETF has a new RFC, which includes some new RR types. http://www.rfc-editor.org/rfc/rfc6742.txt These are: NID L32 L64 LP

2482

defect

1352925473786230

1353426094174692

bind-ctl

low

jreed

new

strange bindctl error message

I used tab completion to enter listen_on … I didn’t notice the start bracket before I pressed enter: > config show Resolver/listen_on[ Error! Bad format in identifier (] before [): listen_on[Resolver The error message seems worded wrong and has noise at end too.

2483

defect

1352978287969006

1352978287969006

dhcp

medium

stephen

DHCP Outstanding Tasks

new

DHCPv6 test failed on FreeBSD

Commit 15d4aa034c1a841bdf744d777aceeb0962aff8bc failed the DHCP6 tests on FreeBSD with: Running test: dhcp6_test.py …..F. == FAIL: test_portnumber_nonroot (main.TestDhcpv6Daemon) ——————————————————————— Traceback : File “/b/work/BIND10/20121115022843-FreeBSD8-i386/build/src/bin/dhcp6/tests/dhcp6_test.py”, line 197, in test_portnumber_nonroot self.assertEqual, 1) AssertionError: 0 != 1 ——————————————————————— Ran 7 tests in 7.665s FAILED (failures=1) Note: Purpose of some of the tests is to check if DHCPv6 server can be started, not that is can bind sockets correctly. Please ignore binding errors. Running command: ../b10-dhcp6 v Process finished, return code=15, stdout=167 bytes, stderr=948 bytes Check that specifying port number 0 is not allowed. Running command: ../b10-dhcp6 p 0 Process finished, return code=1, stdout=0 bytes, stderr=240 bytes Check thatp option is check against bogus port number (999999). Running command: ../b10-dhcp6 p 999999 Process finished, return code=1, stdout=0 bytes, stderr=245 bytes Check thatp option is check against bogus port number (123garbage). Running command: ../b10-dhcp6 p 123garbage Process finished, return code=1, stdout=0 bytes, stderr=249 bytes Check thatp option requires a parameter. Running command: ../b10-dhcp6 p Process finished, return code=1, stdout=0 bytes, stderr=233 bytes Check that specifying unprivileged port number will work. Running command: ../b10-dhcp6v sp 10547 No data available from stdout No data available on stderr Process finished, return code=15, stdout=0 bytes, stderr=0 bytes Check that connection to BIND10 msgq can be disabled. Running command: ../b10-dhcp6v sp 10547 Process finished, return code=–15, stdout=167 bytes, stderr=530 bytes * Error code 1

2484

defect

1352992952701411

1353429571454689

logging

medium

jreed

new

errant log4cplus output

2012-11-15 09:19:47.227 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-auth (PID 27908) log4cplus:ERROR LoggerImpl::getChainedLogLevel()- No valid LogLevel found 2012-11-15 09:19:47.329 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created

2485

defect

1352993476240523

1362579275617936

bind-ctl

high

jreed

new

bindctl crash on show of removed item

> config show data_sources/classes/IN[1] data_sources/classes/IN[1]/type “MasterFiles” string data_sources/classes/IN[1]/params {test2.example.org “/home/reed/opt/bind-HEAD/etc/test2.zone”} any data_sources/classes/IN[1]/cache-enable true boolean data_sources/classes/IN[1]/cache-zones/ list > config remove data_sources/classes/IN[1] > config commit > config show data_sources/classes/IN[1] Traceback (most recent call last): File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd func = getattr(self, ’do‘+ cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’ During handling of the above exception, another exception occurred: Traceback : File “/home/reed/opt/bind10/bin/bindctl”, line 162, in result = tool.run File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 152, in run self.cmdloop File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop stop = self.onecmd File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 476, in onecmd Cmd.onecmd File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd return self.default File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 442, in default self.parse_cmd(line) File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 639, in parse_cmd self.handle_cmd(cmd) File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 426, in handle_cmd self.apply_config_cmd File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 719, in apply_config_cmd values = self.config_data.get_value_maps File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 723, in get_value_maps self.append_value_item(result, spec_part, identifier, all, True) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 630, in _append_value_item list_value, status = self.get_value(identifier) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 603, in get_value value = self.get_default_value(identifier) File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 522, in get_default_value result = result[list_indices.pop(0)] IndexError: list index out of range

2487

enhancement

1353018967743173

1355230404992158

libdns++

medium

UnAssigned

fdupont

new

port the example host.cc to python

The idea is to port the high level part of host.cc code to python using the DNS library bindings.

2493

defect

1353340370764144

1394117135914699

b10-auth

medium

jelte

DNS Outstanding Tasks

new

segfault in b10-auth when it can’t connect to msgq socket

I ran it as a wrong user, and I expect b10-auth to report the permission denied error and quit, so far so good, but when it is cleaning up it segfaults: 2012-11-19 15:45:49.929 FATAL [b10-auth.cc] CC_NO_MSGQ unable to connect to message queue (Permission denied) 2012-11-19 15:45:49.935 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Unable to connect to message queue: Permission denied Segmentation fault (core dumped) Stacktrace: Program terminated with signal 11, Segmentation fault. #0 std::Rb_tree, std::Select1st >, std::less, std::allocator > >::find (this=0x70, __k=…) at /usr/include/g/bits/stl_tree.h:1519 1519 iterator j = M_lower_bound,M_end,k); where #0 std::Rb_tree, std::Select1st >, std::less, std::allocator > >::find at /usr/include/g/bits/stl_tree.h:1519 #1 0x00007f7ff6824e7d in find (__x=…, this=0x70) at /usr/include/g++/bits/stl_map.h:697 #2 isc::config::ModuleCCSession::removeRemoteConfig (this=, module_name=…) at ccsession.cc:718 #3 0x00000000004324b3 in main (argc=, argv=) at main.cc:259 Looks like either the remote config data needs a cleaner initialization or that main.cc call needs to check first whether is succeeded setting up in the first place

2495

enhancement

1353356094194014

1355231635340475

Unclassified

very low

jreed

new

suggest b10-rndc component

I don’t want existing rndc to be continued for the long-term, but this suggestion is for b10-rndc daemon to listen and handle rndc communication as a temporary migration method.

2502

defect

1353527907878371

1394117155606271

b10-auth

medium

jreed

Common Outstanding Tasks

new

Missing logging identifier for “ERROR [b10-auth.auth] Unable to lock logger lockfile”

Missing logging identifier: 2012-11-21 03:02:14.427 ERROR [b10-auth.auth] Unable to lock logger lockfile (See missing fifth field.)

2505

defect

1353924978740800

1354024460634557

Unclassified

low

naokikambe

new

add “module_description” into spec files of Xfrout, Zonemgr, and DDNS

There is no “module_description” in spec files of Xfrout, Zonemgr, and DDNS. Add descriptions for them. The current output of the help command in bindctl is: > help .. Available module names: help Get help for bindctl. config Configuration commands. execute Execute a given set of commands Stats Stats daemon Cmdctl Interface for command and control data_sources The sources of authoritative DNS data tsig_keys The TSIG keyring is stored here Boss Master process Logging Logging options Xfrin XFR in daemon Auth Authoritative service Xfrout Zonemgr DDNS StatsHttpd Stats HTTP daemon >

2508

defect

1353966214176587

1392911757068627

b10-auth

low

jreed

DNS Outstanding Tasks

new

ddns socket file create by default by b10-auth

b10-auth should not create a ddns socket file by default. Maybe an option should be added?

2509

defect

1353966810204549

1355231262386019

Boss of BIND

medium

jreed

new

extra comma in configuration and zombie cfgmgr

I generated a list of data sources and my params had a trailing comma. This caused cfgmgr to become a defunct zombie (on Linux) process. I only realized since bind10 every second does log BIND10_WAIT_CFGMGR. I tested with different wait times. 2012-11-26 16:32:16.584 DEBUG [b10-boss.boss] BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize 2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_COMPONENT_START_EXCEPTION component cfgmgr failed to start: Configuration manager process has not started 2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component cfgmgr (pid None) failed: unknown condition 2012-11-26 16:32:17.584 FATAL [b10-boss.boss] BIND10_COMPONENT_UNSATISFIED component cfgmgr is required to run and failed 2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 3 done 2012-11-26 16:32:17.584 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes Here is an example: {version 2, Auth {listen_on [{port 5300, address “127.0.0.1”}]}, Boss {components {b10-auth {kind “needed”, special “auth”, data_sources {classes {IN [{params { 1.example, type “MasterFiles”, cache-enable true}] I do get a message like: 2012-11-26 16:51:18.501 FATAL [b10-cfgmgr.cfgmgr] CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/var/bind10-devel/b10-config.db But that may be overlooked after many BIND10_WAIT_CFGMGR lines.

2510

defect

1353967657546859

1394117188163238

b10-auth

medium

jreed

DNS Outstanding Tasks

new

b10-auth should not accept queries while configuring

I have many zones configured that take about 30 seconds to load. While loading and before AUTH_DATASRC_CLIENTS_BUILDER_RECONFIGURE_SUCCESS, queries for records within all zones (I think all) return REFUSED. I think it should not accept queries while loading a configuration.

2511

defect

1353968104991083

1394117217243645

b10-auth

medium

jreed

DNS Outstanding Tasks

new

defining a data_sources/classes/IN disables the builtin CH

By default, b10-auth has version.bind. But when configuring a data_sources {classes {IN [{params { … } (and that works) The CH class seems to be gone. At least queries for it now return REFUSED. I thought there was a ticket already about this, but I can’t find it now. This may be known behaviour since setting data_sources in the configuration overrides the default settings. I think that is confusing. But maybe the fix is just to document it better (or point me to it).

2514

enhancement

1354037430379482

1355231426264247

statistics

medium

jinmei

new

dump statistics in DSC-compatible format

An operator I met last week asked me for supporting this. We didn’t talk about any details, but I guess this means we produce XML data that can be interpreted by a DSC presenter like this one: http://dns.measurement-factory.com/tools/dsc/sample-xml/certain_qnames_vs_qtype.xml.txt

2519

task

1354246919650948

1354246919650948

libdns++

medium

UnAssigned

jinmei

new

python wrapper for MasterLoader

Not directly related to our current feature, but I think the `dns::MasterLoader` class is quite useful in Python for general purposes, too, so I suggest providing a Python wrapper for it. Depend on #2377.

2520

task

1354247827483257

1354247827483257

libdns++

medium

UnAssigned

jinmei

new

incremental base_n decoding

I noticed that base_n decoding with our current API can be less efficient, especially for cases like base64 encoded RRSIG signatures. named-signzone produces text like this: 86400 RRSIG A 5 3 86400 20121225123000 ( 20121125123000 57167 jinmei.org. pEyYj5y9+NuEZYtyhQlbiEddPGJvPp6Zyorh Xv5oSaUMkNDF8cxxMo4Ba15VuuHAj8L+r51Q jUxOOVE502UvtO+4cpLYK9MEjC+PKEeGMtQP Bed0fp8g6vtjvsNNaIVcwbu2BipKVwR4ZRoa su4HWjT7bmgDp6xgILbSXusKcPo= ) So our parser will get the signature part as 5 separate strings. With our current API we’d have to concatenate these into a single string and pass it to decodeBase64(). That’s a waste, and maybe non negligible because a large signed zone will have many RRSIGs. So I propose introducing an extension to the current decoder API so that we can decode this type of textual input incrementally. Specifically, we define and implement the following class: #!cpp class Base64Decoder { public: // Constructor with resulting vector. result will be filled in with // the decoded data. Base64Decoder(vector& result); // decode the given string into binary and append the data to the result // vector. Note that ‘len’ may not be a multiple of 4, so this class // needs to have internal buffer to avoid intermediate decode error. // Example: if the initial length is 9, decode the first 8 bytes, and // keep the last byte in the internal buffer. In the next call to add, // it conceptually prepend the internal buffer to the given string, // and repeat the same thing. Also note that if the given string contains // a padding character, some special consideration is necessary. void add(const char* str, size_t len); // tell the class all encoded data have been passed. This method checks // error cases. void finish(); }; I believe we can use the existing internal implementation for most of the difficult part of the class, so it shouldn’t be that difficult as it might look. Depending on difficulty of this task, also consider providing the same feature for hex decoder. We can use it for the generic form of RDATA. This should be a rare case so less critical. As far as I can see we don’t need it for base32 in practice.

2523

task

1354259225877814

1357662509292928

libdns++

low

UnAssigned

jinmei

new

supported generic form of rdata text for well-known type

Depend on #2382 and #2426. Due to the expected size of #2382, I plan to exclude one corner case for that task to this separate ticket: supporting ‘ n xxxx’ form for well-known (predefined) RR types, so we can parse the following form of RR: e.example. IN A 4 0A000001 See BIND 9’s lib/dns/rdata.c:unknown_fromtext() and rdata_validate(). We should be able to support it in the same way.

2532

enhancement

1354550401159446

1354550401159446

dhcpdb

medium

tomek

DHCP Outstanding Tasks

new

DHCP: deleteAllLeases() call would be useful

A call wiping the whole database is useful for testing, e.g. I want start fresh in every test. This should be generic mechanism added to LeaseMgr.

2533

task

1354622059755896

1397640730796484

dhcpdb

low

stephen

DHCP Outstanding Tasks

new

Refactor MySQL tests to be generic tests for all database backends

Currently the set of tests for the interface to the DHCP database is MySQL-specific. However, as we add new backends, the same tests will need to be done. This ticket is for the refactoring of the MySQL tests into a set of generic tests for any backend.

2537

task

1354711996901497

1355233277920562

data source

medium

vorner

new

Make construction and usage of ZoneTableSegment consistent

The ZoneTableSegment has static `::create` and `::destroy` methods. But the InMemoryClient mandates the ZoneTableSegment is passed as `shared_ptr`. But once inside `shared_ptr`, it is not possible to get out and it insists it’ll destroy it itself using `delete` ‒ which means the `::destroy` may never be used. We need to use either one or the other approach, since this interface is clearly wrong.

2538

task

1354712595729630

1355922013248689

data source

medium

vorner

new

Explain the format and purpose of ZoneTableSegment::create config parameter

The `ZoneTableSegment::create` takes a config parameter. It is currently ignored and it is not explained: * How it’ll look like, what information it’ll contain, etc. * Where it comes from. I don’t think it is practical to ask users to write a config about the used segments for each zone, or something. IMO it should work just by turning the b10-memorymgr on in boss, and everything else should be auto-negotiated with it, or something. Things like if the data is passed to the auth (or other consumers) by a memory-mapped file, or shared memory, should be in the memorymgr configuration. Currently, everything that needs a zone table segment, just passes something like NullElement or some other dummy value. It’s not clear where such config will appear at the place where the create is called.

2540

defect

1354717880768326

1354718842401759

dhcp

very low

tomek

DHCP Outstanding Tasks

new

DHCP cleanup: cfgmgr -> cfg_mgr, remove Doxygen errors

This is a result of #2270 review. Some things were pushed to this ticket to avoid complex merge (2270 is based on old code that had everything in src/lib/dhcp, which is not split into two dirs). To do: - rename cfgmgr.{cc

h} to cfg_mgr.{cc

h} - remove all outstanding Doxygen errors - rename tests in dhcp6.ConfigParser (pool_out_of_subnet => poolOutOfSubnet) - add test for Uint32Parser in dhcp6 (similar to dhcp4)

2543

task

1354809987710448

1354809987710448

dhcpdb

medium

stephen

DHCP Outstanding Tasks

new

Create version of “dbutil” for DHCP code

dbutil.py is a Python script for checking and upgrading the DNS database schema. A similar utility is required for the DHCP schema. It is likely that this and the DNS version will have a lot in common. If possible, the DNS version should be refactored so that the two version use common code.

2547

enhancement

1354882012310503

1364490793173501

dhcp

very low

tomek

DHCP Outstanding Tasks

new

Implement Lease{4,6}Ptr::operator== that always throws

It’s a common mistake to compare pointers to leases rather than leases themselves. To easier detect such cases, there should be a comparison operator that always throws. See ticket:2404#comment:12.

2550

defect

1355222881333769

1355233360381511

logging

medium

jelte

new

logging stdout fallback includes debug even without -v

After #2445, if bind10 starts and can’t even get a decent configuration, all initial logging is dumped to stdout. However, due to some intricacies in the logging system, this includes any log message (so also DEBUG even if -v was not used). See that last few comments at #2445. Right now I don’t really know a good solution to this, but we should fix this at some point :) A possible solution is to not use ‘if verbose then logger.setLogLevel(debug)’ but rather initialize the logging system depending on the command arguments (if verbose init(debug)’. But there are probably some nasty subtleties there.

2551

task

1355223004359644

1355933599315213

Unclassified

medium

jelte

new

add a few more tests for denial of existence in single-name zones

Tickets #2503 and #2504 fixed a couple of issues regarding single-name zones and denial of existence. These added some tests for non-existent names. We should probably also explicitely test existing names but non-existent types (NOERROR/NODATA responses) with this. This should not trigger any new errors, but just in case it does we are delegating this to a separate ticket.

2552

defect

1355235210670085

1355933620320048

logging

low

jreed

new

log output has two spaces after INFO

On some systems I see two spaces after INFO for log messages. So I can’t parse by splitting on single space. On two different platforms using log to file. using log4cplus-1.0.4 and log4cplus-1.1.0

2554

defect

1355252445972891

1355920929430576

configuration

medium

jreed

new

ConfigManager not responding

I thought there was ticket already about this, but search won’t find it. I did the following: > config add Logging/loggers[0]/output_options > config set Logging/loggers[0]/output_options[0]/destination file > config set Logging/loggers[0]/output_options[0]/output /home/reed/work/isc/bind10/log/bind10.log > config show Logging/loggers[0]/output_options Logging/loggers[0]/output_options[0]/destination “file” string (modified) Logging/loggers[0]/output_options[0]/output “/home/reed/work/isc/bind10/log/bind10.log” string (modified) Logging/loggers[0]/output_options[0]/flush true boolean (default) Logging/loggers[0]/output_options[0]/maxsize 0 integer (default) Logging/loggers[0]/output_options[0]/maxver 0 integer (default) > config set Logging/loggers[0]/output_options[0]/maxsize 1048576 > config set Logging/loggers[0]/output_options[0]/maxver 25 > config commit Error: Module ‘ConfigManager’ not responding Configuration not committed The process was not hanging though. And it did not crash and restart. I exited bindctl and ran it again and then did the above again with a “config commit” after each step and it worked.

2555

task

1355346509088160

1355933643944332

Unclassified

medium

jelte

new

clean up exceptions in sqlite3_accessor

During #2541, we noticed that the exceptions that are thrown are a tad inconsistent; sometimes sqlite3 errors get thrown as SQLite3Error, sometimes as DataSourceError, and we should probably use InvalidOperation for things like double startTransaction() calls, and calls that expect a transaction to be active but are not. If these are changed, don’t forget to update the python wrapper! These might have some unexpected side-effects so please plan to run it past the buildbots as well :) (and plan a bit of extra time to fix those)

2556

defect

1355349624807504

1392914179832213

resolver

medium

jreed

jreed

DNS Outstanding Tasks

assigned

output from bind10 (when Resolver shutdown)

I am using master as of yesterday. It includes #2445 (“The system no longer prints initial log messages to stdout …”). When I do “Resolver shutdown” in bindctl, I get output from bind10: pure virtual method called terminate called without an active exception pure virtual method called terminate called without an active exception pure virtual method called terminate called without an active exception (I did it three times.) I don’t know where this comes from, but I guess it is b10-resolver. I didn’t reproduce by using “Auth shutdown”. In jabber, jinmei mentioned: ``unimplemented pure virtual should normally be detected at compile time … I suspect it’s some system-dependent run time error … something like the use of incompatible binary’’

2560

defect

1355493697148956

1366315107364874

Unclassified

medium

jreed

new

stats crash on cc timeout

The following is from last release (20121115). The bind10 parent was suspended on purpose for testing something else, and then b10-stats crashed: Traceback (most recent call last): File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer self.receive_len_data() File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 158, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 687, in stats.start File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 373, in start self.do_polling File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 256, in do_polling = self.cc_session.group_recvmsg File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg env, msg = self.recvmsg File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 227, in _receive_full_buffer raise SessionTimeout(“recv() on cc session timed out”) isc.cc.session.SessionTimeout: recv() on cc session timed out [b10-msgq] Closing socket fd 10 [b10-msgq] Receive error: EOF This is repeatable. b10-stats should not crash with noisy traceback if something is temporarily unavailable.

2561

defect

1355498007520120

1369645338678726

dhcp

low

UnAssigned

stephen

DHCP Outstanding Tasks

assigned

Extract common code from IFaceMgr::receive4 and IFaceMgr::receive6

These two methods share a lot of common code which could be abstracted into a separate common method.

2564

task

1355523924002534

1357617053725280

Unclassified

medium

jinmei

new

MasterLoader needs to perform minimal validation for SOA

It should do something equivalent to the following BIND 9 code: #!c if (type == dns_rdatatype_soa && (lctx->options & DNS_MASTER_ZONE) != 0 && dns_name_compare(ictx>current, lctx>top) != 0) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(ictx->current, namebuf, sizeof(namebuf)); (*callbacks->error)(callbacks, “s:lu: SOA” “record not at top of zone (%s)”, source, line, namebuf); result = DNS_R_NOTZONETOP; if (MANYERRS (lctx, result)) { SETRESULT (lctx, result); read_till_eol = ISC_TRUE; target = target_ft; continue; } else if (result != ISC_R_SUCCESS) goto insist_and_cleanup; } i.e., reject “example.com/SOA” for the example.org zone. I intended to do it in #2377, but #2377 didn’t address it. Note that there’s no other point that we can do this effectively, unless we require expensive whole-zone search in the post-load validation phase by default. As the BIND 9 code shows, we should also introduce a loader option that allows to skip this check.

2567

task

1355924925391852

1392912356234725

loadzone

medium

jreed

DNS Outstanding Tasks

new

add lettuce tests for various b10-loadzone uses

This may need to have multiple tickets. The task here is not defined yet. This is a reminder to: add lettuce tests for new b10-loadzone uses.

2569

defect

1355952477190748

1392811764178012

data source

medium

jreed

DNS Outstanding Tasks

new

RR class (CH) does not match the zone class (CLASS0)

2012-12-19 21:11:07.221 ERROR [b10-auth.auth/94094] AUTH_DATASRC_CLIENTS_BUILDER_RECONFIGURE_DATASRC_ERROR Error setting up data source: Unknown uncaught exception from static createInstance: RR class (CH) does not match the zone class (CLASS0) in /usr/local/share/bind10/static.zone at line 10 The static zone has: BIND. 0 CH SOA bind. authors.bind. 0 28800 7200 604800 86400 (This comes from the installation.) My configuration had: > config show all data_sources/classes/CH data_sources/classes/CH[0]/type “static” string data_sources/classes/CH[0]/params “/usr/local/share/bind10/static.zone” any data_sources/classes/CH[0]/cache-enable false boolean data_sources/classes/CH[0]/cache-zones [] list

2578

task

1355970985485155

1392912404382782

loadzone

medium

jinmei

DNS Outstanding Tasks

new

add “-q” (quiet) option to b10-loadzone

As discussed in review of #2380. It’s probably useful if the user can suppress info level (or maybe even any level of) logging from b10-loadzone, e.g, when it’s invoked from a cron. My suggestion is: - Add q option, which disables info level logs; if specified multiple times it suppress any level of logs (optionally) add “-l” option, which specifies the output (destination) of log messages.

2579

task

1355971467458989

1358258297254066

libdns++

medium

UnAssigned

jinmei

new

limit max value of RRTTL on construction (?)

See http://bind10.isc.org/ticket/2429#comment:11 RFC2181 limits the max value of TTL to `2^31-1`. We might want to enforce this restriction at the time of the construction of `RRTTL` object. There are some obvious advantages of this, but I think the decision is not that obvious: - Limiting it at the API level is not compatible with BIND 9. - It’s not clear what we should do when an out-of-range (but still within uint32_t) value is specified. Silently reset it to 0? (this may result in some surprise). Or throw an exception? (but it’s probably not good for the “from wire” case, where RFC specifies treating it as 0). So this ticket is created basically for the record, rather than proposing a specific task. If we see the stronger need to address this topic, we can discuss it and create a development ticket.

2580

task

1355971956530260

1358258313144506

data source

medium

jinmei

new

warn inconsistent RR TTLs on zone loading

See http://bind10.isc.org/ticket/2470#comment:13 Currently, we ignore inconsistent TTLs for RRs of the same RRset on loading. The minimum TTL will be silently used for the in-memory case; in the case of database-based data sources, a warning will be logged at the time of lookup, but the operator cannot notice it until then. As discussed in the above link, there didn’t seem to be an easy solution. It’s also related to a higher level discussion on where/how we do some kinds of checks, especially if they may not be effectively doable in the post-loading validation phase. This ticket is probably non-estimatable until these points are clarified.

2584

defect

1356559708306665

1358257028879296

bind-ctl

low

jreed

new

odd bindctl config error

Sometime ago I did: > config show Boss/components/b10- Error: Boss/components/b10-/kind not found The error message is confusing. It probably should say “Error: Boss/components/b10- not found” (and not “/kind”).

2589

defect

1356951968621455

1356951968621455

Unclassified

medium

tomek

DHCP Outstanding Tasks

new

Lease4 should use HWAddr structure

HWAddr structure has been implemented. Lease4 definition should use it.

2599

task

1357316100717515

1366410445414634

dhcp

medium

UnAssigned

stephen

DHCP Outstanding Tasks

assigned

DHCP Testing: V4 features - general

Write a description of the tests for section 4a (“DHCPv4 features - general”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.) The description and results should be attached to this ticket.

2602

task

1357316307595663

1366410485018271

dhcp

medium

UnAssigned

stephen

DHCP Outstanding Tasks

assigned

DHCP Testing: V6 features - robustness

Write a description of the tests for section 5b (“DHCPv6 features - robustness”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.) The description and results should be attached to this ticket.

2603

task

1357316834188828

1366410506172836

dhcp

medium

UnAssigned

stephen

DHCP Outstanding Tasks

assigned

DHCP Testing: V4 Options

Write a description of the tests for section 6 (“Options”) of the Test Plan for V4 only, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the testing is manual.) The description and results should be attached to this ticket.

2609

defect

1357561132205638

1357670359783267

Unclassified

medium

vorner

new

SERVFAIL on all queries while b10-loadzone is running

Configure a large zone in SQLite (without the in-memory cache). When it is queried, it answers the query. But when b10-loadzone is run to update the zone, auth returns SERVFAIL to all queries, because the database is locked 2013-01-07 13:05:55.158 ERROR [b10-auth.auth/19124] AUTH_PROCESS_FAIL message processing failure: Unexpected failure in sqlite3_step: database is locked Updating a zone shouldn’t cause a disruption (with the cz. zone, it takes like 5 minutes to load the new zone to the DB, which is not good). I know this may not be fixable due to SQLite limitations. But we should probably at least warn about loading too large zones there.

2610

defect

1357561447700041

1364462864841128

data source

medium

vorner

new

Query for large zone in SQLite datasrc takes a very long time

I tried loading a large zone into SQLite data source (without the in-memory cache, over 3M records). Then I queried for a SOA record of the zone. The query got answered correctly, but after something like 12 seconds of b10-auth running on 100% CPU. And my CPU is pretty fast. Such performance is unusable for any practical purpose for such a large zone. I thought we fixed such problem by some indices, but it seems it didn’t help enough.

2611

enhancement

1357561627203666

1392912423464590

loadzone

low

vorner

DNS Outstanding Tasks

new

Use multiple threads in b10-loadzone

I tried to load a large zone (over 3M records) by b10-loadzone. It took over 5 minutes, taking 100% CPU. Large part of the time is probably datasource handling (in this case the sqlite3 library). It may be worth trying to do the parsing in one thread and pass batches of RRs to a second thread that’d do the writes.

2612

enhancement

1357572050905034

1357572273327226

libdns++

medium

UnAssigned

muks

new

Make isc::dns::RRsetCollection collate RRsets in any order

This is a ticket to make `isc::dns::RRsetCollection`’s constructors collate RRsets in any order (see #2432 comment 25, and the rest of that ticket).

2613

enhancement

1357572242336946

1358765087972458

libdns++

medium

UnAssigned

muks

new

Make RRsetCollectionBase iterator implementation compatible with Boost foreach

Make RRsetCollectionBase iterator implementation compatible with Boost foreach. Currently it has a basic forward iterator implementation.

2614

task

1357585856845272

1392912440090723

loadzone

medium

jinmei

DNS Outstanding Tasks

new

update b10-loadzone using generic DB creation

When b10-loadzone tries to load a zone to a data source but the data source is not even yet initialized (which means, in the current implementation, there is no SQLite3 DB file), it relies on `DataSourceClient` internally performs this initialization. But such initialization should actually be removed from `DataSourceClient` (it’s provided for compatibility, but was not intended to be a part of its responsibility) and its support is actually incomplete . (this part was my misunderstanding). The right solution is to complete #1861, and have b10-loadzone use the generic data source initialization module. Maybe we shouldn’t make it automatic though, and rather implement it as an option to b10-loadzone.

2615

defect

1357655644079487

1357655644079487

dhcp

medium

stephen

DHCP Outstanding Tasks

new

Server should check address validity before renewing lease

This ticket has been created in response to an issue raised in the discussion on ticket #2488. If a DHCP server hands out a lease for an address to a client, and is then reconfigured so that the address is removed from the pool of addresses available to the server, it should refuse to renew the lease for that address. At present, the leases is renewed with no checks on address validity.

2616

defect

1357658423222321

1359555915401090

msgq

low

jreed

jreed

assigned

existing msgq has confusing error if another bind10 tries to start

I accidently tried to start bind10 again. The existing msgq logged: 2013-01-08 10:17:36.446 ERROR [b10-msgq.msgq/3646] MSGQ_RECV_ERR Error reading from socket 9: EOF It is a “low-level error” but this is confusing. Should existing msgq have an error?

2620

defect

1357746769141925

1358257586319389

Unclassified

medium

shane

new

b10-cmdctl-usermgr should check permissions on start

I tried to add a user: $ ./b10-cmdctl-usermgr Desired Login Name:shane Choose a password: Re-enter password: Traceback (most recent call last): File “./b10-cmdctl-usermgr”, line 124, in main() File “./b10-cmdctl-usermgr”, line 114, in main save_userinfo(name, pw, salt, filename) File “./b10-cmdctl-usermgr”, line 59, in save_userinfo csvfile = open(filename, ‘a’) IOError: [Errno 13] Permission denied: ‘cmdctl-accounts.csv’ There should be 2 changes: 1. The program should check permissions when it starts, so I don’t go through the steps of adding a user when they won’t work. 2. If for some other reason updating user information fails (permissions can change after the program starts, or NFS mounts can disappear, or whatever), the program should catch the problem and give a nicer error rather than dumping a stack trace.

2625

defect

1357837288414049

1384874965166881

tests

low

jreed

new

lettuce timing failure for starting cmdctl for In-memory datasource backed by sqlite3

Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it three times out of six runs. The stderr output shows that was not started yet. I guess it should wait a little longer. Scenario: 2. In-memory datasource backed by sqlite3 features/inmemory_over_sqlite3.feature:14 … And wait for master stderr message CMDCTL_STARTED # features/terrain/steps.py:34 … AssertionError: Timeout waiting for process output: [u’CMDCTL_STARTED’]

2626

defect

1357837659000476

1358257851348750

tests

low

jreed

new

lettuce timing failure for DDNS ACL

Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it only one time out of six runs. Scenario: ACL # features/ddns_system.feature:89 … A query for new1.example.org should have rcode NXDOMAIN # features/terrain/querying.py:204 … AssertionError: Expected: NXDOMAIN, got NO_ANSWER Here is some stderr output that may be related (but I am not sure): 2013-01-10 15:19:22.774 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_LOAD_ZONE loading zone secondary.org. (class IN) 2013-01-10 15:19:22.776 WARN [b10-zonemgr.zonemgr/2025] ZONEMGR_NO_SOA zone secondary.org. (class IN) does not have an SOA record 2013-01-10 15:19:22.776 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_STARTED zonemgr started — 2013-01-10 15:19:26.273 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_REFRESH_ZONE refreshing zone secondary.org. (class IN) 2013-01-10 15:19:26.858 ERROR [b10-ddns.ddns/2029] DDNS_START_FORWARDER_FAIL Error sending request for DDNS UPDATE forwarding to b10-auth: recv() on cc session timed out 2013-01-10 15:19:26.858 INFO [b10-ddns.ddns/2029] DDNS_STARTED ddns server is running and listening for updates 2013-01-10 15:19:27.224 DEBUG [b10-auth.cc/2026] CC_GROUP_RECEIVE trying to receive a message 2013-01-10 15:19:31.225 ERROR [b10-auth.cc/2026] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 125) 2013-01-10 15:19:31.225 FATAL [b10-auth.auth/2026] AUTH_SERVER_FAILED server failed: asynchronous read failed — 2013-01-10 15:19:31.226 INFO [b10-auth.auth/2026] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped 2013-01-10 15:19:31.226 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 13: EOF 2013-01-10 15:19:31.227 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 10: EOF 2013-01-10 15:19:31.227 DEBUG [b10-auth.datasrc/2026] DATASRC_SQLITE_DROPCONN SQLite3Database is being deinitialized — 2013-01-10 15:19:31.231 INFO [b10-boss.boss/2007] BIND10_PROCESS_ENDED process 2026 of b10-auth ended with status 256 2013-01-10 15:19:31.231 ERROR [b10-boss.boss/2007] BIND10_COMPONENT_FAILED component b10-auth (pid 2026) failed: process exited normally with exit status 256 2013-01-10 15:19:31.231 FATAL [b10-boss.boss/2007] BIND10_COMPONENT_UNSATISFIED component b10-auth is required to run and failed — 2013-01-10 15:19:31.238 INFO [b10-xfrout.xfrout/2035] XFROUT_RECEIVED_SHUTDOWN_COMMAND shutdown command received 2013-01-10 15:19:31.242 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 6: 2013-01-10 15:19:31.256 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 11: EOF 2013-01-10 15:19:31.259 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 14: EOF 2013-01-10 15:19:31.259 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 15: EOF 2013-01-10 15:19:32.239 INFO [b10-boss.boss/2007] BIND10_PROCESS_ENDED process 2008 of Socket creator ended with status 0 — 2013-01-10 15:19:32.244 INFO [b10-ddns.ddns/2029] DDNS_SHUTDOWN ddns server shutting down 2013-01-10 15:19:32.250 ERROR [b10-ddns.ddns/2029] DDNS_UNCAUGHT_EXCEPTION uncaught exception of type ConnectionResetError: [Errno 104] Connection reset by peer 2013-01-10 15:19:32.336 INFO [b10-boss.boss/2007] BIND10_RECEIVED_SIGNAL received signal SIGTERM

2627

defect

1357838156458055

1358257874118945

tests

low

jreed

new

lettuce timing failure for ConfigManager

Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it two times out of six runs. Scenario: ACL # features/ddns_system.feature:89 … When I set DDNS ACL 0 for 127.0.0.1 to REJECT # features/terrain/nsupdate.py:161 … AssertionError: ‘Error’ was found in bindctl output: Error: Module ‘ConfigManager’ not responding Configuration not committed Exit from bindctl The stderr output has: 2013-01-10 15:40:53.133 DEBUG [b10-auth.cc/31350] CC_REPLY replying to message from ‘{ from “50eee103_6@centos5-64-4.lab.isc.org”, group “Auth”, instance “", seq 15, to "”, type “send” }’ with ‘{ result [ 0 ] }’ 2013-01-10 15:40:53.133 DEBUG [b10-auth.cc/31350] CC_START_READ starting asynchronous read 2013-01-10 15:40:53.133 DEBUG [b10-ddns.ddns/31358] DDNS_SESSION session arrived on file descriptor 11 2013-01-10 15:40:53.134 WARN [b10-ddns.ddns/31358] DDNS_DROP_CONN dropping connection on file descriptor 11 because of error Receiving a forwarded FD failed: Connection reset by peer 2013-01-10 15:40:54.749 DEBUG [b10-zonemgr.zonemgr/31349] ZONEMGR_REFRESH_ZONE refreshing zone secondary.org. (class IN) 2013-01-10 15:40:57.131 ERROR [b10-cmdctl.cmdctl/31353] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Module ‘ConfigManager’ not responding

2628

defect

1357859297991535

1362587630328172

libdns++

medium

UnAssigned

jreed

new

python missing IPv6 support

I am fine with stalling or closing this ticket for now. But I am entering these details so that someone searching about a failure will have notes about it. If python is missing IPv6 support, the build will fail with: message_fromWire19.wire ../../../../../../src/lib/dns/tests/testdata/message_fromWire19.spec Traceback (most recent call last): File “../../../../../src/lib/util/python/gen_wiredata.py”, line 1275, in obj.dump(output) File “../../../../../src/lib/util/python/gen_wiredata.py”, line 691, in dump bin_address = socket.inet_pton(socket.AF_INET6, self.address) socket.error: can’t use AF_INET6, IPv6 is disabled * Error code 1 Or tests may fail like: [ RUN ] MessageTest.fromWireCombineRRs unknown file: Failure C+ exception with description “IN/AAAA RDATA construction from wire failed: insufficient buffer length: 0” thrown in the test body. [ FAILED ] MessageTest.fromWireCombineRRs [ RUN ] MessageTest.fromWirePreserveAnswer unknown file: Failure C+ exception with description “IN/AAAA RDATA construction from wire failed: insufficient buffer length: 0” thrown in the test body. [ FAILED ] MessageTest.fromWirePreserveAnswer (1 ms)

2630

defect

1357911445042839

1358258109413327

build system

medium

UnAssigned

jreed

new

configure —with-pythonpath problems

./configure —with-pythonpath was set to a binary that no longer existed: ./configure: line 15351: /usr/pkg/bin/python3.2: No such file or directory (standard_in) 1: parse error ./configure: line 15352: test: !=: unary operator expected ./configure: line 15356: /usr/pkg/bin/python3.2: No such file or directory It should check if it exists/executable first. Looked further at the —with-pythonpath and see another bug. reed 5577 1.6 0.1 8616 844 ttyp0 T 11:53AM 0:56.72 yes -c import sys; sys.stdout.write(sys.version[:3]) If you use argument but didn’t set it configure hangs forever with the above. No value defaults to “yes” which is a unix tool :) I have a minor patch to improve both problems: diff —git a/configure.ac b/configure.ac index 892bc6c..103cfc8 100644 — a/configure.ac + b/configure.ac @ -239,7 +239,7 @ AC_HELP_STRING if test “$python_path” = auto; then AM_PATH_PYTHON -else elif test -x “$python_path” ; then # Older versions of automake can’t handle python3 well. This is an # in-house workaround for them. PYTHON=$python_path @ -249,6 +249,9 @ else PYTHON_EXEC_PREFIX=‘$(exec_prefix)’ AC_SUBST PYTHON_VERSION=)“`] + if test”x$PYTHON_VERSION" = “x” ; then AC_MSG_ERROR([“Python $PYTHON did not work.”]) + fi if test `echo “$PYTHON_VERSION >= 3.1”

bc` != 1 ; then AC_MSG_ERROR([“Python version too old: $PYTHON_VERSION, need 3.1 or higher”]) fi @ -263,6 +266,8 @ else AC_SUBST(pyexecdir) pkgpyexecdir=‘${pyexecdir}/’$PACKAGE AC_SUBST(pkgpyexecdir) else AC_MSG_ERROR([“Set —with-pythonpath to an existing Python 3 executable.”]) fi # We need to store the default pyexecdir in a separate variable so that

2633

defect

1358154392108510

1358154392108510

dhcpconf

medium

marcin

DHCP Outstanding Tasks

new

Improve log messages in the DHCP Config Managers

In the DHCP configuration parsers (src/bin/dhcp4/config_parser.cc and src/bin/dhcp6/config_parser.cc) a number of log messages should be improved. Corrections to log messages include but are not limited to: - ensure that all log messages start with a lower-case letter or that all messages start with upper-case letter, currently it is not consistent - some of the log messages are prefixed with e.g. ‘’, some not, whether this prefix is used or not should be consistent across all log messages - many massages are vague as they don’t refer to a particular item in the configuration, e.g. fictitious log message: ’‘should be rather logged as ’’. etc.

2636

defect

1358279114198564

1380607988411624

statistics

medium

jreed

jreed

assigned

stats crash

OPS told me that the as112 server nagios check showed memory usage went up. (But looking at this, it happened after the crash.) I logged in and saw in my logs that stats server crashed: 2013-01-15 19:00:00.791 ERROR [b10-auth.auth/95428] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-01-15 19:00:01.152 ERROR [b10-auth.cc/95426] CC_TIMEOUT timeout reading data from command channel 2013-01-15 19:00:01.154 ERROR [b10-auth.auth/95426] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-01-15 19:00:01.154 ERROR [b10-auth.cc/95426] CC_LENGTH_NOT_READY length not ready 2013-01-15 19:00:01.154 ERROR [b10-auth.auth/95426] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-01-15 19:01:06.404 ERROR [b10-auth.cc/95422] CC_TIMEOUT timeout reading data from command channel 2013-01-15 19:01:07.169 ERROR [b10-auth.cc/95424] CC_TIMEOUT timeout reading data from command channel 2013-01-15 19:01:07.269 ERROR [b10-auth.auth/95422] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-01-15 19:01:07.269 ERROR [b10-auth.cc/95422] CC_LENGTH_NOT_READY length not ready 2013-01-15 19:01:07.269 ERROR [b10-auth.auth/95422] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-01-15 19:01:08.103 ERROR [b10-auth.auth/95424] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-01-15 19:01:08.104 ERROR [b10-auth.cc/95424] CC_LENGTH_NOT_READY length not ready 2013-01-15 19:01:08.104 ERROR [b10-auth.auth/95424] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-01-15 19:01:12.717 INFO [b10-boss.boss/95413] BIND10_PROCESS_ENDED process 95423 of b10-stats ended with status 256 2013-01-15 19:01:12.780 ERROR [b10-boss.boss/95413] BIND10_COMPONENT_FAILED component b10-stats (pid 95423) failed: process exited normally with exit status 256 2013-01-15 19:01:12.785 INFO [b10-boss.boss/95413] BIND10_COMPONENT_START component b10-stats is starting 2013-01-15 19:01:12.792 INFO [b10-boss.boss/95413] BIND10_STARTING_PROCESS starting process b10-stats 2013-01-15 19:01:13.876 ERROR [b10-auth.cc/95429] CC_TIMEOUT timeout reading data from command channel 2013-01-15 19:01:14.339 ERROR [b10-auth.auth/95429] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-01-15 19:01:14.340 ERROR [b10-auth.cc/95429] CC_LENGTH_NOT_READY length not ready 2013-01-15 19:01:14.340 ERROR [b10-auth.auth/95429] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-01-15 19:01:15.084 INFO [b10-stats.stats/78714] STATS_STARTING starting The redirected bind10 output showed: Traceback (most recent call last): File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer self.receive_len_data() File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 158, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/usr/local/libexec/bind10/b10-stats”, line 687, in stats.start File “/usr/local/libexec/bind10/b10-stats”, line 373, in start self.do_polling File “/usr/local/libexec/bind10/b10-stats”, line 256, in do_polling = self.cc_session.group_recvmsg File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg env, msg = self.recvmsg File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg data = self.receive_full_buffer(nonblock) File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 227, in _receive_full_buffer raise SessionTimeout(“recv() on cc session timed out”) isc.cc.session.SessionTimeout: recv() on cc session timed out Now Stats show has: { Auth { opcode.iquery 4, opcode.notify 1542, opcode.other 0, opcode.query 11446454195, opcode.status 0, opcode.update 906151246, queries.tcp 4529597, queries.udp 12348077390, rcode.badalg 0, rcode.badkey 0, rcode.badmode 0, rcode.badname 0, rcode.badsigvers 0, rcode.badtime 0, rcode.badtrunc 0, rcode.formerr 469435, rcode.noerror 35305553, rcode.notauth 198, rcode.notimp 906151250, rcode.notzone 0, rcode.nxdomain 11319210406, rcode.nxrrset 0, rcode.other 0, rcode.refused 91402768, rcode.servfail 57451, rcode.yxdomain 0, rcode.yxrrset 0 }, Boss { boot_time “2012-12-19T21:41:21Z” }, Stats { boot_time “2013-01-15T19:01:14Z”, last_update_time “2013-01-15T19:32:27Z”, lname “50f5a77a_1c@ethel.isc.org”, report_time “2013-01-15T19:32:27Z”, timestamp 1358278347.888214 } } The end of the dmesg output has: Limiting icmp unreach response from 25027 to 200 packets/sec Limiting icmp unreach response from 25088 to 200 packets/sec Limiting icmp unreach response from 26449 to 200 packets/sec Limiting icmp unreach response from 28994 to 200 packets/sec Limiting icmp unreach response from 28885 to 200 packets/sec Limiting icmp unreach response from 30465 to 200 packets/sec Limiting icmp unreach response from 3801 to 200 packets/sec swap_pager_getswapspace(16): failed swap_pager_getswapspace(8): failed swap_pager_getswapspace(16): failed swap_pager_getswapspace(12): failed swap_pager_getswapspace(16): failed swap_pager_getswapspace(12): failed swap_pager_getswapspace(9): failed swap_pager_getswapspace(5): failed swap_pager_getswapspace(16): failed swap_pager_getswapspace(12): failed swap_pager_getswapspace(9): failed swap_pager_getswapspace(5): failed swap_pager_getswapspace(16): failed swap_pager_getswapspace(12): failed swap_pager_getswapspace(9): failed swap_pager_getswapspace(5): failed /var/log/messages around time of crash: Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(8): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed Jan 15 19:01:06 ethel kernel: Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed Jan 15 19:01:06 ethel kernel: Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed Maybe something grew to huge?

2638

task

1358505070322866

1358505070322866

Unclassified

medium

jelte

new

make dns::rdata::generic::detail::CharString public

With the current hidden-by-convention approach, it requires we either use pimpl in all the rdata implementations we need them in, or forward-declarations (which are tricky because it is a typedef). In both cases it also forces dynamic allocation of memory which isn’t really necessary. So we should make it public. For now I think we can just move the definition to isc::dns or isc::dns::rdata. (discussion of whether to make it a Real Class is pending).

2639

enhancement

1358512747943875

1358517052009858

logging

medium

shane

new

b10-msg utility for looking up message information at the command line

Seen in a message on the bind-users list: > By the way, all of the BIND10 logging > messages are unique and we provide a paragraph or more documentation for > each of its 933 possible log identifiers!) I haven’t checked whether you have that, but that screams for a CLI utility to show the paragraph without having to browse documentation. :) https://lists.isc.org/pipermail/bind-users/2013-January/089541.html So the idea would be to have a simple utility so that you could execute like this: $ b10-msg BIND10_SELECT_ERROR There was a fatal error in the call to select(), used to see if a child process has ended or if there is a message on the message bus. This should not happen under normal circumstances and is considered fatal, so BIND 10 will now shut down. The specific error is printed. We can think of possible extensions to this (like an interface which supports tab-expansion, or searches by regular expression, and so on), but I think this basic approach would cover 95% of use cases.

2640

enhancement

1358512887389021

1358517061091407

message-library

medium

shane

new

man page version of BIND 10 Messages Manual

Based on a recommendation from the bind-users list: I would see the man page as indispensible, and a bespoke utility as merely cool. https://lists.isc.org/pipermail/bind-users/2013-January/089547.html We should have a “man” version of the ‘’BIND 10 Messages Manual’’.

2645

enhancement

1358771923263191

1358771923263191

dhcp6

low

tomek

DHCP Outstanding Tasks

new

Create class for DUID generation

There is currently a code written in Dhcp6_srv (loadServerID, generateServerID, writeServerID) to handle DUID creation and management. It was pointed out in #2597 that it should probably be done in a separate class. Naive approach would be to move this to DUID class, but that would include dependency on DUID to also use IfaceMgr. It would also make this code and its dependency included in other projects that possibly don’t care about DUID generation, e.g. relay. It should be also pointed out that the DHCPv6 client uses exactly the same approach to generate client-id.

2646

defect

1358774152413552

1358774152413552

dhcpconf

medium

marcin

DHCP Outstanding Tasks

new

Default values not handled by DHCP config parsers.

The DHCP configuration parsers do not handle default values very well. This specifically refers to setting option values and option definitions. For example, the ‘’dhcp4’‘is the default option space for each option. However, when leaving the default value the parser will simply receive partial configuration (that excludes space name). This in turn will cause an error message that the’‘space’’ parameter is missing. For this reason it is necessary to implement some conditions in option parsers that set default value for various parameters when they are not received from the Config Manager.

2651

enhancement

1358784002534987

1358867807975916

dhcp

low

tomek

DHCP Outstanding Tasks

new

Need unit-tests to verify that dhcp{4,6}.spec are sane

Marcin and I we independently discovered the same bug in spec files. It was very easy to fix it (extra comas), but such a thing should be detected by unit-tests. We currently seem to not have tests for spec files. We should developm something to cover this gap.

2652

enhancement

1358855649861495

1360148780548373

data source

medium

muks

new

Implement `getUpdater()` in `InMemoryClient`

This ticket is an offshoot of #2499. Implement a `ZoneUpdater` and make `InMemoryClient::getUpdater()` return it. Also use this updater for zone validation and remove the call to `dns::checkZone()` in `loadZoneDataInternal()`.

2660

task

1359065168556168

1359383378274013

build system

medium

UnAssigned

jreed

new

generate changelog

This ticket is to track work on generating changelog — so I have a trac number for a git branch. I will update this description later. The ChangeLog was moved to NEWS. A makefile hook is added to create the ChangeLog from the git history.

2662

task

1359099750158732

1360904398730386

data source

medium

jinmei

new

provide some post-load logs

I suggest providing log messages after zone loading corresponding to the following BIND 9 logs: #!c } else if (!isc_serial_ge(serial, oldserial)) dns_zone_log(zone, ISC_LOG_ERROR, “zone serial (u/u) has gone” “backwards”, serial, oldserial); else if (serial == oldserial && !hasinclude && strcmp(zone->db_argv[0], “_builtin”) != 0) dns_zone_log(zone, ISC_LOG_ERROR, “zone serial (u) unchanged. "<br> "zone may fail to transfer "<br> "to slaves.", serial);<br><br><br>and<br><br>#!c<br> if (! dns_db_ispersistent(db))<br> dns_zone_log(zone, ISC_LOG_INFO, "loaded serial u%s”, serial, dns_db_issecure(db) ? " (DNSSEC signed)" : “”); I actually wanted to do this as part of completed zone-load tasks, but I missed the opportunities. While maybe less common these days now many people generate zone files from a tool (mainly for DNSSEC signing), forgetting to increment the serial is a quite common operational error. So I believe it’s pretty important (especially the second one). From a quick look this shouldn’t be very difficult: I believe we can easily do it for the generic/DB-based data sources by updating `ZoneLoader` so it remembers the preload SOA and compares it to the new one (then produce the corresponding log). For in-memory, it seems possible by updating `ZoneWriterLocal`. Or, if we do #2652 it’ll be covered by the general case.

2663

defect

1359117145675776

1396529423105366

xfrin

medium

vorner

DNS Outstanding Tasks

new

b10-xfrin creates empty zone when first download fails

When you: 1) Let b10-xfrin download a new zone (that doesn’t exist yet in the database) 2) Make the transfer fail (tried with validation, but I suspect broken transfer or TSIG will do the same effect) The database will now contain a zone with no records in it. The zone is created outside of the transaction. When the transfer fails, the transaction that filled in some records is rolled back, but the zone stays. This probably also means the empty zone is present for the whole time when the zone is being downloaded (even when the download is then successful), which is a smaller problem than leaving it there forever, but it still doesn’t sound exactly right.

2664

task

1359122858102731

1365507266443189

Unclassified

medium

vorner

new

Gentoo ebuild for bind10

When we’re getting near the release, it is probably time to create a ebuild package for gentoo (and for all dependencies that are not in portage yet). They’d probably be happy to accept it to sunrise at least (repository with new programs for people interested in them). Few notes: * There are probably some flags that can be turned to use flags. * Probably create as a slot, so it can be installed in parallel with bind9.

2668

defect

1359470768919605

1370403875269307

data source

medium

jreed

new

DATASRC_DATABASE_FIND_TTL_MISMATCH (BIND 9 is different from BIND 10)

I noticed my logs had: 2013-01-25 07:13:17.494 WARN [b10-auth.datasrc/41040] DATASRC_DATABASE_FIND_TTL_MISMATCH TTL values differ in sqlite3_zone.sqlite3 for elements of bind10.isc.org./IN/RRSIG, setting to 3600 2013-01-25 07:13:17.495 WARN [b10-auth.datasrc/41040] DATASRC_DATABASE_FIND_TTL_MISMATCH TTL values differ in sqlite3_zone.sqlite3 for elements of bind10.isc.org./IN/RRSIG, setting to 3600 The server is a slave. The master is a BIND 9 server. The other BIND 9 slaves don’t modify the TTL. There are some TTLs in the set that are 7200. The log message should be modified to point to specification and explain clearly why BIND 10 is different than BIND 9.

2674

defect

1359629949359117

1360318276356631

Inter-module communication

low

vorner

new

Use data types consistently in isc::cc::Session

The Session uses some binary integers in the wire protocol. However, it mixes the types on read and write, sometimes using `size_t`, sometimes `uint32_t` and sometimes `unsigned int`. The other length is sometimes `uint16_t` and sometimes `unsigned short`. The python counterpart consistently uses the `U` and `H` modifiers to read and write them, so `uint32_t` and `uint16_t` should be used consistently in the C++ part too. Currently, it works mostly because of luck.

2675

task

1359643295139480

1360148794237669

Unclassified

medium

vorner

new

Get rid of the -v switches

The -v switches of many our binaries are not working correctly. As discussed in the ML, we should get rid of them, since we are not clear on what they should be doing in the first place anyway.

2677

defect

1359647101840965

1363364542686411

build system

medium

UnAssigned

stephen

new

General clang issues

Whilst addressing #2673, I also noticed the following warnings. The environment was OSX 10.8 with clang 4.1: ‘’’src/lib/config’‘’ CXX ccsession.lo ccsession.cc:345:32: warning:’&&‘within’

‘[-Wlogical-op-parentheses] cur_name[0] '*' && cur_name[1] ’.‘) { ^~ ccsession.cc:345:32: note: place parentheses around the’&&‘expression to silence this warning cur_name[0] '*' && cur_name[1] ’.‘) { ^ 1 warning generated. ’‘’src/lib/asiodns’‘’ CXX libb10_asiodns_la-udp_server.lo In file included from udp_server.cc:30: In file included from ../../../src/lib/asiolink/udp_socket.h:31: ../../../src/lib/asiolink/io_asio_socket.h:347:37: warning: unused parameter ’data’ [-Wunused-parameter] virtual void asyncReceive(void* data, size_t, size_t, IOEndpoint*, C&) { : (There are a number of these) CXXLD libb10-asiodns.la libtool: link: warning: `/opt/log4cplus/lib/liblog4cplus.la’ seems to be moved clang: warning: argument unused during compilation: ‘-pthread’ The “-pthread” message appears at other points in the BIND 10 build, not just in src/lib/asiodns. CXX run_unittests-dns_server_unittest.o dns_server_unittest.cc:674:18: warning: expression result unused [-Wunused-value] EXPECT_THROW(TCPServer(this>service, 0, AF_UNIX, this>checker_, ~~~~~~ /opt/gtest-1.5.0/include/gtest/gtest.h:1681:21: note: expanded from macro ‘EXPECT_THROW’ GTEST_TEST_THROW_ : (There are a number of these) When dealing with unavoidable warnings in a particular part of the build, we should decide whether we disable that particular warning (e.g. -Wno-unused-parameters) or disable the promotion of warnings to errors (-Wno-error).

2680

defect

1359700281082406

1360054324329427

Boss of BIND

medium

jinmei

new

shutdown cfgmgr later

It’s better to shut down cfgmgr later than other normal modules such as auth, xfrin, and whatnot on system shutdown. These modules send a “stopping” message to cfgmgr, but if cfgmgr dies sooner, msgq will encounter EPIPE on forwarding it to cfgmgr, leading to some of the error logs discussed in #2617. It’s not actually critical, but is not really clean and can be annoying.

2682

defect

1359723666367648

1359723666367648

dhcp6

low

marcin

DHCP Outstanding Tasks

new

DHCPv6 config parser accepts the creation of subnet without any address pool specified.

This issue has come up during the execution of the v6.general.negative test located in the dhcp-val repo (tests/common). The following config config file is accepted: v6.general.negative.3.cfg: # Create a new subnet and do not specify the pool. config add Dhcp6/subnet6 config set Dhcp6/subnet6[0]/subnet “2001:db8:1::/64” config commit IMO, having a subnet without a pool in general does not makes sense now . However the DHCP team may need some further discussions whether this is an issue that should be fixed or it is desired behaviour. The same applies to the DHCPv4 configuration.

2683

task

1359730190846306

1360150371123630

documentation

very low

jwright

new

BIND10 guide: slightly misleading description of “-a” option for bindctl

In Section 8.1," bindctl command-line options," it is stated that the -a <address> or —address=<address> option sets “IP address that BIND 10’s b10-cmdctl module is listening on. By default, this is 127.0.0.1.” In fact, leaving off the <address> part of the command results in an error: bindctl: error: option requires 1 argument I was expecting somehow that typing in “./bindctl a" or "./bindctl —address" would result in a session established on the default IP address, but I got the error instead. So, perhaps the wording should just be: "IP address that BIND 10’s b10-cmdctl module is listening on." Then, in a separate note above the 8.1 section, say something to the effect of "The default IP address that bindctl listens on is 127.0.0.1. This can be overridden with the "a” or “—address” options described below."

2684

enhancement

1359950854684865

1360676277290241

bind-ctl

medium

jwright

new

bindctl “config show” should show [all] as an option

When I go into bindctl, and issue the command “config show,” the resulting help output should show that [all] is a valid parameter. Instead, it just outputs the following: > config show Stats/ module tsig_keys/ module data_sources/ module Logging/ module Boss/ module Cmdctl/ module Msgq/ module [all] ‘’is’’ listed in Section 8.6.1 of the BIND 10 Guide, but the inline help should have it, too.

2685

enhancement

1359951011992870

1360148913576168

bind-ctl

medium

jwright

new

bindctl should pause printing output if that output exceeds 24 lines

I’m running VirtualBox VMs of Ubuntu 12.04 server in text-only mode. That defaults to the standard 24 lines of output, and there is no option to scroll back in the console output. We should make bindctl pause its output with a “more”-type prompt when output exceeds 24 lines (for example, when I enter the command “config show all”).

2686

defect

1359985447377558

1377246743384592

bind-ctl

medium

jwright

DHCP-QA Defects

new

Trying to bring up Kea server via instructions in BIND 10 Guide; fails

I’m running BIND10/Kea latest (as of last week 01/28). I am attempting to bring up a DHCP v4 server per the instructions at http://bind10.isc.org/docs/bind10-guide.html#dhcp4. The commands fail: > “login success”] login as too > config add Boss/components b10-dhcp4 > config set Boss/components/b10-dhcp4/kind dispensable > config commit 201302-03 23:40:52.722 ERROR [b10-cmdctl.cmdctl/1260] CMDCTL_COMMAND_ERROR error in command set_config to module COnfigManager: Component kind cannot be dispensable Error: Component kind cannot be dispensable Configuration not committed >

2687

task

1359999032372395

1360148065475117

build system

low

jreed

jreed

assigned

src/lib/python/isc/log_messages/work/init.py in tarball

What is purpose of src/lib/python/isc/log_messages/work/init.py in the distributed tarball? I received an off-list email about issue that the file is included but a “distclean” removes it. It is inconsistent. Can someone explain src/lib/python/isc/log_messages/work/Makefile.am ? It has python_PYTHON set, so this is added to DIST_COMMON (becomes part of tarball). I am guessing it should not use python_PYTHON. Anyways a ./configure generates it so shouldn’t be in the tarball. But distclean removes it (is part of CONFIG_CLEAN_FILES).

2688

task

1359999345042955

1360072363206282

logging

medium

jreed

new

syslog by default

I did an informal poll to see what should be default logging. https://lists.isc.org/pipermail/bind-users/2013-January/089540.html The majority believes that the BIND9 default of using syslog is a good default choice. This ticket is to change the default in /src/bin/cfgmgr/plugins/logging.spec and comments in b10logging.py and fix documentation and lettuce (and other tests?) to use syslog by default. It would be useful so we can have a consistent startup method. As for now, the output goes to console so packagers/users will need to define their own way to handle this.

2691

enhancement

1360147564380902

1364463352097481

sysinfo

medium

shane

new

Add support for Solaris in isc-sysinfo

Add support for Solaris in isc-sysinfo. This is a sub-ticket of #2085.

2693

enhancement

1360150216295047

1360934802977317

sysinfo

medium

shane

new

isc-sysinfo should report unknown systems

Since #2128 is complete we get generic information on unknown systems. We should say “isc-sysinfo does not know how to report for system %s yet, please mail to get this system added”. This is related to ticket #2085, although only loosely.

2694

defect

1360169989784482

1361175790908910

sysinfo

low

jreed

new

sysinfo and root note

src/bin/sysinfo/sysinfo.py.in has statement if running as non-root: NOTE: You have to run this program as the root user so that it can collect all the information it requires. Some information is only available to the root user. I believe this is platform specific (like Linux using netstat -p). But for NetBSD and some others running as root has no difference. I think some setting in src/lib/python/isc/sysinfo/sysinfo.py can define if root is desired or not and the tool only output the note if set.

2695

defect

1360174074273001

1360676397523869

bind-ctl

low

bwynkoop@isc.org

new

bindctl error message wording awkward

> config Error! command name is missed > I believe a better wording would be “command name is missing” or the simpler and clearer “missing command name”

2706

task

1360609952554595

1373458069669143

documentation

medium

jinmei

Next-Sprint-Proposed

new

describe how to run scan-build (clang static analyzer)

It doesn’t seem to be a trivial task. We should show workable instructions in wiki. See also #2665.

2707

defect

1360621685486751

1360676826509174

bind-ctl

low

bwynkoop@isc.org

new

bindctl Logging help not helpful

> Logging help Module Logging Logging options Available commands: help Get help for module. >

bindctl help

2711

enhancement

1360662359347021

1373458475834490

cmd-ctl

medium

shane

bwynkoop@isc.org

new

bindctl should be case-insenstive

We discussed this quite some time ago: http://bind10.isc.org/wiki/WeeklyMinutes20110705 But I can’t find a ticket about it. bindctl should be case-insensitive (although possibly also case-preserving?) See also ticket #2709.

2715

defect

1360666817651102

1366242822277493

bind-ctl

medium

cas

new

bindctl bails out on non ASCII characters

bindclt bails out on non ascii characters (german Umlauts, French acute …) It happens during login or on the command-line. It can be triggered by a user having non-ascii chars in the password or by mistyping on the keyboard. bindclt should gracefully handle UTF-8 input. Error message (password): [root@inline bind10]# bindctl Error reading saved username and password from /root/.bind10/default_user.csv: [Errno 2] No such file or directory: ‘/root/.bind10/default_user.csv’ [TEMP MESSAGE]: username :root password :bind10 Username:root Password: Traceback (most recent call last): File “/usr/local/bin/bindctl”, line 162, in result = tool.run() File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 149, in run if not self.login_to_cmdctl(): File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 242, in login_to_cmdctl passwd = getpass.getpass() File “/usr/local/lib/python3.3/getpass.py”, line 71, in unix_getpass passwd = raw_input File “/usr/local/lib/python3.3/getpass.py”, line 132, inraw_input line = input.readline() File “/usr/local/lib/python3.3/encodings/ascii.py”, line 26, in decode return codecs.ascii_decode(input, self.errors)[0] UnicodeDecodeError: ‘ascii’ codec can’t decode byte 0xc3 in position 0: ordinal not in range(128) Error message CLI: [root@inline bind10]# bindctl Error reading saved username and password from /root/.bind10/default_user.csv: [Errno 2] No such file or directory: ‘/root/.bind10/default_user.csv’ [TEMP MESSAGE]: username :root password :bind10 Username:root Password: [“login success”] > help¿ Traceback (most recent call last): File “/usr/local/bin/bindctl”, line 162, in result = tool.run() File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 152, in run self.cmdloop() File “/usr/local/lib/python3.3/cmd.py”, line 126, in cmdloop line = input(self.prompt) UnicodeDecodeError: ‘ascii’ codec can’t decode byte 0xc2 in position 4: ordinal not in range(128)

2716

defect

1360667324886897

1363023870131914

Unclassified

medium

cas

new

password in ~/.bind10/default_user.csv is cleartext

the password for bindctl is stored in clear text. Although the file is proteced by user permissions, it might end up where un-authoritized persons can read it (in a backup, disk removed from server etc). if possible the password should be stored as a salted hash

2718

enhancement

1360672347014306

1360672347014306

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Stateless DHCP configuration: allow access to global options if subnets are not configured.

The current version of the software does not allow access to global options if there is no subnet specified. In the stateless DHCP configuration it is possible that the subnet is not configured but still we may want to respond to the user with options that are globally configured. With this change, the current way we access options through the subnet remains untouched. The additional feature is to provide an access to the global options storage so as the server can pick from them if there is no subnet configured. This change is required for either DHCPv4 or V6.

2724

task

1360698285537921

1366409877231113

dhcp

medium

UnAssigned

jwright

DHCP Outstanding Tasks

assigned

DHCP Testing: Logging

Write a description of the tests for section 2 (“Logging”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.) The description and results should be attached to this ticket.

2725

task

1360698404085325

1366409930523893

dhcp

medium

UnAssigned

jwright

DHCP Outstanding Tasks

assigned

DHCP Testing: Configuration

Write a description of the tests for section 3 (“Configuration”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.) The description and results should be attached to this ticket.

2727

enhancement

1360750871304543

1373458603992278

Unclassified

medium

cas

new

directories for scripts

This is a feature request. I’m willing to implement and the feature if there is consensus that it is useful for the general userbase. b10-cmdctl has the ability to execute scripts. in 1.0.0-beta, there is only one predefined script “init_authoritative_server”, which is hard coded in “command_sets.py” The request is to provide two directories for storing scripts. One directory for BIND10 “internal” scripts, that will be refreshed if the BIND 10 software will be refreshed. One directory for “user-scripts”, that will not be touched during updates. b10-cmdctl should read the scripts provided in these directories and monitor/poll these directories for changes and read new/changed scripts. The scripts should be presented in bindctl, and should also be available through other interfaces / APIs Script should have descriptive names and inline-documentation (maybe like Python doc-strings) A script in the user directory with the same name as a script in the system directory should overlay the one in the system directory (only the user script visible). This will enable site administrators to provide customized versions of the system scripts.

2728

enhancement

1360751512443185

1373458690313673

Unclassified

medium

cas

new

configuration snapshots and restore

This is a feature request. I’m willing to implement and the feature if there is consensus that it is useful for the general userbase. However it possibly requires support in the core modules which I would need help with. The idea is to provide commands (in bindctl and/or via other interfaces) to “snapshot” and “restore” a BIND 10 configuration. The snapshot should be able to save the whole configuration (all modules) or just single modules (like auth or dhcpv4). The snapshot should contain all the configuration but not the data (for DNS, the configuration of the server but not the zone list or zone content). A similar “snapshot” function for data (DNS zones and DHCP scopes) might be useful, but is out of the scope of this request. The user should be able to “name” a snapshot with a descriptive name. Optionally, snapshots should be secured by a password/pass-phrase and encrypted (could be done by external tools, such as “gpg”). Snapshots should also store a timestamp and the user that created the snapshot. The user interfaces should have a function to enumerate the available snapshots and a function for the user to select and load a snapshot. Loading/restoring a snapshot will replace the current running configuration with the configuration for the snapshot. It will not change DNS zone data or DHCP scope data. The user interfaces should also provide functions to re-name and remove snapshots.

2729

defect

1360752293837680

1362490597771947

logging

low

cas

new

logging of configuration changes

This might well be an “enhancement”, but in my view for a system with dynamic configuration like BIND 10 the absence of such a feature is a (minor) defect. changes in the BIND 10 configuration should be send to the b10-cmdctl log channel This is often required as an configuration audit trail by some industries (banking, pharmaceutical ) The log entry should contain: * date and time * username * name of the changed configuration setting, example: Logging/loggers[0]/output_options[0]/flush * old and new value: “true” -> “false” Same should be logged for state changes (loading / unloading modules, starting / stopping components). (most state changes are logged but not the user name who initiated the state change, like with “Boss shutdown”).

2730

defect

1360758386877228

1362490646870730

Unclassified

low

cas

new

“config remove” should allow the same identifier as printed with “config show”

The identifier for removing configuration items is different from the representation in “config show”. The identifier for a list is show as “data_sources/classes/CH”, the identifier needed for “config remove” is “data_sources/classes CH”. That is confusing, and it prevents the use of copy and paste. Example (real world): > config show all data_sources/classes/CH [] list data_sources/classes/IN [] list Logging/loggers[0]/name “*” string Logging/loggers[0]/severity “DEBUG” string Logging/loggers[0]/debuglevel 0 integer (default) Logging/loggers[0]/additive false boolean (default) Logging/loggers[0]/output_options[0]/destination “file” string Logging/loggers[0]/output_options[0]/output “/var/log/bind10.log” string Logging/loggers[0]/output_options[0]/flush false boolean Logging/loggers[0]/output_options[0]/maxsize 204800 integer Logging/loggers[0]/output_options[0]/maxver 8 integer Cmdctl/key_file “/usr/local/etc/bind10/cmdctl-keyfile.pem” string (default) Cmdctl/cert_file “/usr/local/etc/bind10/cmdctl-certfile.pem” string (default) Cmdctl/accounts_file “/usr/local/etc/bind10/cmdctl-accounts.csv” string (default) tsig_keys/keys [] list (default) Boss/components/b10-stats/special null string Boss/components/b10-stats/process null string Boss/components/b10-stats/kind “dispensable” string Boss/components/b10-stats/address “Stats” string Boss/components/b10-stats/params [] list Boss/components/b10-stats/priority null integer Boss/components/b10-cmdctl/special “cmdctl” string Boss/components/b10-cmdctl/process null string Boss/components/b10-cmdctl/kind “needed” string Boss/components/b10-cmdctl/address null string Boss/components/b10-cmdctl/params [] list Boss/components/b10-cmdctl/priority null integer Stats/poll-interval 60 integer (default) > config remove data_sources/classes/CH Error! identifier in remove_value() does not contain a list index, and no value to remove > config remove data_sources/classes Error! identifier in remove_value() does not contain a list index, and no value to remove > config remove data_sources Error! identifier in remove_value() does not contain a list index, and no value to remove > config remove data_sources/classes CH > config commit

2731

defect

1360759987198017

1362490779398336

bind-ctl

high

cas

new

after removing modules, the modules still show in bindctl

When modules are removed from the configuration, the modules still show in the “help” screens of bindctl. Only after bindctl is closed and restarted again the module list is gone. bindctl should update its internal list of modules on “config remove” It is irritating to see modules that cannot be used in the list of available configurations. Example: > config remove /Boss/components b10-auth > config remove /Boss/components b10-xfrin > config remove /Boss/components b10-xfrout > config remove /Boss/components b10-zonemgr > config diff {’Boss’: {’components’: {’b10-cmdctl’: {’kind’: ‘needed’, ‘special’: ‘cmdctl’}, ‘b10-stats’: {’kind’: ‘dispensable’, ‘address’: ‘Stats’} > config commit > help usage: [param1 = value1 [, param2 = value2]] Type Tab character to get the hint of module/command/parameters. Type “help(? h)” for help on bindctl. Type “ help” for help on the specific module. Type “ help” for help on the specific command. Available module names: help Get help for bindctl. config Configuration commands. execute Execute a given set of commands Xfrout Zonemgr Logging Logging options Cmdctl Interface for command and control tsig_keys The TSIG keyring is stored here Xfrin XFR in daemon Auth Authoritative service Boss Master process Stats Stats daemon data_sources The sources of authoritative DNS data

2732

defect

1360760630613760

1362490926774612

bind-ctl

medium

cas

new

the logger configuration should validate the name property against a list of valid module.library names

with the current (1.0.0-beta) logging configuration it is easy to create a non working logging configuration. the “name” property seem to allow any kind of text and is not validating the “name” against a list of valid modules and module.library pairs. A misunderstanding of the concept of “name” (not a good name for the property, something like “selector” would be better) or a typo will create a logger configuration that silently fails. That is very hard to troubleshoot, esp. for logger configurations that will only produce log output in special error conditions. a “config commit” should validate the “name” property and should report an error if the value does not match a possible valid “module.library” combination. The error should give information on how to obtain a list of all valid values for the “name” property.

2733

defect

1360761144501613

1362491059082595

configuration

medium

cas

new

it should be possible to use the module.library or module.function identifier printed in logs in the logger configuration

the logger configuration and the logging output are using different names. it should be possible to use the same “module.library” or “module.function” names that are printed in the log output in the logger configuration. Example (this should be valid): > config set Logging/loggers[1]/name “b10-boss” should create the same configuration as > config set Logging/loggers[1]/name “Boss” having different identifiers for the same item is confusing and a source or errors (and support calls)

2734

enhancement

1360764331898419

1373458983238462

Unclassified

medium

cas

new

in the message documentation, list the module.library that creates the message

in the message documentation “bind10-messages.html”, it would be useful to have information which module.library will cause this log message. A operator of BIND 10 could scan through the document and decide on the messages log. For that she/he needs the knowledge which module.library pair to configure in the loggers “name” property to log the messages.

2735

defect

1360790995609993

1362491220378297

build system

medium

UnAssigned

jreed

new

tests using outside components

See http://git.bind10.isc.org/~tester/builder//BIND10-valgrind/20130213183503-CentOS5-x86_64-GCC/logs/unittests.out The error was: make[7]: Entering directory `/home/b10builder/builder/work/BIND10-valgrind/20130213183503-CentOS5-x86_64-GCC/build/src/lib/log/tests’ terminate called after throwing an instance of ‘isc::util::InterprocessSyncFileError’ what(): Unable to use interprocess sync lockfile (Permission denied): /home/jreed/pkgsrc/new/bind10/work/bind10-1.0.0-rc/logger_lockfile /bin/sh: line 5: 6899 Aborted /bin/sh ../../../../libtool —mode=execute ${dir}$tst This is user b10builder running a cronjob in a unique build (and install) directory. It tried to use a file from a different user in a different home! I assume this was caused by this: The test using python3.3 found in its default path: /usr/pkg/lib/python3.3/site-packages/bind10_config.py which has: if “B10_FROM_SOURCE” in os.environ: … LIBEXECPATH = ‘:’.join([‘/home/jreed/pkgsrc/new/bind10/work/bind10-1.0.0-rc/src/bin/’ + p for p in Ouch. We can’t assume that source location exists anymore. That is a temporary work directory — and it is not even the same version of BIND10! And we should never hardcode it in an installed file.

2736

defect

1360797436889212

1362491337089756

bind-ctl

medium

jreed

new

Allow new bindctl to work with old cmdctl, old cfgmgr

[“login success”] login as root > Boss shutdown Traceback (most recent call last): File “/usr/local/bin/bindctl”, line 162, in result = tool.run() File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 158, in run self.cmdloop() File “/usr/local/lib/python3.1/cmd.py”, line 138, in cmdloop line = self.precmd(line) File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 348, in precmd self.update_all_modules_info File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 343, inupdate_all_modules_info self.config_data = isc.config.UIModuleCCSession(self) File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 487, in init self.update_specs_and_config() File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 517, in update_specs_and_config self.request_current_config() File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 508, in request_current_config raise ModuleCCSessionError(“Bad config version”) isc.config.ccsession.ModuleCCSessionError: Bad config version I see this often when I upgrade. My upgrade method is to replace software while still old is running. If it is incompatible, at least a friendly message about it.

2739

enhancement

1360848124334750

1364305549436496

Unclassified

high

cas

new

when adding a master zone from a zone file, bindctl does not report errors if the zone cannot be loaded

if a zone file cannot be loaded because of errors or incomplete support in the parser, bindctl does not report back any error.

2744

defect

1360876268119808

1363343684296820

cmd-ctl

medium

jreed

new

CmdctlException issues in TestSecureHTTPServer

Running test: cmdctl_test.py ………………………FF.. <br>FAIL: test_check_file (__main__.TestSecureHTTPServer)<br>----------------------------------------------------------------------<br>Traceback (most recent call last):<br> File "/usr/ports/new/bind10/work/bind10-1.0.0-rc/src/bin/cmdctl/tests/cmdctl_test.py", line 478, in test_check_file<br> self.assertRaises(CmdctlException, check_file, file_name)<br>AssertionError: CmdctlException not raised by check_file<br><br> FAIL: test_check_key_and_cert (main.TestSecureHTTPServer) ———————————————————————- Traceback (most recent call last): File “/usr/ports/new/bind10/work/bind10-1.0.0-rc/src/bin/cmdctl/tests/cmdctl_test.py”, line 503, in test_check_key_and_cert keyfile, certfile) AssertionError: CmdctlException not raised by _check_key_and_cert I saw this with FreeBSD 8.1-RELEASE amd64.

2745

enhancement

1360879509019289

1362491510975026

Unclassified

medium

cas

new

format of TSIG keys looks like a data format encoded inside a string

The TSIG string format “name:base64secret:algorithm” is a data-format encoded inside a configuration string. It would be more “clean” to have the fields mapped into a JSON map: > config set tsig_keys/keys/example.com { secret “c2VjcmV0”, algorithm “hmac-md5” } instead of > config add tsig_keys/keys “example.com.:c2VjcmV0:hmac-md5”

2752

task

1360904231687926

1392811289878919

data source

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

define and implement ZoneDataUpdater::delete()

It’s the delete operation version of `ZoneDataUpdater::add()`, takes normal and RRSIG rrsets to be deleted from the zone. Delete operation is trickier than add: - when the node becomes empty, and if it’s a leaf node in the zone (i.e., not empty non terminal), we should also delete the corresponding tree node. - If, as a result of the previous operation, the parent node of the just-deleted tree node becomes empty, it should also be deleted. This process continues recursively, toward the zone origin. - But we shouldn’t delete the zone origin node (that’s the integrity assumption of our implementation) And, while implementing zone node deletion, we may find the need for additional extensions to `DomainTree`. All of these things may require breaking this feature into several sub tasks, but at this moment I’m not sure. It at least depends on #2750 and #2751.

2754

enhancement

1360930550728201

1362577680909209

configuration

medium

cas

new

bindctl config validation should print the configuration path that created an error

After a long editing session, I want to commit the config and I get > config commit Error: Error in config validation: Unknown item filetype Configuration not committed as a user, I have no idea where this error occurs, there is no context. The error message should print the config reference (path) where the error occurs This is 1.0.0-rc

2755

enhancement

1360931289338099

1362577000016672

configuration

medium

cas

new

the use of “list” structures for configuration considered harmful

configuration lists are very hard to deal with in BIND 10. The index numbers change on additions and deletions, and the index number is not known in the beginning of a configuration session, it must first be looked up, which makes it impossible to change the values by scripting. In a large installation with thousands of zones, mapping zone configurations to index-numbers is very hard and error prone. using named sets would be simpler to use, it would allow to script configuration changes examples are data_sources/classes/CLASS[] Logging/loggers[] Auth/datasources[] Auth/listen_on[] … it would be simpler to reference the configuration items as named sets: data_sources/classes/IN/sqlite3 or Logging/loggers/boss-log/debuglevel or Auth/listen_on/192.0.2.53/port or Auth/datasources/memory/zones List structures work well for configuration items that have no structure themselves (such as a list of IP addresses in an ACL).

2758

defect

1360944449204594

1362132245318248

dhcp

medium

jinmei

DHCP Outstanding Tasks

new

util/io_utilities.h shouldn’t be used in production DHCP code

See http://bind10.isc.org/ticket/2749#comment:2 dhcp6_srv.cc, etc, should use other (and safer) API instead of this stuff.

2761

defect

1360956374813401

1363105284370978

bind-ctl

medium

cas

new

CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe on Init shutdown

When I shutdown BIND 10 from bindctl “Init shutdown”, I’m getting this error and stack trace: 2013-02-15 20:23:59.178 ERROR [b10-stats.config/3471] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe Traceback (most recent call last): File “/usr/local/libexec/bind10/b10-cfgmgr”, line 131, in 2013-02-15 20:23:59.182 ERROR [b10-auth.cc/3470] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 2) sys.exit(main()) File “/usr/local/libexec/bind10/b10-cfgmgr”, line 119, in main cm.run() File “/usr/local/lib/python3.3/site-packages/isc/config/cfgmgr.py”, line 600, in run Traceback (most recent call last): File “/usr/local/libexec/bind10/b10-stats”, line 687, in msg, env = self.cc.group_recvmsg(False) File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 280, in group_recvmsg env, msg = self.recvmsg(nonblock, seq) File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 147, in recvmsg return self.recvmsg(nonblock, seq) File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 135, in recvmsg data = self.receive_full_buffer File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 217, inreceive_full_buffer self.receive_len_data File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 177, inreceive_len_data new_data = self.receive_bytes File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 165, inreceive_bytes raise ProtocolError(“Read of 0 bytes: connection closed”) isc.cc.session.ProtocolError: Read of 0 bytes: connection closed Version 1.0.0-rc

2766

enhancement

1361113203054534

1362132247498937

dhcp4

medium

cas

DHCP Outstanding Tasks

new

reconsider the use of varbinary in database tables

The dhcp4 component (maybe also the dhcp6 component) makes use of the varbinary datatype:

hwaddr

varbinary(20)

YES

MUL

NULL

client_id

varbinary(128)

YES

MUL

NULL

while this might give a performance benefit over text encoded fields, it makes working with common “off the shelf” database tools difficult, as the value stored is just a binary blob and hard for a user to work with. if the performance penalty is not too big, the use of varbinary might be reconsidered in favor for a dataype that is easy to handle for users (e.g. typing into SQL statements in the mysql command line tool when searching for all leases of a certail client-id or hw-address). searching for a hw-addr in an SQL database is quite a common task for DHCP administrators. A common text encoding (08:00:27:CB:AA:68) would make that task much easier.

2767

enhancement

1361113885337653

1362132249213775

dhcp4

medium

cas

DHCP Outstanding Tasks

new

dhcp option data format

currently BIND 10 supports DHCP option data as CSV or Hex. In the future, other formats might be supported. The proposal is to change config set Dhcp4/option-data[0]/csv-format true to config set Dhcp4/option-data[0]/format csv and config set Dhcp4/option-data[0]/format hex this scheme will allow for future extensions that support other format encodings other than hex or csv.

2769

task

1361214868405851

1362577876529766

xfrout

medium

jreed

new

document Xfrout/also_notify

2773

enhancement

1361272493216719

1361272493216719

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Implement remaining standard options for DHCP4 and 6

Currently a limited set of standard options is defined. In the same time the configuration parser prevents definition of standard options by the user. See: https://lists.isc.org/pipermail/bind10-users/2013-February/000443.html. In practice, this means that standard options which definitions are not added into the code are not usable. Therefore, we need to add definitions of all remaining standard options so as users don’t need to add definitions themselves.

2774

task

1361277636447741

1380797308041960

libdhcp

medium

UnAssigned

shane

emhn@isc.org

DHCP Outstanding Tasks

assigned

dhcp++.pc

Our erstwhile Debian packager has suggested that having dhcp.pc would help out. We already have dns.pc, so I suppose this is not impossible. :)

2779

task

1361286748471177

1362577988048780

documentation

medium

jreed

new

distclean and removal of docs from release tarball

We ship the generated docs (guide, messages manual, manpages) in the tarball because we don’t want to require more build dependencies (such as xsltproc, docbook stylesheets, html-to-text renderer, etc). Currently DISTCLEANFILES is used for the generated docs. A “distclean” causes them to be lost so then a new make will (by default) will generate dummy docs. My initial suggestion is to use MAINTAINERCLEANFILES so they are only removed on “make maintainer-clean”. But later need to discuss better idea for generating these. Some ideas: - include the generated files back in the GIT repo; and require they are built/committed using a consistent setup. - require many new dependencies and don’t build dummy docs. - use some more common format, like use some ROFF instead of docbook for guide and messages manual since the toolchain for this is generally already installed on all systems. Or some other simple plain-text markup language and provide simple python-tool in the repo to generate docs using it.

2783

defect

1361365300772915

1361365300772915

perfdhcp

medium

tmark

DHCP Outstanding Tasks

new

Using -n to speifcy number of exhanges always yields x-1 exchanges, with 1 drop

The n command line argument determines how many exchanges perfdhcp should execute. What one gets is always x-1 exchanges, and 1 drop. The following excerpt from stdout: Running: perfdhcp6 l eth1R 105 n 105r 1 x aeistT fe80::20c:29ff:fea5:954a IPv6 rate[1/s]=1 clients=105 num-request[0]=105 drop-time[0]=1 drop-time[1]=1 aggressivity=1 : : Statistics for: SOLICIT-ADVERTISE sent packets: 105 received packets: 104 drops: 1 orphans: 0 It seems as though it is not waiting for the last exchange to complete. Behavior is very consistent, happens for 2-packet or 4-packet,4 or –6, for any value of .

2791

task

1361435442005700

1373459167483693

Inter-module communication

medium

vorner

new

Try to work around the multi-CC hacks in XfrIn and CmdCtl with regards to rpc_call

The said modules have threads and have a inelegant hack because of them. They have one `ModuleCCSession` to listen for commands coming to them. But as this is blocking in one thread, the other threads use separate `CCSession` to send commands out (without any locking on it, which is dangerous, but a different issue). However, the `rpc_call` method that should be used instead of low-level JSON handling and `group_sendmsg` + `group_recvmsg` pair, is available on `ModuleCCSession` only, so it can’t be used now. Try to work around this by creating a `ModuleCCSession` instead of the second `CCSession` with `None` as the command handlers, etc. Do not start it. It might or might not work, see if there are any strange side effects. If it works, replace the low-level calls with the `rpc_call` method.

2792

enhancement

1361443256263826

1373459301487132

b10-auth

medium

y-aharen

StatsRedesign

new

Implement per-RRtype statistics items

Implement per-RRtype statistics items (were dropped from #2157). It may require to break-down into some tasks.

2793

enhancement

1361443259078792

1373459385877496

b10-auth

medium

y-aharen

StatsRedesign

new

Add a capability to hold per-class basis statistics counters

Support per-class basis statistics counters. It may require to break-down into some tasks.

2794

enhancement

1361443261745497

1373459391100518

b10-auth

medium

y-aharen

StatsRedesign

new

Reconsider keyword SERVER for whole server statistics

Reconsider keyword SERVER for whole server statistics. Maybe it needs some structure change of statistics not to use a magic keyword. It was suggested in the review of #2157.

2795

enhancement

1361443264320480

1373459396797896

b10-auth

medium

y-aharen

StatsRedesign

new

Redefine compound query counters

Redefine query counters (such as qrysuccess, qryauthans, authqryrej, etc.) to match the number of incoming queries. It was suggested in the review of #2157.

2798

enhancement

1361443271894500

1379394084112873

statistics

medium

UnAssigned

y-aharen

Next-Sprint-Proposed

reviewing

Add a log message that statistics is updated

Put a debug log message when statistics is updated. It’s to ensure the statistics are updated at b10-stats in lettuce tests. It was suggested in the review of #2157.

2799

defect

1361455486932938

1363338169097575

statistics

medium

jreed

StatsRedesign

new

stats lost Auth stats after removing some b10-auth components

I did a Stats show on a very busy 1.0.0-rc auth server (with four b10-auth processes) and it had no Auth results and logs had: 2013-02-21 13:49:57.063 ERROR [b10-cmdctl.cmdctl/91214] CMDCTL_COMMAND_ERROR error in command show to module Stats: specified arguments are incorrect: owner: Auth, name: None Older logs showed: 2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth 2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth 2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth 2013-02-15 14:45:33.885 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth This happened less than a minute after I removed some b10-auth components. I had started with eight and removed four. I assume this caused the problem. I restarted the server and now have Auth stats again.

2800

defect

1361456031421324

1362578403337402

logging

medium

jreed

new

Unable to lock logger lockfile

The as112 server has too many ERRORs of Unable to lock logger lockfile 21:06:32.312 ERROR [b10-auth.auth/94095] Unable to lock logger lockfile 2012-12-19 21:41:23.189 ERROR [b10-auth.auth/95422] Unable to lock logger lockfile 2012-12-19 21:41:23.266 ERROR [b10-auth.auth/95428] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile 2013-02-13 23:07:16.504 ERROR [b10-auth.auth/63078] Unable to lock logger lockfile 2013-02-13 23:07:16.504 ERROR [b10-auth.auth/63079] Unable to lock logger lockfile 2013-02-13 23:07:16.505 ERROR [b10-auth.auth/63075] Unable to lock logger lockfile 2013-02-14 21:48:20.046 ERROR [b10-auth.auth/55135] Unable to lock logger lockfile 2013-02-15 14:36:33.432 ERROR [b10-auth.auth/91220] Unable to lock logger lockfile 2013-02-21 13:50:33.346 ERROR [b10-auth.auth/39545] Unable to lock logger lockfile This happens during startup. The server has multiple b10-auth components. Notice it does not have a corresponding message ID so I can’t quickly read explanation. Does it give up too soon? Does this message mean I lost another log message? How can it log this message if it can’t lock the file?

2801

defect

1361461919938740

1362578627327869

DDNS

medium

jreed

new

[b10-ddns] Warning: -v verbose option is ignored at this point.

I enabled b10-ddns component and now get this: [b10-ddns] Warning: -v verbose option is ignored at this point. frequently. My ddns component keeps restarting, that is another ticket. This ticket is simply about this log message is not going to configured logger.

2802

defect

1361468647905056

1362578675673042

documentation

very low

jreed

new

b10-certgen manual synopsis missing

I didn’t explore yet. SYNOPSIS b10-certgen [[-]]

2803

defect

1361468892885221

1362578731288661

logging

medium

jreed

new

cfgmgr output not sent to defined log file

bind10 1.0.0-rc was running and I sent Init shutdown to it. The following didn’t go to the defined log file: 2013-02-21 13:50:18.255 INFO [b10-cfgmgr.cfgmgr/91211] CFGMGR_STOPPED_BY_COMMAND received shutdown command, shutting down

2804

task

1361529402843576

1364307034136724

Inter-module communication

medium

vorner

new

Make sure the ModuleCCSession::groupRecvMsg in blocking mode works even when already started.

When the session is started, an asynchronous read of size 0 is scheduled, to notify when some data come. After that, it checks for incoming command. However, if groupRecvMsg is called after this, it also schedules an asynchronous read (and starts waiting for the read to finish). The two reads then get intermingled and confuse things, losing messages or crashing. We need to solve this, because the session is unusable for rpcCall (see #2768). Currently, auth keeps a second (plain) session, but that is ugly and the plain session doesn’t have the rpcCall. I tried registering an asynchronous read (by groupRecvMsgAsync) and waiting for it to finish in the blocking method, but it didn’t work. I’d propose another solution. Cancel the asynchronous read of size 0 at the start of groupRecvMsg (if it was already started) and return it back after the groupRecvMsg ends. After that, the rpcCall should be usable by auth, so the attached patch could be applied.

2805

enhancement

1361549656739085

1373459663781560

bind-ctl

medium

cas

new

separate “output-options” from the “logger”

A request from the Feb 2013 Amsterdam BIND 10 training: In the current Logging system (1.0.0) is is possible to have multiple loggers write to the same file. However, each logger requites its own “output-options”, with “maxsize” and “maxvar” that can be different. BIND 9 solves this function better, by having the “channel” definition that is then connected to a “category”. The current “logger” configurations are like the BIND 9 categories, with “hardwired” channels. It would be better to have the “output_options” separate from the loggers, and specify the output_option (maybe even named “channel”) with name in the Logger

2806

enhancement

1361549938475114

1373459920353970

logging

medium

cas

new

database “logger”

a request from the Feb 2013 BIND 10 training in Amsterdam: it would be nice to be able to write log information into a (SQL) database. logging to an SQL database would make searching for certain messages easy, and it would ease the task of creating a management interface (web or gui)

2808

defect

1361552054035950

1362578871390089

logging

medium

jreed

new

duplicate IDs in bind10-messages.xml

tools/system_messages.py function processAllFiles looks for all .mes files under the directory passed to it on the command-line. So it will include other .mes files that may be in same location. This resulted in having duplicate IDs in the documentation for every ID for my build. This accident was shipped with the 1.0.0 release. While I should have had a more clean build tree. (I aborted a distcheck which left the duplicate source directory, generated the bind10-messages.xml and html, and ran a new distcheck which removed the old directory first.) This problem could happen to others different ways. My suggestions: 1) The script says “However, this is an error - each ID should be unique in BIND-10.” So make the script error instead of appending the duplicates (n) like it does now. or: 2) list all the know .mes files and only use them. This would be useful also so we can use make rules to regenerate the document if and only if one of them changed. The problem with this is we may forget to maintain the list. Currently there are around 35 message files. or: 3) make the document generation per component. This would be useful especially since in the long run we would want the documents per different release tarballs (for example dhcp-libraries shouldn’t ship docs for b10-auth log messages). But for an all-in-one release like we have now, we can include them all into one huge document again, but would need the list of each again (as above). It would be nice if these docs were available via a tool (like bindctl) by the way.

2809

task

1361561800863086

1368546000005335

cmd-ctl

medium

UnAssigned

jreed

assigned

document the cmdctl REST interface

This task is to document the cmdctl RESTful interface to explain basic interface, and maybe provide some examples. I see: /login and /module_name/command_name And parameters to that are encoded in JSON as a map. (I received a request for this at community meeting at Amsterdam over a year ago and via email this week.)

2810

enhancement

1361567125262481

1365512030850095

build system

medium

UnAssigned

idl0r

new

Fix parallel build

Hi there, now, with that many changes and new features in BIND 10 I’d really like to see a proper build system that properly supports multiple build jobs. The current build system (BIND 10, 9, …) doesn’t handle parallel builds well. I think it’s nowadays very important as there are more and more multi-core/thread systems, not just on the x86 architecture. Building BIND with a single job was and is still slow. Either you should try to somehow fix the dependencies with autotools (I am not sure if that is properly possible at all) or you should consider switching to a different build system (cmake, please don’t consider any other :P). I actually would prefer autotools above cmake but it might fit better for BIND.

2812

defect

1361721167631674

1364305880134960

build system

medium

UnAssigned

cas

new

missing module “_ctypes” in Python3.1 from OpenCSW on Solaris 10 SPARC

I’ve managed to compile BIND 10 without errors on Solaris 10 SPARC, but when I try to start “bind10” it stops with bash-3.00# bind10 Traceback (most recent call last): File “/usr/local/libexec/bind10/b10-init”, line 71, in import isc.cc File “/usr/local/lib/python3.1/site-packages/isc/init.py”, line 7, in import isc.datasrc File “/usr/local/lib/python3.1/site-packages/isc/datasrc/init.py”, line 10, in import ctypes File “/opt/csw/lib/python3.1/ctypes/init.py”, line 7, in from ctypes import Union, Structure, Array ImportError: No module namedctypes testing the import on the Python3 command line: Python 3.1.2 (r312:79147, Sep 10 2011, 18:52:31) [C] on sunos5 Type “help”, “copyright”, “credits” or “license” for more information. dlopen(“/opt/csw/lib/python3.1/lib-dynload/readline.so”, 2); import readline # dynamically loaded from /opt/csw/lib/python3.1/lib-dynload/readline.so >>> import ctypes import ctypes # directory /opt/csw/lib/python3.1/ctypes # /opt/csw/lib/python3.1/ctypes/init.pyc matches /opt/csw/lib/python3.1/ctypes/init.py import ctypes # precompiled from /opt/csw/lib/python3.1/ctypes/init.pyc Traceback (most recent call last): File “”, line 1, in File “/opt/csw/lib/python3.1/ctypes/init.py”, line 7, in from ctypes import Union, Structure, Array ImportError: No module namedctypes Maybe the configure script can test for all the Python modules imported, so that missing modules in Python can be detected early in the build process

2813

enhancement

1361781079211327

1373460088636525

bind-ctl

medium

cas

new

new command “config grep ”

BIND 10 configurations can become large, larger than one screen. When working with “bindctl”, the output often scrolls out of the screen and the user must use the scroll back function of the terminal (if available). This enhancement proposal is for a new bindctl command “config grep”. “config grep” will filter the output based on a simple or regex pattern. Proposed format: config grep <path

all> simple-pattern a simple pattern is just a search term that will be matched config grep <path

all> (regex-patterm) if the search pattern is enclosed inside parentheses, the search-term is treated as a (Python) regular expression. This might be a “low hanging fruit” enhancement for the existing bindctl

2814

enhancement

1361782787491108

1377858380721517

bind-ctl

medium

cas

new

new bindctl command “config clone ”

the new command “config clone ” will make a deep copy of a branch of the configuration and will create a new configuration object at the same level. It can be used to clone loggers, datasources, subnets … the command should not commit the config created. the command should print out the full path of the configuration object created Cloning an existing config part reduces the amount of manual typing required for new configurations.

2815

enhancement

1361782953062577

1373460419977639

bind-ctl

medium

cas

new

“config add” should print the object created

after creating a new configuration object with “config add”, the user will need to fill this configuration. For this, the user must know the full identifier for the configuration object created. the “config add” command should print out the full path of the configuration object created. That saves the user to execute an extra “config show” to get the information.

2816

defect

1361791891804815

1362579300622771

bind-ctl

medium

cas

new

applying “config add” on a non existing index crashes bindctl

Happen twice in the Amsterdam class in Feb 2013: Example: > config add data_sources/classes/IN[2] Traceback (most recent call last): File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 214, in onecmd func = getattr(self, ’do‘+ cmd) AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’ During handling of the above exception, another exception occurred: Traceback : File “/opt/bind10/bin/bindctl”, line 162, in result = tool.run File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 158, in run self.cmdloop File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 138, in cmdloop stop = self.onecmd File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 513, in onecmd Cmd.onecmd File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 216, in onecmd return self.default File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 478, in default self.parse_cmd(line) File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 676, in parse_cmd self.handle_cmd(cmd) File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 462, in handle_cmd self.apply_config_cmd File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 796, in apply_config_cmd cmd.params.get) File “/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 577, in add_value cur_value, = self.get_value(identifier) File “/opt/bind10/lib/python3.3/site-packages/isc/config/config_data.py”, line 603, in get_value value = self.get_default_value(identifier) File “/opt/bind10/lib/python3.3/site-packages/isc/config/config_data.py”, line 522, in get_default_value result = result[list_indices.pop(0)] IndexError: list index out of range

2819

enhancement

1361808345179870

1373460786097123

bind-ctl

medium

cas

Next-Sprint-Proposed

new

configuration file path relative to a BIND 10 “home directory”

BIND 9 has this nice feature to be able to reference every path relative to an “home directory”. The home directory is set in “named.conf” in the options block: options { directory “/var/named”; }; This feature really helps to keep a configuration system-independent, so that it can be moved from one system to another (even to a different platform with a different file system layout). All BIND 10 configuration seems to be absolute when it comes to path- and file-names. It would be good to have a similar way in BIND 10 to specify a “home directory” and to specify all path- and file-names relative to that home directory.

2820

enhancement

1361808705813708

1373461135273265

bind-ctl

medium

cas

new

system/platform independent BIND 10 configuration

It would be a good feature if a BIND 10 configuration would be portable between platform and architectures, so that operators can copy or move a BIND 10 instance from Solaris to Linux or FreeBSD to MacOS X etc. To make this possible care should be taken to not use more system specific information in the configuration as absolute necessary (like interface names etc). It might not be possible to prevent platform specific information inside a configuration, but then it might be good if all platform dependent information is stored together (same configuration path) so that it can be found and changed quickly.

2822

enhancement

1361820189448805

1373461210868983

build system

medium

UnAssigned

cas

new

remove dependecies to OpenSSL, use Botan instead

Version 1.0.0 has an indirect dependency on OpenSSL through the use of “_ssl” in Python. Having to install and maintain 2 different crypto libraries is not ideal for operators. Maybe OpenSSL can be replaced by a Python binding to Botan. Botan seem to already have the seed for Python bindings.

2824

enhancement

1361868436275461

1373637618598593

data source

medium

cas

new

remove dependency for SQLite3 in core system

the current system seem to have a dependency on SQLite3. It is not possible to use the DNS part with master zone files only, or the DHCP parts, on a system that does not have SQLite3 installed. best would be if SQLite3 is only required if it is used for storage based on the configuration.

2828

task

1361999395012536

1373461610441407

build system

medium

UnAssigned

jinmei

Next-Sprint-Proposed

new

include examples in releases

Currently only the m4 macros are included in the tar ball. Since the expected users include possible external developer that uses BIND 10 libraries, it’s better to include it.

2829

task

1362042090496848

1363166254383392

Inter-module communication

medium

vorner

new

Asynchronous read in python isc.cc or isc.config

We may want to have some kind of read on the session with callback. It would be given some criteria on which messages are interesting and the call would be called when such message arrives. See the groupRecvMsgAsync in C++ isc::config::ModuleCCSession. This will be needed for proper notifications.

2830

task

1362121801914222

1372380544506458

Unclassified

medium

jinmei

new

meta: tickets for shared memory data source

- memory segment extension: #2831 - backend extension/refactoring to data source clients: #2832, #2833, #2834, #2835, #2850, #2851, #2852, #2853, #2859, #2906, #2907, #2908, #2943, #2993, #3002 - (not directly in scope, but related) extensions to support applying diffs in memory: #2750, #2751, #2752, #2912, #2913, #2914, #2915 - updates inside in-memory data source: #2836 - the memory manager (note: many of them need msgq updates): #2854 #2855, #2856, #2857, #2858, #2860 - b10-auth updates: #2861, #2862, #2863, #2916 - msgq and CC API updates: #2922, #2930, #2931, (#2932?) - xfrin/ddns updates: #2864 - Others: #2865, #2867 - Handle memmgr restart: #3017, #3018, #3019 - Full reconfiguration: (#2866) #2918, #2919, #2920 Tentative milestones (a 6-sprint plan to complete): - 1st sprint: 1st preparation work. this is mostly invisible to users, but with #2851 we should be able to fix one known issue as a side effect: being able to load zone from a file after a failure due to load error (syntax error in zone file, etc): #2851, #2852, #2853 #2836, #2916, #2922, #2930 - 2nd sprint: 2nd preparation work. no user visible result: #2906, #2907, #2908, #2923, #2854, #2931 (#2943 should be here too) - 3rd sprint: complete basic feature for b10-auth. still not fully workable without memmgr, but at this point we should be able to play with the feature using some quick hack script mocking the mgr behavior: #2861, #2855, #2856, #2862, #2863, #2918 - 4th sprint: complete the shared memory support with data source reconfig: #2857, #2858, #2864 (depends on #3002, not in the milestones), #2919, #2920 - 5th sprint: make faster startup possible: #2912, #2913, #2914, #2915, #2750, - 6th sprint: complete diff support and cleanup: #2751, #2752, #2867 See https://lists.isc.org/pipermail/bind10-dev/2013-April/004579.html for more details of the milestones.

2838

enhancement

1362244242981591

1362251637730532

data source

medium

muks

new

Use AVL tree instead of red-black tree in DomainTree

Aside from the better lookup performance that AVL trees have over red-black trees (at the expense of slower insert time), an implementation to delete nodes from the `DomainTree` when it is a red-black tree is going to be hairy because we no longer have a `NULL_NODE` and use NULL values instead. There are many color combination cases that we will need to handle when deleting from a red-black tree. Each of these will require NULL testing before color testing and it will make our developers lose hair each time they have to look at this code. So I propose we use an AVL tree instead of a red-black tree as the core data structure of the `DomainTree`. AVL trees are easier to understand, maintain code for, and also provide better lookup performance. This bug is to test performance also, when switching from red-black to AVL trees. We should implement this before #2750.

2839

enhancement

1362340748716861

1373461728194384

Unclassified

medium

cas

new

add dtrace probe hooks into BIND 10 (in the performance critical path)

dtrace is a dynamic tracing tool pioneered at SUN and now available on Solaris, MacOS X and FreeBSD. There are also ports to Linux. See http://dtrace.org dtrace is a very good tool to find bottlenecks and the cause of performance issues in production deployments. dtrace probes in BIND 10 would minimize the (performance) impact of doing a dtrace session on BIND 10.

2840

enhancement

1362407115324920

1392917689044366

b10-auth

medium

UnAssigned

cas

DNS Outstanding Tasks

reviewing

RRL: implement a mitigation function against DNS amplifications attacks

DNS amplification attacks are a real pain for DNS server operators. The amount of these attacks has increased in the last months BIND 9, NSD and Knots are now implementing DNS response rate limiting. (I know some ) DNS operators would consider deploying BIND 10 on production systems, but are held back by the lack of a mitigation function against DNS amplification attacks. BIND 9 Response Rate Limiting Patch by Paul Vixie and Vernon Schryver: http://www.redbarn.org/dns/ratelimits NLnetLabs and Univ of Amsterdam: “Defending against DNS reflection amplification attacks” http://www.nlnetlabs.nl/downloads/publications/report-rrl-dekoning-rozekrans.pdf Lutz Donnerhacke - DNS dampening: http://lutz.donnerhacke.de/eng/Blog/DNS-Dampening

rrl

2841

defect

1362518677768833

1363107485345839

build system

medium

UnAssigned

jinmei

new

deal with inet_pton that doesn’t recognize AF_INET6

I’ve received a feedback from a user who tried to build and used BIND 10. The OS is CentOS6 (reportedly), disables IPv6 in the kernel, and apparently its inet_pton doesn’t recognize AF_INET6 (not sure it’s related to the kernel support of IPv6; API-wise it should be independent). This caused at least two known issues: - some test data (generated by src/lib/util/python/gen_wiredata.py) can’t be generated because the genetator script fails to create AAAA rdata. - b10-resolver (and I suspect b10-auth also) failed to start up because its default config has ::1/53 for listen_on, which is considered a syntax error. I’m not sure whether we want to help such environment; it seems to me inet_pton that doesn’t recognize AF_INET6 is so broken and wouldn’t be worth introducing another layer of complexity in our code. But if such a deployment is actually not so uncommon, we may have to do something in our side. Based on discussions at the Mar12 2013 team call, specific suggestion is: - Do #2842 (this will “hide” the first problem for most ordinary users) - Document the second issue with workaround somewhere Regarding the second (the main task of this ticket), my suggestion is to update the description of SRVCOMM_EXCEPTION_ALLOC log message which currently reads: The process tried to allocate a socket using the socket creator, but an error occurred. But it is not one of the errors we are sure are “safe”. In this case it is unclear if the unsuccessful communication left the process and the bind10 process in inconsistent state, so the process is going to abort to prevent further problems in that area. This is probably a bug in the code, but it could be caused by other unusual conditions (like insufficient memory, deleted socket file used for communication). so it will mention the issue. As a workaround we should be able to avoid it by editting the installed resolver/auth.spec excluding IPv6 addresses from listen_on. We document it there, too. And provide some text in ChangeLog.

2842

enhancement

1362518960954718

1364779628194735

build system

medium

UnAssigned

jinmei

new

build option to disable any test related things

See #2841. Aside from its own problem of inet_pton, it occurred to me that it may make sense to allow users to skip building anything related to tests. Most end users don’t care to run these tests, so skipping these tests will help reduce build time further, and it will also help avoid portability or other build time issues that only happen for test only things. Specifically, we’d add a new ./configure option, e.g., `—without-tests`. If it’s specified we don’t build anything under “tests” directories (so, gtests are built only when both `—with-gtest(-source)` and `—with-tests` are specified). `—without-tests` shouldn’t be specified by default for development branches and git master, but we’ll specify it by default for releases.

2844

defect

1362748480154830

1380120395304149

bind-ctl

medium

wlodekwencel

DHCP-QA Defects

new

execute file fails with subnet options

I have config file: config add Dhcp6/subnet6 config set Dhcp6/subnet6[0]/subnet “3000::/64” config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ] config commit config add Dhcp6/subnet6[0]/option-data config set Dhcp6/subnet6[0]/option-data[0]/name “preference” config set Dhcp6/subnet6[0]/option-data[0]/code 7 config set Dhcp6/subnet6[0]/option-data[0]/space “dhcp6” config set Dhcp6/subnet6[0]/option-data[0]/csv-format true config set Dhcp6/subnet6[0]/option-data[0]/data “123” config commit Entered directly works properly, but execute file fails with error: Error: No item 0 in subnet6[0] Depending on the contents of the script, and which commands it has called, there can be committed and local changes. It is advised to check your settings , and revert local changes with “config revert”. but when config is divided to two different files: first: config add Dhcp6/subnet6 config set Dhcp6/subnet6[0]/subnet “3000::/64” config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ] config commit second: config add Dhcp6/subnet6[0]/option-data config set Dhcp6/subnet6[0]/option-data[0]/name “preference” config set Dhcp6/subnet6[0]/option-data[0]/code 7 config set Dhcp6/subnet6[0]/option-data[0]/space “dhcp6” config set Dhcp6/subnet6[0]/option-data[0]/csv-format true config set Dhcp6/subnet6[0]/option-data[0]/data “123” config commit then execute file works. There is no error with: config add Dhcp6/option-data (even with couple ‘config commit’ in it) only when applying option to specific subnet: config add Dhcp6/subnet6[0]/option-data

bindctl, execute file, subnet option

2845

defect

1362755665709614

1394117227665666

b10-auth

medium

shane

DNS Outstanding Tasks

new

CC_TIMEOUT perhaps related to unauthorized NOTIFY?

I got some ERROR messages on my slave server, during normal operations. 2013-03-08 16:02:14.356 INFO [b10-xfrin.xfrin/23059] XFRIN_NOTIFY_UNKNOWN_MASTER got notification to retransfer zone time-travellers.nl.eu.org/IN from 192.16.192.99:53, expected [2001:610:719:1::5]:53 2013-03-08 16:02:14.536 INFO [b10-xfrin.xfrin/23059] XFRIN_XFR_TRANSFER_STARTED IXFR transfer of zone time-travellers.nl.eu.org/IN started 2013-03-08 16:02:14.625 INFO [b10-xfrin.xfrin/23059] XFRIN_IXFR_TRANSFER_SUCCESS incremental IXFR transfer of zone time-travellers.nl.eu.org/IN succeeded (messages: 1, changesets: 2, deletions: 11, additions: 21, bytes: 3164, run time: 0.262 seconds, 12081 bytes/second) 2013-03-08 16:02:18.370 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel 2013-03-08 16:02:18.372 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-03-08 16:02:18.372 ERROR [b10-auth.cc/23060] CC_LENGTH_NOT_READY length not ready 2013-03-08 16:02:18.372 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready 2013-03-08 16:02:33.367 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel 2013-03-08 16:02:33.367 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-03-08 16:02:33.367 ERROR [b10-auth.cc/23060] CC_LENGTH_NOT_READY length not ready 2013-03-08 16:02:33.368 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready I’m not sure, but it looks like perhaps the fact that the host is dual-homed (IPv4 and IPv6) but only has the master configured on one address (IPv6) is causing problems. The zonemgr ‘’’‘’IS’‘’’’ running, and everything is working normally… except for those errors.

2846

defect

1362969503993037

1364306342165076

tests

low

muks

new

UniformRandomIntegerGeneratorTest.IntegerRange failure on Debian

`UniformRandomIntegerGeneratorTest.IntegerRange` failed on Debian: [ RUN ] UniformRandomIntegerGeneratorTest.IntegerRange ../../../../../src/lib/util/tests/random_number_generator_unittest.cc:85: Failure Value of: max() - min() + 1 Actual: 10 Expected: it - numbers.begin() Which is: 9 [ FAILED ] UniformRandomIntegerGeneratorTest.IntegerRange (0 ms) Though this is not easily reproduced, because this is a uniform random number generator and the test expects a uniform distribution, this points to a bug in code. Report: http://git.bind10.isc.org/~tester/builder/BIND10-distcheck/20130311012502-DebianLinux-x86_64/logs/distcheck.out

2847

task

1363035292202704

1364779698043494

data source

medium

jinmei

new

mutable version of DomainTree::find()

To support deleting RRsets from in-memory data source we need to be able to find the corresponding `DomainTree` node, and for that we need a mutable version of the find() method. In the expected scenario we don’t need tricky features like partial match, wildcard or zone cut handling, so we could either share the code with insert() or write a dedicated method (which would essentially be a small subset of insert() and should be quite simple).

2848

defect

1363160643204076

1394442225040780

cmd-ctl

medium

champion_xie

new

b10-cmdctl-usermgr unhelpful output if command missing

#./b10-cmdctl-usermgr Error: no command specified when i copy the file what build done to the directory $PREFIX/etc/bind10 so the commmand cant not excute i hope that give me help Best Regards champion_xie

2858

task

1363331959117730

1392811334537890

shmem manager

medium

UnAssigned

jinmei

DNS Outstanding Tasks

assigned

memory manager update processing

(Revised, based on more details of resulting #2854, although the details may even change more after review, especially about how we handle full data source reconfiguration). Subtask of #2830. Depend on #2857 and #2931. In this (revised) task, we implement membership management for the `MemoryReaders` group and exchanges between the memmgr and readers (whether it’s initial phase or subsequent updates doesn’t matter). As described in http://bind10.isc.org/wiki/SharedMemoryIPC, we’ll use “segment_info_update” and “segment_info_update_ack” messages (commands). Commonly used parameters of these messages are: - generation-id (int): the generation ID of the corresponding configuration. for now (until we support whole datasource reconfiguration), it’s just a placeholder, would always be set to 0 by the sender and ignored by receivers. - data-source-name (str): the data source name - data-source-class (str): textual representation of the RR class of the data source, e.g, ‘IN’ In addition, the “segment_info_update_ack” message has an additional parameter: - segment-params (dict): segment-type specific parameters. only memmgr and `ZoneTableSegment` implementations know its meaning; readers will handle it as opaque data. The ‘loadzone’ command from other modules such as xfrin would take the following parameter: - generation-id (int): same as that for segment_info_update for now. - data-source-name (str): the data source that stores the updated zone - class (str): the RR class of the zone to be loaded (should be consistent with the data source) - origin (str): the origin name of the zone to be loaded Then update `Memmgr` class as follows: - update `_setup_module()` to register notification for the `MemoryReaders` group (this needs #2931), and then add pre-existing readers to all `SegmentInfo` objects (this should be done after add_remote_config). - complete the `handle_builder_result` method: }} - introduce `_mod_command_handler` for the ‘loadzone’ command from other modules, and ‘segment_info_update_ack’ message from readers. the former case would look like: }} and the latter would look like: }} - add `handle_update_ack()` method. this would be called from `_mod_command_handler()` to handle ‘segment_info_update_ack’: #!python def handle_update_ack: # identify the SegmentInfo, then move the reader to the ‘current’ set cmd = sgmt_info.sync_raeder # it will update state if cmd is not None: # send it to the builder - add `handle_reader_notify()` method: this is the callback for group membership notifications (see above): #!python def _handle_reader_notify: if params[0] 'subscribed':<br> reader_id = params[1]['client']<br> for sgmt_info in \<br> self._datasrc_info_list[0].segment_info_map.values():<br> sgmt_info.add_reader(reader_id)<br> param = sgmt_info.get_reset_param(READER)<br> if param is not None: # this can be None in init stage<br> # send segment_info_update command to the reader<br> # with 'param' (and data source name, etc)<br> elif params[0] ‘unsubscribed’: reader_id = params[1] for sgmt_info in br> self.datasrc_info_list[0].segment_info_map.values(): cmd = sgmt_info.remove_reader(reader_id) if cmd is not None: # this triggers SYNCHRONIZING=>COPYING # send it to the builder

2860

task

1363332198769446

1394117471904974

shmem manager

medium

jinmei

DNS Outstanding Tasks

new

optimize initial load: update memmgr

Subtask of #2830. Continuation of #2859. Also depend on #2856. Using the #2859 extension, we complete the optimization. Revise the memmgr initialization so it first checks the existence of the mapped file, and if it does, open (reset) it in the READ_WRITE mode instead of CREATE. If the existing file contains the latest version of the zone, reset_memory_segment() says so and it doesn’t have to actually (re)load it.

2863

task

1363332423403147

1394117241160218

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

handle “segment_info_update” message in b10-auth

Subtask of #2830. Depend on #2862. In this task, we’ll implement the b10-auth side of message exchanges with memmgr as described in http://bind10.isc.org/wiki/SharedMemoryIPC The work at b10-auth is quite simple: for each specified name of data source, call `ConfigurableClientList::resetMemorySegment` in the READ_ONLY mode. If this is during the initial setup, check if all segments are INUSE, and (if holding off until this point), start listening to queries.

2864

task

1363332526476562

1396529433211114

xfrin

medium

jinmei

DNS Outstanding Tasks

new

xfrin and ddns update

Subtask of #2830. Depends on #3002. Update these modules so they send the loadzone command to memmgr in addition to auth. Also make sure b10-auth effectively ignores the command for mapped segments, and memmgr ignores it for local segments.

2865

task

1363332569983397

1373462270928476

tests

medium

jinmei

new

Lettuce tests with memmgr

Subtask of #2830. Write at least some basic cases: initialization and update.

2867

task

1363332744517096

1373462299621715

Unclassified

medium

jinmei

new

Other cleanups for shared memory support

Subtask of #2830 This is a placeholder for any cleanups, deferred tasks, clarifications, etc. Maybe give some high number as a placeholder.

2868

task

1363334304781216

1363334304781216

configuration

medium

jinmei

new

design for realistic config-ng

We’ll need to do some amount of improvements in this area now that we are having complaints from users. Realistically we won’t have enough time for total redesign and reimplementation, but it would also not effective to try each specific issue case by case basis. So we’ll need some middleground approach. This ticket intends to have a concrete proposed plan for this work.

2876

task

1363594763812978

1392917586979419

resolver

medium

vorner

DNS Outstanding Tasks

new

Consolidate the resolver multi-core research

Once the #2873, #2874 and #2875 are done, review them to see they measure the same load (eg. that one is not doing less work than the others because some part of the fake resolution is forgotten). Then run them with reasonable number of threads on multi-core machine (do we have a machine with very high number of cores?) and see what scales how, what is how complex to code for, etc.

2880

defect

1363793349749761

1373462516899440

Unclassified

medium

shane

shane

assigned

b10-stats timeout on cc session

I just checked the log on my server and see the following: 2013-03-17 20:56:27.858 INFO [b10-xfrin.xfrin/25980] XFRIN_NOTIFY_UNKNOWN_MASTER got notification to retransfer zone time-travellers.nl.eu.org/IN from 192.16.192.99:53, expected [2001:610:719:1::5]:53 2013-03-17 20:56:29.030 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel 2013-03-17 20:56:29.101 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session 2013-03-17 20:56:29.113 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel 2013-03-17 20:56:29.149 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session Traceback (most recent call last): File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 218, in receive_full_buffer self.receive_len_data() File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 178, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 164, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/opt/bind10/libexec/bind10/b10-stats”, line 707, in stats.start File “/opt/bind10/libexec/bind10/b10-stats”, line 401, in start self.do_polling File “/opt/bind10/libexec/bind10/b10-stats”, line 271, in do_polling value = self.mccs.rpc_call File “/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 533, in rpc_call reply, rheaders = self.session.group_recvmsg(nonblock=False, seq=seq) File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 301, in group_recvmsg env, msg = self.recvmsg(nonblock, seq) File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 136, in recvmsg data = self.receive_full_buffer File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 233, inreceive_full_buffer raise SessionTimeout(“recv() on cc session timed out”) isc.cc.session.SessionTimeout: recv() on cc session timed out 2013-03-17 20:56:49.245 INFO [b10-init.init/22470] BIND10_PROCESS_ENDED process 14657 of b10-stats ended with status 256 2013-03-17 20:56:49.282 ERROR [b10-init.init/22470] BIND10_COMPONENT_FAILED component b10-stats (pid 14657) failed: process exited normally with exit status 256 2013-03-17 20:56:49.297 INFO [b10-init.init/22470] BIND10_COMPONENT_START component b10-stats is starting 2013-03-17 20:56:49.301 INFO [b10-init.init/22470] BIND10_STARTING_PROCESS starting process b10-stats 2013-03-17 20:56:50.712 INFO [b10-stats.stats/31674] STATS_STARTING starting This same error also happened a few days earlier (2013-03-14 19:41:39.126).

2885

defect

1364202046832240

1364316973099609

data source

medium

shane

new

DATASRC_MEMORY_CHECK_WARNING on chaos zone

With the latest Git version, I get a clean startup, except for the following warning message: 2013-03-25 08:10:45.996 WARN [b10-auth.datasrc_memory/8734] DATASRC_MEMORY_CHECK_WARNING BIND./CH: zone BIND/CH: NS has no address records (A or AAAA) We need a way to disable this.

2886

defect

1364297391101974

1364312892548505

dhcp6

low

wlodekwencel

DHCP Outstanding Tasks

new

dhcpv6 confirm - reply

When I implemented some new tests for dhcpv6, I found that kea6 respond with invalid REPLY message after receiving invalid CONFIRM. Attached file is wireshark session with exchange of messages.

confirm, reply dhcpv6

2889

task

1364383699485440

1364383699485440

dhcp4

medium

tmark

DHCP Outstanding Tasks

new

Derive requirements from RFC2131, Section 4.3

During creation of the v4 robustness tests (Trac #2600), it became apparent that there is a lack of clear requirements for proper behavior. Expand section 4.3 of RFC 2131 into a set of simple requirements, then create a ticket to check the code and tests against those requirements.

2890

task

1364385826674349

1364386224645060

dhcp4

medium

tmark

DHCP Outstanding Tasks

new

Resolve disparaties between ISC_DHCP and b10-dhcp4 in packet handling

During v4.robustness test creation (Trac# 2600) disparities between how ISC_DHCP and b10-dhcp4 respond to certain packet content came to light. For example: 1. In response to a DHCPREQUEST, sent to a server at 172.16.1.1, with giaddr=172.16.1.4, no ciaddr, and request address of 186.16.1.18 ISC_DHCP sends a NAK, while b10-dhcp4 sends an OFFER. 2. In response to a DHCPREQUEST, sent to a server at 172.16.1.1, with no giaddr of 172.16.1.4, no ciaddr, and no request address, ISC_DHCP finds no matching lease and does not respond, b10-dhcp4 responds with an OFFER. 3. In response to a DHCPDISCOVER with relay agent option set o “blah blah blah”, ISC_DHCP detects invalid packet via parsing error, while b10-dhcp4 extends an offer. Trac# 2889 was created to codify requirements for RFC2131, Section 4.3. In conjunction with that effort identification reconciliation of differing behavior between of ISC_DHCP and b10-dhcp4 to various packet content should be conducted. This should include codification of what is and is not a valid inbound packet.

2893

enhancement

1364549540546197

1397640730796484

dhcp4

low

marcin

DHCP Outstanding Tasks

new

Direct DHCPv4 traffic on BSD

Implement server capability to respond directly to the DHCPv4 client which doesn’t have address yet. This task is purly focused on enabling this functionality on BSD systems.

2894

enhancement

1364549596409333

1364549596409333

dhcp4

medium

marcin

DHCP Outstanding Tasks

new

Direct DHCPv4 traffic on Solaris

Implement server capability to respond directly to the DHCPv4 client which doesn’t have address yet. This task is purly focused on enabling this functionality on Solaris.

2895

defect

1364833554382033

1364833554382033

data source

medium

jinmei

new

delete record from DB datasrc should use actual column values for rdata

In `DatabaseUpdater::deleteRRset()`, we pass the underlying datasrc accessor textual form of each RDATA to be deleted. The textual RDATA is converted from the `RRset` object passed to `deleteRRset()`. I’m afraid this is fragile, because some RDATA can be case insensitive in their textual representation while some others cannot, and so the text would be compared in case-sensitive manner at the DB layer (which is the case of our SQLite3 schema and implementation). So, for example, if an NS RDATA is stored in the DB as “NS.EXAMPLE.COM.” and we try to delete it via `deleteRRset()` specifying it as “ns.example.com.”, this wouldn’t work (and it actually doesn’t for our SQLite3 data source). (Note: theoretically, it could happen for other columns (e.g. a single domain name can have several different representations), but I suspect it’s much less likely to happen in practice for other fields.) So I propose revising `deleteRRset()` as follows: - For each RDATA to be deleted, it first gets the underlying textual representation in the DB using `DatabaseAccessor::getRecords()` - Then call `DatabaseAccessor::deleteRecordInZone()` with the string retrieved in the first step - We should probably report it as an exception if not all specified RDATA are found in the DB in the first step.

2896

defect

1364868353569608

1366910315401581

Boss of BIND

low

jreed

jreed

reviewing

change some bind10 process logging from info to debug

By default, logging for shutting down or stopping processes is too verbose. For example: 2013-03-27 22:13:53.397 INFO [b10-init.init/11860] BIND10_COMPONENT_STOP component b10-cmdctl is being stopped 2013-03-27 22:13:53.405 INFO [b10-cmdctl.cmdctl/11867] CMDCTL_EXITING exiting 2013-03-27 22:13:54.409 INFO [b10-init.init/11860] BIND10_PROCESS_ENDED process 11867 of b10-cmdctl ended with status 0 jinmei and I discussed this and we think that BIND10_COMPONENT_STOP and BIND10_PROCESS_ENDED can be debug. Here is a patch: diff —git a/src/bin/bind10/init.py.in b/src/bin/bind10/init.py.in index e57971a..4ad33c5 100755 — a/src/bin/bind10/init.py.in + b/src/bin/bind10/init.py.in @ -821,8 +821,8 @ class Init: if pid in self.components: # One of the components we know about. Get information on it. component = self.components.pop - logger.info, pid, - exit_status) logger.debug, pid, exit_status) if component.is_running and self.runnable: # Tell it it failed. But only if it matters . It is either a core @ -132,9 +133,10 @ descriptor. The error is mentioned, most common reason is that the request is invalid and may not come from bind10 process at all. BIND10_PROCESS_ENDED process 2 of 1 ended with status 3 This indicates a process started previously terminated. The process id and component owning the process are indicated, as well as the exit code. -This doesn’t distinguish if the process was supposed to terminate or not. This debug message indicates a process started previously terminated. The process id and component owning the process are indicated, as well as the exit code. This doesn’t distinguish if the process was supposed to terminate or not. % BIND10_READING_INIT_CONFIGURATION reading b10-init configuration The b10-init process is starting up, and will now process the initial diff —git a/src/lib/python/isc/bind10/component.py b/src/lib/python/isc/bind10/component.py index 2efb376..d758daf 100644 — a/src/lib/python/isc/bind10/component.py + b/src/lib/python/isc/bind10/component.py @ -198,7 +198,7 @ class BaseComponent: # of scope of unittests. if not self.is_running: raise ValueError - logger.info) logger.debug(DBG_TRACE_DATA, BIND10_COMPONENT_STOP, self.name()) self._state = STATE_STOPPED self.stop_internal() Maybe an additional logging for warning could be added if the exit value is not 0. Also I didn’t think much about the debug level. Is this okay? A Changelog entry could be: [func]* b10-init logging identifiers BIND10_COMPONENT_STOP and BIND10_PROCESS_ENDED changed from INFO category to DEBUG so shutdown logging by default will be less noisy.

2897

enhancement

1364987043718973

1373637670650345

Unclassified

medium

shane

new

BIND should log zone serials along with zone name for xfer-in, xfer-out and notify

Joe Abley suggested this for BIND 9, and it makes sense for BIND 10 too: Hi, Feature request: please make BIND9 include the zone serial number for: - log messages concerning NOTIFY messages received - log messages concerning NOTIFY messages sent - log messages concerning AXFR responses sent (xfer-out) - log messages concerning AXFR responses received (xfer-in) Thanks, Joe While we don’t get the zone serial in a NOTIFY as far as I know, we could log the serial that the slave has when it gets the NOTIFY (although we need to be careful that the log message is clear about ‘’which’’ serial we are logging). We have nice information with zone transfers, it seems weird that we didn’t think to include such basic information. :)

2900

defect

1365088176786513

1392667618961264

logging

medium

muks

new

Investigate and fix mixed and missing log messages

This is a ticket created after #2198 has been merged. Even with a mutex lock to mutually synchronize threads, we still see the mixed and missing log messages. The latest observation is that writes between lock…unlock seem to be buffered and happen later after the unlocks happen. This especially seems to be triggered by the lettuce tests, where BIND 10 output is redirected using `subprocess.Popen`. This is a ticket to investigate this behaviour, and fix the problem. Consider this as a meta ticket, keeping track of the issue until the final resolution. The currently suggested development subtask is #3000

2910

defect

1365685367214391

1392917482609524

resolver

medium

jreed

DNS Outstanding Tasks

new

RESOLVER_QUERY_DROPPED and RESOLVER_QUERY_REJECTED should not be INFO

By default, RESOLVER_QUERY_DROPPED and RESOLVER_QUERY_REJECTED are INFO level. This can be very noisy. For example, on one abused system, I am getting multiple each second using the same IP and port. Let’s move this from INFO to some DEBUG level. As part of this ticket, please also document how to log just these specific details when desired. (If that is not possible, please open a new ticket.)

2912

task

1365715105049245

1366652046884911

data source

medium

jinmei

new

make in-memory zone data loader a class

This is a first step to make it possible to apply a set of diffs of a zone from a `ZoneJournalReader` into in-memory zone data (so we can reflect IXFR/DDNS changes more quickly, and also eventually use it at start up time with mapped memory segment). Specifically, we’ll make the `ZoneDataLoader` class defined in memory/zone_data_loader.cc visible publicly (in practice, though, we still intend to “hide” it inside the “memory” namespace), and replace `loadZoneData()` with the new class. The revised `ZoneDataLoader` class should look like: #!cpp class ZoneDataLoader { // Constructor for full load, from a zone file ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&, const std::string&); // Constructor for full load, from zone iterator ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&, ZoneIteratorPtr); #ifdef notyet // Constructor for apply diff, from zone journal reader. // The ZoneData* parameter will point to the current zone data // to be updated. ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&, ZoneJournalReaderPtr, ZoneData); #endif // This corresponds to the current loadZoneData. ZoneData load(); // Incremental version of load(). works like // dns::MasterLoader::loadIncremental() pair loadIncremental(size_t count); // effectively, for the journal version only. for full load, this is // no-op. void commit(); }; `loadIncremental` is not absolutely necessary, but I’ve been feeling we’ll eventually want to switch to this mode even when we load in background or in a separate memmgr process so we can react to shutdown quickly even in the middle of loading a huge zone. I believe it’s not difficult to convert the current implementation to an incremental one and make load() a trivial wrapper of it. Note that until we also convert `CacheConfig` and `ZoneWriter`, we still need to use the function versions. So, the function version would instantiate this class object and call its load() in the mean time. In some sense this is just a refactoring of existing code. So I believe this is not really difficult.

2913

task

1365716592814222

1366652064795712

data source

medium

jinmei

new

update CacheConfig and ZoneWriter using class version of ZoneDataLoader

This is a followup of #2912 and depends on it (also depends on #2834 but assuming it’s merged by the time we work on this task). We’ll update the `CacheConfig` class as follows: #!cpp class CacheConfig { public: // A factory to create zone data loader with the context of cache config. typedef boost::function const Name&, ZoneData*) ZoneDataLoaderFactory; // this will replace getLoadAction. cache_client and options won’t be // used for now. cache_client will be the corresponding InMemoryClient // and options are some numeric type that supports operator

(logical or). // it mostly works like getLoadAction(), but returns a factory functor // (defined above) depending on the cache configuration. ZoneDataLoaderFactory createZoneDataLoader( const RRClass& rrclass, const Name& zname, DataSourceClientPtr cache_client, Options options); } We’ll also update `ZoneWriter` (it’s not a base class after #2850) so - its constructor takes `ZoneDataLoaderFactory` - load and install methods will be revised as follows: #!cpp void ZoneWriter::load() { // loader_ is of scoped_ptr loader.reset, zclass, zname, segment>getHeader.getZoneTable)); loader_>load(); } void ZoneWriter::install() { loader_>commit; // note that it’s no-op for now table>addZone(); } When this is done, we could remove the function versions of `loadZoneData()` (but we could keep them if we find it convenient). We can also remove `CacheConfig::getLoadAction()` and load_action.h. Also, if the work so far is not big, consider adding `loadIncrement(count)` to ZoneWriter. That should be basically trivial.

2914

task

1365717376368163

1366652073190204

data source

medium

jinmei

new

extend ZoneDataLoader so it can use a journal reader

This is a continuation of #2912, depends on it and #2752. We’ll implement the `notyet` part of #2912. #!cpp class ZoneDataLoader { public: // Constructor for apply diff, from zone journal reader. // The ZoneData* parameter will point to the current zone data // to be updated. ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&, ZoneJournalReaderPtr, ZoneData*); // in the “journal” mode this method performs all the updates passed // from the journal reader to the zone data given on construction. // note that we cannot do this in load() because it modifies the current // working zone data (for memmgr this actually doesn’t matter, but for // “local” segment it’s critical). void commit(); }

2915

task

1365718677135207

1366652082988645

data source

medium

jinmei

new

update CacheConfig to support diff mode

Continuation of #2912, depend on #2913 and #2914. This task completes the sub feature of “loading diffs”. We update `CacheConfig::createZoneDataLoader()` further: - define a few options: at least FORCE_FULL_LOAD and DIFF_OK. The default is DIFF_OK, not FORCE_FULL_LOAD. - if the zone is to be loaded from file, it’ll always result in full load - otherwise, the logic would look like this: #!cpp if (cache_client && (options & (FORCE_FULL_LOAD

DIFF_OK)) DIFF_OK) {<br> // get it from zone SOA in cache_client<br> const dns::Serial cache_serial;<br><br> // get it from zone SOA in datasrc_client<br> const dns::Serial latest_serial;<br> if (cache_serial latest_serial) { return (/* return a factory that would create a special no-op loader, see below */); } else if (cache_serial < latest_serial) { jnl_reader = datasrc_client.getJournalReader(cache_serial, latest_serial); return (/* factory using the journal reader */); } else { // maybe throw as it shouldn’t happen, or maybe fall back to // full load } } return (/* factory for full load from iterator */); For the special no-op loader mentioned above, we’ll make a slight update to `ZoneDataLoader`: #!cpp class ZoneDataLoader { public: // A special no-op mode. load() variants return given ZoneData intact, // commit() is no-op. ZoneDataLoader(ZoneData*); `ZoneWriter` won’t need to be updated.

2918

task

1365784751964295

1373637932449356

configuration

medium

jinmei

new

support config generation ID

For some types of configuration we’ll need to be able to distinguish different versions (“generations”) so we can gracefully migrate one to another. We’ll specifically need this concept for data sources, for which the user modules need to keep an old version while a new one is being prepared, and multiple modules may need to exchange information on old or new versions of the config. So, in this task, we’ll introduce the concept of config “generation ID”, implement it in cfgmgr and data_sources config spec. A configuration item for a module will have following items at its top level: - “generation-id-mode” (string): “none” or “auto”, default is “none” - “generation-id” ((unsigned) int): monotonically increasing ID of the configurations of that module. The latest ID is saved in b10-config.db and will be used on restart. When cfgmgr gets config update, it examines the top level of each module config to see if it contains “generation-id-mode” and it’s set to “auto”. If both are the case, it checks a “generation-id” item (if not yet defined assume it to be 0“, increment it by one, and distribute the config to user modules and save it with the updated generation ID. Revised data_sources config would look like: ”data_sources“: { ”generation-id-mode“:”auto“, ”generation-id“: 42, ”classes“: { ”IN“: [{ ”type“:”sqlite3“, ”params“: {”database_file“:”zone.sqlite3" } }] } }

2919

task

1365785025855147

1394117481043626

shmem manager

medium

jinmei

DNS Outstanding Tasks

new

handle full data source reconfig in memmgr

subtask of #2830, depend on #2918 (and other memmgr tasks). In this task we’ll implement this: http://bind10.isc.org/wiki/SharedMemoryIPC#a6.2.MemoryManagerBehavior (we might still have to further break down this task into a few subtasks, but at the moment we define it as a single task). Be careful about merge timing: we may not be able to merge it without making corresponding changes to the user modules (at least auth).

2920

task

1365785282056001

1394117253170375

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

handle full data source reconfig with shmem support in b10-auth

subtask of #2830, depend on #2918 (and other updates to auth for shmem support). In this task we implement this: http://bind10.isc.org/wiki/SharedMemoryIPC#a6.3.ReaderBehavior (we might still have to further break down this task into a few subtasks, but at the moment we define it as a single task). Be careful about merge timing: we may not be able to merge it without #2919 (but possibly we can, depending on we can include the generation-id in existing segment_info_update message).

2921

task

1365785787275480

1373637987951671

data source

medium

jinmei

new

update ConfigurableClientList to support generation ID

subtask of #2830, depend on #2918. We’ll extend the `datasrc::ConfigurableClientList` class so that: - it understands the new “generation-id” config item and remembers it internally - it has a new method `getGenerationID()` that returns the numberic ID of that configuration. We’ll also update the Python wrapper so it supports `getGenerationID()`.

2924

defect

1366666973923993

1373638016126949

xfrout

medium

jinmei

new

source address of notify response should be checked

`isc.notify.notify_out._get_notify_reply()` doesn’t check if the source address of the message is identical to the expected one. As far as I can see this is not a connected socket, so it’s possible to receive data from an unintended source. It should check the address, and if it’s different it should keep waiting (not resending a new one).

2926

defect

1366899391171367

1373638122869188

bind-ctl

medium

vorner

new

Delete followed by add in a list should restore defaults

If I delete the last item of a list and then immediately add it again, I’d expect it to be a fresh new instance of the item, full of juicy new values, not the old crap I deleted before: > config show Xfrout/also_notify Xfrout/also_notify[0]/address “46.255.230.98” string Xfrout/also_notify[0]/port 53 integer Xfrout/also_notify[1]/address “1.2.3.4” string Xfrout/also_notify[1]/port 1234 integer > config remove Xfrout/also_notify[1] > config show Xfrout/also_notify Xfrout/also_notify[0]/address “46.255.230.98” string (modified) Xfrout/also_notify[0]/port 53 integer (modified) > config add Xfrout/also_notify > config show Xfrout/also_notify Xfrout/also_notify[0]/address “46.255.230.98” string (modified) Xfrout/also_notify[0]/port 53 integer (modified) Xfrout/also_notify[1]/address “1.2.3.4” string Xfrout/also_notify[1]/port 1234 integer

2927

defect

1366910627175412

1366913251407166

data source

low

jreed

new

AUTH_DATASRC_CLIENTS_BUILDER_STARTED should be DEBUG

Instead of INFO, AUTH_DATASRC_CLIENTS_BUILDER_STARTED should be DEBUG. As it is now, it is just noise and is not useful for a DNS operator. (Who cares if “data source builder thread started”?)

2928

enhancement

1366959449207886

1373638177062172

logging

medium

muks

new

Include the debug log level in log messages

Include the log level in log messages, so that an admin will know what log level to set when updating config. This is an action item from [[April2013MeetingDNSWednesday20130417]].

2929

enhancement

1366959612492890

1373638241999995

tests

medium

muks

new

Add a lettuce test where multiple sqlite3 datasources are in use

Add a lettuce test where multiple sqlite3 datasources are used. This is an action item from [[April2013MeetingDNSFriday20130419]].

2933

enhancement

1367203593009797

1373638286959650

bind-ctl

medium

muks

new

Implement GUI bindctl tool

This is a ticket to implement a GUI bindctl tool. Don’t include this ticket in any sprints yet. It’s just a placeholder so I can push some local work to a branch.

2936

defect

1367326096860214

1367326096860214

dhcp

medium

stephen

DHCP Outstanding Tasks

new

IfaceMgr::getIface() update should return a shared_ptr instead of a raw pointer

This was noticed in the review of #2467, and is part of a programme to remove “raw” pointers from the DHCP code.

2941

defect

1367581777743715

1373638547377770

logging

medium

jreed

new

logging configuration is too late

My logging is DEBUG debuglevel 1 but I received lots of AUTH_PACKET_RECEIVED and AUTH_SEND_ERROR_RESPONSE Now I see that happened in the same second before: 2013-05-03 11:27:40.980 DEBUG [b10-auth.config/59538] CONFIG_LOG_WILD_MATCH will use logging configuration for wildcard logger * Then that high debugging goes away. This problem doesn’t happen if set to INFO. So it appears it knows it is DEBUG, but doesn’t know its level.

2948

enhancement

1368108248904407

1397640730796484

dhcp6

low

marcin

DHCP Outstanding Tasks

new

DHCPv6: implement Decline message support.

Currently, Kea has a stub implementation for Decline messages. It creates ‘’empty’’ Reply messages (with no options). The logic to process Decline messages should be added.

2949

enhancement

1368108325471382

1397640730796484

dhcp6

low

marcin

DHCP Outstanding Tasks

new

DHCPv6: implement InformationRequest message support.

Currently, Kea has a stub implementation for INORMATION_REQUEST messages. It creates ‘’empty’’ Reply messages (with no options). The logic to process InformationRequest messages should be added.

2950

defect

1368119759340360

1369731768309509

build system

medium

UnAssigned

jinmei

new

suppress tautological-constant-out-of-range-compare warning of clang++

Build of BIND 10 fails with a recent version of clang++ if with `-Werror` due to the following warning: message.cc:498:17: warning: comparison of constant 4 with expression of type ‘const isc::dns::Message::Section’ is always false [-Wtautological-constant-out-of-range-compare] if (section >= MessageImpl::NUM_SECTIONS) { We cannot skip such checks if we want to protect our code from buggy application (either developed by ourselves or others). So I propose just suppressing this warning globally in configure.ac.

2952

defect

1368125174265248

1373638825051585

data source

medium

jinmei

new

cfgmgr produces confusing/misleading warning log about MasterFiles datasrc

It complains about like this: 2013-05-09 17:28:12.399 WARN [b10-cfgmgr.datasrc/18193] DATASRC_LIST_NOT_CACHED zones in data source MasterFiles for class CH not cached, cache disabled globally. Will not be available. 2013-05-09 17:28:12.399 WARN [b10-cfgmgr.datasrc/18193] DATASRC_LIST_NOT_CACHED zones in data source MasterFiles for class IN not cached, cache disabled globally. Will not be available. which is confusing as there’s actually nothing wrong in the configuration. We should probably lower the log level and reword the log message.

2953

defect

1368189674447159

1373638876436511

statistics

medium

jreed

StatsRedesign

new

document for bindctl how to query individual Auth stats

How can I query individual Auth stats with bindctl? I recall I used to be able to retrieve a single stat. I have tried many ways, like: > Stats show owner=Auth name=zones.SERVER { error “specified arguments are incorrect: owner: Auth, name: zones.SERVER” } > Stats show owner=Auth name=zones.authqryrej { error “specified arguments are incorrect: owner: Auth, name: zones.authqryrej” } > Stats show owner=Auth name=zones.SERVER.request.v6 { error “specified arguments are incorrect: owner: Auth, name: zones.SERVER.request.v6” } Let’s document this better in the manpage and guide. (Also the guide example of Stats show has old Auth style example, but maybe that is okay.)

2958

enhancement

1368442088242459

1368624457667204

dhcp

medium

stephen

DHCP Outstanding Tasks

new

DHCP-DDNS: DHCP4 configuration parameters

Extend the DHCP4 server to add configuration parameters controlling the DDNS operation of the DHCP4 server.

2959

enhancement

1368442121690891

1368624484706872

dhcp

medium

stephen

DHCP Outstanding Tasks

new

DHCP-DDNS: DHCP6 configuration parameters

Extend the DHCP6 server to add configuration parameters controlling the DDNS operation of the DHCP4 server.

2961

enhancement

1368612787408179

1373892105514946

Boss of BIND

medium

cas

Next-Sprint-Proposed

new

Updating the python version can break BIND 10

I had BIND 10 1.0.0 installed on Debian 6. I had then updated Debian to Version 7. After the update, BIND 10 was not working anymore. The error message was: root@m3:~# bind10 /usr/local/sbin/bind10: 8: exec: /usr/local/libexec/bind10/b10-init: not found The problem was the shebang line: #!/usr/bin/python3.1 while I could solve this issue by re-compiling BIND 10, it might be a stubling block for DNS admins. Proposal: make the “bind10” start script intelligent to check the python3 version and a) if no suitable python version found, give a good error message b) if an version is found that could lead to issues, log a warning c) update the BIND 10 python modules (maybe via a wrapper or setting a environment variable) and start BIND 10

2963

defect

1368824667610671

1394117263853135

b10-auth

medium

jinmei

DNS Outstanding Tasks

new

XfroutClient::disconnect must not throw

I’ve noticed b10-auth sometimes crashed at the end of its shutdown process. On a closer look it’s because `XfroutClient::disconnect()` throws: #!cpp asio::error_code err; impl->socket.close(err); if (err) { isc_throw(XfroutError, “close socket failed:” << err.message()); } and its caller, the destructor of `AuthSrvImpl` didn’t catch it. I’ve not fully figured out why close() fails; it somehow seems to be related to the xfrout’s behavior. There can be several ways to fix it, but since `XfroutClient` itself is quite broken like other xfr stuff and should be replaced with the generic `SocketSessionForwarder` in future (maybe part of the xfr rewrite work), I propose one quick fix: just not throw here. Hiding an error is not really good, but in practice this only happens while shutting down b10-auth, so there’s not much we can do from this situation anyway. And, again, we should get rid of the `XfroutClient` stuff in a bit longer term.

2965

defect

1368825047684943

1392917648348322

xfrout

medium

jinmei

DNS Outstanding Tasks

new

xfrout should use general datasource configuration, not Auth/database_file

subject should say all. we’ll need this by the time we support non-SQLite3 based data source, so it’s probably the time to schedule it. More specifics based on #2964: - import ‘data_sources’ module instead of ‘Auth’ as a remote module. See `Xfrin` constructor. - maintain `isc.server_common.DataSrcClientsMgr` object and call its reconfigure() from the remote config update callback for the data_sources module. See `Xfrin.datasrc_config_handler`. - when a data source is necessary, get it from the `DataSrcClientsMgr` using its `get_client_list`. See xfrin_start. - then remove any reference to auth module, “db_file”, sqlite3 specifics, etc. In the case of xfrout, there’s one tricky point: `XfroutSession.get_zone_soa()` needs to use `ZoneFinder`s. This cannot be done by multiple threads (on the same shared data source client) at the same time, so this call should use some synchronization. Changes to notify_out module will also non trivial, so I suggest moving that part into a different ticket. Until it’s done, xfrout will still keep the old `Auth/database_file`, db_file, etc.

2966

defect

1368825131307527

1370931629116835

DDNS

medium

jinmei

new

ddns should use general datasource configuration, not Auth/database_file

subject should say all. we’ll need this by the time we support non-SQLite3 based data source, so it’s probably the time to schedule it. More specifics based on #2964: - import ‘data_sources’ module instead of ‘Auth’ as a remote module. See `Xfrin` constructor. - maintain `isc.server_common.DataSrcClientsMgr` object and call its reconfigure() from the remote config update callback for the data_sources module. See `Xfrin._datasrc_config_handler`. - when a data source is necessary, get it from the `DataSrcClientsMgr` using its `get_client_list()`. See xfrin_start(). - then remove any reference to auth module, “db_file”, sqlite3 specifics, etc. In the case of DDNS, I think we’ll update the helper `isc.ddns.ZoneConfig` so that: - it will internally maintain `DataSrcClientsMgr`, instead of taking a specific datasrc_client in the constructor. - it will have a new “reconfigure_datasrc()” method, which calls `DataSrcClientsMgr.reconfigure()` - its find_zone() will first identify the corresponding data source client list for the class, and then call find() to get the data source client to use. The main DDNS module will call `ZoneConfig.reconfigure_datasrc()` from the remote config update callback for the data_sources module. DDNS is not threaded, so we don’t have to worry about inter-thread implications.

2970

defect

1369308456862408

1369308456862408

dhcpdb

medium

stephen

DHCP Outstanding Tasks

new

MySqlLeaseMgr uses wrong function to retrieve error text

mysql_lease_mgr.cc: in some places the wrong function is used to retrieve error text if a MySQL function fails. Currently mysql_error() is used in all cases. This is wrong: the code should use mysql_stmt_error() if a mysql_stmt_xxx() statement fails and mysql_error() elsewhere.

2971

defect

1369319124131917

1369319124131917

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Create config-based workaround for FreeBSD 8.1 issue kern/155606

The IfaceMgrTest::sendReceive4 unit test fails on FreeBSD 8.1-RELEASE when trying to receive packet over closed socket. Test expects exception to be thrown, while nothing is thrown. This has been tracked down as an issue in FreeBSD and the corresponding bug has been found: http://www.freebsd.org/cgi/query-pr.cgi?pr=155606 As a quick solution, the relevant part of the test has been disabled on BSD systems. We need to have a config based solution for it.

2985

defect

1369927252002214

1373893073032177

dhcp4

low

jankowsr

DHCP Outstanding Tasks

new

rfc 2131 vs monitoring network interfaces

As of now kea does not monitor the state of network interfaces. It does not utilize network interfaces started after b10-dhcp4 module initialization. This means it’s not quite compliant with the following part of RFC 2131: “The ‘server identifier’ field is used both to identify a DHCP server in a DHCP message and as a destination address from clients to servers. A server with multiple network addresses MUST be prepared to to accept any of its network addresses as identifying that server in a DHCP message.” How to reproduce: config add Init/components b10-dhcp4 config set Init/components/b10-dhcp4/kind dispensable config commit start new network interface send DHCP discover to this new interface Expected Result: server should respond to DHCPDISCOVER Actual Result: server will discard DHCPDISCOVER

dhcpv4

2988

defect

1370367751269469

1394114709816606

logging

medium

jreed

jinmei

Common Outstanding Tasks

assigned

check and report log4cplus rotation issues

see http://bind10.isc.org/ticket/1622#comment:34 There’s still an issue of log4cplus in log file rotation (some log messages can go to an already rolled file). Check if latest versions of log4cplus (1.1.1 and 1.1.2rcX) still have this issue (from a quick look at changelogs they still seem to have the problem), and if they do, report it to the log4cplus developer.

2989

defect

1370386258827113

1392810712428266

xfrout

medium

UnAssigned

jinmei

DNS Outstanding Tasks

reviewing

Python notify_out module should use general datasource configuration, not Auth/database_file

This is a subtask of #2965. We’ll update the isc.notify.notify_out module to get rid of the reference to the `Auth/database_file` config, etc. More specifics based on #2964: - import ‘data_sources’ module instead of ‘Auth’ as a remote module. See `Xfrin` constructor. - maintain `isc.server_common.DataSrcClientsMgr` object and call its reconfigure() from the remote config update callback for the data_sources module. See `Xfrin._datasrc_config_handler`. - when a data source is necessary, get it from the `DataSrcClientsMgr` using its `get_client_list()`. See xfrin_start(). - then remove any reference to auth module, “db_file”, sqlite3 specifics, etc. A tricky point of notify_out is that it’s also run on a different thread, and uses `ZoneFinder` in various places. We could share it with the main xfrout threads with careful synchronization, but that will make the already messy implementation (wrt the naive use of threads) even messier. So my suggestion is to create and use a separate `DataSrcClientsMgr` in the notify_out module. In the main xfrout module, when a config update for the data_sources module is delivered, it will reconfigure the main and notify’s `DataSrcClientsMgr`. It’s a bit redundant, but resource-wise it shouldn’t be that heavy in practice as we’ll simply maintain two separate SQLite3 connections (so the cost is independent from the size or number of zones, for example). When we re-design and implement xfr’s we can handle it in a cleaner way. On completion of this task, we can fully get rid of the old stuff from xfrout. We should also be able to remove Auth/database_file from lettuce tests on xfrout.

2990

defect

1370411524478705

1374494096451233

data source

medium

jinmei

new

cleanup: remove Auth/database_file and datasrc.sqlite3_ds

Once #2964, #2965, #2966, #2967, #2989 are completed, we should be able to remove the Auth/database_file config item from its spec. We should also be (basically) able to remove the isc.datasrc.sqlite3_ds module. This ticket will do these cleanups. Removing sqlite3_ds will require some non trivial task, as some tests are still using it. We’ll need to replace it using new API classes (or simply remove it if we can).

2991

defect

1370428614067532

1370931679929527

data source

medium

muks

new

Fix ListTest.reloadNotAllowed testcase

Now that we have `getCachedZoneWriter()`, the `ListTest`s use that in #2853 to fetch a `ZoneWriter`. This approach does not work for getting at a `ZoneWriter` when the cache is disabled. Hence `ListTest.reloadNotAllowed` testcase is broken as it tries to call `prepareCache()` with `enabled=true` when the cache is actually disabled. While it’s straightforward to update it, I don’t know what the purpose of this test is, and whether it should be kept still. So this ticket is created.

2996

defect

1370629381515886

1373893258752481

configuration

very low

jreed

new

check —with-boost-include and —with-pythonpath configure options

Have configure check if the —with-boost-include and —with-pythonpath configure options have the corresponding arguments. One report showed errors like: checking for in-TU anonymous namespace breakage… no yes: invalid option — ‘c’ Try `yes —help’ for more information. (standard_in) 1: syntax error ./configure: line 15222: test: !=: unary operator expected yes: invalid option — ‘c’ Try `yes —help’ for more information. On my system it just hangs. This is low priority since a workaround is trivial.

3002

task

1371069224275362

1373890663973651

data source

medium

jinmei

new

extend datasrc::(Configurable)ClientList::find to return data source name

This will be needed for the shared memory support, so it’s a subtask of #2830. For xfrin and ddns to tell memmgr to reload the updated zone, they need to specify the corresponding data source name. We currently don’t have an interface to make it possible and need to extend the API. My suggestion is to revise `ConfigurableClientList::find()` so it can optionally return the data source name: #!cpp virtual FindResult find(const dns::Name& zone, bool want_exact_match = false, bool want_finder = true, bool want_datasrc_name = false) const; And also revise the `FindResult` structure in the obvious way. If `want_datasrc_name` is true, the find() method will copy the data source name to `FindResult`; if it’s false it will probably be an empty string. We also need a Python wrapper (actually we’ll only need the Python wrapper for the feature). And, as usual, there’ll be a confusion of whether this should be a virtual method and be implemented in the base `ClientList` class. Technically, the answer is yes because C++ applications are expected to use the `ClientList` interface only.

3004

defect

1371468693612286

1391014987139035

Unclassified

medium

vorner

DHCP Outstanding Tasks

new

Cppcheck 1.60.1 and out of bounds access

The cppcheck 1.60.1 produces several warnings in form: #!c++ src/lib/dhcpsrv/tests/mysql_lease_mgr_unittest.cc:748: check_fail: Array ‘leases[2]’ accessed at index 2, which is out of bounds. (error,arrayIndexOutOfBounds) They are all from dhcp code and look like serious programmer error (though they are in the tests).

3005

defect

1371469149326380

1373891021200955

Unclassified

medium

vorner

new

New reports from cppcheck 1.60.1

As always, there are new reports with new version. There are three groups. * Reports about array bounds in DHCP code. A separate ticket #3004 was created for them. * Complains about assert, like: src/lib/util/random/random_number_generator.h:113: check_fail: Assert statement calls a function which may have desired side effects: ‘areProbabilitiesValid’. (warning,assertWithSideEffect) I believe these are false positives, because these methods both don’t have side effects and we want not to call them in case someone uses `NDEBUG`, as these are the checks he wanted to turn off by that. * Bunch of unmatched suppressions. I don’t know what to do with them, as they are needed for older cppchecks, but are noisy on the new ones. Possibly suppress the warning about bad suppressions.

3009

defect

1371767659722142

1380799057850114

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6 relay-forward bug

Tests performed on GIT version of Bind downloaded 9.06.2013 DHCPv6 server accept as a valid message Relay-forward message with included not permitted options for Relay-Forward as: clientID serverID rapidcommit preference To reproduce this bug plz use Forge project and use test with “realy_invalid” tag or build Relay Forward msg with Scapy e.g. IPv6(dst = address)/UDP(sport=546, dport=547)/DHCP6_RelayForward(linkaddr=“3000::ffff”, peeraddr=SRV_IPV6_ADDR, hopcount = level)/DHCP6OptIfaceId(ifaceid = “15”)/DHCP6OptClientId()/DHCP6OptRelayMsg()/DHCP6_Solicit() attached wireshark capture.

relay-forward

3012

defect

1372181858853448

1373904872302872

build system

medium

UnAssigned

jinmei

new

man_MANS rule in Makefile needs some cleanup

many of `Makefile.am` files have the following rule: $(man_MANS): echo Man generation disabled. Creating dummy $. Configure with —enable-generate-docs to enable it. echo Man generation disabled. Remove this file, configure with --enable-generate-docs, and rebuild BIND 10 > $ The echoed message doesn’t seem to make perfect sense. At least it’s redundant in that it repeats the same configure switch twice. We should need some cleanup here, and make the cleanup throughout the source tree. I suspect this rule was introduced by Jeremy and he’d be the best person to handle this issue.

3013

task

1372182709182412

1394117489645150

shmem manager

medium

jinmei

DNS Outstanding Tasks

new

possibly avoid loading “local” segments to memmgr

As of #2854 the memmgr module uses the common `DataSrcClientsMgr` class (defined in the isc.server_common.datasrc_clients_mgr module) to manage data source configuration. This means memmgr loads all “local” type memory segments even if it doesn’t need them at all. Technically, it’s a waste of memory and CPU cycles. We first need to decide whether we want to avoid this “waste” as it may not matter much in practice. If the waste is big enough, we’d actually rather want to share it; if it’s not that big, it would be negligible in practice. So my specific suggestion is to just wait until we know this is really a problem to solve in practice. In that sense this is a kind of meta ticket and cannot be estimated right now.

3017

task

1372295676412445

1373891238655673

data source

medium

jinmei

new

add isDirty() to ZoneTableSegment

This task implements the `ZoneTableHeader` extension as described in https://lists.isc.org/pipermail/bind10-dev/2013-June/004691.html Specifically, we add a new virtual method to `ZoneTableSegment`: #!cpp class ZoneTableSegment { public: virtual bool isDirty() const = 0; … }; and implement it for both `ZoneTableSegmentLocal` and `ZoneTableSegmentMapped`. For the former, it’s effectively unused for our shared memory support (and can return anything), but considering it’s always writable, its `isDirty()` would always return true. For `ZoneTableSegmentMapped`, A possible implementation would be as follows: - introduce a new named address (tentatively named “zone_table_dirty” for a bool value) in the underlying (mapped) memory segment. make sure it’s always set for a valid `ZoneTableSegmentMapped` (so we’ll first set it to true on creation and keep the address since then). - Extend the “not create” case of `ZoneTableSegmentMapped::processChecksum()` so that it first checks the existence of “zone_table_dirty”, sets it to true and then check the checksum. - Extend `ZoneTableSegmentMapped::sync()` in case the segment is writable so that: - If it’s called from methods other than the destructor, then after calculating and setting the checksum, set the value of “zone_table_dirty” to false. - If it’s called from the destructor, leave the value of “zone_table_dirty”. This trick is to ensure that if the zone table segment is unexpectedly closed in the middle of updates (probably due to an exception and automatic call to the destructor), we’ll consider the segment still dirty. The (builder thread of) memmgr will explicitly reset it after successfully making updates (see the end of bind10.isc.org/ticket/2856 description), thereby clearing the “dirty” mark. The `isDirty()` method itself should be straightforward: #!cpp bool ZoneTableSegmentMapped::isDirty() const { return (isWritable()

(mem_sgmt_ && *mem_sgmt_->getNamedAddress(“zone_table_dirty”))); }

3018

task

1372296018803862

1373891249465127

data source

medium

jinmei

new

extend ConfigurableClientList::getStatus() to indicate if zone table segment is dirty

It’s continuation of #3017 and depends on it (actually mostly independent from details of #3017, but probably easier to test with a complete implementation of #3017). Specifically we extend `DataSourceStatus` to have `isSegmentDirty()` method (returning bool). `getStatus()` ensures that `isSegmentDirty()` will return true iff the zone table segment exists and its `isDirty()` returns true. Also update the Python wrapper accordingly.

3019

task

1372297210441515

1394117503781102

shmem manager

medium

jinmei

DNS Outstanding Tasks

new

update memmgr to handle restart cases correctly

This task implements the proposed idea at the memmgr described in https://lists.isc.org/pipermail/bind10-dev/2013-June/004691.html It depends on #3018 (with a mock we may be able to work on this task in parallel with #3018). Specifically, we update the constructor of `isc.memmgr.datasrc_info.MappedSegmentInfo`. Instead of always assuming `reader_ver` is None and `writer_ver` is 0, it should check if the “.0” and “.1” files exist. If the file exists, it tries to reset the segment in the read only mode and sees if it’s dirty (it’ll need to call get_status() again). - If “.0” is (existent and) non-dirty while “.1” isn’t, `reader_ver` should be “.0” and `writer_ver` should be “.1” - If “.1” is (existent and) non-dirty while “.0” isn’t, `reader_ver` should be “.1” and `writer_ver` should be “.0” - If both “.0” and “.1” are (existent and) non-dirty, `reader_ver` should be the newer one and `writer_ver` should be the other. - If neither “.0” nor “.1” is non-dirty, `reader_ver` should be None and `writer_ver` should be “.1” (just like the current default). Also, if the initial `reader_ver` is not None, set the state to “UPDATING”. We’ll also need to update the `Memmgr` class so that if the reader version of a segment is initially available it starts as if “UPDATING” phase has just completed before telling the builder thread to start loading. One way of doing this is would be: - add existing readers in `Memmgr.init_segment()` instead of (as #2858 said) `Memmgr.setup_modeul`. - In `_init_segment()`, if the reader version is already available, initiate the initial transition from UPDATING to SYNCHRONIZING, and send ‘segment_info_update’ command to the pre-existing readers. #!python def init_segments: for key, sgmt_info in datasrc_info.segment_info_map.items: # Assume we haveget_all_readers(), which returns all # pre-existing readers for reader in self.get_all_readers: sgmt_info.add_reader rrclass, dsrc_name = key clist = self.datasrc_clients_mgr.get_client_list cmd = sgmt_info.add_event reader_param = sgmt_info.get_reset_param if reader_param is not None: init_cmd = sgmt_info.complete_update else: init_cmd = sgmt_info.start_update #assert cmd ret_cmd and sgmt_info.state UPDATING if init_cmd is not None: with self.cv_commands: self.command_queue.append self._cv_command.notify() elif len(sgmt_info.old_readers) > 0: # send ‘segment_info_update’ command to old readers

3021

defect

1372687128166398

1373891622387684

Unclassified

medium

jreed

new

bad configuration caused cc timeout and tracebacks

I had a typo in a configuration and it resulted in the following: DEBUG [b10-cfgmgr.pycc]: PYCC_LNAME_RECEIVED received local name: 51d186bf_2@bind10-testing1.lab.isc.org INFO [b10-cfgmgr.cfgmgr]: CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/var/bind10/b10-config.db FATAL [b10-cfgmgr.cfgmgr]: CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/var/bind10/b10-config.db Traceback (most recent call last): File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer self.receive_len_data() File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 183, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 169, inreceive_bytes data = self.socket.recv socket.timeout: timed out During handling of the above exception, another exception occurred: Traceback : File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 371, inadd_remote_config_internal answer, _ = self.session.group_recvmsg File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 306, in group_recvmsg env, msg = self.recvmsg File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 139, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 238, in receive_full_buffer raise SessionTimeout on cc session timed out“) isc.cc.session.SessionTimeout: recv() on cc session timed out During handling of the above exception, another exception occurred: Traceback (most recent call last): File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/libexec/bind10/b10-msgq“, line 863, in msgq.socket_file) File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py“, line 225, in init default_logconfig_handler) File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py", line 447, in add_remote_config self.add_remote_config_internal(module_spec, config_update_callback) File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 375, in _add_remote_config_internal module_name) isc.config.ccsession.ModuleCCSessionError: No answer from ConfigManager when asking about Remote module Logging INFO [b10-init.init]: BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 1.1.0) DEBUG [b10-init.init]: BIND10_CHECK_MSGQ_ALREADY_RUNNING checking if msgq is already running INFO [b10-init.init]: BIND10_CONFIGURATOR_START bind10 component configurator is starting up DEBUG [b10-init.init]: BIND10_CONFIGURATOR_BUILD building plan ‘{}’ -> ‘{’sockcreator’: {’priority’: 200, ‘kind’: ‘core’, ‘special’: ‘sockcreator’}, ‘msgq’: {’priority’: 199, ‘kind’: ‘core’, ‘special’: ‘msgq’}, ‘cfgmgr’: {’priority’: 198, ‘kind’: ‘core’, ‘special’: ‘cfgmgr’}}’ DEBUG [b10-init.init]: BIND10_CONFIGURATOR_RUN running plan of 3 tasks DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on Socket creator INFO [b10-init.init]: BIND10_COMPONENT_START component Socket creator is starting INFO [b10-init.init]: BIND10_SOCKCREATOR_INIT initializing socket creator parser DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-sockcreator (PID 31516) DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on msgq INFO [b10-init.init]: BIND10_COMPONENT_START component msgq is starting INFO [b10-init.init]: BIND10_STARTING_PROCESS starting process b10-msgq DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-msgq (PID 31517) DEBUG [b10-init.pycc]: PYCC_LNAME_RECEIVED received local name: 51d186bf_1@bind10-testing1.lab.isc.org DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on cfgmgr INFO [b10-init.init]: BIND10_COMPONENT_START component cfgmgr is starting INFO [b10-init.init]: BIND10_STARTING_PROCESS starting process b10-cfgmgr DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-cfgmgr (PID 31519) DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize ERROR [b10-init.init]: BIND10_COMPONENT_START_EXCEPTION component cfgmgr failed to start: Read of 0 bytes: connection closed ERROR [b10-init.init]: BIND10_COMPONENT_FAILED component cfgmgr (pid None) failed: unknown condition FATAL [b10-init.init]: BIND10_COMPONENT_UNSATISFIED component cfgmgr is required to run and failed ERROR [b10-init.init]: BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 3 done INFO [b10-init.init]: BIND10_KILLING_ALL_PROCESSES killing all started processes INFO [b10-init.init]: BIND10_SEND_SIGKILL sending SIGKILL to Socket creator (PID 31516) WARN [b10-init.init]: BIND10_SOCKCREATOR_KILL killing the socket creator INFO [b10-init.init]: BIND10_SEND_SIGKILL sending SIGKILL to msgq (PID 31517) FATAL [b10-init.init]: BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: Read of 0 bytes: connection closed

3026

defect

1372864315431113

1373891697767251

Unclassified

medium

bconry

new

config go - conflict between behavior and help text

> config go Error! Parameter ‘identifier’ is missed for command ‘go’ of module ‘config’ Command go (Go to a specific configuration part.) help (Get help for command) Parameters: identifier (string, mandatory) The identifier specifies the config item. Child elements are separated with the ‘/’ character. List indices can be specified with ‘[i]’, where i is an integer specifying the index, starting with 0. Examples: ‘Init/start_auth’, ‘Auth/listen_on[0]/address’. If no identifier is given, shows the item at the current location. The help documentation states that if no identifier is given then it is supposed to show the item at the current location. What I get is an error and the help text.

3027

defect

1372865634862950

1373891718104854

Unclassified

medium

bconry

new

the existance of child configuration elements doesn’t imply the existance of the parents

> config show_json / {} > config add /Init/components b10-cmdctl Error: b10-cmdctl already in /Init/components > config show_json / {} > config show_json /Init null > config show_json /Init/components {b10-stats {kind “dispensable”, address “Stats”}, b10-cmdctl {kind “needed”, special “cmdctl”}} > config go /Init Error: /Init not found > config go /Init/components > Configuration elements that exist aren’t shown by “config show_json”, despite it being documented as “Show ‘’full’’ configuration in JSON format.” [emphasis added]. It’s also counter-intuitive that child elements can exist and be navigable without their parent elements existing and being navigable.

3029

defect

1372866804472168

1373891762124251

Unclassified

medium

bconry

new

inconsistent behavior with “config remove /Init/components b10-cmdctl”

Sometimes I get: > config remove /Init/components b10-cmdctl > config commit > Failed to send request, the connection is closed (meaning that it succeeded and left me with a broken configuration) Sometimes I get: > config remove /Init/components b10-cmdctl > config commit Error: [Errno 32] Broken pipe Configuration not committed > (meaning that it failed and left me with a working configuration) I’m not sure that this should be allowed at all, or if so what the “correct” behavior ought to be, but it definitely needs to be consistent and documented behavior.

3032

defect

1372889234723499

1373891895472373

Unclassified

medium

bconry

new

config unset silently fails with ‘kind’

> config add /Init/components b10-auth > config show /Init/components/b10-auth Init/components/b10-auth/special null string Init/components/b10-auth/process null string Init/components/b10-auth/kind “dispensable” string (default) Init/components/b10-auth/address null string Init/components/b10-auth/params/ list Init/components/b10-auth/priority null integer > config show /Init/components/b10-auth/kind Init/components/b10-auth/kind “dispensable” string (default) > config set /Init/components/b10-auth/kind dispensable > config commit > config show /Init/components/b10-auth/kind Init/components/b10-auth/kind “dispensable” string > config unset /Init/components/b10-auth/kind > config show /Init/components/b10-auth/kind Init/components/b10-auth/kind “dispensable” string > config diff {} > config unset help Command unset (Unset a configuration value (i.e. revert to the default, if any).) help (Get help for command) Parameters: identifier (string, mandatory) The identifier specifies the config item. Child elements are separated with the ‘/’ character. List indices can be specified with ‘[i]’, where i is an integer specifying the index, starting with 0. Examples: ‘Init/start_auth’, ‘Auth/listen_on[0]/address’. If no identifier is given, shows the item at the current location. > Given #3031 it currently isn’t very useful to unset ‘kind’, but it shouldn’t fail silently.

3037

enhancement

1373023913197887

1386254483961111

hooks

medium

UnAssigned

tomek

DHCP Outstanding Tasks

new

Hook API and code improvements

This is a catch-all ticket for various suggested Hooks related improvements. It contains a list of usability improvements that are not critical. Work on this ticket should not start until we have some hooks implemented and broader review (preferably external) is completed. Proposals: 1. registerStandardCallouts() should count number of registered callouts and complain if there were none and there is no load() function. Also make sure that the logging is capable of showing what was registered (to ease debugging).

3042

defect

1373311945131080

1374593045534166

cmd-ctl

medium

jwright

Next-Sprint-Proposed

new

“Init Shutdown” resulted in error messages in BIND10 logfile

When I initiated “Init shutdown” to bindctl, I got the following logfile entry: 2013-07-08 17:25:51.747 ERROR [b10-init.init/7940] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 5 done This is possibly related to #3041 (http://bind10.isc.org/ticket/3041), because the error message was seen at the point when I sent command “init shutdown”.

3043

enhancement

1373360020357145

1374592996458180

Unclassified

medium

shane

miles@brennan.id.au

new

User-submitted upstart script (for CentOS 6.4)

A user submitted an upstart script with the following mail. From: “Miles Brennan” To: Subject: BIND10 Upstart Script Date: Tue, 9 Jul 2013 18:05:06 +1000 Hey All. New list user here.. Miles from Brisbane.AU, currently tinkering with BIND10 just to see what it’s like and evaluate stability for potential use in a startup. Background: A Geek!, I authored the Linux Home Server HOWTO (www.brennan.id.au ) a few years back to make it easier for users to build their own home environment. I looked long and hard for a good init / upstart script for BIND10, but ended up writing my own to suit my CentOS 6.4 environment. I thought you might like it for your WIKI so others can start playing with BIND10 a little more. Usage. - initctl start bind10 - initctl restart bind10 - initctl stop bind10 Cheers, Miles vi /etc/init/bind10.conf description “BIND10 is a DNS server with DHCPv4 and DHCPv6 server support” env PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin: /usr/local/libexec/bind10 export PATH start on runlevel [345] stop on runlevel [0126] pre-start script exec logger p user.warningt upstart-bind10 “BIND10 daemon starting” end script exec b10-init —user bind —config-file /usr/local/var/bind10/b10-config.db br> —pid-file /usr/local/var/bind10/bind10.pid br> —msgq-socket-file /usr/local/var/bind10/msgq_socket br> —data-path /usr/local/var/bind10 —cmdctl-port 8080 #pre-stop post-stop exec logger p user.warningt upstart-bind10 “BIND10 daemon stopped” respawn kill timeout 30 console none

3047

defect

1373378905656631

1397640730796484

dhcpdb

low

jwright

DHCP Outstanding Tasks

new

Use of Kea memfile lease database causes SigAbrt exception

Please see following Jabber chat log: 1:38:20 PM jeff: Have you guys seen this in the BIND10 logfile? 2013-07-03 18:54:10.109 ERROR [b10-init.init/5090] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 5677) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT) It seems to occur every once in a while. 1:52:10 PM jeff: I think debian 6 is dead. 1:52:11 PM jeff: 149.20.57.86 1:52:33 PM jeff: No answer to pings from inside lab; and all established SSH sessions are unresponsive. 1:55:46 PM TomM: Time to pull back and nuke the planet. 1:59:46 PM jeff: I have to way to remote-boot that puppy. I think TomM’s latest Kea checkin caused a kernel panic. 2:00:23 PM TomM: let’s see, I know I have the GPS coords for Jeff’s new place…. where did I write those down…. 2:01:40 PM TomM: Jeff, if you hear a high pitched whine soon, please ignore it… it’s nothing 2:02:48 PM jeff: Actually, I DID have a way to reboot it and I did so. Thanks, Remote Desktop Client for Mac! 2:24:23 PM tomek: Kea doing SIGABRT may be a problem. 2:24:32 PM tomek: I have never seen this before. 2:44:43 PM jeff: I think I would like to file a bug ticket against this issue if it reoccurs. 2:45:09 PM jeff: Yes, it continues: 2:45:10 PM jeff: >::reference boost::shared_ptr< >::operator*() const [with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed. 2013-07-03 20:08:11.872 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2007) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT) with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed. 2013-07-03 20:13:27.035 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2143) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT) with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed. 2013-07-03 20:20:06.906 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2146) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT) 2:53:43 PM TomM: looks like there’s still a condition that allows a null client id 2:54:26 PM TomM: tomek you are fibbing when you say you have never seen this before ;) 2:55:45 PM jeff: Twice now the debian6 server has hung 2:55:59 PM jeff: I think this might be my first “real” bug find. :) 2:56:18 PM jeff: What kind of info should I be gathering now to help us diagnose this? 2:58:42 PM tomek: The configuration used and traffic capture of a packet that cause this. 3:00:34 PM marcin: I recall that the issues with NULL client id are still present when using Memfile backend. 3:00:50 PM marcin: When using MySQL it shouldn’t be the case. 3:01:46 PM marcin: Do you actually use MySQL? when hitting assertion failure? 3:09:11 PM jeff: I do have the build configuired for mySQL backend 3:09:35 PM jeff: I am not even sending DHCP traffic so it’s not ANVL packets…although it might be other random packet traffic. 3:10:06 PM jeff: How do you want me to capture the config? Show bindctl commands? Dump bind10-cfg.db? 3:10:27 PM jeff: Would any syslogs be helpful? 3:10:31 PM TomM: if I recall, Jeff, there are Windows machines that periodically make IPv4 requests on on the DHCP lab setup 3:10:56 PM jeff: Those Windows clients are disabled 3:11:20 PM TomM: curious 3:11:51 PM jeff: Well, I THINK those are disabled. Let me show you a screenie. 3:12:16 PM TomM: hey I don’t want to see you screenie! put that thing away! RUN AWAY! 3:12:37 PM jeff: 3:13:15 PM jeff: If there is an alternative place to xfer files let me know tomek left the room. 3:14:27 PM TomM: just sez I have one event…. 3:14:36 PM TomM: I use Psi for client 3:14:59 PM TomM: nevermind, I got it 3:15:39 PM TomM: no I didn’t 3:15:45 PM TomM: error’d out 3:19:37 PM jeff: Yeah it erroed out. 3:19:39 PM jeff: Let me try again 3:21:11 PM jeff: OK well that’s a big waste of time 3:21:15 PM jeff: I’ll email it to you 3:21:19 PM TomM: yep 3:21:46 PM TomM: what would be better would the the bind10 log output 3:21:55 PM jeff: What else? 3:22:05 PM jeff: Here is how I confogured everything: 3:22:28 PM TomM: you could include the config db 3:22:32 PM jeff: https://confluence-int.isc.org/display/QUAL/DHCP+Testing 3:22:49 PM jeff: I’m going to enter a bug ticket and include the logfiles from dhcpsrv and dhcp4 3:22:57 PM jeff: as well as the bind10 config db 3:23:34 PM marcin: Which machine is it? 3:23:40 PM marcin: debian6? 3:25:39 PM jeff: debian6-64-1-dhcp 3:25:52 PM jeff: 3:25:54 PM marcin: Where is the bind installed? 3:26:10 PM jeff: /home/test/var/test-anvl 3:26:27 PM jeff: I just had to reboot the VM because it was not responding to ICMP Requests 3:26:28 PM marcin: ok, let me login and have a quick look on the configuration. 3:26:54 PM jeff: BIND10 is not running after reboot. 3:27:09 PM marcin: I will kick it of 3:27:54 PM jeff: cmd line: 3:28:12 PM jeff: sudo /home/test/var/test-anvl/sbin/bind10 &> /home/test/var/test-anvl/bind10.log 3:30:43 PM marcin: MySQL is not configured 3:31:00 PM jeff: Not true. I built as follows: 3:31:12 PM marcin: It is true according to bindctl 3:31:21 PM marcin: Building is one thing 3:31:26 PM jeff: sudo /home/test/var/test-anvl/sbin/bind10 &> /home/test/var/test-anvl/bind10.log 3:31:32 PM marcin: configuration is another thing 3:31:59 PM TomM: if someone could review 3030, it correct the build issue 3:32:02 PM marcin: Dhcp4/lease-database/type “” string 3:32:05 PM TomM: its quite small 3:32:16 PM TomM: good catch, marcin 3:32:47 PM marcin: other things are name, user, password, host 3:33:10 PM marcin: they also have to be set to credentials you have added to MySQL 3:33:30 PM TomM: rtfm 3:33:40 PM TomM: ;) 3:34:16 PM marcin: I could add it now, but it will be better for you to do it to keep an eye on what is going on in your config 3:34:50 PM marcin: I now stopped bind and logged off 3:35:58 PM marcin: Tom, in the course of #2977 I found a little issue with d_controller_unittests 3:36:27 PM TomM: is this the logger init thing? 3:36:32 PM marcin: yes 3:37:05 PM TomM: what precisely is the issue? 3:37:27 PM TomM: you know I stole that line from DHCP4/DHCP6…. 3:37:39 PM marcin: yes and now 3:37:47 PM marcin: DHCP4 doesn’t test main 3:37:52 PM TomM: ah 3:38:08 PM marcin: D2 tests launch function which does initLogger 3:38:14 PM TomM: right 3:38:15 PM marcin: This should not happen 3:38:25 PM TomM: what should not happen? 3:38:44 PM TomM: initLogger should not be called? 3:38:51 PM marcin: initLogger should not be called when running unit tests 3:39:04 PM marcin: it shouldn’t be called in launch 3:39:14 PM marcin: because it is already called in main of unit tests 3:39:23 PM TomM: OH 3:39:26 PM marcin: in a way that it should be run for unit tests 3:39:32 PM marcin: 3:40:01 PM marcin: But, if I remove initLogger in launch I hit worse problem 3:40:10 PM TomM: then I will need to add a command line argument that skips it 3:40:11 PM marcin: crash in commandHandler 3:41:06 PM marcin: commandHandler has this second argument called “args” 3:41:15 PM TomM: right 3:41:17 PM marcin: which seems to be NULL 3:41:32 PM TomM: let me look at the code 3:42:23 PM marcin: The rest is a speculation so far… 3:42:37 PM TomM: let me catch up 3:42:41 PM marcin: genShutdownCommand in unit tests is responsible for this 3:42:59 PM jeff: Hold on guys talking with my attorney - brb 3:43:01 PM marcin: sorry, genShutdownCallback 3:43:19 PM TomM: oh, because args isn’t being checked before being handed to the log statement 3:43:37 PM marcin: well, getShutdownCallback passes empty argyment 3:43:45 PM marcin: NULL argument I should say 3:43:50 PM marcin: arg_set 3:43:55 PM TomM: if it passed in an empty ELementPtr it would run fine 3:44:22 PM marcin: isc::data::ElementPtr arg_set; 3:44:27 PM marcin: makes arg_set NULL 3:44:47 PM marcin: and in the handler you do arg_set>str 3:44:55 PM TomM: right 3:44:57 PM marcin: the> operator causes assertion 3:45:11 PM TomM: yes, the log statement should test it 3:45:18 PM TomM: and adjust accordingly 3:45:42 PM marcin: I am wondering what will be the most elegant solution 3:45:42 PM TomM: (arg_set ? arg_set>str : “no args”) 3:46:02 PM marcin: yes, maybe that should be done 3:46:06 PM TomM: yes 3:46:10 PM TomM: it should be 3:46:16 PM marcin: and maybe we need to identify some more places like this 3:46:23 PM TomM: perhaps 3:46:34 PM marcin: I can do it together with 27977 3:46:37 PM TomM: tyring to figure out why I haven’t hit this before 3:46:38 PM marcin: sorry 2977 3:47:06 PM marcin: Well, initialization of the logger has something to do with it, but I don’t know why 3:47:19 PM marcin: and I don’t know if I will find today :) 3:47:38 PM marcin: s/find/find out stephen left the room. (3:47:57 PM) 3:48:00 PM TomM: launch calls the init logger but launch is the first place the command line arguments are examined… 3:48:08 PM TomM: which is as it should be 3:48:19 PM TomM: s/but/because/ 3:48:42 PM TomM: I did not want app specific things to be in main() 3:48:47 PM marcin: it would be ok if we added an extra argument to launch 3:48:59 PM TomM: yes 3:48:59 PM marcin: this argument would indicate that you’re running in the test mode 3:49:12 PM marcin: and it would be used by unit tests only 3:49:15 PM TomM: yes 3:49:21 PM marcin: it could have a default value = false 3:49:25 PM TomM: it could default to false 3:49:27 PM TomM: lol 3:49:29 PM marcin: but it doesn’t have to 3:49:48 PM TomM: in this case I would say it should because it is a test time only thing 3:50:12 PM TomM: might be handy for other things too… 3:50:15 PM marcin: yes, I agree but I don’t know if you like defaults :P 3:50:24 PM TomM: case by case basis 3:50:42 PM marcin: in this case, let me fix it 3:50:54 PM marcin: as we just discussed it 3:51:11 PM TomM: ok 3:51:24 PM marcin: It will be added together with #2977 3:51:25 PM jeff: SO (and sorry for being absent) - this is a known issue? 3:51:33 PM marcin: which one? 3:51:35 PM jeff: I have not yet entered a new ticket 3:51:40 PM jeff: My shutdown 3:51:50 PM marcin: your shutdown is a known issue for me 3:51:53 PM jeff: The error message in BIND10 log 3:52:01 PM marcin: I am not sure if there is any ticket yet 3:52:19 PM jeff: I would be happy to put one in, or if you prefer, you can do it 3:52:30 PM TomM: the null client id “crash” is known and we had a ticket but as marcin pointed out it addressed MySQL only 3:52:37 PM jeff: BTW I love talking to attorneys on the phone for $380.00 per hour. 3:53:12 PM jeff: SO clue me in - even though I specified —mysql in the config, and I created the SQL “qa” database to use… 3:53:14 PM TomM: look if you have nothing better to do with your time and money, I’ll talk to you and I only charge you $300 an hour 3:53:17 PM jeff: I’m not using SQL? 3:53:37 PM TomM: you have to set the database type 3:53:43 PM marcin: you’re not using SQL and you should 3:53:56 PM TomM: in the bind10 config 3:53:56 PM marcin: otherwise you will loose your leases when server is off 3:53:58 PM marcin: :P 3:54:02 PM jeff: COuld you point me to the part of the user guide that says how to do that please 3:54:03 PM TomM: its right there in the manual 3:54:08 PM jeff: What section 3:54:13 PM TomM: 1 sec 3:54:30 PM jeff: I read it last night at 1130pm and I do admit it was very interesting. 3:54:31 PM jeff: Not. 3:55:10 PM TomM: 17.2.1 Database Configuration 3:55:15 PM marcin: http://bind10.isc.org/docs/bind10-guide.html#idm66502448 3:55:18 PM marcin: enjoy! 3:55:46 PM jeff: I found it 3:55:52 PM jeff: > config set Dhcp4/lease-database/type “mysql” 3:55:56 PM jeff: From Section 17 3:56:03 PM TomM: that’ll $450.00 … I’ll send you a bill 3:56:31 PM jeff: Bill it to “Kea QA” 3:56:32 PM marcin: apart from setting a type of the database, you will have to setup user, password, host 3:56:46 PM jeff: Sorry I missed that part 3:56:55 PM jeff: Let me make absolutely certain: 3:57:11 PM TomM: were you reading it or just looking at the pretty pictures? 3:57:13 PM jeff: I am NOT going to enter a ticket, either for the error message in the log, or for the assert (debian reboot) 3:57:15 PM jeff: OK?? 3:57:45 PM jeff: At 1130pm I think I read “SQL” and said to myself “I already did that, man.” 3:57:45 PM marcin: IMHO, you shouldn’t 3:58:05 PM jeff: OK then I will add the SQL config to my instructions on the COnfluence page, and retry. 3:58:16 PM jeff: THanks you for your time, gentlemen. 3:58:21 PM jeff: Oh, and TomM too. 3:58:48 PM marcin: nop 3:58:59 PM TomM: you betcha 4:20:55 PM TomM: and you need to make sure you get rest too 4:20:59 PM marcin: Yes, me too, otherwise I will get crazy 4:21:10 PM TomM: crazIER 4:21:14 PM marcin: Working and taking care of kids and shopping 4:21:20 PM TomM: yep 4:21:20 PM marcin: in the same time 4:21:27 PM TomM: that will make you nuts 4:21:56 PM marcin: that’s also pretty much why I stay so late working 4:22:03 PM marcin: I can finally focus 4:22:06 PM marcin: :P 4:22:10 PM TomM: ah 4:22:34 PM marcin: but it has pitfalls too 4:22:52 PM marcin: If I go to sleep at 1AM I will be woken up by kids at 6AM anyway 4:23:04 PM TomM: lovely, isn’t it? 4:23:05 PM marcin: that’s what happend yesterday 4:23:15 PM marcin: :-) 4:23:32 PM marcin: anyways, good night gentlemen 4:23:39 PM TomM: good night!

3051

defect

1373557622371711

1374251172119215

Unclassified

medium

jwright

DHCP Outstanding Tasks

new

DHCP4 logfiles output from Kea display parameter mismatch errors

BIND10 version: (BIND 10 20130529). When running ANVL tests for Section 2: “Introduction, Design Goals and Protocol Summary,” I get the following messages in the dhcp4 component logfile: 2013-07-10 16:56:46.280 DEBUG [b10-dhcp4.dhcp4/10666] DHCP4_QUERY_DATA received packet type localAddr=255.255.255.255:67 remoteAddr=0.0.0.0:68, msgtype=1, transid=0x563db4e6 type=53, len=1: , data is <2> @@Excess logger placeholders still exist@@<br><br>(several times) and ...<br><br>2013-07-10 16:56:46.285 DEBUG [b10-dhcp4.dhcp4/10666] DHCP4_RELEASE_FAIL_NO_LEASE client (client-id hwtype=1 02:02:00:00:00:06) tried to release address 0.0.0.0, but there is no lease for such address. @@Missing placeholder 3 for ‘(no client-id)’@@ Stephen had a quick look at the code and said the problem is that the number of placeholders in the message definitions do not match the number of arguments provided in the relevant LOG_XXX statement. Both messages are logged in src/bin/dhcp4/dhcp4_srv.cc

3053

enhancement

1373630335980609

1373630335980609

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Write documentation for Pkt4 and Pkt6 classes

I’m not sure how that did slip through, but isc::dhcp::Pkt4 and isc::dhcp::Pkt6 do not have class documentation. Pkt4Ptr and Pkt6Ptr should also be documented.

3055

defect

1373893121014446

1374575863870443

documentation

medium

muks

Next-Sprint-Proposed

new

Add Makefile target to create PDF manual for BIND 10

Add a Makefile target to create PDF manual for BIND 10, so that if the corresponding tools exist, it’s possible to simply `make` the target and generate the PDF manual. Some admins still print paper manuals, so we should continue to have a PDF manual on the website.

3057

defect

1373982387178144

1373982387178144

dhcp4

medium

tomek

DHCP Outstanding Tasks

new

Dhcp4Srv::selectSubnet() must be improved and thoroughly tested

For some reason the v4 version of selectSubnet() is very simple and there are no tests for it. See appropriate comment in dhcpv4_srv_unittest.cc: /// @todo Implement tests for subnetSelect See tests in dhcp6_srv_unittest.cc: /// selectSubnetAddr, selectSubnetIface, selectSubnetRelayLinkaddr, /// selectSubnetRelayInterfaceId. Note that the concept of interface-id is not /// present in the DHCPv4, so not everything is applicable directly. Subnet selection based on interface name should be implemented.

3058

defect

1374072358568511

1392911799567724

resolver

low

thozza

DNS Outstanding Tasks

new

BIND10-1.1.0 Resolver fails to answer some Queries

Hi. When running latest bind10-1.1.0 recursive resolver with default configuration it fails to answer some Queries. It returns SERVFAIL. The host that I’m running the resolver on has only link local IPv6 address. The problem seems to be that resolver fails to send DNS Query to IPv6 address. Here is an output from system log when running ’dig 127.0.0.1 nic.cz' when BIND10 resolver<br>is running on localhost:<br><br>-- Logs begin at Mon 2013-07-08 09:57:45 CEST, end at Wed 2013-07-17 16:25:07 CEST. --<br>Jul 17 16:25:07 localhost.localdomain bind10[3576]: 2013-07-17 16:25:07.482 ERROR [b10-resolver.asiodns/3582] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:628:453:420::48(53)<br>Jul 17 16:25:05 localhost.localdomain bind10[3576]: 2013-07-17 16:25:05.481 ERROR [b10-resolver.asiodns/3582] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:678:f::1(53)<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.353 INFO [b10-stats.stats/3583] STATS_STARTING starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.234 INFO [b10-resolver.resolver/3582] RESOLVER_STARTED resolver started<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.232 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 24<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.231 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [127.0.0.1]:53 of type UDP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.228 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 23<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.228 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [127.0.0.1]:53 of type TCP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.226 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 22<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.224 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [::1]:53 of type UDP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.222 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 20<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.221 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [::1]:53 of type TCP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 INFO [b10-resolver.resolver/3582] RESOLVER_SET_QUERY_ACL query ACL is configured<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 WARN [b10-resolver.resolver/3582] RESOLVER_NO_ROOT_ADDRESS no root addresses available<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 INFO [b10-resolver.resolver/3582] RESOLVER_RECURSIVE running in recursive mode<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.204 INFO [b10-resolver.resolver/3582] RESOLVER_STARTING starting resolver with command line 'b10-resolver'<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.183 INFO [b10-init.init/3576] BIND10_STARTUP_COMPLETE BIND 10 started<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.178 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-cmdctl<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.177 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-cmdctl is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.170 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-stats<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.169 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-stats is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.167 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-resolver<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.166 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-resolver is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.166 INFO [b10-init.init/3576] BIND10_CONFIGURATOR_RECONFIGURE reconfiguring running components<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.165 INFO [b10-init.init/3576] BIND10_READING_INIT_CONFIGURATION reading b10-init configuration<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_CC starting configuration/command session<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-cfgmgr<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_COMPONENT_START component cfgmgr is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-msgq<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_COMPONENT_START component msgq is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.155 INFO [b10-init/3576] BIND10_SETUID setting UID to 25<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.155 INFO [b10-init.init/3576] BIND10_SETGID setting GID to 25<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.154 INFO [b10-init.init/3576] BIND10_SOCKCREATOR_INIT initializing socket creator parser<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.154 INFO [b10-init.init/3576] BIND10_COMPONENT_START component Socket creator is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.153 INFO [b10-init.init/3576] BIND10_CONFIGURATOR_START bind10 component configurator is starting up<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.152 INFO [b10-init.init/3576] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 1.1.0)<br>Jul 17 16:24:59 localhost.localdomain bind10[3576]: 2013-07-17 16:24:59.199 INFO [b10-cfgmgr.cfgmgr/3580] CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /var/bind10/b10-config.db<br><br><br># dig 127.0.0.1 nic.cz ; <<>> DiG 9.9.3-rl.156.01-P1-RedHat-9.9.3-3.P1.fc19 <<>> 127.0.0.1 nic.cz<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39672<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1<br><br>;; OPT PSEUDOSECTION:<br>; EDNS: version: 0, flags:; udp: 4096<br>;; QUESTION SECTION:<br>;nic.cz. IN A<br><br>;; Query time: 4000 msec<br>;; SERVER: 127.0.0.1#53(127.0.0.1)<br>;; WHEN: Wed Jul 17 16:37:25 CEST 2013<br>;; MSG SIZE rcvd: 35<br><br><br>What is strange, that subsequent calls to dig return DNS Response successfully:<br><br># dig 127.0.0.1 nic.cz ; <<>> DiG 9.9.3-rl.156.01-P1-RedHat-9.9.3-3.P1.fc19 <<>> @127.0.0.1 nic.cz ; (1 server found) ;; global options: +cmd ;; Got answer: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 46683 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;nic.cz. IN A ;; ANSWER SECTION: nic.cz. 1781 IN A 217.31.205.50 ;; AUTHORITY SECTION: nic.cz. 1781 IN NS a.ns.nic.cz. nic.cz. 1781 IN NS b.ns.nic.cz. nic.cz. 1781 IN NS d.ns.nic.cz. ;; ADDITIONAL SECTION: a.ns.nic.cz. 1781 IN A 194.0.12.1 b.ns.nic.cz. 1781 IN A 194.0.13.1 d.ns.nic.cz. 1781 IN A 193.29.206.1 a.ns.nic.cz. 1781 IN AAAA 2001:678:f::1 b.ns.nic.cz. 1781 IN AAAA 2001:678:10::1 d.ns.nic.cz. 1781 IN AAAA 2001:678:1::1 ;; Query time: 5 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Jul 17 16:37:44 CEST 2013 ;; MSG SIZE rcvd: 234

3060

enhancement

1374143150623397

1397640730796484

dhcp-ddns

medium

tmark

DHCP Outstanding Tasks

new

Add support for TCP traffic to NameChangeListener/Sender for DHCP-DDNS

The initial implementation (trac3008) provided the abstract layer (ncr_io.*) and a UPD derivation (ncr_upd.*). This should be sufficient to get the basic intergration testing done and may suffice for initial release. In order to make things more reliable a derivation that supports TCP traffic needs to be created. This would leverage the send queue mechanism provided by the abstract sender (!NameChangeSender) to avoid loss of requests if there is a lag during start up or DHCP-DDNS restarts etc.

3061

enhancement

1374238255106268

1392917310545139

resolver

medium

shane

DNS Outstanding Tasks

new

RFC 6975 (Signaling Cryptographic Algorithm Understanding in DNSSEC) support

We should support RFC 6975 (note this is only meaningful for the resolver, really, so nothing for us to do now)

3066

enhancement

1374677719336949

1374677719336949

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Implement lease4_expire, lease6_expire hooks

We need to have lease4_expire and lease6_expire callouts. It can be done once ticket #2345 is implemented.

3070

enhancement

1374768434714669

1374768434714669

dhcp6

medium

tomek

DHCP Outstanding Tasks

new

Kea should support rapid-commit option for DHCPv6

See RFC3315, section 22.14. The option format is easy. The tricky part is to respond to SOLICIT with REPLY, not with ADVERTISE.

3071

defect

1375223145199750

1380799220951059

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6: solicit with invalid options is accepted

Solicit message tested with not allowed options in message: server should discarded message with: wrong client ID and discard or reply with status code option with code UnSpecFail for message that includes: relay message preference server-unicast status-code interface-id reconfigure server answers with Advertise in every case. Reference to: RFC 3315, table A “Appearance of Options in Message Types” RFC 3315 section 15.2 It looks like Kea6 doesn’t checking messages for not allowed options. To repeat all those cases plz use Forge project and run all test tagged with ‘solicit_invalid’, also attached wireshark capture for all those tests and html report.

solicit

3072

enhancement

1375227098056417

1375801436232689

data source

low

jreed

new

rename static.zone

Let’s rename static.zone. Many zones may be static. Maybe rename to builtin-chaos-zone or something like that. From ticket #3020: > I assume later could be used for other builtin CH. So I even think > the name “static.zone” is wrong. We can rename this file if necessary.

3076

defect

1375310038147665

1380119767902127

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6 replay messages send with unicast address

Acording to RFC 3315, section 15, messages: Solicit, Confirm, Rebind and Info-Request should be discarded when server receives it with unicast destination address. Kea6 doesn’t discard, it send Reply message. To check this bug use Forge project and run tests tagged with ‘unicast’. Included wireshark capture.

unicast

3077

defect

1375311836480302

1380119740642255

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6 invalid reply for request/renew send via unicast address

RFC 3315 section 18.2.1. > When the server receives a Request message via unicast from a client > to which the server has not sent a unicast option, the server > discards the Request message and responds with a Reply message > containing a Status Code option with the value UseMulticast and section 18.2.3. > When the server receives a Renew message via unicast from a client to > which the server has not sent a unicast option, the server discards > the Renew message and responds with a Reply message containing a > Status Code option with the value UseMulticast In both cases Kea6 failing. No option Status Code included. Wireshark captures included.

unicast

3078

defect

1375355319557294

1375801580836064

Unclassified

medium

shivathapa

new

configured only as Recursive DNS Server

Hi, I am trying configuring Recursive DNS using bind10. everything working fine except not able to dig/resolve international sites like yahoo,google but am able to dig/resolve local sites. 2013-08-01 22:34:13.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:15.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:15.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:17.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:17.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:19.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:34:21.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:33.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:33.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:35.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:35.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:37.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:37.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:39.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53) 2013-08-01 22:37:39.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)

3081

enhancement

1375679546199591

1375679546199591

statistics

low

y-aharen

new

provide computed values as statistics data

> As an improvement for future (not in this ticket), it would be nice if the statistics daemon could provide computed values, so it could show the sum, not require the user to take a calculator and sum them manually. Opening this ticket just to record this idea in the review of #2797.

3085

enhancement

1375882806911169

1375882806911169

dhcp6

medium

tomek

DHCP Outstanding Tasks

new

src/bin/dhcp6/tests/dhcp6_test_utils.h refactoring

src/bin/dhcp6/tests/dhcp6_test_utils.h header file contains quite significant amount of code. It should be refactored into cc + h. Also, some common code between v4 and v6 should be investigated. Also see #2984:comment:5

3090

defect

1375957660903933

1380120426102381

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6 assign malformed address.

Kea6 assigned address: 2001:db8:1:: which is of course malformed. Kea sends this address when configured with: subnet: 2001:db8:1::/64 pool: 2001:db8:1::0-2001:db8:1::ff There should be some subnet/pool testing while configuration process (2001:db8:1::0 isn’t proper host address) wireshark capture attached.

address

3091

defect

1375958118721831

1390648869680489

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

kea6 assign reserved address.

Kea6 assigned addresses: ff02::1 ::1 According to RFC 3315, Section 11: > A server MUST NOT assign an address that is otherwise reserved for > some other purpose. address ff02::1 assigned when Kea configured with: subnet: ff02::/64 pool: ff02::1-ff02::ff address ::1 assigned when Kea configured with: subnet: ::/64 pool: ::1-::ff There should be some subnet/pool testing while configuration process to eliminate reserved addresses. wireshark capture attached.

address kea

3093

defect

1376303087931390

1377098712613463

bind-ctl

medium

wlodekwencel

Next-Sprint-Proposed

new

‘execute file’ fails with multiple option-data

I’m using config file: config add Dhcp6/subnet6 config set Dhcp6/subnet6[0]/subnet “3000::/64” config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ] config commit config add Dhcp6/option-data config set Dhcp6/option-data[0]/name “preference” config set Dhcp6/option-data[0]/code 7 config set Dhcp6/option-data[0]/space “dhcp6” config set Dhcp6/option-data[0]/csv-format true config set Dhcp6/option-data[0]/data “123” config commit config add Dhcp6/option-data config set Dhcp6/option-data[1]/name “sip-server-dns” config set Dhcp6/option-data[1]/code 21 config set Dhcp6/option-data[1]/space “dhcp6” config set Dhcp6/option-data[1]/csv-format true config set Dhcp6/option-data[1]/data “srv1.example.com,srv2.isc.org” config commit config add Dhcp6/option-data config set Dhcp6/option-data[2]/name “dns-servers” config set Dhcp6/option-data[2]/code 23 config set Dhcp6/option-data[2]/space “dhcp6” config set Dhcp6/option-data[2]/csv-format true config set Dhcp6/option-data[2]/data “2001:db8::1,2001:db8::2” config commit config add Dhcp6/option-data config set Dhcp6/option-data[3]/name “domain-search” config set Dhcp6/option-data[3]/code 24 config set Dhcp6/option-data[3]/space “dhcp6” config set Dhcp6/option-data[3]/csv-format true config set Dhcp6/option-data[3]/data “domain1.example.com,domain2.isc.org” config commit when config file is copy-plasted to bindctl command line, everything is ok. When I’m trying to use it by ‘execute file’ it fails with error: Error: No item 1 in option-data[1] Depending on the contents of the script, and which commands it has called, there can be committed and local changes. It is advised to check your settings , and revert local changes with “config revert”.

bindctl, execute file

3094

defect

1376400177847791

1377051462064868

statistics

medium

muks

Next-Sprint-Proposed

new

AssertionError: Statistics item .Xfrout.zones.IN.SERVER.xfrrej has unexpected value 14 (expect 3 or less than)

Got this error today when reviewing a ticket (#2690) which should not influence it: Scenario: Handle incoming notify (XFR request rejected in IPv4) # features/xfrin_notify_handling.feature:325 Given I have bind10 running with configuration xfrin/retransfer_master_v4.conf with cmdctl port 47804 as master # features/terrain/bind10_control.py:10 Given I have bind10 running with configuration xfrin/retransfer_master_v4.conf with cmdctl port 47804 as master # features/terrain/bind10_control.py:107 And wait for master stderr message BIND10_STARTED_CC And wait for master stderr message BIND10_STARTED_CC # features/terrain/steps.py:34 And wait for master stderr message CMDCTL_STARTED And wait for master stderr message CMDCTL_STARTED # features/terrain/steps.py:34 And wait for master stderr message AUTH_SERVER_STARTED And wait for master stderr message AUTH_SERVER_STARTED # features/terrain/steps.py:34 And wait for master stderr message XFROUT_STARTED And wait for master stderr message XFROUT_STARTED # features/terrain/steps.py:34 And wait for master stderr message ZONEMGR_STARTED And wait for master stderr message ZONEMGR_STARTED # features/terrain/steps.py:34 And wait for master stderr message STATS_STARTING And wait for master stderr message STATS_STARTING # features/terrain/steps.py:34 And I have bind10 running with configuration xfrin/retransfer_slave_notify_v4.conf # features/terrain/bind10_control.py:10 And I have bind10 running with configuration xfrin/retransfer_slave_notify_v4.conf # features/terrain/bind10_control.py:107 And wait for bind10 stderr message BIND10_STARTED_CC And wait for bind10 stderr message BIND10_STARTED_CC # features/terrain/steps.py:34 And wait for bind10 stderr message CMDCTL_STARTED And wait for bind10 stderr message CMDCTL_STARTED # features/terrain/steps.py:34 And wait for bind10 stderr message AUTH_SERVER_STARTED And wait for bind10 stderr message AUTH_SERVER_STARTED # features/terrain/steps.py:34 And wait for bind10 stderr message XFRIN_STARTED And wait for bind10 stderr message XFRIN_STARTED # features/terrain/steps.py:34 And wait for bind10 stderr message ZONEMGR_STARTED And wait for bind10 stderr message ZONEMGR_STARTED # features/terrain/steps.py:34 A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN # features/terrain/querying.py:204 check initial statistics not containing example.org for Xfrout with cmdctl port 47804 except for the following items # features/terrain/bind10_control.py:45 check initial statistics not containing example.org for Xfrout with cmdctl port 47804 except for the following items # features/terrain/bind10_control.py:452

socket.unixdomain.open

1

0

item_name

item_max

item_min

socket.unixdomain.open

1

0

check initial statistics not containing example.org for Xfrin # features/terrain/bind10_control.py:45 check initial statistics not containing example.org for Xfrin # features/terrain/bind10_control.py:452 When I send bind10 the following commands with cmdctl port 47804 # features/terrain/bind10_control.py:280

“”"

config set Xfrout/zone_config[0]/transfer_acl [{action “REJECT”, "fr When I send bind10 the following commands with cmdctl port 47804 # features/terrain/bind10_control.py:280

“”"

config set Xfrout/zone_config[0]/transfer_acl [{action “REJECT”, from “127.0.0.1”}]

config commit

“”"

last bindctl output should not contain Error # features/terrain/bind10_control.py:15 last bindctl output should not contain Error # features/terrain/bind10_control.py:156 When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:31 When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:314 Then wait for new master stderr message XFROUT_NOTIFY_COMMAND Then wait for new master stderr message XFROUT_NOTIFY_COMMAND # features/terrain/steps.py:34 Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY # features/terrain/steps.py:34 Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY # features/terrain/steps.py:34 Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED # features/terrain/steps.py:34 Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION no Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION not XFRIN_TRANSFER_SUCCESS # features/terrain/steps.py:34 Then wait for bind10 stderr message ZONEMGR_RECEIVE_XFRIN_FAILED not ZONEMGR Then wait for bind10 stderr message ZONEMGR_RECEIVE_XFRIN_FAILED not ZONEMGR_RECEIVE_XFRIN_SUCCESS # features/terrain/steps.py:34 Then wait for master stderr message NOTIFY_OUT_REPLY_RECEIVED Then wait for master stderr message NOTIFY_OUT_REPLY_RECEIVED # features/terrain/steps.py:34 A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN # features/terrain/querying.py:204 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:37 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:377 wait for new master stderr message XFROUT_RECEIVED_GETSTATS_COMMAND wait for new master stderr message XFROUT_RECEIVED_GETSTATS_COMMAND # features/terrain/steps.py:34 last bindctl output should not contain “error” # features/terrain/bind10_control.py:15 last bindctl output should not contain “error” # features/terrain/bind10_control.py:156 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:37 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:377 The statistics counters are 0 in category .Xfrout.zones.IN except for the following items # features/terrain/bind10_control.py:39 The statistics counters are 0 in category .Xfrout.zones.IN except for the following items # features/terrain/bind10_control.py:393

SERVER.notifyoutv4

1

item_name

item_value

min_value

max_value

SERVER.notifyoutv4

1

SERVER.xfrrej

1

3

example.org..notifyoutv4

1

example.org..xfrrej

1

3

Traceback (most recent call last): File “/home/muks/local/lettuce/lettuce/core.py”, line 117, in call ret = self.function(self.step, args,*kw) File “/home/muks/bind10/tests/lettuce/features/terrain/bind10_control.py”, line 444, in check_statistics_items (name, found, value) AssertionError: Statistics item .Xfrout.zones.IN.SERVER.xfrrej has unexpected value 14 (expect 3 or less than)

3096

enhancement

1376469826683288

1376469826683288

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Create the setHostname method for the Lease4 and Lease6.

Currently the hostname, fwd, rev_ fields of the Lease object are public. We should implement the modifiers for these fileds which would validate that values being set are valid.

3097

defect

1376492213514816

1376492213514816

dhcp

low

stephen

DHCP Outstanding Tasks

new

Investigate parser rollback behaviour for DHCP

When parsing a DHCP configuration, each element is parsed by a separate parser. After checking, the changes indicated by the configuration are committed. The commit operations are sequential and, if one fails, the system should roll back to the pre-configuration-change state. For most elements in the configuration this is trivial; the original data is stored, changes applied to the active version of the data and, if there is a problem, the active data is replaced by the copy. However, two elements of the DHCP configuration - the database configuration and the hooks libraries configuration - do not follow this model. In the former, committing the change means closing the connection to the existing database and opening a connection to the new one. In the latter, the commit means unloading the old hooks libraries and loading the new ones. For both cases, rollback cannot be achieved by merely retrieving a stored copy of the data; the operation (open database, load libraries) has to be performed again. The current situation is that the committal of the hooks libraries change is the last item done. However if it fails and the configuration change included a change to the database information, the database change will not be rolled back; ideally it should. This ticket is for the investigation of the problem and the recommendation of a solution.

3098

task

1376492746448990

1394117562538091

tests

low

stephen

Common Outstanding Tasks

new

Ensure test names follow the same standard

Within BIND 10, some test names are in !CamelCase whereas others follow the same pattern but start with a lowercase letter (e.g. camelCase). The BIND 10 standard should be updated to define the format of test names, and the changes applied to all BIND 10 tests.

3100

task

1376595771046801

1386255398492674

Unclassified

medium

stephen

New Tasks

new

Copy message compiler to BIND 10 installation directory

To allow the authors of hooks libraries to interact with the BIND 10 logging system, they need to be able to compile message files. This ticket modifies the BIND 10 build system to copy the suitably-renamed message compiler (e.g. a name like b10-message) to the “bin” directory. (Before doing this, we should check that a logger defined in dynamically-loaded libraries will connect with the main logging system. It should, but we need confirmation.) The ticket also encompasses creation of a “man” page for the compiler and extension of the hooks developer guide to point to the logging manual. Ticket #2566 concerns the creation of a user guide for logging in the BIND 10 developers guide. This needs to be completed before that step is done.

3101

enhancement

1376658729501499

1376658729501499

dhcp6

low

marcin

DHCP Outstanding Tasks

new

Move FqdnDhcpv6SrvTest to another file.

It was pointed out during a review of #3036, that the new FQDN tests should be moved to another file to keep the dhcp6_srv_unittest.cc file reasonably short.

3102

enhancement

1376675941829037

1376675941829037

tests

medium

stephen

New Tasks

new

Add building of hooks library example to test suite

See suggestion in [ticket:3092#comment:10 comment 10 of #3092]

3103

defect

1376684061289055

1397640730796484

dhcp4

low

jwright

DHCP Outstanding Tasks

new

Kea IPv4 fails ANVL test 2.4 (“A DHCP server always returns its own address in the ‘server identifier’ option”)

ANVL test 2.4 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4). ANVL execution log shows: ! Message Option in received DHCPOFFER Message is incorrectly set. ! Expected Value = Server Identifier (54) Length : 4 Value : 172.16.1.1 ! Received Value = Server Identifier (54) Length : 4 Value : 149.20.57.86 Please see relevant files at https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15.

3104

defect

1376708204797928

1396529441757068

xfrin

medium

muks

DNS Outstanding Tasks

new

Lettuce failure: XFRIN_TRANSFER_SUCCESS instead of XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION

There’s a lettuce failure in Handle incoming notify (XFR request rejected in IPv4) When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:314 Then wait for new master stderr message XFROUT_NOTIFY_COMMAND # features/terrain/steps.py:34 Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY # features/terrain/steps.py:34 Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY # features/terrain/steps.py:34 Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED # features/terrain/steps.py:34 Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION not XFRIN_TRANSFER_SUCCESS # features/terrain/steps.py:34 Traceback (most recent call last): File “/Local/Users/jreed/opt/pkg/lib/python2.7/site-packages/lettuce/core.py”, line 117, in call ret = self.function(self.step, args,*kw) File “/b/work/BIND10-lettuce/20130817013527-MacOSX10.6-x86_64-GCC/build/tests/lettuce/features/terrain/steps.py”, line 56, in wait_for_stderr_message assert found != not_message, line AssertionError: 2013-08-16 19:19:03.437 INFO [b10-xfrin.xfrin/58504] XFRIN_TRANSFER_SUCCESS full AXFR transfer of zone example.org/IN succeeded (messages: 1, records: 12, bytes: 422, run time: 0.046 seconds, 9083 bytes/second) See: http://git.bind10.isc.org/~tester/builder/BIND10-lettuce/20130817013527-MacOSX10.6-x86_64-GCC/logs/lettuce.out Not sure if it’s mixed-log messages related.

3106

defect

1376959457212368

1377111860550965

dhcp4

medium

jwright

DHCP-QA Defects

new

Kea IPv4 fails ANVL test 3.1 (Dynamic Allocation of Network Addresses)

ANVL test 3.1 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4). ! ‘yiaddr’ field in received DHCPOFFER Message is incorrectly set. ! Expected Value = 172.16.1.101 ! Received Value = 172.16.1.103 Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15

3108

defect

1377017454026520

1377017469832239

dhcp6

medium

tomek

DHCP Outstanding Tasks

new

Write unit-tests for buffer6_send hook

There seem to be no unit-tests for buffer6_send callouts. See src/bin/dhcp6/tests/hooks_unittest.cc. This must have slipped through with #2984.

3110

defect

1377111651318426

1377111651318426

dhcp4

medium

jwright

DHCP-QA Defects

new

Kea IPv4 fails ANVL test 5.4 (server SHOULD respond with a dhcpTypeNack message)

ANVL test 5.4 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4). ! DHCP Client did not receive expected DHCPNAK Message from Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15

3111

defect

1377112727109554

1377112727109554

dhcp4

medium

jwright

DHCP-QA Defects

new

Kea IPv4 fails ANVL test 5.5 (The server SHOULD mark an address offered to a client in a DHCPOFFER mes- sage as available if the server receives no DHCPREQUEST message from that client )

ANVL test 5.5 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4). ! ‘yiaddr’ field in received DHCPOFFER Message is incorrectly set. ! Expected Value = 172.16.1.101 ! Received Value = 172.16.1.102 Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15

3115

task

1377246728575960

1392917616132560

Unclassified

medium

vorner

DNS Outstanding Tasks

new

Migrate loadzone to notification

Currently, several our daemons act when new zone data is available (Auth to reload, XfrOut to send notifications, possibly more and we need to add the MemoryManager there too). Each of them currently exposes a loadzone command. Several components produce zone data (XfrIn, DDNS) and each of them explicitly calls the command on each of the consuming components. This is obviously wrong. So, in this task, we migrate this to MsgQ notifications. Decide: * Name of the notification group (suggested: ZoneData) * Name of the event (suggested: ZoneChanged) and its parameters (probably the same as the parameters of current LoadZone commands ‒ name of data source, origin of zone, zone class). Move the consumers to subscribe to the notification group and act upon the event (simply call the same code as for the LoadZone command internally). Remove the LoadZone command. Let the XfrIn and DDNS produce event instead of calling the direct commands.

3116

defect

1377247957977874

1377247970247578

dhcp4

medium

tomek

DHCP Outstanding Tasks

new

Improve sanity checks for incoming DHCPv4 packets

Dhcpv4Srv::processRequest, processRelease, processDecline, processInform do not call sanityCheck(). They definitely should.

3117

enhancement

1377249125341795

1377249125341795

dhcp

very low

tomek

DHCP Outstanding Tasks

new

Dhcp{4,6}Srv::run() method is too long

Those two methods grown up too large and should be either split or cleaned up.

3118

enhancement

1377323393900034

1378220329782914

bind-ctl

medium

cas

new

Feature Request (with patch): bindctl - check on “quit” if pending changes exist

Author: Carsten Strotmann Date: Sat Aug 24 07:43:57 2013 0200 Feature: bindctl - check on “quit” if pending changes exist, if there are pending changes, stop the termination of bindctl, print a warning and the list of pending changes ): self.conn.close() + return True + else: + self.print + self.print(self.config_data.get_local_changes()) + line = ‘’ if line == ’h’: line = ‘help’

3120

enhancement

1377583071997887

1377583071997887

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Consider sanity-checking lease pointers in lease managers.

Currently pointers to leases are not validated by the public functions in Memfile and MySQL backends. Since these functions are in the libraries, and may be used by the external code, we may consider sanity checking the lease objects and throwing appropriate exceptions.

3121

defect

1377602758801282

1397640730796484

dhcp-ddns

low

tmark

DHCP Outstanding Tasks

new

Move error detection logic from commit()s to builds() in d2_config.cc

The DHCP_DDNS parsers in d2_config.cc conduct most of their validation logic in their commit methods when in fact, the configuration paradigm calls for this work to be done in the build methods. The parsing functions correctly as is but it is not structured as intended by the underlying infrastructure. Since the parses in d2_config currently all follow a consistent pattern of implementation the restructure should likewise be consistent throughout. See review comments on trac3075 from Marcin regarding TSIGKeyInfo parsing for additional background.

3122

task

1377680851046889

1392811791102140

Unclassified

medium

vorner

DNS Outstanding Tasks

new

Simplified datasrc info

Create a simplified DatasrcInfo. This one will just keep info about all the data sources (and, probably, the client lists as well) that are interesting and set of readers. It will be able to get all of the readers, add and remove. No need for state machine there. The interface could look like: #!python class DatasrcInfo: def add_reader(id): … def remove_reader(id): … def get_readers(id): … def config_update(new_config): … def get_config(): “”“ The active config, stored from config_update. ”“” … def get_segment_params(): “”“ The parameters for segments to be sent to the clients. ”“” It may be based (copy-pasted & edited) from the current DatasrcInfo, but we will still need the current one for a short while (before it is replaced by other tickets).

3123

task

1377681316819638

1392812687942652

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Select wrapper & mutex around ModuleCCSession

Implement the usual work-around wrapper with select around check_command for module CC session in the memory manager. Also, include a mutex around the command (there’s one inside, but the other thread will need to hold the module CC session for longer than just one command when synchronizing and it will not want the main thread to interfere). Something like: #!python while True: if fd in select([fd], [], [])[0]: with mutex: module_cc_session.check_command(blocking=False)

3124

task

1377681839506713

1392811947983754

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Move most work to the work thread

Move all the possible logic into the work thread. The main thread will only listen for notifications about need to load zones (#3115), configuration updates and new/removed subscribers. It’ll simply push the notifications and commands to the queue for the work thread (and send ACK for the configuration updates, since they are command, not notification), but it’ll not handle other communication with the readers. This may simplify the logic in the work thread a bit, but some more will come. Directly handle whatever is needed instead of sending notification about completed work and letting the main thread handle it. Depends on #3123.

3125

enhancement

1377681981763574

1392812301690541

shmem manager

low

vorner

DNS Outstanding Tasks

new

Rip out the notifications from work thread

Remove the channel from the work thread to the main thread. After #3124, this direction is no longer needed and this simplifies the code.

3126

task

1377682159325112

1392811971648699

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Keep just one snapshot of config

Get rid of the list of data source infos. Keep just the latest one and put updates into it. Depends on #3122.

3127

task

1377682439703054

1392811816252112

b10-auth

medium

vorner

DNS Outstanding Tasks

new

Make auth response directly to segment_update command

Do the update of segment info in auth synchronous. That means, don’t queue it to the work thread. Just grab the lock of the data source and apply the change in the command handler. Return the ACK/NACK after that. Do not send the explicit segment_info_update_ack.

3128

task

1377686733661504

1392812038358186

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Send updates synchronously

Send updates to segment infos synchronously, in a similar way as stats collect the statistics. In particular, when the updates should happen (when there are no more updates to the data in the queue or comes some command that is not update to data), do this: * Lock the mutex (to prevent the main thread interfering) * Send the commands to all the readers * Wait for all the answers from the readers (either ACKs or undeliverable notifications). * Unlock the mutex. Stop using the state machine and switch to using the simplified version of datasource info from #3122. It should be done after #3127, to be able to check it against auth.

3129

task

1377687061159715

1392812052797467

shmem manager

medium

vorner

DNS Outstanding Tasks

new

On update, send info about all the segments

Send all the segment info at update. This may turn out to be done automatically by #3128, but it should be checked at the time. Include the complete config (from config manager) in the update, so the reader may check it is for its version.

3130

task

1377687267726899

1392812068429522

b10-auth

medium

vorner

DNS Outstanding Tasks

new

Update auth to handle complete update in one message

This is the counter-part of #3129. Handle the complete update in auth (probably inside single lock of the data sources, if there’s single mutex). Should be done after #3127.

3131

task

1377687670873487

1392812085895906

b10-auth

medium

vorner

DNS Outstanding Tasks

new

Check the version on update and config update

When the update of segment info comes to auth, do these: * Store the update information for later. * Check the config bundled with the update matches the config in place currently in the auth’s data sources. If yes, do the update, if not, do nothing now. When an update for configuration comes from the config manager: * Look for the stored update. If any: * Check the config bundled matches. If so, apply the stored update. Depends on #3130.

3132

task

1377687861464873

1392812102771429

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Delete the old datasource info

The not simplified version of data source info would not be needed at this point. Remove it. This is after #3129.

3133

task

1377687976461409

1392812120090155

shmem manager

medium

vorner

DNS Outstanding Tasks

new

Handle config updates in the manager

When an update comes: * Push the update to the data source manager, to have a new version of client lists. * Flush the queue of all data updates. Only add/remove relevant readers. * Queue updates of all the data sources (as at startup).

3134

task

1377697309376109

1389107740575785

Unclassified

medium

shane

Next-Sprint-Proposed

new

Investigate removing external visibility of asio headers

Right now we expose some of the asio headers with our IOAddresses class. We tried to avoid this but for some reason that has sneaked in. We need to figure out why we’ve done this, and see if we can change it back so that we don’t expose these headers any more. Some discussion here: [wiki:WeeklyMinutes20130828]

3135

task

1377698750878585

1378222724691813

Unclassified

medium

jreed

shane

assigned

Build BIND 10 with system-provided ASIO package

We want to see if we can build & run BIND 10 using Boost.ASIO instead of asio. The drawback of this is that it requires linking against Boost.System, and we’d rather not add extra dependencies. However perhaps it is worth it to just run with Boost. The goal of this ticket is just to build and test, to see if this is an option.

3136

enhancement

1377858713492825

1378220771790795

cmd-ctl

medium

cas

new

Version number for BIND 10 config database content

Feature request from BIND 10 training in Amsterdam, August 2013: a version number (and date) field for the global BIND 10 config this could be used: * by admins to check for a specific change * by a change management system (future module) * by bindctl or other management tools to check if the service side config has been changed (to prevent race conditions when doing concurrent changes from different bindctls)

3137

enhancement

1377859038301883

1378446455757799

Boss of BIND

medium

UnAssigned

cas

reviewing

function to temporary disable a BIND 10 module/component

Feature request from BIND 10 training in Amsterdam, August 2013: a way to temporary disable a module/component (b10-xferin, b10-resolver …), without the need to delete all the config

3138

enhancement

1377859537494484

1378220992025025

bind-ctl

medium

cas

new

IDN (International Domain Names) support in bindctl / b10-loadzone

Feature request from BIND 10 training in Amsterdam, August 2013: check for Unicode chars in domain names in bindctl and b10-loadzone. If found, convert the domain name to puny-code.

3139

enhancement

1377859736130004

1378222435690510

Unclassified

medium

cas

new

config file for b10-loadzone to set a default database location

Feature request from BIND 10 training in Amsterdam, August 2013: support a local configuration file for b10-loadzone to store the path/location of the BIND 10 sqlite3 database file Alternatively b10-loadzone could query this information from BIND 10 (bind-ctl?)

3140

task

1377864379496453

1380820215728789

dhcp4

low

UnAssigned

jreed

DHCP Outstanding Tasks

reviewing

lettuce test for dhcp

This ticket is for adding simple lettuce test for starting and stopping and basic configuring of b10-dhcp4. I understand that there are already lettuce tests for kea http://bind10.isc.org/wiki/DhcpTesting but these are not part of the existing source tree. I needed something to verify b10-dhcp4 still somewhat worked after various changes. I also saw #1642 but I am unclear what has been done there.

3141

enhancement

1377867605736332

1379430086316107

cmd-ctl

medium

cas

new

auto-detect if bindctl running on a terminal - command line switch for batch run

* have a global state (variable) in bindctl that reflects the mode (batch or interactive on terminal) * have a command line switch where the state can be explicitly set by the user (b / —batch orq / —quiet) * if the state has not been set by the user, test and set the state on OS systems where it is possible to detect if the command runs on a terminal can be used for function to detect if bindctl runs on a terminal. If not, interactive features (such as prompts) can be disabled.

3142

task

1377875229675878

1394209432744351

build system

low

UnAssigned

jreed

Common Outstanding Tasks

assigned

try using boost’s asio

Also see ticket #3135. The task for this ticket is to try using boost’s asio without depending on boost libraries. Maybe need to define BOOST_ASIO_HEADER_ONLY and undefine BOOST_ASIO_DYN_LINK and undefine BOOST_ASIO_SEPARATE_COMPILATION. I didn’t test using my trac3135 branch because asio/error_code.hpp and asio/system_error.hpp do not exist in boost/asio but are referenced by our source code.

3144

enhancement

1378131967213151

1378131967213151

dhcpdb

medium

tomek

DHCP Outstanding Tasks

new

All backends should support getLease4(clientid, hwaddr, subnetid)

It seems that our current LeaseMgr API does not support such an API. It should. See related discussion in ticket:2592#comment:14. Also see AllocEngine::allocateAddress4 in src/lib/dhcpsrv/alloc_engine.cc.

3148

enhancement

1378132656317504

1397640730796484

dhcpdb

low

UnAssigned

tomek

DHCP Outstanding Tasks

assigned

PD: memfile LeaseMgr support for Lease6 type PD

memfile backend must be able to handle Lease6 type PD.

3155

enhancement

1378133284730844

1397640730796484

dhcp6

low

tomek

DHCP Outstanding Tasks

new

PD: Prefix expiration

Once #3152 is implement, we need to implement prefix expiration. This requires also house-keep routines to be implemented.

3157

defect

1378312450895339

1378312450895339

dhcp

medium

marcin

DHCP Outstanding Tasks

new

The dhcp_srv_unittests fail when no network interface is configured

There are certain DHCP Srv unit tests that require at least one network interface to be configured with an address. Otherwise they fail because they can’t find an appropriate interface to use for unit tests: [ RUN ] Dhcpv4SrvTest.processDiscover 2013-09-04 18:32:18.837 DEBUG [bind10.dhcpsrv/31019] DHCPSRV_CFGMGR_DELETE_SUBNET4 deleting all IPv4 subnets 2013-09-04 18:32:18.837 DEBUG [bind10.dhcpsrv/31019] DHCPSRV_CFGMGR_ADD_SUBNET4 adding subnet 192.0.2.0/24 2013-09-04 18:32:18.837 DEBUG [bind10.dhcp4/31019] DHCP4_OPEN_SOCKET opening sockets on port 0 2013-09-04 18:32:18.837 ERROR [bind10.dhcp4/31019] DHCP4_SRV_CONSTRUCT_ERROR error creating Dhcpv4Srv object, reason: No suitable interfaces for server-identifier found lt-dhcp4_unittests: /usr/include/boost/smart_ptr/shared_ptr.hpp:424: T* boost::shared_ptr::operator->() const [with T = isc::dhcp::Option]: Assertion `px != 0’ failed. /bin/sh: line 5: 31019 Aborted (core dumped) /bin/sh ../../../../libtool —mode=execute ${dir}$tst FAIL: dhcp4_unittests =<br>1 of 1 test failed<br>Please report to bind10-dev@isc.org<br>= One ofthe possible solutions proposed is to use the loopback interface for unit testing. Perhaps, it could be useful to update existing documentation with the information that the unit tests require at least one interface being configured to work properly.

3158

enhancement

1378403332432230

1397640730796484

dhcp-ddns

low

tmark

DHCP Outstanding Tasks

new

Create d2.dox file, which includes D2 UML diagrams

Tomek has requested that a d2.dox file be created that includes the UML diagrams. His comments from review of 3086: “I like those diagrams. Please create src/bin/d2/d2.dox page and add the diagrams there. Please update doc/devel/mainpage.dox to pointout to it. This new page doesn’t have to be big. Couple sentences will be sufficient. Please try to explain the big picture, rather than the details. This doc should grow over time an the diagrams you made will fit in there nicely.”

3159

defect

1378872952057175

1394114753368758

shmem manager

medium

muks

Common Outstanding Tasks

new

Shared memory support not working on Solaris

Shared memory check in `configure.ac` now completely fails on Solaris SPARC with any compiler. It used to work with GCC before, but with the requirement for a newer Boost version, even GCC fails. This ticket is to re-check Solaris platforms, and clearly explain what’s the cause of failure somewhere in documentation, either as `configure` output or somewhere else. See the failures here: http://git.bind10.isc.org/~tester/builder/BIND10/20130910073342-Solaris10-sparc-GCC/logs/configure.out http://git.bind10.isc.org/~tester/builder/BIND10/20130910073342-Solaris10-sparc-GCC/logs/files/config.log <— (see configure:16907: checking Boost managed_mapped_file compiles )

3160

defect

1378873193058384

1394114723724326

logging

medium

UnAssigned

muks

Common Outstanding Tasks

assigned

boost::lexical_cast failure on Solaris with SunStudio

We now require a newer version of Boost. This has caused various build failures on different platforms. This is one of them: `boost::lexical_cast` fails compile on Solaris with SunStudio: libtool: compile: /usr/bin/CC DHAVE_CONFIG_HI. I../../../..I../../../../src/lib I../../../../src/libI../../../../src/lib/dns I../../../../src/lib/dnsI/udir/jreed/pkg/include D_XPG4_2DEXTENSIONS DOS_SUNDBOOST_DISABLE_THREADS=1 I../../../../ext/asioI../../../../ext/coroutine DASIO_DISABLE_THREADS=1g library=stlport4features=tmplife features=tmplrefstaticc zone_finder.cc KPICDPIC -o .libs/zone_finder.o “../../../../src/lib/log/log_formatter.h”, line 198: Error: isc::dns::AbstractRRset::AbstractRRset(const isc::dns::AbstractRRset&) is not accessible from isc::log::Formatter::arg(const isc::dns::AbstractRRset&). “../../../../src/lib/log/log_formatter.h”, line 198: Error: Formal argument arg of type isc::dns::AbstractRRset in call to boost::lexical_cast(isc::dns::AbstractRRset) has an inaccessible copy constructor. See full compile log: http://git.bind10.isc.org/~tester/builder/BIND10/20130910064517-Solaris10-sparc-Sunstudio/logs/build.out Brief analysis: The copy constructor is indeed private, but I don’t see why it would be used in this case. Is it trying to make a new non-const instance out of the const reference during lexical_castisc::dns::AbstractRRset> due to the guessed template argument being non-const?

3161

defect

1378873442339094

1379398538566579

Unclassified

medium

muks

Next-Sprint-Proposed

new

Fix clang-analyzer failures

In yesterday’s team meeting, we decided to create this ticket about `clang-analyzer` static analysis failures and fix them so that we can use future reports. This ticket should get rid of all failures and cause a clean report to be generated without defects. If there are false positives, or if we don’t want to fix code according to the report, please add appropriate annotations to inhibit these reports from being generated.

3162

defect

1378908813140194

1379430210469587

build system

medium

UnAssigned

stephen

new

subdir-objects automake option has not been enabled

OS/X 10.8.4 After upgrading !MacPorts to new versions of autotools: Mac:bind10(master):519 port list autoconf automake libtool<br>autoconf @2.69 devel/autoconf<br>automake @1.14 devel/automake<br>libtool @2.4.2 devel/libtool<br><br>... running "autoreconf -if" failed with messages about subdir-objects not being enabled:<br><br>Mac:bind10(master):520 autoreconf -if glibtoolize: putting auxiliary files in `.‘. glibtoolize: copying file `./ltmain.sh’ glibtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4macros’. glibtoolize: copying file `m4macros/libtool.m4’ glibtoolize: copying file `m4macros/ltoptions.m4’ glibtoolize: copying file `m4macros/ltsugar.m4’ glibtoolize: copying file `m4macros/ltversion.m4’ glibtoolize: copying file `m4macros/lt~obsolete.m4’ configure.ac:58: installing ‘./compile’ configure.ac:58: installing ‘./config.guess’ configure.ac:58: installing ‘./config.sub’ configure.ac:10: installing ‘./install-sh’ configure.ac:10: installing ‘./missing’ Makefile.am:445: warning: source file ‘$(GTEST_SOURCE)/src/gtest-all.cc’ is in a subdirectory, Makefile.am:445: but option ‘subdir-objects’ is disabled automake: warning: possible forward-incompatibility. automake: At least a source file is in a subdirectory, but the ‘subdir-objects’ automake: automake option hasn’t been enabled. For now, the corresponding output automake: object file(s) will be placed in the top-level directory. However, automake: this behaviour will change in future Automake versions: they will automake: unconditionally cause object files to be placed in the same subdirectory automake: of the corresponding sources. automake: You are advised to start using ‘subdir-objects’ option throughout your automake: project, to avoid future incompatibilities. Makefile.am: installing ‘./depcomp’ src/bin/auth/benchmarks/Makefile.am:14: warning: source file ‘../query.cc’ is in a subdirectory, src/bin/auth/benchmarks/Makefile.am:14: but option ‘subdir-objects’ is disabled src/bin/auth/benchmarks/Makefile.am:14: warning: source file ‘../auth_srv.cc’ is in a subdirectory, :

3163

enhancement

1378911558291145

1378911558291145

dhcpdb

very low

tomek

DHCP Outstanding Tasks

new

LeaseMgr: rename getLease4() => getLeases4()

Some methods return a collection of leases, rather than a single lease. Their names should be plural (getLeases4 rather than getLease4).

3164

defect

1378928361574223

1397640730796484

dhcpdb

low

tmark

DHCP Outstanding Tasks

new

MySQL connection timeout for invalid hosts is can be large

Dhcpsrc unit test, MySqlOpenTest.OpenDatabase, was taking two minutes to complete on a fresh install of Fedora 19 with the community version of MySQL. This exposes a minor issue with the connection timeout value not defaulting to reaonsably small values. Since the server is presumed to be local to the DHCP servers, setting the connection timeout to a reasonable if not configurable value would be prudent. The following patch would set the value at 5 seconds: diff —git a/src/lib/dhcpsrv/mysql_lease_mgr.cc b/src/lib/dhcpsrv/mysql_lease_mgr.cc index 9828085..12d5c39 100644 — a/src/lib/dhcpsrv/mysql_lease_mgr.cc + b/src/lib/dhcpsrv/mysql_lease_mgr.cc @ -1106,6 +1106,13 @ MySqlLeaseMgr::openDatabase int connect_timeout = 5; result = mysql_options(mysql_, MYSQL_OPT_CONNECT_TIMEOUT, &connect_timeout); + if (result != 0) { + isc_throw(DbOpenError, “unable to set connect timeout option:” << + mysql_error(mysql_)); + } + // Set SQL mode options for the connection: SQL mode governs how what // constitutes insertable data for a given column, and how to handle // invalid data. We want to ensure we get the strictest behavior and

3165

defect

1378933042715711

1379431212164572

build system

low

UnAssigned

tmark

new

Running “make check” without first running “make” on OS-X fails in datasrc_test.py

I pulled master (0e4c259dde279eafa1e3677a161ac9b67095c3d7), and ran the usual autoreconf/configure that I normally do. However, unlike my normal steps, I ran “make check” wihthout first running make and I got the following error: libtool: link: ( cd “.libs” && rm f “datasrc.la” && lns “../datasrc.la” “datasrc.la” ) Making check in tests Making check in testdata make[7]: Nothing to be done for `check’. make check-local for pytest in datasrc_test.py sqlite3_ds_test.py clientlist_test.py zone_loader_test.py ; do br> echo Running test: $pytest ; br> DYLD_LIBRARY_PATH=/Users/tmark/build/tip/bind10/src/lib/datasrc/.libs: DYLD_LIBRARY_PATH=/Users/tmark/build/tip/bind10/src/lib/cryptolink/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs:/Users/tmark/build/tip/bind10/src/lib/cc/.libs:/Users/tmark/build/tip/bind10/src/lib/config/.libs:/Users/tmark/build/tip/bind10/src/lib/log/.libs:/Users/tmark/build/tip/bind10/src/lib/util/.libs:/Users/tmark/build/tip/bind10/src/lib/util/threads/.libs:/Users/tmark/build/tip/bind10/src/lib/exceptions/.libs:/Users/tmark/build/tip/bind10/src/lib/datasrc/.libs:$DYLD_LIBRARY_PATH br> PYTHONPATH=:/Users/tmark/build/tip/bind10/src/lib/python/isc/log_messages:/Users/tmark/build/tip/bind10/src/lib/python/isc/cc:/Users/tmark/build/tip/bind10/src/lib/python:/Users/tmark/build/tip/bind10/src/lib/python:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs:/Users/tmark/build/tip/bind10/src/lib/python/isc/log:/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs br> TESTDATA_PATH=/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests br> HAVE_SHARED_MEMORY=yes br> B10_FROM_BUILD=/Users/tmark/build/tip/bind10 br> /opt/local/bin/python3.1 /Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/$pytest

exit ; br> done Running test: datasrc_test.py Traceback (most recent call last): File “/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/datasrc_test.py”, line 16, in import isc.log File “/Users/tmark/build/tip/bind10/src/lib/python/isc/log/init.py”, line 33, in from log import ImportError: No module named log make[8]:** [check-local] Error 1 If I run “make” and then “make check” everything is fine. I have attached config.log and .report

3166

defect

1379073173108997

1380614157078226

Unclassified

medium

muks

Next-Sprint-Proposed

new

SunStudio warnings to check when compiling the BIND 10 tree

SunStudio on Solaris outputs several warnings when compiling the BIND 10 tree. Some of these may be legitimate and would require testing. This ticket is to make a list of all the warnings from a SunStudio compile of BIND 10 and fix what should be fixed. If you are unsure about a particular warning, please discuss it on the bind10-dev@ list. Examples of warnings include: * Shadowing variables * Passing a start function compiled with C++ linkage to `pthread_create()` etc.

3168

enhancement

1379419105615864

1379419174253100

dhcpconf

low

tomek

DHCP Outstanding Tasks

new

Refactor different pools handling in Subnet6

Existing code in CfgMgr (isc::dhcp::Subnet6) uses static pool collections, one for each pool type. Tom proposed to refactor it use a common map+collection. (see ticket:3150#comment:5).

3169

defect

1379438682211239

1379438682211239

dhcpdb

very low

tmark

DHCP Outstanding Tasks

new

Replace use of char* with void* cast in buffer bindings in dhcspsrv/mysql_lease_mgr.cc

While reviewing trac# 3147, Stephen had the following comment: I note that in all cases, when the MYSQL_BIND “buffer” variable is assigned, the rvalue is cast to “char". I’m not certain why I did that ; looking at the and the definition of MYSQL_BIND in mysql.h, the "buffer" variable is a "void”. There is no need to change, as the variable is automatically cast to the correct type, but maybe create a ticket to correct this in the code? Investigate if casting to a void* would be the more proper approach.

3174

defect

1379993169755483

1380614181125298

configuration

very low

jreed

New Tasks

new

PKG_CONFIG not used correctly by configure

Setting PKG_CONFIG in environment or on configure command line doesn’t appear to work to set it for configure. This is a low priority task, but should fix this.

3175

enhancement

1380036537034868

1380036537034868

dhcp-ddns

low

tmark

DHCP Outstanding Tasks

new

Move d2::StateModel class(es) to lib::util

Per review comments from #3156, the d2::StateModel class and related pieces should be moved to lib::util. This will make it available for use outside of D2.

3176

defect

1380197333494455

1381302819529304

dhcp

medium

thozza

New Tasks

new

DHCP server dies because setting SO_BINDTODEVICE option on socket failed.

Hi. Using BIND10 1.1.0 distributed in Fedora, when configuring DHCPv4 server using steps from documentation: > config add Init/components b10-dhcp4 > config set Init/components/b10-dhcp4/kind dispensable > config commit the server fails to start with the following error: 2013-09-26 13:26:45.075 INFO [b10-dhcp4.dhcp4/1629] DHCP4_STARTING server starting 2013-09-26 13:26:45.076 ERROR [b10-dhcp4.dhcp4/1629] DHCP4_SRV_CONSTRUCT_ERROR error creating Dhcpv4Srv object, reason: Failed to set SO_BINDTODEVICE option on socket 4 2013-09-26 13:26:45.077 INFO [b10-dhcp4.dhcpsrv/1629] DHCPSRV_MEMFILE_DB opening memory file lease database: type=memfile 2013-09-26 13:26:45.078 WARN [b10-dhcp4.dhcpsrv/1629] DHCPSRV_MEMFILE_WARNING using early version of memfile lease database - leases will be lost after a restart 2013-09-26 13:26:45.078 INFO [b10-dhcp4.dhcp4/1629] DHCP4_CONFIG_COMPLETE DHCPv4 server has completed configuration: 2013-09-26 13:26:45.079 INFO [b10-dhcp4.dhcp4/1629] DHCP4_SHUTDOWN server shutdown 2013-09-26 13:26:45.083 INFO [b10-init.init/1622] BIND10_PROCESS_ENDED process 1629 of b10-dhcp4 ended with status 0 2013-09-26 13:26:45.083 ERROR [b10-init.init/1622] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 1629) failed: process exited normally with exit status 0 Also when trying to configure DHCPv6 server, it fails with: ERROR [b10-dhcp6.dhcp6/8426] DHCP6_SRV_CONSTRUCT_ERROR error creating Dhcpv6Srv object, reason: Failed to bind socket 4 to fe80::20e:7fff:fef3:aee9/port=547 Please note that we do not build BIND10 with “—with-dhcp-mysql”.

3185

enhancement

1381145840033931

1381145958541325

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Kea: add ability to read pcap files and process them into Pkt4 and Pkt6

We should develop a test that will read all pcap files from specified directory and try to process all DHCP packets in them through Kea. That would be a very flexible and extensible approach. To add a new test case, we’d have to only add new pcap file. The pcap collection could be confidential and stored separately. This would require to have the ability to read pcap files. We can either use libpcap for that or hack it. We don’t need much functionality, just extracting the packets as raw hex data. I’m slightly concerned with adding extra dependency on another library and dealing with its portability issues. This could be extended into DNS as well. See ticket:3177#comment:7 for a brief discussion.

3188

enhancement

1381333401824714

1397640730796484

Unclassified

medium

shane

DHCP Outstanding Tasks

new

socket creator support for raw sockets

The DHCP team needs to have support for raw sockets in the socket creator. Currently this is done directly in the code (iface_mgr_linux.cc): #!cpp fd_ = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); if (fd_ < 0) { isc_throw(Unexpected, “Failed to create NETLINK socket.”); } if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &SNDBUF_SIZE, sizeof) < 0) if ) < 0) local.nl_family = AF_NETLINK; local_.nl_groups = 0; if (bind(fd_, convertSockAddr(&local_), sizeof(local_)) < 0) { isc_throw(Unexpected, “Failed to bind netlink socket.”); } Or in pkt_filter_lpf: #!cpp int sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); if (sock < 0) { isc_throw(SocketConfigError, “Failed to create raw LPF socket”); } // Create socket filter program. This program will only allow incoming UDP // traffic which arrives on the specific (DHCP) port). It will also filter // out all fragmented packets. struct sock_fprog filter_program; memset(&filter_program, 0, sizeof(filter_program)); filter_program.filter = dhcp_sock_filter; filter_program.len = sizeof(dhcp_sock_filter) / sizeof(struct sock_filter); // Override the default port value. dhcp_sock_filter[8].k = port; // Apply the filter. if (setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter_program, sizeof(filter_program)) < 0) { close(sock); isc_throw(SocketConfigError, “Failed to install packet filtering program” << " on the socket " << sock); } struct sockaddr_ll sa; memset(&sa, 0, sizeof(sockaddr_ll)); sa.sll_family = AF_PACKET; sa.sll_ifindex = iface.getIndex(); // For raw sockets we construct IP headers on our own, so we don’t bind // socket to IP address but to the interface. We will later use the // Linux Packet Filtering to filter out these packets that we are // interested in. if (bind(sock, reinterpret_cast(&sa), sizeof(sa)) < 0) { close(sock); isc_throw(SocketConfigError, “Failed to bind LPF socket ‘" << sock << “‘to interface’” << iface.getName() << "’”); } return (sock); This may be a simple change to the protocol (described in src/bin/socketcreator/README). The current command consists of: * ‘S’ ’U

T’ ’4

6’ port address: Asks it to create a port. Probably we want to add something like: * ‘R’ ’N

L’ ifindex: Asks it to create a raw port for either netlink or LPF (with the specified interface index).

3190

defect

1381429166660885

1383029889796888

build system

very low

UnAssigned

jreed

New Tasks

new

—with-gtest-source versus —with-gtest

./configure probably shouldn’t allow both gtest switches to be used at same time. For example, —with-gtest=yes —with-gtest-source causes failure if don’t have libgtest installed. configure:17883: checking for gtest source configure:17890: result: /usr/src/gtest configure:17975: checking for gtest-config configure:18008: result: no configure:18021: WARNING: Unable to locate Google Test gtest-config. configure:18047: checking Checking whether gtest tests need pthreads configure:18068: g++ o conftestg O2DOS_LINUX I/usr/includeL/usr/lib conftest.cpp ldllgtest >&5 /usr/bin/ld: cannot find -lgtest Workaround is simply setting —with-gtest=no at end of line or removing that switch.

3193

defect

1381763861363478

1381763861363478

dhcp6

medium

wlodekwencel

DHCP-QA Defects

new

release process for PD

3 things to report (I think there is no need to create 3 tickets) 1. case is that Kea6 returns “SUCCESS” when received “RELEASE” msq for prefix that was not signed to anyone (release leases that does not exists). Should returns status code “NoBinding” 2. option ‘status code’ is placed in message not as sub-option for IA_PD. RFC 3633 Section 9: The status of any operations involving this IA_PD is indicated in a Status Code option in the IA_PD-options field. 3. “status message” (field in Status code option) that refers to IA_PD is: “Status Message: Summary status for all processed IA_NAs” There should be different messages for IA_NA and IA_PD. Attached 3 captures: 1. only PD in message 2. PD and IA in message 3. for comparison proper message with only IA.

3198

defect

1382012464749025

1391517799190822

logging

medium

tmark

DHCP Outstanding Tasks

new

isc::logging initialization in user_chk hook library cores under Debian6

logging issue on Debian: MessageIntitializer::loadDictionary() cores when called explicitly from function inside a shared library which defines its own log messages. The dhcp server opens each hook library once during configuration parsing. This is done to “validate” the library. It is closed immediately without invoking its load function. This causes the MessageIntializer declared in the generated messages .cc file to be instantiated. This in turn adds an entry to MessageInitializer::logger_values. This entry is never “consumed” as MessageInitializer::loadDictionary is not invoked prior to closing the library. The dhcp server then opens each configured hooks library again, this time invoking their load functions. When the explicit call to MessageInitializer::loadDictionary() is made within the library’s load function, it contains a ‘stale’ entry from the initial library open. Under some OS’s accessing this entry is a seg fault.

3205

enhancement

1382448305581806

1382448406285562

dhcpconf

medium

tomek

DHCP Outstanding Tasks

new

Unit-test improvement: need to use .spec defaults

See ticket:3191#comment:7 about the details. Current DHCPv4/6 unit-tests that use config files use them as is. The bindctl interface on the other hand, matches them against .spec files first and applies any default values from .spec. We do not test for that. Some things may work in unit-tests, but with defaults applied they may fail. Specific example: next-server with defined only global value was overridden on subnet scope by default value of 0.0.0.0.

3206

enhancement

1382464280365066

1382464280365066

dhcp

low

tomek

DHCP Outstanding Tasks

new

Enable disabled IfaceMgr unit-tests

There’s a handful of disabled unit-tests for IfaceMgr. We should enable them one day, probably after we have interface detection working on all systems.

3208

enhancement

1382549477477977

1382549477477977

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Improve vendor-options definitions and unit-tests

docsis3_option_defs.h have only a small subset of DOCSIS3.0 options defined. We need the whole set. There are also many missing unit-tests. Several ideas are marked with @todo in src/bin/dhcp4/tests/{config_parser,dhcp4_srv}_unittest.cc. Finally, vendor option unit-tests for v4 and v6 should be moved to a separate file.

3209

enhancement

1382562923895035

1382562923895035

dhcp

medium

tmark

DHCP Outstanding Tasks

new

Create documentation for DHCP user_chk hook library

Per Tomek’s review of trac3186 which created the user_chk library: “Please add a ticket for writing documentation for this hook lib. Since this is the first one that we’re shipping, it’ll have to double as a real life example, so it needs user documentation. Of course we don’t have time for such things right now, so a new ticket is the way go.”

3212

defect

1382805296990517

1394141771351449

Unclassified

low

bitdav

New Tasks

new

Cannot build on Windows

1. There is still no documentation / user guide for building Bind 10 on Windows as of this time. 2. The only documentation which contains the keyword “Windows” is just the following statement: “It is planned for BIND 10 to build, install and run on Windows and standard Unix-type platforms.” 3. There is a folder “win32utils” I’ve found in Bind 9 distribution, but not sure why it’s removed in Bind 10. 4. I’ve searched for this on Google, still no related information could be found… it seems that nobody has successfully built Bind 10 on Windows as of this time. 5. Since there’s no Bind 10 binary distributions for Windows, building from source is the only way … 6. All of the “Client” editions of Windows don’t have a DNS server, so Bind 10 is very very important for any Windows users that require a DNS server …

windows build compile install

3214

enhancement

1383161234949169

1392812138295428

Unclassified

medium

shane

DNS Outstanding Tasks

new

EUI48 and EUI64 RRtype implementations

http://www.rfc-editor.org/rfc/rfc7043.txt

3215

defect

1383168381939548

1383168381939548

dhcpconf

medium

tomek

DHCP Outstanding Tasks

new

Need an ability to provide domain-name for addresses

We need a way to provide domain name for options that use addresses. It should be configurable when that domain name is resolved into address: a) at configuration/start time b) before sending response to a client a) is better from performance perspective b) allows much better flexibility for admins

3217

defect

1383238581199815

1383242679164293

Unclassified

medium

jreed

New Tasks

new

multiple start up problems

Upgraded one of my systems to today’s master. It was running a bind10 since at least July (running for months!) The —verbose output: Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘session’" in > ignored FATAL : PYTHON_UNHANDLED_EXCEPTION program terminated with exception ProtocolError: Read of 0 bytes: connection closed. More info in /tmp/tmp44v5so INFO : AUTH_DATASRC_CLIENTS_BUILDER_STARTED data source builder thread started INFO : AUTH_SERVER_CREATED server created DEBUG : AUTH_DNS_SERVICES_CREATED DNS services created DEBUG : AUTH_CONFIG_CHANNEL_CREATED configuration session channel created DEBUG : SOCKETREQUESTOR_CREATED Socket requestor created for application b10-auth DEBUG : CC_ESTABLISH trying to establish connection with message queue daemon at /home/reed/opt/bind10/var/bind10/msgq_socket DEBUG : CC_ESTABLISHED successfully connected to message queue daemon ERROR : CC_READ_ERROR error reading data from command channel DEBUG : CC_DISCONNECT disconnecting from message queue daemon FATAL : AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file. INFO : AUTH_SERVER_EXITING exiting DEBUG : AUTH_DATASRC_CLIENTS_BUILDER_COMMAND data source builder received command: SHUTDOWN INFO : AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped Exception in thread Thread-1: Traceback : File “/usr/pkg/lib/python3.3/threading.py”, line 639, inbootstrap_inner self.run() File “/usr/pkg/lib/python3.3/threading.py”, line 596, in run self.target File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 678, in run self.run_select File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 715, in run_select self.process_packet KeyError: 8 Exception in thread Thread-2: Traceback : File “/usr/pkg/lib/python3.3/threading.py”, line 639, inbootstrap_inner self.run() File “/usr/pkg/lib/python3.3/threading.py”, line 596, in run self.target File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 867, in run_session session.check_command File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 290, in check_command msg, env = self.session.group_recvmsg(nonblock) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 306, in group_recvmsg env, msg = self.recvmsg(nonblock, seq) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg data = self.receive_full_buffer File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, inreceive_full_buffer self.receive_len_data File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, inreceive_len_data new_data = self.receive_bytes File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, inreceive_bytes raise ProtocolError(“Read of 0 bytes: connection closed”) isc.cc.session.ProtocolError: Read of 0 bytes: connection closed Exception BrokenPipeError: BrokenPipeError(32, ’Broken pipe’) in > ignored DEBUG [b10-cmdctl.cmdctl]: CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080 DEBUG [b10-cmdctl.pycc]: PYCC_LNAME_RECEIVED received local name: 52728a5f_7@t1.m.reedmedia.net DEBUG [b10-cmdctl.pycc]: PYCC_LNAME_RECEIVED received local name: 52728a5f_8@t1.m.reedmedia.net FATAL [b10-cmdctl.util]: PYTHON_UNHANDLED_EXCEPTION program terminated with exception ProtocolError: Read of 0 bytes: connection closed. More info in /tmp/tmpa1r9w5 Exception AttributeError:”‘ModuleCCSession’ object has no attribute ‘_session’" in > ignored [b10-ddns] Warning: -v verbose option is ignored at this point. ERROR [b10-ddns.ddns]: DDNS_CC_SESSION_ERROR error reading from cc channel: [Errno 2] No such file or directory Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘_session’” in > ignored DEBUG [b10-zonemgr.zonemgr]: ZONEMGR_STARTING zone manager starting ERROR [b10-zonemgr.zonemgr]: ZONEMGR_SESSION_ERROR unable to establish session to command channel daemon FATAL [b10-zonemgr.util]: PYTHON_UNHANDLED_EXCEPTION program terminated with exception UnboundLocalError: local variable ‘zonemgrd’ referenced before assignment. More info in /tmp/tmp9v1j8t Some “more info” was mentioned above … /tmp/tmp44v5so Traceback (most recent call last): File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler return main() File “/home/reed/opt/bind10/libexec/bind10/b10-stats”, line 735, in main stats = Stats() File “/home/reed/opt/bind10/libexec/bind10/b10-stats”, line 211, in init self.command_handler) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 215, in init self.session = Session File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 61, ininit env, msg = self.recvmsg File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer self.receive_len_data() File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, inreceive_bytes raise ProtocolError(“Read of 0 bytes: connection closed”) isc.cc.session.ProtocolError: Read of 0 bytes: connection closed /tmp/tmpa1r9w5 Traceback (most recent call last): File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler return main() File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 688, in main run(options.addr, options.port, options.idle_timeout, options.verbose) File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 647, in run CommandControl, idle_timeout, verbose) File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 530, in init self.cmdctl = CommandControlClass(self, verbose) File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 252, in init self.setup_session File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 268, insetup_session self.command_handler) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 228, in init default_logconfig_handler) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 469, in add_remote_config self.add_remote_config_internal File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 393, inadd_remote_config_internal answer, _ = self.session.group_recvmsg File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 306, in group_recvmsg env, msg = self.recvmsg File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg data = self.receive_full_buffer(nonblock) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer self.receive_len_data() File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, in receive_len_data new_data = self.receive_bytes(self.recv_len_size) File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, inreceive_bytes raise ProtocolError(“Read of 0 bytes: connection closed”) isc.cc.session.ProtocolError: Read of 0 bytes: connection closed /tmp/tmp9v1j8t Traceback (most recent call last): File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler return main() File “/home/reed/opt/bind10/libexec/bind10/b10-zonemgr”, line 830, in main if zonemgrd and zonemgrd.running: UnboundLocalError: local variable ‘zonemgrd’ referenced before assignment

3229

enhancement

1384350078482558

1397640730796484

libdhcp

low

tomek

DHCP Outstanding Tasks

new

Need better tests for activating interfaces

During dry-run we discovered that activating ipv6 interface was not functional, because we set active4_ field, not active6_. This is fixed already, but it shows that our tests in that area are inadequate. It is unclear if this can be addressed with unit-tests or system tests would be better.

3230

defect

1384350875656222

1397640730796484

dhcpconf

low

tomek

DHCP Outstanding Tasks

new

Parser print out confusing error messages when pool is invalid

When configuring new pool, Marcin encountered: 2013-10-16 08:56:08.364 ERROR [b10-dhcp6.dhcp6/6778] DHCP6_PARSER_FAIL failed to create or run parser for configuration element valid-lifetime: Pool (3000:cafe:beef::–3000:cafe:beef:0:ffff:ffff:ffff:ffff does not belong in this (2001:558:ffa8::/48) subnet 2013-10-16 08:56:08.365 ERROR [b10-cmdctl.cmdctl/6776] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Configuration parsing failed: Pool (3000:cafe:beef::–3000:cafe:beef:0:ffff:ffff:ffff:ffff does not belong in this (2001:558:ffa8::/48) subnet This error message is partially correct. The pools are invalid, but it has nothing to do with valid-lifetime.

3235

enhancement

1384427600243652

1397640730796484

dhcp4

low

tomek

DHCP Outstanding Tasks

new

Kea4: We do not support vendor specific info (option 43)

We do support vendor-independent vendor-specific option (125), but we do not support vendor specific info option (43). Luckily, docsis needs option 125 to operate, not 43.

3236

enhancement

1384427757984720

1397640730796484

dhcp4

low

tomek

DHCP Outstanding Tasks

new

Kea4: We do not handle option 122 (Cable Client Config)

We had seen this option during IETF demo in Vancouver. I’ll try to find a capture that contains it.

3237

enhancement

1384428247589157

1397640730796484

hooks

low

UnAssigned

tomek

DHCP Outstanding Tasks

new

user_check library must load even user registry missing; doc needed

The library should load, even if there’s not /tmp/user_chk_registry.txt file. From the setup perspective it would be reasonable to just fall back to normal operation if the file is missing. From the security persective, it would probably be good to treat all packets as unregistered users. I don’t have any preference. Whatever the choice is, it should be well documented. For now that library will act as a substitute for classification. Once proper classification is done, it will be relieved of doing that function. It is unclear what we’ll do next with it. In any case, this is our first lib, so it will be used as example. Hence we need easy to read introdution for it. It should probably be part of the hooks documentation.

3238

defect

1384431469434996

1397640730796484

hooks

low

UnAssigned

tomek

DHCP Outstanding Tasks

new

libreload does not work as intended

During second dry-run, we set up user_chk library. I tried to load it in dhcp4, but there was no required /tmp/user_chk_registry.txt file. Then I added the file and issued dhcp4 libreload command. the lib was not loaded.

3240

defect

1384439261084445

1384439261084445

dhcp

medium

marcin

DHCP Outstanding Tasks

new

Lease classes deserve unit tests.

Currently the Lease class and classes derived from it are structs. This is probably why the unit tests haven’t been implemented for them. At this point however, they already contain a substantial amount of logic - equality operators and toText functions which should be unit tested.

3244

defect

1384564938015577

1386152284326179

dhcp

medium

shane

New Tasks

new

Hardcoded UDP port causes test failures

I was running the DHCP tests today and they failed. I happened to be on a device that had port 10001 used by some proprietary protocol (on the EdgeMAX EdgeRouter Lite), and the tests failed. It took me quite a while to track down the failure to this root cause. I’m not sure the best way to fix this in general, if indeed it needs fixing at all. Perhaps simply reporting that the failure was caused by failure to bind(), along with the address/port, might be enough. I would have tried “netstat -apn” if I had known that this might be the problem. :)

3246

defect

1384953356568278

1384953356568278

dhcp6

high

tomek

New Tasks

new

Fix problem with PD hints collisions

Client’s PD hint will be accepted without any processing (only checked if it is not used and belongs to valid scope), even if the host part of the prefix (e.g. least significant 9 bytes, when sending /56 prefix) has non-zero values. This allows collision of two prefixes that are essentially the same (e.g. 2001:db8::1/64 and 2001:db8::2/64) to be assigned. This is easy to fix. The server must zero the last 128-prefix_len bits before processing hint.

3248

defect

1385056221804043

1385056221804043

dhcp6

medium

marcin

DHCP Outstanding Tasks

new

DHCPv6: Set the lease expiration time for the NameChangeRequests

Currently the DHCPv6 server is generating NameChangeRequests using the IAADDR options carried in the server’s response. This precludes setting the lease expiration time for the NameChangeRequests to the expiration time set in the lease because the IAADDR doesn’t carry this information. We may want to consider generating the NameChangeRequests based on the lease data (like in the DHCPv4) which would give more flexibility.

3249

defect

1385552463111112

1385552463111112

message-library

medium

tmark

New Tasks

new

IOFetch resends request on mis-matched qid

If the QID of an inbound DNS response does not match the QID of the DNS request, IOFetch resends the request. See IOFetch::operator()(asio::error_code ec, size_t length): It may be as simple as starting the main “do” loop start after the call to asyncSend(), not before it.

3256

enhancement

1386250419460810

1397640730796484

build system

medium

UnAssigned

tomek

DHCP Outstanding Tasks

new

Kea should not require sqlite, botan

See ticket #3255 for prerequisite work. Once the modularization is implemented, we need to make sure that sqlite is only needed when DNS (auth, probably) is enabled. Botan is likely needed for auth, resolver and dhcp-ddns. Many libraries is src/lib are used in specific modules only. In particular, some of them are not needed for DHCP builds. It would be good if they were not built, unless needed.

3257

task

1386254141914389

1397640730796484

documentation

low

tomek

DHCP Outstanding Tasks

new

Update Developer’s Guide for PD/Kea 0.9 alpha

We need to check if all the recent changes (PD, DDNS, cable modems, other demo stuff) are described appropriately in dev guide.

3259

enhancement

1386257244096727

1397640730796484

hooks

low

UnAssigned

tomek

DHCP Outstanding Tasks

new

Need ability to pass configuration parameters to hook libraries

There is currently no way to pass parameters to hook libraries, so libs must use their own configuration routines or hardcode parameters. Both are bad. It is likely that the hooks configuration will be extended with a collection of generic name=value parameters that will be passed to the hooks load() function.

3261

defect

1386679861896350

1386679861896350

perfdhcp

medium

marcin

DHCP Outstanding Tasks

new

perfdhcp: orphan messages counting shouldn’t be performed for individual exchanges

Currently the number of orphans is not displayed because Reply messages received for Renew and Releases are counted as orphans for the 4-way exchanges, which is wrong. We will need to move the orphans counting out of the Statistics Manager so as orphans counter is increased only if the particular message is not identified as a reponse to any of the messages sent by perfdhcp.

3268

enhancement

1387313911346468

1397640730796484

dhcp-ddns

medium

tmark

DHCP Outstanding Tasks

new

Make b10-dhcp-ddns default DNS Update timeout configurable, look at other possibles

Currently, the timeout for a given DNS exchange is dictated by NameChangeTransaction::DNS_UPDATE_DEFAULT_TIMEOUT which is a constant. It should be configurable, probably at the DnsServerInfo level. Other candidates to consider: In d2_cfg_mgr.h: /// brief Reverse zone suffix added to IPv4 addresses for reverse lookups<br> /// todo This should be configurable. static const char* IPV4_REV_ZONE_SUFFIX; /// brief Reverse zone suffix added to IPv6 addresses for reverse lookups<br> /// todo This should be configurable. static const char* IPV6_REV_ZONE_SUFFIX; From d2_queue_mgr.cc: // percent. This is an arbitrary choice. todo this value should<br>// probably be configurable.<br>size_t threshold = (((queue_mgr_->getMaxQueueSize()<br> * QUEUE_RESTART_PERCENT)) / 100);<br><br>and then also this:<br><br>// todo This method assumes only 1 type of listener. This will change // to support at least a TCP version, possibly some form of RDBMS listener // as well. reconf_queue_flag_ = false;

3269

enhancement

1387386271980184

1397640730796484

dhcp6

medium

tomek

DHCP Outstanding Tasks

new

Kea6: add support for CONFIRM messages

Kea6 does not support CONFIRM, a mandatory message according to RFC3315.

3271

defect

1387802110784466

1387803408960831

dhcp6

medium

UnAssigned

wlodekwencel

DHCP-QA Defects

new

Kea6 assign IPv6 address which is configured with.

server configuration: config set Dhcp6/renew-timer 1000 config set Dhcp6/rebind-timer 2000 config set Dhcp6/preferred-lifetime 3000 config set Dhcp6/valid-lifetime 4000 config add Dhcp6/subnet6 config set Dhcp6/subnet6[0]/subnet “3000::/64” config set Dhcp6/subnet6[0]/pool [ “3000::55-3000::55” ] config set Dhcp6/subnet6[0]/interface “eth2” config commit interface configuration: ip addr show dev eth2 4: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:11:c7:67 brd ff:ff:ff:ff:ff:ff inet6 3000::55/64 scope global valid_lft forever preferred_lft forever inet6 fe80::a00:27ff:fe11:c767/64 scope link valid_lft forever preferred_lft forever Despite that server is configured with pool 3000::55-3000::55 on interface which has 3000::55 address, Kea is assigning address 3000::55 after client Requesting it (capture included). Expected: Reply with IA_NA option with suboption Status Code with code 2 - NoAddrsAvail.

3275

enhancement

1388430165982972

1397640730796484

hooks

medium

UnAssigned

tomek

DHCP Outstanding Tasks

new

Kea4/6: extract cable modem specific code to hook lib (classification, part 3)

Once #3203 and #3274 are done, there will be some DOCSIS specific processing in the code code. That code should be extracted into an external hook library.

3276

defect

1388436107209772

1394114765378779

build system

medium

UnAssigned

jreed

Common Outstanding Tasks

new

CC: library=Cstd cannot be used withlibrary=stlport4

libtool: link: /opt/SolarisStudio12.3-solaris-sparc-bin/solarisstudio12.3/bin/CC Ghlibb10-exceptions.so.0 o .libs/libb10-exceptions.so.0.0.0 .libs/exceptions.olibrary=stlport4 lrtlsocket lnsllibrary=Cstd library=Crunlc Qoption ldR/udir/jreed/botan-main-sunstudio/lib CC: library=Cstd cannot be used withlibrary=stlport4 This is using SolarisStudio12.3 on the sol-10 sparc lab system. The configure.ac adds library=stlport4 but the check in aclocal.m4 which is included in configure for this happens earlier so thelibrary=Cstd gets added. The ordering needs to be fixed, or somehow tell autoconf / aclocal not to add in this additional configure code, or stop the libtool script from adding it.

3278

task

1388502350403521

1388502350403521

Unclassified

medium

jreed

New Tasks

new

requirements into source tree

This ticket is for the initial addition of some RFC (and related) requirements or specifications placed into the source tree. The long term goal is split this out to be a standalone testing framework. The goal of this ticket is to: - add a README explaining its syntax and use, based on ISC Engineering Best Practices Board “SwengRequirements” internal document (from ~one year ago). - add various items found in wiki and done independently, changed too new standard format. For this ticket, this will be some DNS only. - point out problems identified by independent reviews of some RFCs. (If the review is too much, we can break up into different tickets.)

3280

enhancement

1388770048334814

1389200011636698

dhcpconf

low

marcin

DHCP Outstanding Tasks

new

DHCPv4 server id override configuration parameter to be added

There is a mechanism in ISC-DHCP to override the default server id value. The #3231 introduces dynamic generation of server identifier, depending on which interface is used to send a response. If there is a demand for the override capability in Kea we should implement the new configuration parameter which will override the dynamically generated server id with the custom value, just like it is done in ISC-DHCP.

3284

defect

1389244437575692

1392812336551019

resolver

very low

muks

DNS Outstanding Tasks

new

Remove `hasRecordInAuthoritySection()` function in src/lib/cache/message_utility.cc

See #688. `hasRecordInAuthoritySection()` or its caller has to be fixed, or this function has to be removed and replaced with `Message::hasRRset()`. This is very low priority and we may not even fix it as it is a part of the experimental resolver that is now obsolete.

3289

enhancement

1389853717873502

1392812204361516

xfrout

medium

muks

DNS Outstanding Tasks

new

Use the in-memory data source for XfrOut

After #2539, the in-memory data source now has a more complete zone iterator. There are some more updates to be done such as NSEC3 iteration, etc (see #2271), but after these are complete we can use it to transfer data out.

3290

defect

1389854710719517

1389854710719517

libdns++

medium

UnAssigned

muks

New Tasks

new

Fix and re-enable libdns++ MasterLoad tests

This is an offshoot from #2381. `masterLoad` now uses the `MasterLoader` class. The following testcases have been disabled as they fail because the test data has trailing comments and (eventually) uses the string DNSKEY RDATA constructor which doesn’t support comments: [ FAILED ] MasterLoadTest.loadRRWithComment [ FAILED ] MasterLoadTest.loadRRWithCommentNoSpace [ FAILED ] MasterLoadTest.loadRRWithCommentEmptyComment [ FAILED ] MasterLoadTest.loadRRWithCommentEmptyCommentNoSpace These tests should be fixed and re-enabled.

3293

defect

1389927007840041

1389927007840041

tests

medium

muks

New Tasks

new

Check zone loading failure cases in system tests

We should introduce system tests (lettuce) to try and load bad zone data into `b10-auth` and verify that the server does not crash with unhandled exceptions, etc. These conditions should be gracefully handled. Currently zone load failures are tested at the unittest level, but these are tested to see whether they correctly throw exceptions or not. `b10-auth`’s behavior needs to be tested at the system test level. A lack of such tests is severe enough to be a defect.

3294

task

1389972932402205

1389972932402205

dhcp-ddns

medium

tmark

DHCP-Kea0.9

new

Remove always-include-fqdn configuration parameter from D2ClientConfig

DHCP DDNS configuration for Kea includes a parameter, always-include-fqdn. The intent to not include the FQDN option in the response back to a client, unless it was in the request’s PRL. After some discussion this was deemed to be an unneeded ability. The current behavior will always include an FQDN option in the response if the request included an FQDN option.

3296

enhancement

1389987743421420

1389987750309181

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Rethink Pkt4 and Pkt6 class hierarchy

There are many similarities between Pkt4 and Pkt6, but they do not have a common base class. Furthermore, some methods in both classes are server-specific (e.g. relay manipulation code) that would be useless on the client side. We should rethink the class hierarchy here. One possible way forward would be: BasePkt>Pkt4>SrvPkt4 BasePkt>Pkt6>SrvPkt6

3297

defect

1390213544861065

1390213544861065

dhcpconf

medium

marcin

DHCP Outstanding Tasks

new

b10-dhcp4/6: Extend config_parser unit tests to cover different data types configuration.

Option values may be set in different formats. The csv-format allows to specify values for option fields as a list of comma separated strings. The configuration parser is using libdhcp+ to parse these values and the libdhcp+ functions are now sufficiently unit tested (This ticket makes them sufficiently unit tested as before this ticket it they had lacked tests for boolean values). However, it may be worth to extend configuration parser tests for dhcp6_srv and dhcp4_srv as well, to test setting option values through configuration mechanism.

3302

enhancement

1390649804146530

1390649804146530

Unclassified

medium

kean

New Tasks

new

Use IPv4 for all feature tests and add IPv6 tests

This is a continuation of #2904. On the first branch of that ticket (trac2904) the tests were changed to use IPv4 rather than IPv6, which was originally used as a work-around for that bug. The port number was changed in #2904 (branch trac2904_v3) but the IPv4 / IPv6 changes were not included. This ticket is to track that desired work. We need to make all of the feature tests in lettuce use IPv4, and then add in a suitable number of IPv6 tests to ensure that the IPv6 code-path is tested.

3306

defect

1390908455806245

1397640730796484

dhcpconf

low

tomek

DHCP Outstanding Tasks

new

Implement subnet overlapping sanity check

Currently it is possible to define overlapping subnets (or even multiple copies of the same subnet). Doing so would lead to non-obvious errors (like lease being free, but not being able to use it or lease belonging to the wrong subnet). See CfgMgr::addSubnet{4,6} in src/lib/dhcpsrv/cfgmgr.cc.

3307

task

1390908816422820

1396979705872480

dhcp

high

tomek

DHCP Outstanding Tasks

new

Client classification design

We need a proper design of the client classification. In particular, it most likely should cover the following topics: 1. New hook definition for client classification 2. Extracting current classification into a separate class. 3. Support for classes on pool level. 4. The ability to send custom options for a given class. 5. Flexible class definition (what does it mean that packet X belongs to class Y?) 6. Support for more than one class (packet can belong to many classes, e.g. cablemodem, premium_service, and bills_not_paid).

3308

defect

1390917698204487

1394114776178705

data source

medium

muks

Common Outstanding Tasks

new

boost::offset_ptr failure on Solaris 10 with GCC

Use of `boost::offset_ptr` fails compile on Solaris 10 with GCC: http://git.bind10.isc.org/~tester/builder/BIND10/20140128043805-Solaris10-sparc-GCC/logs/build.out It passes on Solaris 11 i386 with GCC. Here is some version information: Solaris 10 with GCC (fails): CXX_VERSION: g++ (GCC) 3.4.3 BOOST_VERSION: 1.54 Solaris 11 with GCC (passes): CXX_VERSION: g++ (GCC) 4.5.2 BOOST_VERSION: 1.50 Jeremy said he’d check with a newer version of GCC on the Solaris 10 machine.

3311

enhancement

1390993276153393

1392914051643609

libdns++

medium

UnAssigned

muks

DNS Outstanding Tasks

new

Add specialized Rdata implementations for getLength()

Add specialized `Rdata::getLength()` implementations for various RR types. Currently the default implementation renders to a buffer and returns the size of the renderered buffer. The type-specific implementations should return a calculated size instead. This will speed up xfrout performance.

3317

defect

1391143806153510

1392811366829027

xfrin

high

muks

DNS Outstanding Tasks

new

Zone manager fails to tell xfrin about notify during lettuce test

See: http://git.bind10.isc.org/~tester/builder/BIND10-lettuce/20140130075053-MacOSX10.6-x86_64-GCC/logs/lettuce.out and associated log files. The NOTIFY is sent successfully by the master to the secondary. The secondary `b10-auth` receives it, and passes it to zone manager. It gets dropped there, no zone transfer occurs and the test asserts. I haven’t checked if zone manager drops it wilfully or in error.

3318

task

1391159593648922

1391159593648922

build system

medium

jreed

shane

New Tasks

new

Add builder that uses -ftrapv flag on g++

We recently updated the code to not depend on behavior of signed integer overflow in ticket #3010. We do not set the -ftrapv flag which revealed this problem because there is a runtime cost. However, we should run our tests in an environment to insure that we don’t add any code that violates this constraint. This ticket is to set up such a builder.

3319

enhancement

1391440917249243

1391440917249243

libdhcp

medium

tomek

DHCP Outstanding Tasks

new

IfaceMgr debuggability improvement

receive4() and receive6() methods in IfaceMgr should have the capability to log which sockets over which interface are used to receive data. Such an information was very useful in debugging various issues in Dibbler, and it will be helpful in Kea as well. In general, we need a way to log something from libdhcp. Tom suggested that socket callbacks could be extended with an extra descriptive string that could be logged as well. Also see changes in #3315 (the socket logging was partially implemented, but there was no way to print it out, so the code was removed).

3320

enhancement

1391449763896463

1397640730796484

dhcp4

medium

marcin

DHCP Outstanding Tasks

new

DHCPv4: implement support for requested ip address option 50

The option 50 (requested ip address) allows the client to specify that the particular IP address is assigned. The RFC2131 makes heavy use of this option. Kea should make its allocation decision respecting this option. Currently this option is ignored.

3321

enhancement

1391487743362766

1392812254190470

data source

medium

muks

DNS Outstanding Tasks

new

Use a lowercase version of calculate() for further speedup in findNSEC3()

`findNSEC3()` (in database and memory backends) uses a version of hash calculator that converts the label data to lowercase every time before calculating the hash. Because it does it repeatedly for sub-seqeunces of the same name, it can be optimized by converting the name to lowercase upfront and using a lowercase version of `calculate()` with it. (This ticket is an offshoot of #1894.)

3323

defect

1391519313296956

1391519313296956

build system

low

UnAssigned

stephen

New Tasks

new

Change location of hooks example code

The DHCP example hooks library code is in the source tree at “src/hooks…”. This should be moved into the “examples” directory.

3325

enhancement

1391548471422540

1391548471422540

libdns++

low

UnAssigned

tmark

New Tasks

new

Add wrapper for asio::io_service::poll and poll_one to asiolink::IOService

asio::io_service provides two non-blocking methods, poll and poll_one for executing ready handlers. These methods are not currently visible as there are no wrappers provided in asiolink::IOService. b10-dhcp-ddns related and related Kea work make use of poll now by accessing the native io_service.

3326

enhancement

1391583686154342

1392812273788676

data source

medium

muks

DNS Outstanding Tasks

new

Modify ZoneIterator interface to enforce getSOA() requirements

`ZoneIterator::getSOA()`’s API doc requires us to cache the SOA RRset during iterator construction. This is so the SOA does not change after iteration starts even if there are changes to the underlying data source. This is currently suggested in API doc and not enforced, and our data sources implement it. We should consider modifying the `ZoneIterator` interface such that `getSOA()` is no longer virtual and the SOA RRset is cached by the parent `ZoneIterator` itself during construction. The API for this would be a little tricky as `ZoneIterator` is constructed before derived classes, so we may either use a `ZoneIteratorImpl` that `ZoneIterator` wraps around, or get the derived constructor to call a protected `setSOA()` method.

3327

defect

1391589639450868

1392811920094973

Unclassified

high

muks

DNS Outstanding Tasks

new

DDNS TSIG testing inadequate (missing)

In the following code in `ddns.py.in`: msg = update_session.get_message() self.__response_renderer.clear() if tsig_ctx is not None: msg.to_wire(self.__response_renderer, tsig_ctx) else: msg.to_wire(self.__response_renderer) It doesn’t matter if the false path is taken every time. Unittests still pass. There is inadequate test coverage.

3328

enhancement

1391626808129143

1397640730796484

dhcp-ddns

medium

tmark

DHCP Outstanding Tasks

new

Add maxiumum queue size to dhcp-ddns configuration, consider sender ip and port

The NameChangeSender interface supports a value for the maximum size limit for its internal send queue. The default is in the dhcp_ddns library is 1024. This value should be a configurable value in the dhcp-ddns configuration. NameChangeSender also supports a “client” IP address and port. These values default to 0.0.0.0 and 0 respectively allowing the sender to bind as the OS deems suitable. Is there a need or usefulness in being able to configure a specific address and port?

3334

enhancement

1391778416437979

1391778416437979

libdns++

medium

UnAssigned

muks

New Tasks

new

Use RdataPimplHolder instead of std::auto_ptr in RDATA parsers

Various RDATA parsers in `libdns` use `std::auto_ptr` but it is deprecated in C11. We currently do not allow the use C++11 features, but stopping to use `std::auto_ptr` seems wise anyway going forward. #2185 (TLSA parser) introduces a `RdataPimplHolder` class that is a drop-in replacement for how `std::auto_ptr` is used in the RDATA parsers. This ticket is to do the replacements. Please do it after #2185 has been merged to master.

3336

defect

1392287396580495

1392296860094799

dhcp4

low

wlodekwencel

DHCP-QA Defects

new

No renew and rebind times in server respond.

Options: 58 - Renewal Time Value RFC 2132 Section 9.11 59 - Rebinding Time Value RFC 2132 Section 9.12 Kea4 does not include in to OFFER/ACK message. Apparently it’s on ‘TODO’ list: file: src/bin/dhcp4/dhcp4_srv.cc lines 1046, 1047: /// todo: send renew timer option (T1, option 58)<br> /// todo: send rebind timer option (T2, option 59) Also there is unitest for this: Dhcpv4SrvTest::checkAddressParams file: src/bin/dhcp4/tests/dhcp4_test_utils.cc line: 241 It testing presence of those options in message created by server and that unitest is passing.

3337

defect

1392311671131503

1392369201791046

perfdhcp

medium

marcin

DHCP Outstanding Tasks

new

perfdhcp wrong merge MAC to packet template

This is a bug report regarding use of template packets in perfdhcp, submitted by Torsten Goehler: Dear Sirs, I’m trying to factor template files for perfdhcp for DHCP performance testing. I factored a template file containing the required options. I used: perfdhcp R 1000T discover.hex to start testing with 1000 simulated different MAC adresses. according to the bootp standart the Client MAC is directly positioned after the relay IP. The expection was perfdhcp to count up the client MAC, which starts w “00:0c:01:02:03:04” if I dont’t give the “b mac=xx:xx:xx:xx" starting value. This obviously works only if I dont’t use a hex template file. In case I use the perfdhcp in conjunction w a template file as mentioned, the altering client MAC address is inserted into the packet w an off set of 2 bytes after the relay IP which is weird. Even if I try to use "b mac=xx:xx:xx:xx” and template file together the given mac gets inserted w that 2 bytes offset which makes it impossible to control the client mac togehther with defining other options which are nessesary to simulate proper address scope selection. any ideas? point to patch the source and re-compile? Many thanks Torsten

3338

defect

1392392746132183

1392392746132183

libdns++

medium

UnAssigned

jreed

New Tasks

new

rename dns/message.h and other dns headers due to bind9 clash

dns/message.h is a file provided from BIND9. It is incompatible and different than BIND10’s dns/message.h. Code with #include may end up matching wrong version and result in: error: ‘isc::dns::Message’ has not been declared (as an example). Ordering of -I include arguments can work around this, but it would be best not to use same name especially since lots of systems have bind9 headers in default headers path. I propose we change the filename. This also is about dns/rdataclass.h dns/rdata.h dns/rcode.h dns/opcode.h and dns/name.h I thought I brought this up before but couldn’t find old ticket. I think maybe if we don’t rename files, we should rename the subdirectory to dns++/

3342

defect

1392627893429184

1397640730796484

dhcp4

low

plu

DHCP Outstanding Tasks

new

bind-10 DHCP4 problem with windows XP SP3

Some problem with getting ip address in Windows XP SP3. Other OS (ubuntu, centOS, windows XP sp2, windows 7, windows 98) are getting IP-address, but Windows XP SP3 doesn’t get IP. Configuration in bind10 dhcp4 is minimum: added: Dhcp4/subnet4[0]/subnet “192.168.122.0/24” Dhcp4/subnet4[0]/pool [ “192.168.122.1 - 192.168.122.240” ] I tried to distribute ip-address using isc-dhcp-server, all worked for all systems, including windows xp sp3

dhcp, windows xp, sp3

3345

defect

1392972487378436

1394114786523217

data source

medium

muks

Common Outstanding Tasks

new

Segfault in zone_loader_test.py on Mac OS

macmini is reporting a segfault: http://git.bind10.isc.org/~tester/builder//BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/logs/unittests.out Running test: zone_loader_test.py …………/bin/sh: line 1: 35497 Segmentation fault (core dumped) DYLD_LIBRARY_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/datasrc/.libs: DYLD_LIBRARY_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/cryptolink/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/cc/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/config/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/log/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/util/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/util/threads/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/exceptions/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/datasrc/.libs:$DYLD_LIBRARY_PATH PYTHONPATH=:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/log_messages:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/cc:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/log:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs TESTDATA_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests/testdata TESTDATA_WRITE_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests HAVE_SHARED_MEMORY=yes B10_FROM_BUILD=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build /Local/Users/jreed/opt/pkg/bin/python3.1 /b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests/$pytest make[8]: * [check-local] Error 139 I am not able to reproduce it locally (on Fedora 20). On macmini, it is not reproducible with a static build with GCC. It only seems to happen with static builds with clang++.

3346

task

1393001449172503

1393001449172503

logging

medium

shane

new

Revisit logging design

This ticket documents a proposed synthetic benchmarking for research purposes. We use log4cplus where each process logs directly. This was chosen for performance reasons, but we have had a lot of problems getting logging to be free of concurrency problems, in spite of our extra-careful locking. We should benchmark an approach that sends data to a centralized logging task to see what the performance implications are. Ideally we should check a few different secondary storage approaches: 1. Normal spinning disks 2. Solid-state disks (SSD) 3. RAM disk (for best-case/worst-case measurement) We should also check with no concurrent logging, mild concurrent logging, and massively concurrent logging.

3348

task

1393247594986355

1393247594986355

perfdhcp

medium

tgoehler

New Tasks

new

perfdhcp providing first DUID not working

providing a starting duid like perfdhcp 6b duid=‘00030001000d00000000’ r 1R 10 T perfdhcp-data/v6/solicit.hexO17 2000::100:1 does not work. it is just counting up the DUID gven from the template file. using the syntax like duid=00:03:00:01:00:0d:00:00:00:00:00 doesn’t work either. have you a hint of what format to enter the DUID using the -b switch? thx Torsten

3349

enhancement

1393247912718141

1396346133891204

perfdhcp

medium

tgoehler

New Tasks

new

perfdhcp randomized MAC at multiple offsets

we like to simulate cable modems to come up. A DHCP DISCOVER from a cable modem has the MAC Address at 3 positions. Client Identifier offset 28 option 61 and option 82:2 perfdhcp seems to support randomizing the MAC only at one point in the DISCOVER packet. is there a way of copying this MAC also to option 61 and 82:2 of the packet or just to give additional offsets of where to put this MAC too? thx Torsten

3354

enhancement

1393515828940921

1393536730221608

dhcp-ddns

medium

tmark

New Tasks

new

Add bool configuration parameters to enable/disable forward and reverse updates to D2

Under 3341, udpates in a given direction were made configurable by whether or not there were any DDNS domains defined for that direction. An improvement on top of that would be to add explicit flags to enable or disable a given direction. This would allow toggling updates on or off, while leaving domain configuration in-tact. This will require adding values to the appropriate parsers, unit tests etc.

3355

defect

1393528456541634

1393528456541634

configuration

medium

tmark

New Tasks

new

Add method to recreate dhcp::CfgMgr singleton instance

In order to ensure cleaner, more reliable testing it would be extremely helpful to be able to replace CfgMgr singleton instance with a newly created one. With increasing complexity of configuration of the servers that use this class (Kea4,6, and D2), it is increasingly error prone to “reinitialize” CfgMgr to known state for testing.

3356

defect

1393852289277929

1393852289277929

dhcp-ddns

medium

tmark

DHCP-Kea0.9

new

DDNS TTL value is does not meet 4702, Section 5

Currently the value used as TTL in DNS RRs is TTL directly from the lease (valid lease lifetime). Per 4702/Section 5 it should be be: RR TTL = ((lease TTL / 3) < 10 minutes) ? 10 minutes : (lease TTL / 3)

3357

enhancement

1393941139933884

1397640730796484

dhcp

medium

tomek

DHCP Outstanding Tasks

new

Merge DHCPv4-over-DHCPv6 into Kea repo

Prof. Yong Cui’s team (Qi Sun, Cong Liu) developed DHCPv4-over-DHCPv6 solution that is based on Kea code that was released 9 months ago (bind10-1.1.0). The goal of this ticket is to improve the code, fill in missing gaps and then merge it into Kea master. Marcin and Tomek will do a detailed review and will put it here. The code is available here: https://github.com/gnocuil/DHCPv4oDHCPv6 ISC comment: assigning this ticket to 0.9-alpha with medium quality, even though it is not needed for 0.9-alpha release, currently planned for end of March (not needed in a sense that we can still go with the alpha release even if this ticket is still open). It is not possible right now to determine how long it will take to merge the code. If we somehow manage to do it before 0.9-alpha, great. If not, we’ll merge it after and include the code in 0.9-beta.

3361

defect

1394031735348039

1394031735348039

dhcp

medium

jreed

New Tasks

new

document hooks configuration and libreload for DHCP commands

I saw #2981 is for configuring hooks but I don’t see docs. Please add documentation for administrators for libreload command and hooks-libraries and hooks-library configurations. These can be briefly added to ./src/bin/dhcp6/b10-dhcp6.xml and ./src/bin/dhcp4/b10-dhcp4.xml (see ./src/bin/auth/b10-auth.xml for example documentation) and with more detail and explanations and examples if needed to ./doc/guide/bind10-guide.xml

3363

defect

1394051566235448

1396966655213886

dhcp-ddns

medium

tmark

tmark

DHCP-Kea0.9

accepted

D2UpdateMgr should check both DHCID and IP address when scheduling jobs

D2UpdateMgr::pickJob currently skips over requests for whose DHCID a transaction is already in progress. It should also check the request IP address. If Kea sends a CHG_REMOVE followed by a CHG_ADD for the same IP address but for different FQDNS, they might be worked worked concurrently. This can happen if a client changes host names.

3366

defect

1394118806441655

1394118806441655

Unclassified

very low

jreed

New Tasks

new

include examples/ in the distfiles (in tarball)

Use EXTRA_DIST or other to include all the examples/ in the tarball.

3367

defect

1394119686971651

1394119771850561

dhcp4

medium

wlodekwencel

DHCP-QA Defects

new

incorrect values of ciaddr

According to RFC 2131 (Table 3 page 29) Value of ‘ciaddr’ field in messages: DHCP_OFFER and DHCP_NAK should always be 0.0.0.0 Kea is just simply copying that value from received message. Forge tests for error reproduction: v4.message.fields.ciaddr-correct-offer v4.message.fields.ciaddr-incorrect-offer v4.message.fields.ciaddr-incorrect-nak v4.message.fields.ciaddr-correct-nak attached captures/config files/logs of listed tests.

3368

defect

1394135056814989

1394135056814989

data source

medium

jreed

New Tasks

new

sqlite nxdomain qps regression from 1.1.0 to 1.2.0beta1

I didn’t have a chance to look into this much, but opening ticket so it is not forgot. With a server with 100,000 zones of 15 records each loaded into sqlite3 database, queries that result in nxdomain had a qps regression. This is from 1.1.0 to 1.2.0beta1 largehost-sqlite3-cpus4.nxdomain 12448.86 - 3956.23 qps 68 regression<br><br>largehost-sqlite3-.nxdomain 3199.41 - 1023.14 qps 68 regression

3369

defect

1394135390395296

1394135390395296

b10-auth

medium

jreed

New Tasks

new

auth asio error messages at shutdown CC_ASYNC_READ_FAILED , AUTH_SERVER_FAILED, CC_WRITE_ERROR

I am seeing errors like the following when shutting down when using multiple auth servers. 2014-03-05 13:36:14.734 ERROR [b10-auth.cc/26975] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104) 2014-03-05 13:36:14.735 FATAL [b10-auth.auth/26975] AUTH_SERVER_FAILED server failed: asynchronous read failed 2014-03-05 13:36:14.735 FATAL [b10-auth.cc/26975] CC_WRITE_ERROR error writing data to command channel (Broken pipe) terminate called after throwing an instance of ‘isc::cc::SessionError’ what(): ASIO write failed: Broken pipe Here is a longer different example: 2014-03-05 14:05:45.769 INFO [b10-init.init/27845] BIND10_RECEIVED_SIGNAL recei ved signal SIGTERM 2014-03-05 14:05:45.769 INFO [b10-init.init/27845] BIND10_SHUTDOWN stopping the server 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_CONFIGURATOR_STOP bin d10 component configurator is shutting down 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon ent Socket creator is being stopped 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_SOCKCREATOR_TERMINATE terminating socket creator 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon ent msgq is being stopped 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon ent b10-auth is being stopped 2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b 10-auth to shut down 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon ent cfgmgr is being stopped 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking c fgmgr to shut down 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-3 is being stopped 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-3 to shut down 2014-03-05 14:05:45.771 INFO [b10-auth.auth/27855] AUTH_SERVER_EXITING exiting 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-2 is being stopped 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-2 to shut down 2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-4 is being stopped 2014-03-05 14:05:45.772 INFO [b10-auth.auth/27855] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped 2014-03-05 14:05:45.772 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-4 to shut down 2014-03-05 14:05:45.772 INFO [b10-cfgmgr.cfgmgr/27853] CFGMGR_STOPPED_BY_COMMAND received shutdown command, shutting down 2014-03-05 14:05:45.772 INFO [b10-auth.auth/27856] AUTH_SERVER_EXITING exiting 2014-03-05 14:05:45.773 INFO [b10-auth.auth/27856] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped 2014-03-05 14:05:45.774 ERROR [b10-auth.cc/27857] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104) 2014-03-05 14:05:45.774 ERROR [b10-auth.cc/27858] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104) 2014-03-05 14:05:45.775 FATAL [b10-auth.auth/27857] AUTH_SERVER_FAILED server failed: asynchronous read failed 2014-03-05 14:05:45.775 FATAL [b10-auth.auth/27858] AUTH_SERVER_FAILED server failed: asynchronous read failed 2014-03-05 14:05:45.775 FATAL [b10-auth.cc/27857] CC_WRITE_ERROR error writing data to command channel (Broken pipe) terminate called after isc:: [b10-auth.cc/27858] CC_WRITE_ERROR error writing data to command channel (Broken pipe) what(): ASIO write failed: Broken pipe terminate called after throwing an instance of ‘isc::cc::SessionError’ what(): ASIO write failed: Broken pipe 2014-03-05 14:05:46.773 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27850 of Socket creator ended with status 0 2014-03-05 14:05:46.792 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27851 of msgq ended with status 0 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27853 of cfgmgr ended with status 0 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27855 of b10-auth ended with status 0 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27856 of b10-auth-3 ended with status 0 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27857 of b10-auth-2 ended with status 6 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27858 of b10-auth-4 ended with status 6 2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete I saw this with the bind10-1.2.0beta1-release.

3371

defect

1394203989695253

1394203989695253

Unclassified

medium

jreed

New Tasks

new

update AUTHORS for DHCP/Kea developers

Currently the generic AUTHORS file is used to in ./src/lib/datasrc/Makefile.am to create the authors.bind static DNS zone. For example, see: dig @n10.isc.org t txtc ch authors.bind We should update the AUTHORS file. Should it be used for generating DNS authors.bind even for non-DNS developers? Maybe we could add some identifying tags to each name and then only generate the authors.bind static zone file for the DNS related? While here should we prune out any of the entries from authors.bind? So maybe some identifying tag that indicates is a key DNS developer and should be in authors.bind?

3372

defect

1394219352678301

1394219522473218

dhcp-ddns

medium

tmark

DHCP-Kea0.9

new

D2ClientMgr should set proper “any” address for listener based on server ip address

D2ClientMgr needs to create NameChangeUDPSenders with correct “any” address based upon the configured server address. Currently it always uses “0.0.0.0”, thus if the dhcp-ddns/server-ip value is set to an IPv6 address, the UDP sends fail. For Ipv6 it should use “::”.

3377

defect

1394835126797622

1394835126797622

dhcpconf

medium

tomek

DHCP Outstanding Tasks

new

Python-less configuration alternative

Currently Kea requires Python framework for configuration. We should evaluate alternatives that have fewer dependencies and could be used in smaller deployments.

3378

defect

1395830714964717

1395830745538181

build system

medium

UnAssigned

tmark

DHCP-Kea0.9

new

Apple LLVM compiler 5.1 (clang 5.1) command line option changes break configure script

After updating to Xcode 5.1, which includes a compiler update, I was no longer able to run “configure”. The check for the “R" compiler option succeeds even though it is no longer supported. There are two tests for it configure: 1. Checks ifWl,R is available in the linker. The result of this test is”no“, which is correct. clang outputs an error stating that R is not supported. 2. Checks ifR is available in the linker. The result of this is”yes" which is not actually correct. clang sets $? to 0 BUT there is a warning to stderr that unused option is being ignored. This second test causes the R option to be included in compile flags which causes subsequent tests for building with botan to fail. After manually altering the configure script to suppress theR, configure completes successfully, however building the project then fails with link errors. Specifically, I believe it was libdhcp’s unit tests which failed to link. So while the -R option can be suppressed it’s effect is something we need? The following is an excerpt from Xcode 5.1 release notes: The Apple LLVM compiler in Xcode 5.1 treats unrecognized command-line options as errors. This issue has been seen when building both Python native extensions and Ruby Gems, where some invalid compiler options are currently specified. Projects using invalid compiler options will need to be changed to remove those options. To help ease that transition, the compiler will temporarily accept an option to downgrade the error to a warning: Wno-error=unused-command-line-argument-hard-error-in-future Note: This option will not be supported in the future. To workaround this issue, set the ARCHFLAGS environment variable to downgrade the error to a warning. For example, you can install a Python native extension with: $ ARCHFLAGS=Wno-error=unused-command-line-argument-hard-error-in-future easy_install ExtensionName Similarly, you can install a Ruby Gem with: $ ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future gem install GemName 16214764 updated

3379

defect

1396284193012161

1396285345041141

Unclassified

medium

jreed

New Tasks

new

NameDhcpv4SrvTest.respectClientDelegation failure

[ RUN ] NameDhcpv4SrvTest.respectClientDelegation fqdn_unittest.cc:256: Failure Value of: fqdn->getFlag(Option4ClientFqdn::FLAG_N) Actual: true Expected: flag_n Which is: false fqdn_unittest.cc:397: Failure Value of: d2_mgr_.getQueueSize() Actual: 0 Expected: 1 [ FAILED ] NameDhcpv4SrvTest.respectClientDelegation (2 ms) See http://git.bind10.isc.org/~tester/builder/BIND10/20140328153740-FreeBSD10-x86/logs/unittests.out This is master as of commit 70f1f297bfbaa8c2e8ad3decf92383fc550dad78 Date: Fri Mar 28 15:09:03 2014 +0100

3380

defect

1396284453783167

1396347140132105

Unclassified

medium

jreed

New Tasks

new

option6_ia_unittest.cc Called C++ object pointer is null

As seen with clang’s scan-build static analyzer: http://git.bind10.isc.org/~tester/builder/BIND10-clang-static-analyzer/20140328214701-MacOS/logs/files/scan-build/2014-03-28-1/report-Bf7Us8.html#EndPath See src/lib/dhcp/tests/option6_ia_unittest.cc line 305: EXPECT_EQ(D6O_IAADDR, addr->getType()); addr is NULL according to previous line not matching.

3381

defect

1396352035339767

1396352035339767

dhcp6

low

tmark

DHCP-Kea0.9

new

Improve allocation engine IPv6 logging to distinguish between allocation types

During review of 3080, marcin made the following comment: > Not strictly related to this work but… DHCPSRV_ADDRESS6_ALLOC_ERROR - this error message in alloc_engine is wrong because it talks about IPv6 addresses only. If you fail to allocate the prefix (not a 128 address) it is quite misleading. And it was misleading when I spotted it for the first time in the kea log file, when running system tests. > This issue is that the log message and its description are specific to address requests, yet it is used for all IPv6 allocation types. There are other log messages to which this also applies. The logging should indicate the exact nature of the failure. If you have a server which is allocating both addresses and prefixes the log message can be misleading.

3382

defect

1396354427945274

1396380388369620

dhcpdb

medium

tmark

DHCP-Kea0.9

new

Rework marshaling/unmarshaling logic in PgSqlLeaseManager to use Postgesql bind types

The code to populate the bind arrays for marshaling data to and from Postgresql should be restructured. To build bind arrays to send to Postgresql, it first builds a list of PgSqlParams by converting all input parameters to std::strings (except hwaddr, client_id, and duid), and binds them to c_str() values of these strings. This causes each parameter to be converted first by us to a string and then back to binary by Postgresql. Similarly, when retrieving data from the database, it is received as string values and then converted. Heavy use of stringstream is used in both directions. The code should be structured similar to the MySQL implementation which builds the bind arrays directly and uses the MY_SQL data types. This would eliminate the PgSqlParam layer as well as needless conversions to and from strings.

3385

defect

1396719562313345

1396719666564147

build system

medium

UnAssigned

jinmei

jinmei@wide.ad.jp

New Tasks

new

bind10 build failures

I’ve noticed bind10 as of 0ba3a23277d023da3d690875f9d95867f5cc0df4 doesn’t compile with this versions of clang++ on MacOS X Mavericks: Apple LLVM version 5.1 (clang-503.0.38) (based on LLVM 3.4svn) Target: x86_64-apple-darwin13.1.0 Thread model: posix The errors are generally trivial. I’m attaching a proposed patch to fix the issue for the above environment. For ‘unused variable’ types of errors you might want to actually use them, rather than removing them. One possibly non-trivial fix is that for dhcp/option_custom.{h,cc}. Obviously you cannot define a templated function in the .cc unless it’s only used within that file (it’s in fact used in a test). I don’t understand why it works for others, or I’m not sure my simplest fix (just moving the definition to .h) is the best way to fix this, so you may want to address it in a different way.

3387

defect

1396877151073414

1396877352872505

Unclassified

medium

jreed

New Tasks

new

IOFetchTest.TcpSendReceive65535 failure

[ RUN ] IOFetchTest.TcpSendReceive65535 io_fetch_unittest.cc:439: Failure Value of: result Actual: 1 Expected: expected Which is: 0 io_fetch_unittest.cc:454: Failure Value of: result_buff->getLength() Actual: 63518 Expected: return_data.size Which is: 65535 io_fetch_unittest.cc:462: Failure Value of: equal, return_data.end(), start) Actual: false Expected: true [ FAILED ] IOFetchTest.TcpSendReceive65535 (4501 ms) This was seen at http://git.bind10.isc.org/~tester/builder/BIND10/20140404191615-NetBSD5-i386-GCC/logs/unittests.out Only seen on NetBSD 5.2 i386 and not any other systems including not on other NetBSD systems. The problem started at 2014-01-17 02:25:02 but not previous builds.

3388

task

1397219925639277

1397219925639277

Boss of BIND

medium

g—n

New Tasks

new

Put a little note on your homepage that BIND10 is not, and cannot, be affected by “Heartbleed”.

I’d say you have every right to gloat a little here, actually. I mentioned you here: https://github.com/g—n/heartbreaking