Bug #16964

Removing ipv6 entries fails with dns_nsupdate due to name lookup

Added by Dominic Cleal over 1 year ago. Updated over 1 year ago.

Assigned To:Dmitri Dolguikh
Target version:Foreman - Team Ivan Iteration 5
Difficulty: Bugzilla link:
Found in release:1.13.0 Pull request:https://github.com/theforeman/smart-proxy/pull/465
Story points-
Velocity based estimate-
Release1.13.1Release relationshipAuto


When I try to remove the IPv6 address from a host, the smart proxy fails to update the DNS server.

  1. The dns_nsupdate proxy can't delete the IPv6 PTR record. The do_remove method in dns_nsupdate/dns_nsupdate_main.rb is calling dns_find (dns_common/dns_common.rb) which can handle only IPv4 reverse addresses. It takes the first four segments of the IPv6 address and tries a reverse lookup on them which will most likely fail (but might not). There's already a ptr_to_ip method in dns_common/dns_common.rb, using it to check whether key is a PTR should solve the problem, e.g.
    def dns_find key
      rescue Proxy::Dns::Error
    rescue Resolv::ResolvError

    I think the dns_find method should also take the record type into account. If there's an existing A, but no AAAA record and you try to delete the AAAA record it will still do it because the lookup finds the A record.
  2. Unlike the do_create method, the do_remove method does not have an ensure block which closes the forked nsupdate process. If the exception is triggered (which happened to me because of 2.) then you end up with a lot of nsupdate zombie processes.

Related issues

Blocked by Packaging - Bug #16981: Bump up the version of ruby in xenial to 2.3.1 Closed 10/18/2016
Copied from Foreman - Bug #16952: Removing ipv6 entries does not pass record type (AAAA) to... Closed 10/14/2016

Associated revisions

Revision 78da2d1e
Added by Dmitri Dolguikh over 1 year ago

Fixes #16964 - Proxy::Dns::Record#dns_find works with ipv6 params


#1 Updated by Dominic Cleal over 1 year ago

  • Copied from Bug #16952: Removing ipv6 entries does not pass record type (AAAA) to smart proxy added

#2 Updated by The Foreman Bot over 1 year ago

  • Status changed from New to Ready For Testing
  • Assigned To set to Dmitri Dolguikh
  • Pull request https://github.com/theforeman/smart-proxy/pull/465 added

#3 Updated by Robert Frank over 1 year ago

I've applied the changes in the pull request and they didn't work. Removing both, A, and AAAA FQDNs fail with a "Cannot find DNS entry for ...".
The regex fail to match the addresses returned by the resolver:

found = should_match.nil? ? addresses.first : addresses.find {|a| a =~ should_match}

always returns nothing, I suspect it's because a is either an Resolv::IPv4 or Resolv::IPv6 class and not a string.
Changing the line to
found = should_match.nil? ? addresses.first : addresses.find {|a| a.to_s =~ should_match}

seems to solve the problem for both A and AAAA records.

#4 Updated by Dominic Cleal over 1 year ago

  • Blocked by Bug #16981: Bump up the version of ruby in xenial to 2.3.1 added

#5 Updated by Anonymous over 1 year ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#6 Updated by Ivan Necas over 1 year ago

  • Target version set to Team Ivan Iteration 5

Also available in: Atom PDF