Project

General

Profile

Actions

Bug #16964

closed

Removing ipv6 entries fails with dns_nsupdate due to name lookup

Added by Dominic Cleal over 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
DNS
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

When I try to remove the IPv6 address from a host, the smart proxy fails to update the DNS server.

  1. The dns_nsupdate proxy can't delete the IPv6 PTR record. The do_remove method in dns_nsupdate/dns_nsupdate_main.rb is calling dns_find (dns_common/dns_common.rb) which can handle only IPv4 reverse addresses. It takes the first four segments of the IPv6 address and tries a reverse lookup on them which will most likely fail (but might not). There's already a ptr_to_ip method in dns_common/dns_common.rb, using it to check whether key is a PTR should solve the problem, e.g.
    def dns_find key
      begin
        resolver.getname(ptr_to_ip(key)).to_s
      rescue Proxy::Dns::Error
        resolver.getaddress(key).to_s
      end
    rescue Resolv::ResolvError
      false
    end
    

    I think the dns_find method should also take the record type into account. If there's an existing A, but no AAAA record and you try to delete the AAAA record it will still do it because the lookup finds the A record.
  2. Unlike the do_create method, the do_remove method does not have an ensure block which closes the forked nsupdate process. If the exception is triggered (which happened to me because of 2.) then you end up with a lot of nsupdate zombie processes.

Related issues 2 (0 open2 closed)

Blocked by Packaging - Bug #16981: Bump up the version of ruby in xenial to 2.3.1Closed10/18/2016Actions
Copied from Foreman - Bug #16952: Removing ipv6 entries does not pass record type (AAAA) to smart proxyClosedTimo Goebel10/14/2016Actions
Actions #1

Updated by Dominic Cleal over 7 years ago

  • Copied from Bug #16952: Removing ipv6 entries does not pass record type (AAAA) to smart proxy added
Actions #2

Updated by The Foreman Bot over 7 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Anonymous
  • Pull request https://github.com/theforeman/smart-proxy/pull/465 added
Actions #3

Updated by Robert Frank over 7 years ago

I've applied the changes in the pull request and they didn't work. Removing both, A, and AAAA FQDNs fail with a "Cannot find DNS entry for ...".
The regex fail to match the addresses returned by the resolver:

found = should_match.nil? ? addresses.first : addresses.find {|a| a =~ should_match}

always returns nothing, I suspect it's because a is either an Resolv::IPv4 or Resolv::IPv6 class and not a string.
Changing the line to
found = should_match.nil? ? addresses.first : addresses.find {|a| a.to_s =~ should_match}

seems to solve the problem for both A and AAAA records.

Actions #4

Updated by Dominic Cleal over 7 years ago

  • Blocked by Bug #16981: Bump up the version of ruby in xenial to 2.3.1 added
Actions #5

Updated by Anonymous over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #6

Updated by Ivan Necas over 7 years ago

  • Target version set to 1.4.1
Actions

Also available in: Atom PDF