bundy

* Modular * Extensible * Friendly *

Old BIND 10 trac ticket database

Below is a table created from the trac SQLite3 database containing the status from April 2014. The HTML table only contains the non-closed tickets, but the CSV-File contains the whole dataset.

We're manually migrating the open tickets over into the github ticket system. If you want to help with this work, please let us know on the mailing list.

CSV-Versions of the BIND 10 ticket database: bind10-201404-tickets.csv.gz

id type time changetime component severity priority owner reporter cc version milestone status resolution summary description keywords
56 enhancement 1267141993000000 1329823707585229 libdns++ low UnAssigned jinmei assigned revisit rdata::compareNames() we may want to move rdata::compareNames() to the name module (name.{h.cc}),
and may even want to make it a member function of the Name class.

Opinions vary, but not critical, so we’ll revisit this as a post-year1 thing.

see also http://bind10.isc.org/ticket/48
78 task 1268145199000000 1329304126421309 build system low jreed jreed assigned use py-compile for the src/bin python programs I am committing improvements for Makefile.am for the src/lib/python modules so they will use the py-compile. Get that by doing “autoreconf —install”. This makes it so the installation gets the compiled pyc and pyo optimized versions.

Next part is to handle the src/bin/ python programs, but some go to libexec. I am opening this ticket as a reminder to do this sometime later.
81 enhancement 1268404649000000 1384857722783308 bind-ctl low jreed new non-interactive bindctl with commands on shell command line Please extend bindctl to offer non-interactive support, such as shell command line:

$ bindctl config Auth/databasefile path_to_file
102 enhancement 1268858126000000 1391267820368510 Unclassified low jreed new reporting versions Make sure all executables report versions.

And have bind10 report versions for all its managed components when running modules as daemons or justy to get versions without running serbices.
134 defect 1270562244000000 1394116188229075 Boss of BIND low UnAssigned jreed DNS Outstanding Tasks assigned Boss more careful shutdown I had an b10-xfrout running since March 23 (with nothing else using it). I couldn’t kill it except with SIGKILL.

Here is a bind10 shutdown (for a different xfrout):

Sending SIGTERM to b10-xfrout (PID 1267).
Sending SIGTERM to b10-cfgmgr (PID 15979).
Process b10-cfgmgr (PID 15979) died.
Sending SIGKILL to b10-xfrout (PID 1267).
Process b10-xfrout (PID 1267) died.

This ticket is opened to track down why b10-xfrout won’t exit on its own.
189 enhancement 1274278300000000 1330701629241613 Unclassified low jreed jreed assigned install pkg-config .pc files for libdns, libexceptions, others
194 task 1274419118000000 1300972860628475 xfrin medium UnAssigned jinmei new RR class for xfrin should be specifiable Right now we can only specify the zone name via the command channel for xfrin.

At least the RR class (whose default should be IN) should be able to be specified. If/when we support something like views, the view name should also be specifiable.

See also trac #185 and r1889.

I’ll keep this ticket in the backlog.
208 enhancement 1274910195000000 1300972860628475 Unclassified low jinmei new make b10 programs runnable standalone For convenience of dvelopment we should:
- allow individual b10-xxx programs in a stand alone mode
- (to do this) add some kind of option to bypass the need for establishing a connection to msgq
- (also to do this) if/when we develop a separate socket creator process, add some kind of option so that each b10-xxx program can directly open the necessary sockets (we should provide some abstraction to mimize the work at the client side and to avoid code duplication)

A backlog item.
212 enhancement 1275285934000000 1394116215928464 Boss of BIND low shane Common Outstanding Tasks new Move everything but main() and signal handling to separate file for BoB At some point it was decided to move everything possible out of the Python .in file. I don’t remember the reason for this, but it is so. This may or may not be related to ticket #24.
230 enhancement 1275944895000000 1394116237014355 Boss of BIND medium larissas Common Outstanding Tasks new BoB Sequenced Startup BoB: do not start other processes until specific processes are started (sequenced startup) (3 days) (Task 93)
236 enhancement 1276134964000000 1329313637893391 xfrout low UnAssigned zhanglikun new Rename UNIX_SOCKET_FILE and libxfr This ticket derives from ticket #224. Following is Jelte’s comment.

Only comment is that I think UNIX_SOCKET_FILE is a bad name, since this is specifically for libxfr (which is also a bad name imho). But that may be another ticket (and i want to get the python wrappers merged first, so I suggest we create a separate ticket for this). Oh and while we’re at it, should that be a configurable value or do we consider this ‘core and unchanging’?
237 task 1276617475000000 1276617475000000 bind-ctl low jreed new more unittests for bindctl The following don’t appear to receive any testing:

src/bin/bindctl/mycollections.py
replacement for OrderedDict?

src/bin/bindctl/bindctl-source.py (.in) This is the tool itself.
I’d like to change the original source file name too.
239 task 1276617843000000 1392912273398470 loadzone low jreed DNS Outstanding Tasks new need more unittests for loadzone need tests for src/bin/loadzone/b10-loadzone.py
and maybe also src/bin/loadzone/init.py
240 task 1276617887000000 1276617887000000 cmd-ctl low jreed new need tests for src/bin/usermgr/b10-cmdctl-usermgr.py src/bin/usermgr/b10-cmdctl-usermgr.py needs unit tests
243 enhancement 1276766664000000 1364222734133948 configuration low UnAssigned jelte assigned Put spec files together in source tree Originally, the idea of the .spec file was to have one single thing that a new module could simply send to the configuration manager or other interested software pieces, that described what the module expects and can handle in terms of commands an configuration.

The idea was that on startup, it reads in this file, sends it to ConfigurationManager, and all would be fine. However, we’re running into a few snags.

One is that other modules might need a configuration value of another module (e.g. xfrin needs the location of the database_file from auth right now, this example may change in the future but there will probably be others). For that we have the add_remote_config() and get_remote_config_value() functions in CCSession.

However, since the only real fixed pointer to what may be in the config is this spec file, the module wanting data from another must have access to it. Which isn’t necessarily a problem, but the location of the file might be when we run from source tree (in which case all spec files are in different locations, and we now end up with hardcoded src/bin/auth paths etc.).

Another thing that arised is that we might need to change configuration of modules that aren’t running, and while we can do that now, there is no checking done on the values. If we wanted to do that, we’d have to hand-add all specfile locations or do some scary recursive directory search.

Therefore I propose to put all spec files in the source tree in one specific directory (like they would be when installed), so the manager can simply read all of them out, and the modules only need to know the file name, not the location.

This would also be a nice first step to have ‘offline’ access to these things (the API that loadzone would (perhaps indirectly) use for instance)
282 task 1278425871000000 1329397512026858 data source medium larissas new BDB style Datasource Task #9 from Face to Face BDB style Datasource
including the config file and tests
287 enhancement 1278701543000000 1330430993084351 Inter-module communication medium UnAssigned jinmei assigned revisit cc::Session establish/disconnect mode [background: a review comment in Trac #275:
http://bind10.isc.org/ticket/275#comment:7]

We may have to revist the C++ API of how to establish cc::Session:

- we should clarify who is responsible for establishing the session, especially if the session object is passed to a different module
- we may want to detect an attempot of doubly establishing a session
- same for disconnect
- same for other operations that require an established session: send/receive, etc. should we support automatic session establishment?

Another planned refacotring with a generalized ASIO link may affect the design decision on these.

A backlog item.
295 defect 1280254567000000 1392999357289824 data source low UnAssigned jreed DNS Outstanding Tasks assigned allow loadzone/datasrc to support different classes The python code at src/lib/python/isc/datasrc/master.py has


if rrclass.lower() != ‘in’:
raise MasterFileError(“CH and HS zones not supported”)


Even when commented out, b10-loadzone will load a CH zone as IN.
317 enhancement 1282609695000000 1300972860628475 libdns++ low UnAssigned jinmei assigned suggested cleanups for the python bindings of libdns++ - we should use stricter compiler warnings
- we should use unnamed namespace instead of translation unit (.cc)specific static variables and functions
some method functions can be more “constified”. for simple functions like those in these wrappers this may not be a big deal, but it’s generally a good idea.
318 defect 1282744988000000 1329406398663530 Unclassified low stephen stephen assigned MSVC+ detected errors and warnings in libdns+ I’ve run the libdns+ code in revision 2798 of the trunk through the Microsoft Visual C+ compiler and it has thrown up a number of warnings and errors. Those that are relevant to the Unix version of BIND are listed below; the more Windows-specific erors (e.g. use of a function for which there is no equivalent in Windows) will be the subject of another ticket.


‘’’src/lib/dns/rdata/generic/dnskey_48.cc’‘’
’‘DNSKEY::DNSKEY (!InputBuffer& buffer, size_t rdata_len)’‘

uint16_t protocol = buffer.readUint8();
uint16_t algorithm = buffer.readUint8();

The declarations should be uint8_t. These variables are passed to the constructor of DNSKEYImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘DNSKEY::getTag()’‘

for (int i = 0; i < size; i ++)

Compiler warns about a signed/unsigned comparison mismatch (size is declared as size_t).

’‘’src/lib/dns/rdata/generic/ds_43.cc’‘’
’‘DS::DS (!InputBuffer& buffer, size_t rdata_len)’‘

uint16_t protocol = buffer.readUint8()
uint16_t algorithm = buffer.readUint8()

The declarations should be uint8_t. These variables are passed to the constructor of DSImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘’src/lib/dns/rdata/generic/nsec3param_51.cc’‘’
’‘NSEC3PARAM::NSEC3PARAM(const string& nsec3param_str)’‘

uint16_t hashalg, flags, iterations

hashalg and flags should be declared uint8_t. These variables are passed to the constructor of NSEC3PARAMImpl (which expects them as uint8_t) and the compiler warns about the conversion of a uint16_t to a uint8_t.

’‘’src/lib/dns/rdata/generic/nsec3_50.cc’‘’
’‘NSEC3::NSEC3(!InputBuffer& buffer, size_t rdata_len)’‘

for (int i = 0; i < typebits.size(); i += len)
if (i + 2 > typebits.size())

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC3::toText()’‘

for (int i = 0; i < impl->typebits.size(); i += len)
assert(i + 2 <= impl->typebits.size())

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC::NSEC (!InputBuffer& buffer, size_t rdata_len)’‘

for (int i = 0; i < rdata_len; i += len)
if (i + 2 > rdata_len)

and

if (i + len > rdata_len)

Compiler warns about a signed/unsigned comparison mismatch.

’‘NSEC::toText()’‘

for (int i = 0; i < impl->typebits.size(); i += len)
assert(i + 2 <= impl->typebits.size());

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/rdata/generic/rrsig_46.cc’‘’
’‘RRSIG::RRSIG (const string& rrsig_str)’‘

uint32_t timeexpire = timeFromText(expire_txt);
uint32_t timeinception = timeFromText(inception_txt);

timeFromText returns a time_t value. Under Windows, time_t is 64 bits, so the compiler is warning about a possible loss of data. (Suggestion: as the value of the inception and expiration times in an RRSIG are defined to be unsigned 32-bit values, altering the return type of the timeFromText() function would seem to be a better fix than changing the data types of timeexpire and timeexception.)

’‘’src/lib/dns/rdata/generic/txt_16.cc’‘’
’‘TXT::TXT (!InputBuffer& buffer, size_t rdata_len)’‘

if (rdata_len < len + 1)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/rdata.cc’‘’
’‘Generic::Generic(const string& rdata_string)’‘

while (!iss.eof() && data.size() < rdlen)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/name.cc’‘’
’‘Name::toText(bool omit_final_dot)’‘

assert(np_end - np >= count);

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/message.h’‘’
message.h forward declares !MessageImpl as a struct but message.c defines it as a class. The compiler warns about the mismatch.

’‘’src/lib/dns/message.cc’‘’
’‘MessageImpl::parseQuestion(!InputBuffer& buffer)’’

for (unsigned int count = 0;
count < counts;
}}

Compiler warns about a signed/unsigned comparison mismatch.

‘’MessageImpl::parseSection(const Section& section, !InputBuffer& buffer)’’

}}

Compiler warns about a signed/unsigned comparison mismatch.


‘’’src/lib/dns/dnssectime.cc’‘’
’‘timeFromText(const string& time_txt)’‘

for (int i = 0; i < time_txt.length(); ++i)

Compiler warns about a signed/unsigned comparison mismatch.

’‘’src/lib/dns/messagerenderer.c’‘’
’‘MessageRenderer::writeName(const Name& name, const bool compress)’’

}}

This gives an error because notfound is declared as:

}}

… but nodeset
.end() has type:

std::set::const_iterator
321 defect 1282937323000000 1392811230882602 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned b10-auth doesn’t handle mixture of DNAME and NS See trac #70.

Assume a b10-auth server has authority for the zone “jinmei.org”, which has the following RRs in its data source:


sec.jinmei.org. 600 IN NS ns.sec.jinmei.org.
3600 IN DNAME example.com.


(Note: this is an invalid zone configuration.)

In this case, BIND 9 ignores the NS and exclusively use DNAME for names equal to or under sec.jinmei.org. BIND 10 still returns a NS referral if we ask for sec.jinmei.org/NS.

There are several problems around this symptom:

- naively accepting such a broken configuration at parse/load time may not be a good thing anyway (in this sense BIND 9 is also not really good)
- but specifically for BIND 10, since the underlying data source may be non captive, the middle layer of the data source module cannot always assume the data stored in data sources is valid anyway. what should we do?
- if we decide to accept this type of half-broken configuration, what should b10-auth return? We could add yet another if-block in the data source code to deal with this case, but, personally, I (jinmei) feel the data source code is already messed up with many such case-by-case fixes and has become to complicated to comprehensive and maintain. So I’d rather solve this issue by revisting the whole logic and refactoring the code cleanly (though I’m not sure if it’s a realistic path)
337 defect 1284522582000000 1392837346027656 Unclassified medium UnAssigned zhanglikun DNS Outstanding Tasks assigned Expired zone should not be served Currently, when zonemgr expires one zone, auth/xfrout module doesn’t know it, so, the expired zone is still served. There should be one way to mark the zone.
339 defect 1284534918000000 1392917332918612 secondary manager medium zzchen_pku DNS Outstanding Tasks new Provide one way to see the current data for each zone managed by zonemgr There should be one way to see the current counters/timers and other data for each zone managed by zonemgr.
359 defect 1286199011000000 1286199011000000 msgq low jreed new msqg report component when problem
[b10-msgq] Closing socket fd 10
[b10-msgq] Receive error: EOF


Please have msgq report what component(s) it has problems with.
360 defect 1286201348000000 1398197202330131 msgq medium UnAssigned jreed Sprint-20131001 reviewing socket.error: AF_UNIX path too long
bash-3.00$ ./install/libexec/bind10-devel/b10-msgq —verbose
[b10-msgq] MsgQ v20091030 (Paving the DNS Parking Lot)
Traceback (most recent call last):
File “./install/libexec/bind10-devel/b10-msgq”, line 436, in
setup_result = msgq.setup()
File “./install/libexec/bind10-devel/b10-msgq”, line 171, in setup
self.setup_listener()
File “./install/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener
raise e
File “./install/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener
self.listen_socket.bind(self.socket_file)
socket.error: AF_UNIX path too long


(same with gcc or sunstudio build)
361 defect 1286202337000000 1286202337000000 msgq low jreed new msgq too noisy if missing directory for socket file
[bind10] Started b10-msgq (PID 20052)
Traceback (most recent call last):
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 436, in
setup_result = msgq.setup()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 171, in setup
self.setup_listener()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 157, in setup_listener
raise e
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-msgq”, line 150, in setup_listener
self.listen_socket.bind(self.socket_file)
socket.error: [Errno 2] No such file or directory

Traceback (most recent call last):
File “/home/reed/opt/bind10/sbin/bind10”, line 766, in
main()
File “/home/reed/opt/bind10/sbin/bind10”, line 717, in main
startup_result = boss_of_bind.startup()
File “/home/reed/opt/bind10/sbin/bind10”, line 302, in startup
c_channel.process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill
self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process


Maybe msgq should create missing directory if needed. If that is the case maybe the socket file name should be separated into directory name and the basename.
379 task 1287428822000000 1295969570512122 configuration medium UnAssigned jreed assigned item descriptions for module specs Add item_description for self-documenting specification items. We already have command_description and module_description.
385 enhancement 1287776615000000 1287776615000000 bind-ctl low vorner new More convenient configuration interface Currently, config show displays only one item, even if it has subitems. It would be more convenient if some kind of dump command produced a recursive representation of the whole item with descendants (for example in JOSN).

Furthermore, setting up items one by one by commands is inconvenient as well. If there was a command that launched editor on the JOSN representation and let the user edit it. After exiting the editor, it could check syntax, if it was OK, store it, if not, ask him to edit it again.
391 enhancement 1288097361000000 1362157351512503 cmd-ctl low zhanglikun new Make it harder to do dictionary attacks for cmdctl. This is the suggestion from Jerry Scharf. Add a 1-2 second delay before the response on a login failure. This makes it harder to do dictionary attacks.
392 defect 1288100826000000 1392917342653335 secondary manager low jinmei DNS Outstanding Tasks new Xfrin.publish_xfrin_news is not tested explicitly According to the coverage tool the case of xfr_result == XFRIN_OK isn’t tested. I also suspect the failure case just happens to be covered as a side effect of other test. We should test this method expliclty.
398 enhancement 1288221488000000 1300972860628475 Unclassified low jinmei new we should use more specific tests than EXPECT_TRUE See http://bind10.isc.org/ticket/365#comment:8

In general, when we do

EXPECT_TRUE(a b);


it’s better to be changed to:

EXPECT_(a, b);


because when the test fails the latter will provide more detailed information (the values of a and b).
406 enhancement 1288921672000000 1392812405749819 xfrout medium UnAssigned zzchen_pku DNS Outstanding Tasks assigned Improve Xfrout unittest coverage Add more unittest for Xfrout.
460 defect 1293580156000000 1394116778962443 b10-auth low jinmei DNS Outstanding Tasks new constructors of b10-auth and b10-recurse are not exception safe It should be obvious from the code.


AuthSrv::AuthSrv(const bool use_cache, AbstractXfroutClient& xfrout_client) :
impl),
checkin
(new ConfigChecker(this)),
dns_lookup),
dns_answer
(new MessageAnswer(this))
{}


Consider the case the allocation for checkin_ fails.

Recursor::Recursor() has the same problem.
486 enhancement 1295044100521580 1392913290884624 resolver low shane DNS Outstanding Tasks new De-duplication of client queries
490 enhancement 1295045246664093 1392913263487822 resolver low shane DNS Outstanding Tasks new Handle packet errors from clients Handle packet errors from clients
500 enhancement 1295047841160192 1392913236706074 resolver low shane DNS Outstanding Tasks new Query tracing (design) Query tracing

* design (task V)
511 enhancement 1295272062607065 1379676478009811 statistics medium UnAssigned stephen assigned Get list of authoritative domains Part of the work required to instrument the authoritative server to collect per-zone data.
514 enhancement 1295364508294539 1394116250390967 Boss of BIND low jreed DNS Outstanding Tasks new allow both the resolver and auth to run at same time bind10 should allow both the resolver and auth to run at same time.
For now they can listen on different address(es) or ports.
520 defect 1295544388306086 1396529218985091 xfrin low jinmei DNS Outstanding Tasks new xfrin/zonemgr should handle command responses appropriately This is a continuation of #516. We need to do a few more things on top of
the urgent care fix:

- We need more complete tests for the problem of #516.
- xfrin and zonemgr should check the command response and take appropriate
action, especially if the response indicates an error

We should probably consider further extensions, too:
- extend command spec to indicate whether it requests a response
(see a review comment of #516)
- making communication over CC channels asynchronous

But these will even be beyond the scope of this follow up ticket.
525 enhancement 1295586131506860 1391488011554849 libdns++ medium UnAssigned jinmei assigned handle “singleton” RR types Some types of RRs are “singleton”, i.e., only one RR of such type
can exsit in the RRset for the tuple.

It would be useful to provide an API that takes an RR type and returns
if it’s singleton or not.

It may also make sense to modify RRset::addRdata() so that it rejects
adding more than one RDATA for single types of RRs.

See also Trac #504.
528 enhancement 1295712778466636 1322007216658740 configuration medium UnAssigned smann assigned getopt() c-lib function should be replaced with boost::program_options C++ function Throughout the BIND 10 C++ code, getopt is used (probably because it is portable). But this raises an inconsistency in the command line options since getopt() cannot handle long options (e.g. —user=foo) while the python getopt() function can. Further, boost::program_options provides a fairly abstract mechanism for retrieving key/value pairs from either the command line or a file. See http://www.boost.org/doc/libs/1_45_0/doc/html/program_options.html for details.
531 defect 1295902288990249 1295902288990249 msgq low jreed new msgq not exiting When cfgmgr couldn’t access config file,



bind10 20101129 (BIND 10 20110120)
[bind10] Checking for already running b10-msgq
[bind10] Starting b10-msgq
[bind10] Started b10-msgq (PID 26636)
[bind10] Starting b10-cfgmgr
[bind10] Started b10-cfgmgr (PID 8593)
[b10-cfgmgr] Can’t read configuration file: [Errno 13] Permission denied: ‘/home/reed/opt/bind10/var/bind10-devel/b10-config.db’
[b10-msgq] Closing socket fd 5
[bind10] Starting ccsession


… instead of waiting for this to timeout, I pressed Ctrl-C, resulting in:


[b10-msgq] Receive error: EOF
C[bind10] Received SIGINT.
killing started processes:
- b10-cfgmgr
Traceback :
File “/home/reed/opt/bind10/sbin/bind10”, line 544, in startup
self.start_all_processes
File “/home/reed/opt/bind10/sbin/bind10”, line 487, in start_all_processes
self.start_ccsession
File “/home/reed/opt/bind10/sbin/bind10”, line 378, in start_ccsession
self.ccs.start
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 164, in start
C[bind10] Received SIGINT.
self.request_config
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 338, in
request_config
raise ModuleCCSessionError(“No answer from configuration manager”)
isc.config.ccsession.ModuleCCSessionError: No answer from configuration manager

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/reed/opt/bind10/sbin/bind10”, line 899, in
main()
File “/home/reed/opt/bind10/sbin/bind10”, line 838, in main
startup_result = boss_of_bind.startup()
File “/home/reed/opt/bind10/sbin/bind10”, line 546, in startup
self.kill_started_processes()
File “/home/reed/opt/bind10/sbin/bind10”, line 263, in kill_started_processes
self.processes[pid].process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill

self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process
t1:bind10$ [b10-msgq] Closing socket fd 4
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 5
[b10-msgq] Receive error: EOF



What happened in the above is that everything was exited except msgq, it was left running so next time starting bind10 failed due to


[bind10] Checking for already running b10-msgq
[bind10] Error on startup: b10-msgq already running, or socket file not cleaned , cannot start


If I do let it timeout on its own, bind10 just exit everything including b10-msgq.

(Please ignore the permission denied in the above output; that is unrelated to my problem.)

Also why SIGKILL?
532 enhancement 1295954356511535 1392913219301581 resolver medium jelte DNS Outstanding Tasks new refactor resolver/asio interface While probably not strictly necessary, I think this would be a good moment to make an actual resolver ‘library’, and move resolver-specific code out of asiolink. This may even be necessary for #494 (or at the very least very useful).

See the thread at https://lists.isc.org/pipermail/bind10-dev/2011-January/001848.html

Theoretically, this would mostly involve renaming and moving classes and methods, but there are inevitably going to be some hairy details around asio.
535 enhancement 1296066983705468 1392913526161945 resolver low stephen DNS Outstanding Tasks new Aggregate NSAS HashTable and LruList classes Both the NSAS and the main resolver cache use the NSAS LruList classes. In both cases, the hash table is used to store/locate objects and the LRU list used to track and remove expired objects.

It would make sense to:
* Create a single class that contains both the hash table and LRU list, and provide methods that do common processing, e.g. provide the hash table search function that automatically updates the position of the object in the LRU list if a match is found. (It also means that possible optimisations - such as using multiple LRU lists in multi-threaded applications - could be implemented without changing client code.)
* Extract the code away from the NSAS into a separate library.
538 task 1296075787210206 1392825387586453 Unclassified low UnAssigned vorner DNS Outstanding Tasks assigned Make isc::dns::Name reside in continuous block of memory. We have a lot operations with Names in the code, comparing names takes 16% of runtime, which is mostly caused by cache misses.

The amount of cache misses could be lowered by factor of at last 3 if the whole Name and it’s data resides in one continuous block of memory (it will be either retrieved as a single cache line or at last predicted by CPU prediction heuristics).

It can be accomplished for example by not using stl string and vector, but C strings and arrays. The memory can be allocated before calling the actual constructor, passing the pointer to memory both to new and using pointer arithmetics on this pointer in constructor to place the actual data behind it. The constructor should not be directly visible then and a wrapper function would have to be used to hide this, possibly error-prone, logic.

As this is quite a lot of work, we should try handling the easier tasks first and see if it helps enough. Therefore I’m giving it a lower priority.
539 task 1296076487976341 1344438678460379 Unclassified low UnAssigned vorner assigned Hash-based name compression Name compression is expensive operation (isc::dns::MessageRenderer::writeName with it’s inlined functions takes 16% of our runtime (this includes NameCompare::operator() and NameCompare::nextPosition). The isc::dns::OutputBuffer::operator[] is used a lot inside these functions, which increases the cost of it even more).

There’s idea to store positions of all already written names and suffixes of them to a hash table. When a new name is to be written, the hash table is queried first to see if it is already there. If yes, the address is taken and written. If not, the first label is written and noted into the hash table, then it is repeated with next label.

It would be nice to get the hashes precomputed form the names. They can be provided by the datasource for example, or whenever the hash is needed, it is cached in the Name and if two names are compared and one does not have the cached hashes, while the other does, the ones for common parts are copied.

This is a largish task, maybe we can put it off after we try the simpler ones.
540 task 1296077081317778 1330431286583890 Unclassified medium UnAssigned vorner assigned Explore ways to eliminate extra shared_pointers in hot path We spend 8% of runtime in boost::detail::shared_count::~shared_count(), which is related to shared pointers. Therefore it would be good to find the ones on the hot path (the one where normal processing happens and have the biggest impact on performance) which are not needed and eliminate them (or create additional tasks for each of them).

Possible situations include:
* It is completely unnecessary.
* std::auto_ptr would be enough.
* Candidate for using a memory pool idea. We have a block of memory. Each time we need a temporary variable, we just take it from the block. Once we finished a query, we „drop“ the whole block (reset the position where we take the memory from to the beginning). It is faster because:
- We don’t need to call destructors at all.
- We don’t need to care when we should run the destructors (counting references, etc).
- The memory we use a lot is located close together, which is better for CPU caches and TLBs.
543 task 1296121589023721 1330115503339365 data source medium vorner new Chaining of CNAMEs in in-memory data-source. Currently only the CNAME itself is returned to client if the in-memory datasource is used. The CNAME should be followed and the answer at the end returned as well if it is available in the same zone (or, in the datasource).

Note that this could solve itself when we merge datasource APIs together.
546 enhancement 1296213153077274 1300972860628475 Unclassified low stephen new Support defined callouts to user-written code This was discussed on bind10-dev in the thread starting at https://lists.isc.org/pipermail/bind10-dev/2011-January/001839.html.

The idea is to define a set of points at which BIND-10 will call out to user-written code and provide a supported interface for it. For example, a user-written filter could be called when a query is received and accept or reject it according to logic based on business need.

Ideally the code would load at run-time, avoiding the need for the user to edit BIND source code directly. Such a scheme would also open the way for upgrades to BIND-10 without the need to rebuild the user code.
556 enhancement 1296583817302371 1331038939391875 build system medium jreed vorner new Request for feedback in ./configure As we talked on todays call, it would be nice to have some request for feedback printed at the very end of the ./configure script. So people who try it out now probably use configure, and most probably run it manually and we need as much feedback as possible. I have no proposal for the exact wording, but something like to send any suggestions, ideas, what works for them, what doesn’t, why, and to drop an email or ticket or patch, what is best for them.

It should be relatively easy to implement IMO.
557 enhancement 1296755443971648 1392913539618655 resolver low stephen DNS Outstanding Tasks new Check additional data RRsets against rest of server response See comments in #496, where the response scrubbing was introduced.

In essence, the response scrubbing code should remove from the additional section anything that is not referenced in the rest of the message. This implies adding the ability to interpret the RDATA of RRs.
561 task 1297249810700581 1392825427624589 Unclassified medium stephen DNS Outstanding Tasks new Functional testing of the resolver This involves firing queries at different configurations and checking that the results are correct.

We may be able to use the CNNIC test suite for this.
563 enhancement 1297261110546902 1392913580521380 resolver medium stephen DNS Outstanding Tasks new Add command-line options to resolver Problem: to enable resolver, the normal steps are: start bind10 (including auth server); use bindctl to configure bind10 to start resokver instead; stop bind10; start bind10 again (includes resolver); use bindctl to configure resolver to listen on correct interface/port, do forwarding, etc. (because couldn’t be configured before).

Workaround: just like bind10 and b10-auth has a andp options for auth address and port, bind10 should have command-line options to choose address/port/forwarder and to enable the resolver too. b10-resolver could also have command line options for these too.

Note that an early version of the resolver did have some command-line options. Now they are gone. This is inconsistent with b10-auth.
566 defect 1297373350141055 1392913592387515 resolver medium jreed DNS Outstanding Tasks new forwarder and recursion desired not set Using b10-resolver as a forwarder.

When the incoming query does not have recursion desired (RD) bit set, the forwarder ignores this
and will send on a query with RD now set and will return back its recursive results.

The BIND 9 behaviour for forward only and RD not set is to not forward the query — it responds back with root-servers in the authority section (the only thing it knows).
567 enhancement 1297423851025095 1392999386258306 data source low UnAssigned vorner DNS Outstanding Tasks assigned RdataIterator::getCurrent() should throw if invalid. When the RdataIterator points at the last entry and getCurrent is called, it should throw an exception.

This way, we can just use the first Rdata in RRset and don’t need to care about empty RRsets (in case of DNAME, for example, empty DNAME rrset is wrong and the code makes no sense).

After this is finished, the assert in CNAME synthesis code for DNAME in auth/query.cc should be removed (see #505).
568 enhancement 1297430406836414 1330097397847649 libdns++ low UnAssigned stephen new Extend RRset with copy constructor, assignment operator and comparison operator A needs has arisen for these in the implementation of the resolver cache - see the comments on ticket #449.
570 defect 1297445683637748 1392913652570241 resolver medium jreed DNS Outstanding Tasks new question duplicated results in servfail First response is fine. But still has second query that has a servfail.
See extra question added and multiple answers for same query:



[b10-resolver] Got a DNS message
[b10-resolver] received a message:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A

[b10-resolver] Processing normal query
[b10-resolver] Sending upstream query (isc.org. IN A
) to 127.0.0.1
[b10-resolver] Sending ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 0
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A
to 127.0.0.1
[b10-resolver] Received response from 127.0.0.1
[b10-resolver] [XX] got an answer
[b10-resolver] Adding question isc.org. to message
[b10-resolver] sending a response (272bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 63665
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 6

;; QUESTION SECTION:
;isc.org. IN A

;; ANSWER SECTION:
isc.org. 883 IN A 149.20.64.42

;; AUTHORITY SECTION:
isc.org. 28131 IN NS ord.sns-pb.isc.org.
isc.org. 28131 IN NS ams.sns-pb.isc.org.
isc.org. 28131 IN NS sfba.sns-pb.isc.org.
isc.org. 28131 IN NS ns.isc.afilias-nst.info.

;; ADDITIONAL SECTION:
ams.sns-pb.isc.org. 28131 IN A 199.6.1.30
ams.sns-pb.isc.org. 28131 IN AAAA 2001:500:60::30
ord.sns-pb.isc.org. 28131 IN A 199.6.0.30
ord.sns-pb.isc.org. 28131 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 28131 IN A 149.20.64.3
sfba.sns-pb.isc.org. 28131 IN AAAA 2001:4f8:0:2::19

[b10-resolver] [XX] got an answer
[b10-resolver] [XX] got an answer
[b10-resolver] Adding question isc.org. to message
[b10-resolver] sending a response (31bytes):
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 63665
;; flags: qr rd ra ; QUESTION: 2, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;isc.org. IN A
;isc.org. IN A





11:25:22.091100 IP 127.0.0.1.53645 > 127.0.0.1.53: 63665+ A? isc.org. (25)
0x0000: 4500 0035 0000 0000 4011 0000 7f00 0001 E..5…........<br> 0x0010: 7f00 0001 d18d 0035 0021 4791 f8b1 0100 .......5.!G.....<br> 0x0020: 0001 0000 0000 0000 0369 7363 036f 7267 .........isc.org<br> 0x0030: 0000 0100 01 .....<br>11:25:22.092289 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 1/4/6 A 149.20.64.42 (272)<br> 0x0000: 4500 012c 8f30 0000 4011 0000 7f00 0001 E..,.0..…….
0x0010: 7f00 0001 0035 d18d 0118 e507 f8b1 8180 …..5……….
0x0020: 0001 0001 0004 0006 0369 7363 036f 7267 ………isc.org
0x0030: 0000 0100 01c0 0c00 0100 0100 0003 7300 …………..s.
0x0040: 0495 1440 2ac0 0c00 0200 0100 006d e300 …*........m..<br> 0x0050: 0d03 6f72 6406 736e 732d 7062 ..ord.sns-pb<br>11:25:22.092601 IP 127.0.0.1.53 > 127.0.0.1.53645: 63665 ServFail [2q], 0/0/0 (31)<br> 0x0000: 4500 003b 0000 0000 4011 0000 7f00 0001 E..;....…….
0x0010: 7f00 0001 0035 d18d 0027 b841 f8b1 8182 …..5…’.A….
0x0020: 0002 0000 0000 0000 0369 7363 036f 7267 ………isc.org
0x0030: 0000 0100 01c0 0c00 0100 01 ………..


This problem didn’t exist prior to Jan. 24. In this case the client (id 63665 or port 53645) was dig. It never displayed the additional response.
578 task 1297866808524022 1392999399550405 data source low UnAssigned vorner DNS Outstanding Tasks assigned Refactor of PARTIALMATCH in isc::datasrc::MemoryZone::MemoryZoneImpl::find. It is getting rather long and unreadable. It would be nice to clean it up little bit, eg. by separating the PARTIALMATCH (which is the longest case label) into separate function.
579 task 1297933322527514 1392913205805053 resolver medium zhanglikun DNS Outstanding Tasks new Add iterator interface to Hash Table The iterator interface for Hash Table needs to be added, so that the content of it can be walked.
580 task 1297941415039838 1392914212200665 Unclassified low vorner DNS Outstanding Tasks new More flexible isc::testutils::rrsetCheck It would be handy if it could check only part of the equality (eg. only class, TTLs and data and ignore different names for example). The wildcard testcases in memory zone could be simplified by it.
581 task 1297952111140992 1392999421680956 data source low jreed jreed DNS Outstanding Tasks assigned src/lib/python/isc/datasrc/master.py source documentation Convert existing comments in src/lib/python/isc/datasrc/master.py to doxygen style documentation.

See http://git.bind10.isc.org/~jreed/pydoc/master.html for existing incomplete pydoc example.

Also add more documentation for this.

(Or maybe this code is going away?)
582 task 1297952294432839 1392837539252508 Unclassified medium jreed DNS Outstanding Tasks new add more unit tests for src/lib/python/isc/datasrc/master.py See

http://bind10.isc.org/~tester/2011/02/20110217130443-57736fd/coverage-python-html/src_lib_python_isc_datasrc_master.html

(only 9% coverage at this time).

(Unrelated to this ticket, but why does it’s rrtypes set have RR types that libdns++ doesn’t know, including some obsolete that BIND 9 doesn’t even accept?)
585 task 1298043021255787 1300972860628475 data source low jreed new Make SQLIte3 dependency optional Make the dependency on SQLite3 optional. ./configure should not fail if sqlite3 is not found.

This also means that b10-auth, b10-xfrin, b10-xfrout, b10-loadzone, and b10-zonemgr need to use an abstracted data source backend. This depends on:
#368, #374, #375, #376.
586 task 1298044224002248 1392913150462579 resolver medium jreed DNS Outstanding Tasks new randomize source ports Have an option so we can set our own source ports (instead of operating system). (For example, some operating systems use sequential source ports and not randomized.)

(09:47:30) stephen: I’ve just had a look at the Boost documentation and it seems that we can create a native port, that ask Boost to use that for its I/O. So we should be able to control the port numbers ourselves.
596 task 1298382431550481 1317139349238781 Unclassified medium jreed new allow configurations without running services Should be able to do configurations, especially for auth and resolver, without starting them first.

This may mean being able to change configurations without running cmdctl too.
601 defect 1298448694146657 1392811406027717 libdns++ medium UnAssigned jinmei DNS Outstanding Tasks new bug in handling out-of-range DNSSEC times This is an (originally unintended) continuation of #174.

According to Rob Austein our current implementation of DNSSEC time
(which is actually compatible with BIND 9) isn’t correct:

- we should allow pre-epoch time such as 19691231000000 as long as it’s in the valid 68-year range.
- we should reject (in the 32-bit mode) out-of-range time format such as 21000101000000

In practice, these would be minor, but since we’ve recently completed #174,
it would make sense to fix it using this opportunity.
619 task 1298497711930303 1330422593174356 cmd-ctl low jreed new pick a good default cmdctl port number Decide on port for cmdctl; 8080 is too common?
628 defect 1298575416565604 1337691456593207 Unclassified low UnAssigned jreed assigned switching from auth or resolver is too noisy This was done with:



> config diff
{’Boss’: {’start_resolver’: True, ‘start_auth’: False}}
> config commit



See all this output:



[b10-cmdctl] Begin send command ‘set_config’ to module ‘ConfigManager’
[bind10] Handling new configuration: {’start_resolver’: True, ‘start_auth’: False}
[bind10] Starting b10-resolver
[bind10] Started b10-resolver (PID 22058)
[bind10] Asking b10-zonemgr to terminate
[bind10] Asking b10-xfrin to terminate
[bind10] Asking b10-xfrout to terminate
[bind10] Asking b10-auth to terminate
[b10-auth] Received ‘shutdown’ command
[b10-msgq] Closing socket fd 8
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 9
[b10-msgq] Receive error: EOF
24-Feb-2011 14:19:32.111 Xfrout: INFO: Received shutdown command.
[bind10] Process b10-auth (PID 22024) terminated, exit status = 0
[b10-msgq] Closing socket fd 7
[b10-msgq] Receive error: EOF
[b10-cmdctl] Finish send command ‘set_config’ to module ‘ConfigManager’
[b10-cmdctl] Begin send command ‘get_config’ to module ‘ConfigManager’
[b10-resolver] Command line: b10-resolver -v
[b10-resolver] Server created.
[b10-resolver] IOService created.
[b10-resolver] Configuration session channel created.
[b10-cmdctl] Finish send command ‘get_config’ to module ‘ConfigManager’
[b10-resolver] Configuration channel established.
[b10-resolver] Config loaded
[b10-resolver] Server started.
[bind10] Process b10-xfrin (PID 22026) terminated, exit status = 0
[b10-msgq] Closing socket fd 10
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 12
[b10-msgq] Receive error: EOF
[bind10] Process b10-zonemgr (PID 22027) terminated, exit status = 0
[b10-msgq] Closing socket fd 14
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 15
[b10-msgq] Receive error:
[bind10] Process b10-xfrout (PID 22025) terminated, exit status = 0
[b10-msgq] Closing socket fd 11
[b10-msgq] Receive error:



While this is verbose, the many errors shouldn’t be there. This is not clean.
632 task 1298666735493161 1392913131851989 resolver medium jinmei DNS Outstanding Tasks new “libcache” has too generic a name As raised on jabber…

I just noticed “cache” is too generic when I saw src/lib/cache (it also
applies to the resulting library, libcache.{a,so}). Consider,
e.g. the fact we already have the “hot spot cache” for data source.
Also consider BIND 10 may not even specific to DNS. Even without
taking these into account, “cache” still sounds too generic and can
be quite ambiguous.

So, IMO, it should have a more specific name.

This is probably part of a larger packaging matter, though (e.g.,
whether we want to provide the cache library as a stand alone library
that can be exclusively used by third party applications, or whether
it’s intended to be used only as part of the resolver
(library/server)).

But I’m creating the ticket anyway so that we won’t forget it.
635 defect 1298980700682057 1330426424708472 build system low stephen stephen assigned Presence of old version of BIND10 may cause new build to fail Building from sources, if:
* —prefix is specified on the ./configure command line
* “make install” is run to install the software in the “prefix” directory
… a subsequent build of a later version of BIND10 may fail.

The set of commands that cause the build to fail on Ubuntu 10.04 are given in the attached file.

Removing the “prefix” directory allows the subsequent build to succeed.
645 defect 1299072541726805 1330430795159535 Unclassified low vorner new Little errors hinted by valgrind This is the rest of valgrind topics raised by #614. I believe this bunch is small and simple enough to handle them in one ticket.

They are:
- Invalid read in cc tests (the map there seems to be freed before the tests are done with it, but that’s only my guess)
- There’s call to open with NULL pointer as the path in the dns tests, which probably shouldn’t happen.
- Some memory leaks in auth tests. The two IOEndPoint ones are already topic covered by #644 (the same leak got to different tests), but there’s one more in changeUser.

I think this one is minor, because the first two probably happen only in tests (but I’m not sure about it, that’s why I leave it here to examine), and the third one happens just once per run.
650 task 1299224653994828 1392812528597430 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s dnssec system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/dnssec.
651 task 1299224711538630 1392812546628371 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s masterfile system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/masterfile.
652 task 1299224751638636 1392812561419620 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s notify system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/notify.
653 task 1299224794714962 1392812576738283 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s xfer system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/xfer.
654 task 1299224832714631 1392812592156794 b10-auth medium jinmei DNS Outstanding Tasks new port BIND 9’s unknown system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/unknown.
655 task 1299224906799160 1392812608264326 resolver medium jinmei DNS Outstanding Tasks new port BIND 9’s resolver system test This is a continuation of #606.

For the test scenario, see bind9/bin/tests/system/resolver.

I’m giving this ticket to R-team (as an initial assignment).
659 enhancement 1299234839233509 1392913106528658 resolver medium jelte DNS Outstanding Tasks new resolver priming Ticket #495 introduces the use of the NSAS, but it doesn’t correctly prime the resolver yet. We really need this (at least a simple version of it), it should probably be a method of RecursiveQuery (which is in essence the ‘resolver’ object right now), called once initialized, and later at a regular interval (either when the priming result appears to expire or once a day).

This might also need a way to simply send out one query and get back the result, without the full recursive process. Depending on what we do in #658, this may already be possible.
660 enhancement 1299235088120650 1392913035779181 resolver medium jelte DNS Outstanding Tasks new options and/or commands to control cache behaviour Ticket #491 introduced the use of a cache, but at this moment we have no method of controlling it;

some initial nice options would be:
- set maximum cache size
- set maxmimum lru size
- flush cache
- flush cache for specific names
- flush cache for specific zones and everything below it (though i’m not sure this is possible with the current cache implementation)
662 defect 1299245065169497 1392811258123648 b10-auth medium UnAssigned jreed DNS Outstanding Tasks assigned b10-auth wrongly falls back to default listen_on As I noted in #657, b10-auth now falls back to default listen_on (from spec?) if the b10-config.db version fails.



[bind10] BIND 10 started
Setting listen addresses:
0.0.0.0:53
127.0.0.1:5300
Initialize TCP server at 0.0.0.0:53
Unable to set new address: Failed to initialize network servers: Permission denied
[b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied
[b10-auth] Configuration channel established.
[b10-auth] Xfrin session channel created.
[b10-auth] Xfrin session channel established.
[b10-auth] Statistics session channel created.
[b10-auth] Statistics session channel established.
Setting listen addresses:
::1:5300
127.0.0.1:5300
Initialize TCP server at ::1:5300
Initialize UDP server at ::1:5300
Initialize TCP server at 127.0.0.1:5300
Initialize UDP server at 127.0.0.1:5300
[b10-auth] Set statistics timer to 60 seconds
[b10-auth] Data source database file: /usr/home/jreed/opt/bind10/var/bind10-devel/zone.sqlite3
[b10-auth] Server started.



I think the previous behaviour was for it to exit. bind10 (boss) would restart and the failure would continue looping. I don’t think that is good behaviour either.

But using default values when a configuration is specifically defined is not correct. It may not be noticed and it may break some policies or other software (which wanted to use those).

Maybe this will be fixed in #657, but I open this ticket just in case.
668 enhancement 1299497980496860 1299497980496860 Unclassified low stephen new Add formal randomness checking to unit tests of classes using random-number generators We are currently using the Boost random number generators in classes where random numbers are required (e.g. QID generation). Although these should be random, we currently do not do formal testing of the randomness of generated values in our unit tests. This runs the risk of not noticing a loss of randomness if the implementation of such classes is changed.

It is proposed that we formally check such cases using the NIST random number test suite [http://csrc.nist.gov/groups/ST/toolkit/rng/index.html]
674 defect 1299513343493610 1392912325412484 loadzone low jreed DNS Outstanding Tasks new loadzone wrong RR count and percentage From a couple tests, it looks like b10-loadzone RR count is one to many.

For example it shows “2 RR (s) loaded” for a single line SOA only zone.

Also sometimes the percentage shown is not 100% when completed. But that doesn’t match up to the count off by one.
677 defect 1299528731023605 1337591752864723 bind-ctl low jreed new bindctl doesn’t have readline/emacs-style editing On some of my systems, bindctl doesn’t provide line editing (no arrow keys, no CTRL-A, CTRL-E, etc).

Maybe the system is just missing some python module.

The fix for this is probably just to document what is needed and/or where supported.
679 enhancement 1299599149442427 1344438138107723 Unclassified medium UnAssigned vorner assigned More clever switching of listening addresses and ports Currently, when user changes addresses and ports (listen_on), isc::server_common::portconfig::installAddresses is invoked. It closes all old sockets and create new ones.

But if there are common sockets in old and new configuration, it is both unneeded and may cause a short break in service. So a more fancy way of switching them should be done.

The idea is to open the new ports, then close the old ones and keep the same ones untouched. (In this order, we can check we can get the new ones without losing the old ones, so it is easier to rollback)
685 defect 1299688327340397 1392913014659093 resolver medium jreed DNS Outstanding Tasks new resolver cached SERVFAIL becomes NOERROR I had a DNAME that resulted in a synthesized CNAME that is too long. Using b10-resolver as a forwarder: on the first query the upstream sent back a SERVFAIL. On second query, the b10-resolver said “Message found in cache, returning that” and returned a status: NOERROR (ANSWER: 0).

(I noticed this when researching #145.)
686 enhancement 1299761964159824 1389622076495221 build system medium jreed jreed assigned set library version info This was based on #635 issues.

We need to set the version information (such as libtool’s current:revision:age) for each library that has changed. At the minimum we should do these at least for each tarball release. We will not use the BIND 10 release or individual module versions for the library versions.

I will add more details to this ticket.

This ticket should not be closed until a wiki page also documents our policy on this.
687 defect 1299797626444982 1394116289440406 Boss of BIND low jreed Common Outstanding Tasks new suspend (stop) signal sent to boss doesn’t suspend children I used to be able to suspend bind10 and it would suspend the children too.
But now the parent is only suspended, children keep on running. I am doing this with Ctrl-Z from shell.
This causes some confusion for me as I troubleshoot (especially if I am flooded with verbose output on same terminal).
692 defect 1300207928617670 1392999432267907 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned response with NSEC3 for class ANY queries This is a remaining task for #80. We first need to add tests about
query logic (in general) for NSEC3 responses, and then make the same
fix as the one we did for #80.
694 enhancement 1300229091452958 1300972799721442 msgq low jinmei new proposal: change timeout for SendNonblock (msg test) to 30sec It’s currently 10sec

def terminate_check(self, task, timeout = 10):

(btw the space chars around = should be removed according to the style
convention)

Apparently this is too small for my personal slow server, and this
test regularly fails.

I propose changing this value to 30sec (yes, it’s an arbitrary choice
that happens to work for that particular server). Normally the value
shouldn’t affect testability; timeout doesn’t happen unless the test
fails or for a very slow machine. So I think the change is acceptable.
702 defect 1300357203601211 1392912989810995 resolver medium jelte DNS Outstanding Tasks new resolver/forwarder does not answer CH TXT version.bind and authors.bind
In fact, right now it crashes on such queries.

Fixing the crash is trivial, but getting the right answers is not (they’re hidden in StaticDataSrc, and including that would imply including nearly everything that’s necessary for b10-auth).

So I propose to move the actual creation of the ‘static’ data (i.e. the names and rrsets for authors.bind and version.bind) to a singleton in server_common, and use those from StaticDataSrc and bin/resolver.
705 enhancement 1300390542235100 1394116308396684 Boss of BIND low shane Common Outstanding Tasks new Log more helpful status when process exits under the boss Jeremy reported something exited with status 139.

It turns out that the status value is as follows:

a 16-bit number, whose low byte is the signal number that killed the process, and whose high byte is the exit status (if the signal number is zero); the high bit of the low byte is set if a core file was produced

That is from the Python documentation here:

http://docs.python.org/py3k/library/os.html#os.wait

So, deciphering it we see that it is < 256, which means it is a signal. The high bit is set - meaning we have core. We can remove that by subtracting 128 and discover that this is signal 11 (SEGV).

It would be nice if the boss process did this work and reported exactly what happened to the child process.
707 defect 1300391188623803 1392825456361357 Unclassified medium jreed DNS Outstanding Tasks new b10-resolver (as forwarder) exit with SEGV Not sure what caused this b10-resolver to exit with SEGV.

I am confused why question generates different upstream questions and one question results in multiple responses. Is this an error too?

Here is the closest lines in verbose output:



[b10-resolver] Got a DNS message
[b10-resolver] received a message:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919
;; flags: rd ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;external.ak.fbcdn.net. IN A

[b10-resolver] Processing normal query
[b10-resolver] Try out cache first (started by incoming event)
[b10-resolver] Message not found in cache, starting recursive query
[b10-resolver] doLookup: try cache
[b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (photos-e.ak.fbcdn.net. IN A
) to 127.0.0.1

[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (external.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] sending a response (442bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 3781
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 11, AUTHORITY: 9, ADDITIONAL: 0

;; QUESTION SECTION:
;photos-e.ak.fbcdn.net. IN A

;; ANSWER SECTION:
photos-e.ak.fbcdn.net. 895 IN CNAME photos-a.ak.facebook.com.edgesuite.net.
photos-a.ak.facebook.com.edgesuite.net. 4798 IN CNAME a995.mm1.akamai.net.
a995.mm1.akamai.net. 20 IN A 69.31.72.194
a995.mm1.akamai.net. 20 IN A 69.31.72.139
a995.mm1.akamai.net. 20 IN A 69.31.72.145
a995.mm1.akamai.net. 20 IN A 69.31.72.147
a995.mm1.akamai.net. 20 IN A 69.31.72.169
a995.mm1.akamai.net. 20 IN A 69.31.72.176
a995.mm1.akamai.net. 20 IN A 69.31.72.178
a995.mm1.akamai.net. 20 IN A 69.31.72.184
a995.mm1.akamai.net. 20 IN A 69.31.72.193


;; AUTHORITY SECTION:
mm1.akamai.net. 1798 IN NS n7mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n4mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n3mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n2mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n5mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n0mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n6mm1.akamai.net.
mm1.akamai.net. 1798 IN NS a0mm1.akamai.net.
mm1.akamai.net. 1798 IN NS n1mm1.akamai.net.

[b10-resolver] Timeout, resending query
[b10-resolver] Sending upstream query (profile.ak.fbcdn.net. IN A
) to 127.0.0.1
[b10-resolver] sending a response (308bytes):
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 21919
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 0

;; QUESTION SECTION:
;external.ak.fbcdn.net. IN A

;; ANSWER SECTION:
external.ak.fbcdn.net. 2472 IN CNAME external.ak.fbcdn.net.edgesuite.net.
external.ak.fbcdn.net.edgesuite.net. 4798 IN CNAME a1920.g.akamai.net.
a1920.g.akamai.net. 20 IN A 63.80.138.48
a1920.g.akamai.net. 20 IN A 63.80.138.67

;; AUTHORITY SECTION:
g.akamai.net. 1799 IN NS n4g.akamai.net.
g.akamai.net. 1799 IN NS n7g.akamai.net.
g.akamai.net. 1799 IN NS n6g.akamai.net.
g.akamai.net. 1799 IN NS a0g.akamai.net.
g.akamai.net. 1799 IN NS n5g.akamai.net.
g.akamai.net. 1799 IN NS n3g.akamai.net.
g.akamai.net. 1799 IN NS n0g.akamai.net.
g.akamai.net. 1799 IN NS n1g.akamai.net.
g.akamai.net. 1799 IN NS n2g.akamai.net.

[b10-resolver] sending a response (38bytes):
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 24087
;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;profile.ak.fbcdn.net. IN A

[bind10] Process b10-resolver (PID 16152) terminated, exit status = 139

709 enhancement 1300396709121370 1392914161716876 resolver low UnAssigned shane stephen@isc.org DNS Outstanding Tasks assigned Improve RTT message from recursive resolver by using decimal Stephen noted that the RTT: debug output would possibly be nicer with outputing using decimals.


Stephen: We could change that to output it to three decimal places.


715 defect 1300452454216757 1301321712247554 configuration low jreed new cfgmgr errors need a new line or separator I made a mistake:


> config set Auth/datasources [{file “/Local/Users/jreed/J”, origin config commit
Error: Error in config validation: Unknown item fileUnknown item origin
Configuration not committed



It is unknown because I forgot to use “zones” for this list. The problem is the error messages got merged together.
717 defect 1300453300858334 1300453300858334 bind-ctl low jreed new config diff output uses single quotes config diff output uses single quotes.

But bindctl and cfgmgr require double quotes. So if you attempt to copy and paste it will fail.

718 defect 1300453366384540 1377867759038750 bind-ctl low jreed new Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty. Don’t need to say “Exit from bindctl” when bindctl doesn’t have a tty (such as piping in a command to it).
732 task 1300982884532984 1308086219578281 bind-ctl medium jreed new add more unittests for bindctl components Get all of bindctl to at least 75 unit test code coverage.
See:

http://bind10.isc.org/~tester/LATEST_PYTHON_UNITTEST_COVERAGE/
734 task 1300983182591938 1308086254849558 Unclassified medium jreed new add more unit tests for lib/xfr Add more unit tests for lib/xfr to get it to atleast 75% code coverage. See:
http://bind10.isc.org/~tester/LATEST_UNITTEST_COVERAGE/xfr/index.html
748 enhancement 1301048430011042 1303288185742206 resolver low stephen new Remove coroutines from IOFetch Remove the coroutine code from io_fetch.{cc,h}.

This involves removing the inheritance from the “coroutine” objects and breaking down the operator() method into a number of separate methods corresponding to each phase of the I/O. (This may involve the use of boost::bind to specify the asynchronous I/O callbacks.)
750 enhancement 1301049551821677 1330704341390354 Unclassified low stephen new Remove coroutines from UDP server and TCP server The work involved in this is similar to that in ticket #748, but is applied to the TCP and UDP server code.
752 enhancement 1301050626523132 1303288206489049 Unclassified low stephen new IOService Refactoring Several points in the code access the boost ASIO “post” function through IOService by calling IOService::get_io_service().post(). Ideally IOService should supply a post() method itself. Owing to the use of templates, this may require removing the “pimpl” structure.
757 enhancement 1301163841383808 1330702682035017 logging low stephen stephen assigned Python logging - understand configuration The logging configuration is being defined in ticket #736, although the scope of that ticket is C++. This ticket involves producing Python code that understands the logging configuration and sets the options in the BIND-10 Python logging module accordingly,
776 enhancement 1301410070349491 1392999528377870 Unclassified medium stephen DNS Outstanding Tasks new IXFR out: Share UDP Address/Port with b10-auth and xfrout In many cases, different functions of BIND 10 should use the same address and port to receive communications. This task - which is also involved with using UDP in general - makes this possible.
778 enhancement 1301466559425504 1301466559425504 xfrout medium stephen new IXFR out: limit number of concurrent XFRs Configuration of a wide limit on the number of concurrent transfers and implementation of the code to keep a track of the transfers and refuse a request that would cause this limit to be exceeded.
779 enhancement 1301466669718474 1301466738839037 xfrout medium stephen new IXFR out: cleanup configuration Add configuration parameters to specify how many versions of the zone should be kept and how long the history should be kept for.
780 task 1301466900488102 1301466900488102 xfrout medium stephen new IXFR out: add housekeeping to clean up old history Based on the configuration specified in #779, some form of housekeeping task is required to periodically clean up history.
785 task 1301484331910045 1301484331910045 Unclassified medium stephen new DNSSEC: read, document and understand BIND 9 handling of DNSSEC Possibly the precursor to all DNSSEC related tasks, this is to make sure that we don’t lose knowledge of what BIND 9 has done with DNSSEC.

The person doing this task should make sure that they interact with the BIND 9 programme manager, as the output will be a useful addition to the BIND 9 documentation set.
789 defect 1301503700873539 1394116322264037 Boss of BIND medium stephen Common Outstanding Tasks new Make “shutdown” a hidden command for non-Boss processes At the moment it is possible to shutdown components individually. Unfortunately, the Boss immediately restarts them because it does not know that they have been requested to terminate.

This change removes the component shutdown command and ensures that they can only be shutdown through Boss - which, because it knows about the shutdown will not restart them.
791 enhancement 1301503869663869 1394116339620628 Boss of BIND medium stephen Common Outstanding Tasks new Add command to Boss to see component configuration Should be able to execute a command to see a list of running process and any relevant configuration information.
795 enhancement 1301504172842902 1394116356863046 Boss of BIND medium stephen Common Outstanding Tasks new Stop/force-stop/restart/start a component (temporarily) Sometimes a component will not shutdown. The cmdctl interface should allow the user to:
* Stop a component (i.e. request it to shut down normally)
* Force-stop (i.e. kill it)
* Restart (i.e. shut down normally and get it to restart automatically)
* Start (i.e. start a component that is currently not running)
803 enhancement 1301557630304648 1394116372443015 Boss of BIND medium stephen Common Outstanding Tasks new Command to list currently used sockets (Related to #802.)
804 enhancement 1301557671331241 1394116387627774 Boss of BIND medium stephen Common Outstanding Tasks reopened Client side code to request new sockets (Python)
808 task 1301558082457798 1301558082457798 Unclassified low stephen new Research alternate strategy of using a lexer/parser to define record types Rather than explicitly creating a class for each record type, is there some way that we can define the characteristics of a RR and automatically generate the code?
822 enhancement 1301560581841591 1301560581841591 data source medium stephen new Use first match data source Modify so that first match instead of best match is used from multiple data sources
824 enhancement 1301560817541807 1317990348048159 data source medium stephen new Improve configuration of data sources
826 task 1301817156175350 1340899583918649 Unclassified medium fdupont fdupont assigned Windows support Windows support:
- OS >= Vista/Windows Server 2008
- Visual Studio >= 2008 (aka 9.0)
- google test (for validation)

Individual item:
- HOWTO (needed software and tools)
- DLL exports
- solution and projects (for VS 2008)
others will be added
837 defect 1302099452093934 1392811598022391 Unclassified medium fdupont DNS Outstanding Tasks new multiple include of initialized static constant members In edns.h:
class EDNS {
///
}

Each time the edns.h file is included this gives a new EDNS::SUPPORTED_VERSION
symbol so linking raises “multiple defined” errors.

There are two ways to fix it:
- play with an #ifdef so only the initializing form in included in edns.cc
- move the initialization to edns.cc
I prefer the second way but there are still some choices:
- keep the value in .h in a comment
- what to do for this line is edns_unittest.cc:
const uint8_t EDNS::SUPPORTED_VERSION;
(I’d like to remove it)?
840 defect 1302140837373042 1304377436907887 Unclassified medium fdupont new Windows support for libcc No chance: current libcc relies on asio::local which is not supported on Windows.
Note the ASIO_HAS_LOCAL_SOCKETS flag should help according to the ASIO doc…
Got a !WinSock.h double include error too (to be fixed in config.h for Windows).
What is the plan? Add local TCP as an option?
841 task 1302162674129589 1305213407580130 Unclassified medium jelte new remove generated .py files We have a number of python scripts that are generated from .in files at configure time. We also have a file src/lib/python/bind10_config.py[.in] that is supposed to act like the config.h file in cpp; we should put configure-time substitutions in this file instead of in all the generated .py files.

ps. when we do this, it’ll cause a lot of git checkout ‘problems’ (files that were generated in one branch but are in the repository of another), we might want to add a small script that deletes them as an interim workaround until we have no old branches left after this is done.
842 defect 1302166140879988 1394114735280370 Unclassified medium zzchen_pku Common Outstanding Tasks new Do range check within C++ class Some of the long int variables can be a plain int: Message_init, Message_clear, MessageRenderer_setCompressMode. (although being long is not necessarily incorrect; it just consumes more (stack) space unnecessarily).
Actually, in these cases it make more sense to do this check within the corresponding C++ class (Message, MessageRenderer?, etc) and delegate the check to it.
854 enhancement 1303204287914456 1305289926802818 Unclassified low stephen new Extend the badpacket generator The “badpacket” generator is a program that generates (potentially) bad DNS packets for sending to a nameserver and testing its response. It is meant to be used as a testing tool for the BIND 10. Currently, the generator can:
* Set any combination of flags in the DNS message header.
* Vary the size of the DNS message (by truncating or extending with random data)
* Set the DNS message section counts (independently of what is in the section).
This ticket is for enhancements to the program to:
* Actually insert data into the various message sections.
* Modify the data in the message sections (e.g. by corrupting the label length fields).
* Add a set of options for testing (bad) EDNS0 data.
856 task 1303252448822559 1304496626188282 libdns++ medium UnAssigned jinmei assigned add ability to send TSIG’ed query to src/bin/host Unless I’m mistaken this is an additional task for the May03 sprint so
that it will have one “user-visible feature”.

What I meant is to add a small change to src/bin/host so that it accepts
a new “-f ” option just like BIND 9 dig, and uses that
information with the libdns++ API introduced in #812 to send TSIG signed
queries. Should be pretty easy.
858 enhancement 1303293435055645 1305291723225946 Unclassified low fdupont new silent MSVC warnings on libdns++ I’ll collect MSVC warnings in VS2005/2008/2010 and try to address them.
Some are spurious (as a warning for {} while(0) in macros) and should be avoided
with a pragma, some are real (mainly incompatible integer operations) and should
be fixed (for instance by a cast). As far as I know none is critical so
I put this ticket in enhancements.
Note at least a common one is related to C++: VS2010 complains about missing and
impossible to generate copy operation in class definition…
860 task 1303452541864048 1392999445167461 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned sqlite3 data source should separate DONE and other errors See #851 (espeically its initial description). Conceptually, this means
instead of doing this:

rc = sqlite3_step(dbparameters>q_zone_);
const int i = ?
sqlite3_column_int :
1;

we should do it this way:

rc = sqlite3_step(dbparameters>q_zone_);
if
const int i = ?
sqlite3_column_int :
1;


It’s basically straightforward, but since a naive approach would result
in the same patter repeated in various places, we’ll probably also need
some kind of refactoring.
861 enhancement 1303453310640018 1305214361342052 Unclassified medium zhanglikun new Check max udp packet size(buffer size) carried by edns0 message When resolver geting a query with DO bit from a client, the max udp packet size should be checked. Once the size of answer message is bigger the max size, tcp query should be triggered.

Currently the simplest forwarder doesn’t check, always treate the max udp packet size of query client is 4096.(see more in ticket#598)
862 task 1303460875383770 1344438559841280 Unclassified medium UnAssigned vorner assigned Properly encapsulate the output buffer in AbstractMessageRenderer As discussed in #404, we shouldn’t expose the output buffer to descendants of `AbstractMessageRenderer` trough `getBuffer()`. The most problematic place that uses it is name compression in `MessageRenderer`, which needs some small refactoring. The rest should be trivial to replace.
864 task 1303815711705987 1392912967341617 resolver low vorner DNS Outstanding Tasks new Simplification of ResponseScrubber::scrubSection As noted in comment:5:ticket:847, the method would use some simplification (the suggestion about `nomatch` is already implemented).
874 task 1304087689458972 1305223378939417 Unclassified medium shane new Create tests for src/bin/host We need tests for src/bin/host.
887 task 1304280532725770 1305270004460967 Unclassified medium shane new review code for undocumented functionality Also meant as input for #884, but we probably need to break this down into smaller tasks.
891 enhancement 1304402768405000 1392912898819529 resolver medium zhanglikun DNS Outstanding Tasks new Retry forward query over TCP when getting a truncated response. Currently, the forward query doesn’t have the ability to retry over TCP when getting a truncated response. It should add the support for it. Following is the comments in ticket# 598 given by vorner.

“What should the forwarder do with TCP anyway? Ask over UDP if the request come over UDP and use TCP if it comes over TCP? Is it possible with our current framework?”
892 enhancement 1304404513391522 1389749466423194 build system medium UnAssigned jinmei assigned move generic test utils from lib/dns/tests to lib/util/unittests As I commented in #813, I propose:

- move things except DNS specific things (matchName and createRequestMessage) in lib/dns/tests/unittest_util to lib/util/unittests/
- unify addDataPath and (part of) readWireData with lib/util/unittests/testdata. basically I’d keep the latter and remove the duplicate functionality from the former.
- in addition I’d change the interface of matchWireData() so that expected data is given before the actual data in the parameter list to be more comatible with other gtest interfaces (and variable names should be renamed to actual/expect, etc)
895 enhancement 1304444293674245 1307052968960904 build system medium UnAssigned jinmei assigned “null” crypto module It will help if we add an internal backend crypto module (used from
libcryptolink) for environments where Botan is not available. It will
also be helpful for users who don’t need any crypto related DNS
operations (no TSIG, no DNSSEC) and don’t want to install Botan just
to compile BIND 10.

This should be configurable in configure.ac and should be disabled by
default. It was also suggested that if the null module is enabled a
warning message (that no TSIG or DNSSEC will be usable) be shown.

Note also that when the null module is enabled some unit tests will
fail. We’ll need to work around it in some way.
896 defect 1304446501946920 1305292100972925 bind-ctl low jreed new bindctl command history shows username and user name attempts

Username:fhdsjkdfshjk
Password:
[“user doesn’t exist”]
Username:root
Password:
[“login success”]
> fhdsjkdfshjk


The above shows attempts and then command history. Command history also showed the real username.

I think this is misleading to have the username in command history.
909 task 1304717919353537 1396529228792699 xfrin medium jreed DNS Outstanding Tasks new Move command “retransfer” from Xfrin to zonemgr. Move command “retransfer” from Xfrin to zonemgr.

For background see https://lists.isc.org/pipermail/bind10-dev/2011-May/002235.html

This is related to #908.
911 enhancement 1304754703435921 1341252007825965 Unclassified low fdupont new time64 & Y2038 Some systems (at least HPUX and Windows) provide a “time64” version of time_t, time(), etc, which will still work after 2038. I suggest 3 things:
- use the 64 bit variant when it is available (e.g., twist a #define config.h and don’t forget to include it)
- make the code compiling without warnings with the 64 bit variant
- at low priority provide a 64 variant on systems which don’t have it.
Even we have ~20 years to solve this issue it should be fine to not wait so long…
918 task 1305116578867933 1317139338430339 configuration medium vorner new Non-dict top-level configuration Currently a module configuration must be a dict and with names hardcoded in the spec file (eg. we say that we’ll have
module.a, module.b and that’s it). These items can have any type then.

But for process-less configurations, it makes sense to have a different type for the whole module. An example would be
tsig_keys configuration section, which would be shared between multiple processes. It would make sense for it to be
just list of strings, each representing one TSIG key in the keyring. Current workaround in #875 is to put there one more
level, but it’s inconvenient for the user.

(I’m putting it to core, as the configuration is shared)
919 enhancement 1305140148511611 1317990940778622 libdns++ medium UnAssigned jinmei assigned define a header file for DNS protocol constants See the discussion for the background:
http://bind10.isc.org/ticket/893#comment:11
(around the paragraph beginning with “OK, although…”)

The idea is to create a new header file, say, protocol_constants.h, in
lib/dns to centrailze the definition of (mainly numeric) protocol constants
such as the max wire length of domain names.

We should begin with the discussion about whether this is a good idea
in the first place, and, if so, which constants should be defined
in that file.
920 enhancement 1305140328886955 1308058627479306 libdns++ medium UnAssigned jinmei assigned extension to TSIG: support truncated signature This is a remaining task (for relatively minor cases) of #893 as noted in
http://bind10.isc.org/ticket/893#comment:3

We need to support truncated signature in TSIGContext::verify() (and
perhaps also in sign() - BIND 9 does something about this in its verify
implementation. we need to check). We then need to revert the short term
hack (and temporarily disabled tests) made in libcryptolink in #893 and
#954.
921 enhancement 1305140551409948 1305295195674457 libdns++ low jinmei jinmei new extension to TSIG: support signed but no TSIG message over TCP This is a remaining task (and covering a very minor case) of #893 as
noted in http://bind10.isc.org/ticket/893#comment:3

This could probably have a very low priority. There’s probably no
implementation of the sender side that does this. If so, the only
meaning of implementating this is to be feature complete as a
reference implementation of the protocol.
923 enhancement 1305226590899704 1305272688701612 logging medium vorner new Create a cross-breed between isc_throw and LOG_ERROR macro. We often need to log an error message and throw an exception at the same place. We also generate similar message for them.

So the proposal is to create a macro that creates the message like for logging (with the message ID and formatting), logs it and then throws an exception with the same message as one command.
932 defect 1305617161312654 1339226208051796 libdns++ medium UnAssigned jinmei assigned overall cleanups (including real bug fixes) for pydnspp As I pointed out in #905, the current implementation of pydnspp
seems to be fragile and contains some real bugs like memory leak
or propagating C++ exceptions.

I’d suggest applying overall cleanup using tools in src/lib/util/python
to make the code more robust.
933 enhancement 1305617411892712 1344438451664443 documentation medium jreed jinmei assigned introduce a framework to convert from doxygen to pydoc I’d propose introducing a tool to convert XML output from doxygen
to a template of embedded documentation string for our python
bindings. This will help improve documentation of the python binding
(specifically pydnspp) to the quality of pretty close to that of the
original C++ doxygen doc.

I’ve written a mostly complete python script to this job. So this
ticket will be just to complete the work and get it reviewed and
merged.

934 enhancement 1305617767636295 1306402982030665 libdns++ medium UnAssigned jinmei assigned use real constants (instead of proxy factory) in pydnspp I noticed that pydnspp uses many proxy factory functions for constant
objects like RRType.AAAA (), RRClass.IN(). In Python we don’t have to
do that because there’s no worry for static initialization fiasco
(which is the reason why we use the proxy functions in C++).

We can simply define RRType.AAAA, etc, as class constant in
initialization and use it throughout our applications. That will be
more intuitive, and will be a bit more efficient (a call to a proxy
function always involve an allocation of PyObject and subsequent
deallocation; real constants are created only once in initialization).

I’d propose making this change in the entire pydnspp. It will require
changes to the applications (xfrin.py, etc), but the changes should be
pretty straightforward.
935 enhancement 1305618161576064 1306403137199231 documentation medium jinmei new improve pydnspp documentation Once #933 is completed and merged, we can use it to improve the
actual documentation of our python bindings.

I’d propose to create a task for improving pydnspp. Using the
auto-generated template, the rest of the work should be a quite
straightforward and small set of editorial changes.
941 enhancement 1305796792290507 1331638684393979 Inter-module communication medium jelte new ‘internal’ commands in .spec/modules There is the need to have ‘internal’ commands; i.e. commands that modules accept, but only from other modules, and not from an administrator. For instance, Xfrin currently has a ‘notify’ command, that is sent from zonemgr. This command is only used on incoming notifies, and for that reason is not in the specfile. However, this means that we have no way to automatically validate the arguments.

The proposal is to extend the specification format with a ‘internal’ value for commands, and if this is true, it will not be exported to bindctl etc, but we can add argument validation to moduleccsession.
942 defect 1305796961573817 1306403320569133 Unclassified medium jelte new filling in default values for command arguments ModuleCCSession currently offers support for getting the default values of configuration options, should they not be configured explicitely. We need the same for command arguments.
944 task 1305802004391137 1306403386613441 Unclassified medium jelte new some generalized checks we don’t really have a python util afaik, but we could use some general set of checks (for instance that an integer is a valid port number, that a string represent a valid domain name, etc.); from #811:

“this makes me think that maybe we do need a set of generalized check-calls like is_valid_port_number, etc. Preferably ones that do not raise, but do convert to specific type if necessary (and do provide the error if they can’t)”

having a good place to put these and a somewhat general interface for this is more important than providing a complete set of specific checks, we can add them as we encounter the need for them later
948 defect 1305825426209235 1331645709045791 configuration medium jreed new old Xfrin/master_addr configuration is in the way This is related to #945.

zone-related info is in xfrin, not zonemgr. master_addr is not directly in xfrin anymore, but one of the values of Xfrin/zones.

If you have old configuration in place, it gets in the way:



> config show Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones [] list (default)
> config show_json Xfrin
{master_addr “192.168.1.1”}



I think something should loudly complain.

And now bindctl is showing two different sets of values and doesn’t tell me which is real.

jelte says I think we should have per-module config version numbers.

Here is an example of problem:


> config show_json Xfrin
{master_addr “192.168.1.1”}
> config add Xfrin/zones
> config set Xfrin/zones[0]/name foo
> config set Xfrin/zones[0]/master_addr 192.168.1.1
> config diff
{’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}}
> config commit
Error: unknown item master_addr
Configuration not committed
> config show_json Xfrin
{zones [{name “foo”, master_addr “192.168.1.1”}]}
> config diff
{’Xfrin’: {’zones’: [{’name’: ‘foo’, ‘master_addr’: ‘192.168.1.1’}]}}



Looks like “show_json” shows what is not committed yet.

It does complain, only way too late.

Jelte said “afraid the only quick workaround is to stop bind10 and manually remove that original master_addr from b10-config.db”.

So that is what I did.

Manually editing the config database is not what we want to do so I am opening ticket.
949 defect 1305839394492086 1331646600577714 build system low jreed shane new ./configure —prefix change requires “make clean” before “make install” If I run:


./configure —prefix=OLD
make
./configure —prefix=NEW
make
make install


Then the install fails. I can fix it via “make clean” before the second make, but that costs a lot of time and indicates some problem with some dependency.
952 defect 1305896769953683 1394114699762318 Unclassified medium UnAssigned jelte Common Outstanding Tasks assigned msgq/cc multiple reads problem (and bad_alloc in b10-auth upon notify) in ticket #931, Michal discovered that there is a problem with multiple reads in cc/session. A (partial?) fix was proposed, and a different workaround was counterproposed (see that ticket).

However, I also see problems that look like they are caused by the same or a very similar issue; upon notify, sometimes b10-auth aborts with a bad_alloc. The bad_alloc is caused by it trying to create a buffer for a message of which the length was incorrectly read.

I think we should have locks around the different reads in session.cc
958 defect 1306144810660046 1306404268369401 Unclassified low stephen new Provide more information on failing test if exception is thrown Give more information in a failing test if an isc::Exception-derived exception is thrown. See https://lists.isc.org/pipermail/bind10-dev/2011-January/001891.html for more details.
959 enhancement 1306244936958027 1396529237609820 xfrin medium shane DNS Outstanding Tasks new Allow multiple masters for a slave zone Right now we can only have a single master for a zone. We need to be able to define more than one.
961 enhancement 1306245275716716 1306404102447876 configuration medium shane new Should be a way to see how to configure something “help” does not help me to create a secondary zone:


> config show Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones/ list


What is supposed to go in zones?

Jelte has a workaround, which is to add a zone then look:


> config help Xfrin/zones
Error! Unknown parameter ‘Xfrin/zones’ to command ‘help’ of module ‘config’
Command help (Get help for module.)
help (Get help for command)
No parameters for the command
> config add Xfrin/zones
> config show Xfrin/zones
Xfrin/zones[0]/name “” string (default)
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “” string (default)
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string


This works okay, but it not ideal. :)
965 defect 1306328078086645 1318411518734941 xfrout medium shane new Xfrout should not notify itself I have a machine that gets errors sending notifies to itself:


25-May-2011 12:52:44.878 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.879 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.880 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.881 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.882 Xfrout: INFO: sending notify to 78.47.15.240#53
25-May-2011 12:52:44.882 Xfrout: INFO: notify to 78.47.15.240#53: retried exceeded


The server should be smart enough not to notify itself.
966 enhancement 1306328544150372 1306404156394645 xfrout medium shane new Notify should be configurable We should be able to configure notify behavior, both on a server and per-zone level.

It should be possible to set explicit IP:port values, as well as something like “figure out from NS RRSET” as a special target.


Xfrout/default_notify [ { type } ]
Xfrout/zones[0]/notify [ { type, IP, port } ]
Xfrout/zones[1]/notify []


Here the default behavior would be to figure out who to notify from the NS RRSET, while the first zone would have only an explicit notify, and the second zone would not send any notifies at all.
968 task 1306332590204165 1331646546535527 build system low jreed shane new separate configure.ac into specific .m4 files From ticket #35:

Should we consider moving our specific configure functions into a included m4 file? (at Labs we used a shared acx_nlnetlabs.m4 file, for two reasons, one might not be relevant for us and that is that we shared a lot of functions between different projects, but the other was to keep the main configure.ac more readable).

969 defect 1306336569652746 1306404309122532 bind-ctl low jreed new non-intuitive bindctl configuration for Auth/listen_on This is a few problems.

I want to be able to just change one default. Testing as non-root. Defaults have port 53 for :: and 127.0.0.1. For testing, I change one to 5300, but commit fails since the other “default” port 53 still does not work:



> config set Auth/listen_on[0]/port 5300
> config commit
Setting listen addresses:
:::5300
0.0.0.0:53
Initialize TCP server at :::5300
Initialize UDP server at :::5300
Initialize TCP server at 0.0.0.0:53
Unable to set new address: Failed to initialize network servers: Permission denied
[b10-auth] error: Server configuration failed: Failed to initialize network servers: Permission denied
Error: Server configuration failed: Failed to initialize network servers: Permission denied
Configuration not committed


It seems like if I change one configuration, then that one configuration should be used.

Second problem (starting with my custom config removed so just defaults again):



> config remove Auth/listen_on[0]
> config diff
{’Auth’: {’listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}}
> config set Auth/listen_on[1]/port 5300
> config diff
{’Auth’: {’listen_on[1]‘: {’port’: 5300}, ‘listen_on’: [{’port’: 53, ‘address’: ‘0.0.0.0’}]}}
> config commit
Error: Error in config validation: Unknown item listen_on[1]
Configuration not committed



I did not immediately realize that listen_on[1] became listen_on[0]

Comments from jabber follow:

(09:55:07) vorner: jreed: actually, it created new item called listen_on[0], which is a dict and didn’t touch the list in listen_on. And yes, you confused the poor tool.

(09:55:56) jelte: well, in this specific case it’s not not intuitive, it’s plain buggy handling that command for an element that doesn’t exist
972 defect 1306350840779360 1392912875881081 resolver medium jinmei DNS Outstanding Tasks new Resolver class is not exception safe As I looked at the code for #971, I noticed another problem in the
Resolver class: Its constructor is not exception safe:


Resolver::Resolver() :
impl),
dnss
(NULL),
checkin),
dns_lookup
(new MessageLookup(this)),
dns_answer,
nsas
(NULL),
cache,
configured
(false)
{}


If, for example, “new ConfigCheck” fails, the allocated resource for
impl_ will leak.

It also looks quite awkward that it has specific member variables even
if it adopts the pimpl idiom (although there may be a specific reason
that can only be understood via deep understanding of the
implementation details).

Furthermore, due to the fact that dnss_/nsas_/cache_ are not set (to a
non NULL value) at the construction time this class is quite fragile
because some methods naively assumes they are non NULL. Example:


void
Resolver::setForwardAddresses(const AddressList& addresses)
{
impl_->setForwardAddresses(addresses, dnss_);
}


I’d suggest heavy refactoring and cleanup for this class so that it
will be cleaner and safer.
973 enhancement 1306501010362252 1308579624913495 configuration low vorner new Separate methods for addRemoteConfig Currently, there’s one method and it takes a name and a bool parameter. The parameter specifies if the name is filename or modulename (so the spec is loaded from config manager).

This design isn’t exactly clean, so it was suggested this might be better separated into two methods (or, alternatively, some other solution might be thought of).
974 enhancement 1306501301050171 1394116792119803 b10-auth low vorner DNS Outstanding Tasks reopened Pointer to shared pointer in `Auth::setTSIGKeyRing` is awkward and error prone As discussed in #931, the design isn’t clean. We should come up with some solution that is simple and elegant.
975 defect 1306501611597398 1392811651433463 Unclassified medium vorner DNS Outstanding Tasks new Non-primitive static object `server_common::keyring` is candidate for intialization problems As noted in #931, this might be problematic if one non-primitive static object uses another one for it’s initialization, as the second one might be yet unitialized. This should be replaced by some function returning the instance or something to prevent such problems.
982 task 1306772645217077 1308064433369781 Unclassified medium vorner new Named ACL objects It should be possible for the loader (#978) to remember the ACLs it loaded under a name. It could then either provide them directly or use them for sub-expression loading when the name is used in specification.

Note that this needs a cycle protection (see notes at [wiki:AclSyntax]).
984 enhancement 1306828146083423 1308576861650272 Unclassified medium shane new Get list of zone timers from zonemgr It would be nice for debugging to get a list of the timers from zonemgr, along with perhaps any other information being tracked (although I think that is it).
986 defect 1306830870989501 1314221339732657 bind-ctl medium shane new bindctl crash when removing unknown item I was using a BIND 10 server with an old (pre-2011-05-17) configuration. It has a “master_addr” for all of Xfrin, instead of per-zone.

I was unable to commit my database changes because of that:


> config commit
Error: unknown item master_addr
Configuration not committed


Here is the old configuration:


shane@madras:/opt/bind10/var/bind10-devel$ cat b10-config.db
{Xfrin {master_addr “85.17.60.159”}, version 2,
Auth {listen_on [ { address “85.17.60.232”, port 53 } ]}}


So I decided to remove the offending legacy configuration, with these results:


> config unset Xfrin/master_addr
Traceback (most recent call last):
File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/opt/bind10/bin/bindctl”, line 138, in
tool.run
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd
Cmd.onecmd
File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default
self.
parse_cmd(line)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd
self.
handle_cmd(cmd)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd
self.apply_config_cmd(cmd)
File “/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 673, in apply_config_cmd
self.config_data.unset(identifier)
AttributeError: ’UIModuleCCSession’ object has no attribute ‘unset’
995 enhancement 1306963399183164 1308059157201126 build system medium UnAssigned jinmei assigned use “convenience libraries” to share .cc in multiple targets Currently we compile some .cc files multiple times, once for a main
target (such as b10-auth), and in other cases for tests and
benchmarks. The additional compilation is simply redundant and
(though maybe relatively marginal) contribute to increasing the
already large build time of BIND 10.

I propose we use the “convenience library” feature of automake to avoid
the duplicate compilation. See this link for convenience libraries:
http://sourceware.org/autobook/autobook/autobook_92.html

(At least in theory) this should be a beneficial (and mostly trivial)
change at no risk of regression.

Both b10-auth and b10-recurse should be able to benefit from this, and
there may be some others.
996 enhancement 1307102047876400 1392912857860556 resolver medium jelte DNS Outstanding Tasks new keep track of nameserver ‘capabilities’ in nsas
We should keep track of capabilities of any nameserver in the NSAS. The first thing that comes to mind is whether it supports ENDS0, but also DNSSEC lameness, and path MTU to said server.

This would also include either some form of probing if things seem off (while the resolver continues its resolving with another NS), or a direct fallback algorithm in the resolver.
1000 defect 1307560236025600 1392811723634386 Unclassified medium jinmei DNS Outstanding Tasks new tools/query_cmp is IPv4 only We should be ashamed we’re shipping an IPv4-only program even after
the world IPv6 day:-)
1002 defect 1307579062301691 1321984100262904 xfrout medium jinmei new various glitches in notify_out As I worked on #964 I found various glitches in the notify_out.py
implementation. I suspect we’ll soon need fundamentally rewrite of
it (even if done incrementally) due to its current overall quality of
the code, but here are some specific points as a placeholder:

- port number 53 is hardcoded
- creating separate sockets for separate notify transaction seems to
be a waste
- a related note: it’s not clear whether the limit of concurrent of
notifies (30) is reasonable. if not, and if we allow a larger
number notifies at the same time, the second point will be severer.
- it’s so heavily dependent on details of sqlite3 specific code
(although not really the problem of notify_out itself)
- it cannot send notifies to out-of-zone NSes.
1005 defect 1307630899261306 1310489785238739 logging medium jelte new check logger names in cfgmgr You can configure any logger, but if you mistype the name, it will happily create a logger for a module that does not exist, and the ones that do will use defaults.

So the plugin config checker should really check the name and see if it makes sense.

However, there are a few problems;
- right now the way those python checking scripts are called they have no knowledge of what modules there are, so they can’t really check the names of the loggers.
- even if they could, you would only be able to configure logging for modules that are running (which is another symptom of the bigger ‘can’t configure non-running modules’)

so right now, i think we should modify the calling design so you can actually check, but not error on a ‘wrong’ name, only log an error (yes that sounds weird, in effect this error log message would go to the ‘previous’ config, or the default if nothing has been configured yet).
1007 enhancement 1307670650283458 1308578603334225 Unclassified medium zzchen_pku new create a higher granularity of exceptions for xfrin/xfrout See Jinmei’s comments below:

xfrin and xfrout use the same single exception in so many places, obscuring the accuracy of test results.
When we do self.assertRaises(XfrinException?, xxx), we cannot really be sure if the exception is really
triggered at where it should be triggered.
We could check the exception error message , but since the error message tends to be modified it will be
unstable. I guess we’ll need a higher granularity of exceptions (or sub types of them) for these apps.


1015 task 1308092664999753 1392912833304993 resolver medium jinmei DNS Outstanding Tasks new unify configuration/command code for auth and resolver Looking at the (b10) resolver configuration code, I start feeling
we should unify the server configuration code for both b10-auth and
b10-resolver (and, probably the DHCP servers eventually).

The current implementation for b10-resolver is a big single method
that is responsible for everything: parsing config parameters,
building internal configuration data from the passed param, and doing
this for all parameters in the single function. Clearly this approach
won’t scale as we add more parameters.

My suggestion is to use the auth/auth_config.{h,cc} and
auth/command.{h,cc} by moving them to lib/server_common (and rename
them appropriately), adjusting them if necessary so that they can work
with the resolver, and have the resolver use it.

We should perhaps also consider making the hardcoded factory logic
in auth_config.cc:createAuthConfigParser() more generic using this
opportunity.
1019 defect 1308243218084975 1310770768972289 Unclassified medium jreed new catch specific exception types for logging Continuation from closed #1018…

We decided long ago to have unique log IDs. This log ID with

“RESOLVER_FAILED”, “resolver failed, reason: %1”

generated by src/bin/resolver/main.cc

} catch (const std::exception& ex) {
LOG_FATAL(resolver_logger, RESOLVER_FAILED).arg(ex.what());

is not unique.


From jabber: (11:03:21) jelte: but i agree that the way we handle those catchalls leaves room for improvement, we should catch more specific exception types if we know they can happen
1042 enhancement 1308788003613420 1331739219688546 configuration medium cas new default value for sysconfdir sysconfdir is currently set to /usr/local/etc by default.

On some installations, the /usr filesystem is mounted read-only

having sysconfdir set to /etc by default would align with the standards of other Unix daemons (such as BIND9)
1043 enhancement 1308788231160066 1309434361596028 bind-ctl medium cas new ‘?’ as shortcut for ‘help’ it would be nice if bindctl would support ‘?’ as a shortcut for ‘help’ in the commandline.

so ‘config ?’ would be the same as ‘config help’
1046 enhancement 1308789271340013 1332168519954869 bind-ctl medium cas new command completion/short commands in bindctl it would be nice to have command completion (tab completion) on the bindctl commandline.

shortened commands (similar to the cisco CLI) woudl also be useful:

“co s” for “config set”

the CLI commands should be selected so that the first chars of each level don’t overlap (‘show’ and ‘show-json’ are colliding, ‘json-show’ would be better, or ‘show-json’>‘show json’ and ‘show’>‘show config’ ), or short ‘s j’ and ‘s c’)

1047 task 1308833593778712 1309442615297978 logging medium jelte new introspection of current logging settings
When doing #1004, it occurred to me that to efficiently test it, i need to be able to see what the currently set loggers and outputoptions are. This is actually also needed for error recovery (if a new logger setup fails for some reason).

The current implementation backend (log4cplus) does allow a list of current loggers to be requested. So we need to (names may be different):
- create getCurrentLoggerSpecifications() that reads that out and puts them in a vector (of type LoggerSpecification, including the internal list of OutputOptions)
- add equality operators to LoggerSpecification and OutputOptions
- add equality for vectors of both (presumably by also adding an ordering to the classes)

Then we can add real tests for default_logconfig_update, and make it recover the previous settings if it fails
1049 defect 1308838274465464 1394116412988143 Boss of BIND medium jreed Common Outstanding Tasks new Processes not shutting down cleanly I don’t think bind10 (boss) should fallback to SIGKILL.

I see it often on multiple systems. Processes aren’t dieing with SIGTERM. So we brute force them to close. (General a “shutdown” sent over a command channel does work though.)

I understand it is useful so everything dies, but it hides problems — why aren’t the processes closing correctly?

We shouldn’t ever have real data loss on abrupt shutdown (because we should never respond about success until data has written and synced to final storage.

But we do have data loss potential in log messages output. If we SIGKILL we may lose debugging output that may be useful.

If the SIGKILL is still desired, please:

- don’t do the SIGKILL only .1 second after SIGTERM. Wait much longer. Even check if children are still alive first and then wait a few seconds.

- allow option to turn this off. I think that developers should never use SIGKILL or we won’t fix real exit problems.
1054 enhancement 1308919730033434 1394116425521908 Boss of BIND low shane Common Outstanding Tasks new Replace get_signame() with errno.errorcode[] The boss program has a routine to convert a signal number (like 2) into a symbolic name (like ENOENT). This is actually part of the standard errno module in Python, as the errorcode[] array. That should be used instead.

http://stackoverflow.com/questions/1546882/how-to-convert-errno-in-unix-to-corresponding-string/1546901#1546901
1055 enhancement 1308925053836560 1330541957376270 logging medium shane new Utility for logging message maintenance It would be useful to have a utility to manage our logging messages. It should have the following functionality:

* Check that any defined message is actually used somewhere
* Check that each message used is defined (a possible problem for Python)
* Check that message IDs are not reused
1059 defect 1309224632889037 1309443785624850 xfrout medium zzchen_pku new notify-out shouldn’t look for slaves directly in the database jelte’s comments:

It is noted by TODO that it shouldn’t look for slaves directly in the database.
Certainly true, and I think we might not want the code in notify to look for it at all (but rather have it passed
by xfrout, which also has a better chance to discover which slaves it should not send to. I’m mainly thinking
of the problem i have right now that my bind10 is sending notifies to itself)

1070 defect 1309258226594693 1309445219733443 logging low stephen new Automatically update logging test scripts when switching branches There is another slightly annoying issue, in that the test /src/lib/log/tests/destination_test.sh keeps failing when you switch branches but don’t regenerate them by hand. The same goes for local_file_test.sh and severity_test.sh. Not sure if there is an easy automake target to let config.status update it, but if there is we might want to add that. Certainly not a showstopper though.
1073 defect 1309337746784812 1392912811893692 resolver low zhangcuiling DNS Outstanding Tasks new root_addresses settings doesn’t work for resolver use bind10 updated at this point:
Date: Wed Jun 29 01:18:59 2011 +0000

what ip addresses are used by resolver?

output of bindctl:

> config show Resolver/listen_on
Resolver/listen_on[0]/address “10.53.0.8” string
Resolver/listen_on[0]/port 53 integer
> config set Resolver/root_addresses [{ address “10.53.0.1”, port 53 }]
> config commit

output of bind10

2011-06-29 16:41:29.896 INFO [b10-resolver.resolver] RESOLVER_SET_ROOT_ADDRESS setting root address 10.53.0.1(53)

results of ‘dig’

# dig nocmdnostat 10.53.0.8 example ns -b 127.0.0.1 <br>;; QUESTION SECTION:<br>;example. IN NS<br><br>;; AUTHORITY SECTION:<br>. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062801 1800 900 604800 86400<br><br><br># dig +nocmd +nostat 10.53.0.1 example ns b 127.0.0.1
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40302
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;example. IN NS

;; AUTHORITY SECTION:
example. 300 IN NS ns2.example.

;; ADDITIONAL SECTION:
ns2.example. 300 IN A 10.53.0.2


# dig nocmdnostat @10.53.0.2 example ns b 127.0.0.1
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 56793
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;example. IN NS

;; ANSWER SECTION:
example. 300 IN NS ns2.example.
example. 300 IN NS ns3.example.

;; ADDITIONAL SECTION:
ns2.example. 300 IN A 10.53.0.2
ns3.example. 300 IN A 10.53.0.3


1076 defect 1309340449496557 1361802259331247 bind-ctl very low zhangcuiling new bindctl exit because of input in wrong format use bind10 updated at this point:
Date: Wed Jun 29 01:18:59 2011 +0000

> config show Resolver//
Traceback (most recent call last):
File “/usr/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “./bindctl”, line 138, in
tool.run
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 450, in onecmd
Cmd.onecmd
File “/usr/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 416, in default
self.
parse_cmd(line)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 554, in parse_cmd
self.
handle_cmd(cmd)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in handle_cmd
self.apply_config_cmd
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 626, in apply_config_cmd
values = self.config_data.get_value_maps
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 555, in get_value_maps
spec_part = find_spec_part, id)
File “/home/zcl/software/bind10/20110629/lib/python3.1/site-packages/isc/config/config_data.py”, line 174, in find_spec_part
cur_el =
find_spec_part_single(cur_el, id_parts[–1])
IndexError: list index out of range


1079 defect 1309358894148235 1317201814572258 configuration medium jelte new bindctl ‘config add ’ should be a bit more lenient ‘config add’ takes a list and a value to add to the list, and the value is optional; if left out it’ll add an item with only defaults

It should be a bit more lenient; ‘config add foo/bar[index]’ should also work, possibly checking if ‘index’ is indeed the next available index. This currently fails with a cryptic error message.

There is a second problem that ‘config add’ does not work twice in a row (only if you commit in between)
1082 defect 1309386010377587 1332174338040267 logging medium jinmei new log file isn’t created when running bind10 with -u If I started BIND10 with ’u bind’ with logging configuration for
dumping logs to file:
}}

The file was not created and I saw this message from liblog4cplus:
}}
.

Even though the directory is writable for the user of bind 2 jinmei bind 512 Jun 29 15:01 /home/jinmei/opt/var/log


If I started BIND 10 without
u bind 10 and with root permission, it created
the bind10.log file. If I then changed the owner of the file to “bind”,
this file is updated with new logs.

These are very strange and inconvenient.
1083 defect 1309386261801153 1332174550140402 logging medium jinmei new log “destination” is seemingly ignored for some logs With the logging (to file) setting I showed in #1082, I still see
some messages on the console:


2011-06-29 15:07:15.461 INFO [b10-auth.datasrc] DATASRC_CACHE_ENABLE enabling the cache
2011-06-29 15:07:15.883 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created
2011-06-29 15:07:17.206 INFO [b10-auth.auth] AUTH_SERVER_STARTED server stated


It’s counter intuive and noisy.
1085 task 1309451005371033 1313508590357376 Unclassified medium vorner new Document ACLs We need a user documentation on how they can be specified and used, with some semi-formal definition, examples and list of what can be checked. It probably should be part of the big shipped documentation or a man page for just the ACLs.

It should be specific to the DNS ACLs (the library is templated to support quite anything, but that would confuse users).
1087 defect 1309501752485300 1392912787015717 resolver medium zhangcuiling DNS Outstanding Tasks new Resolver SERVFAIL when qtype is any bind10 Resolver SERVFAIL

# dig 10.53.0.8 www.google.com any -b 127.0.0.1 <br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com any b 127.0.0.1
;
;; global options: +cmd
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53505
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN ANY

;; Query time: 61 msec
;; SERVER: 10.53.0.8#53(10.53.0.8)
;; WHEN: Fri Jul 1 14:13:31 2011
;; MSG SIZE rcvd: 32


actually, it should give several RRs

# dig 8.8.8.8 www.google.com any<br><br>; <<>> DiG 9.7.3 <<>> 8.8.8.8 www.google.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 47961
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN ANY

;; ANSWER SECTION:
www.google.com. 86399 IN CNAME www.l.google.com.
www.l.google.com. 299 IN A 74.125.71.104
www.l.google.com. 299 IN A 74.125.71.147
www.l.google.com. 299 IN A 74.125.71.105
www.l.google.com. 299 IN A 74.125.71.99
www.l.google.com. 299 IN A 74.125.71.106
www.l.google.com. 299 IN A 74.125.71.103

;; Query time: 70 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jul 1 14:13:40 2011
;; MSG SIZE rcvd: 148


it’s ok when qtype is A


# dig 10.53.0.8 www.google.com a -b 127.0.0.1<br><br>; <<>> DiG 9.7.3 <<>> 10.53.0.8 www.google.com a b 218.241.111.236
;
;; global options: +cmd
;; Got answer:
;;
>>HEADER<<- opcode: QUERY, status: NOERROR, id: 40138
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 604658 IN CNAME www.l.google.com.
www.l.google.com. 158 IN A 74.125.71.147
www.l.google.com. 158 IN A 74.125.71.99
www.l.google.com. 158 IN A 74.125.71.104
www.l.google.com. 158 IN A 74.125.71.105
www.l.google.com. 158 IN A 74.125.71.103
www.l.google.com. 158 IN A 74.125.71.106

;; Query time: 0 msec
;; SERVER: 10.53.0.8#53(10.53.0.8)
;; WHEN: Fri Jul 1 14:13:54 2011
;; MSG SIZE rcvd: 148


1088 task 1309517678383962 1394116491409821 Boss of BIND medium jelte Common Outstanding Tasks new test(s) for bind10.py’s main loop ticket #758 changed the behaviour of bind10.py’s main loop a little bit (actually stop if the msgq socket disappears), but there’s no test for that, and bind10.py needs a bit of refactoring in order to reach that part. We should pull the actual loop out of the current function and add tests for it
1089 defect 1309872492881989 1392912764692526 resolver low jreed DNS Outstanding Tasks new RESOLVER_NO_ROOT_ADDRESS log message in forwarding mode I don’t think the RESOLVER_NO_ROOT_ADDRESS log warning makes sense in forwarding mode. But since it is a “WARNING” it should be looked at by the admin.
1092 defect 1309886155365208 1361955325493727 Unclassified medium UnAssigned jreed assigned NSAS_INVALID_RESPONSE is internal error? My resolver logs are full of entries like the following:


2011-07-05 15:58:30.997 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for l.gtld-servers.net. but got invalid response
2011-07-05 15:58:31.000 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for aloe.arin.net. but got invalid response
2011-07-05 15:58:31.001 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for y.arin.net. but got invalid response
2011-07-05 15:58:31.019 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for e2.nstld.com. but got invalid response

2011-07-05 16:34:07.448 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns1.pbi.NET. but got invalid response
2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS2.SWBELL.NET. but got invalid response
2011-07-05 16:34:07.451 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS1.SWBELL.NET. but got invalid response
2011-07-05 16:34:07.534 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for NS3.SBCGLOBAL.NET. but got invalid response



I looked in log messages guide since this error was too vague to be useful to me.

The messages guide says “This message indicates an internal error in the NSAS. Please raise a
bug report.”

So here is the report :)
1094 defect 1309950570517250 1392912750970695 resolver low stephen DNS Outstanding Tasks new Separate programmer error from user error when processing configuration message In the resolver (resolver.cc), the message RESOLVER_CONFIG_ERROR is output when an exception is caught during a configuration update. The exception may be the result of an error in the configuration message itself or an incorrect value that has been caught by a range check.

Different messages should be output in the two cases as the corrective action for each is different.
1095 defect 1309952707175066 1392912730782253 resolver low stephen DNS Outstanding Tasks new Log sender of NOTIFY queries to resolver Specifically this is aimed at the resolver and the RESOLVER_NOTIFY_RECEIVED debug message. The message should include the IP address of the sender of the NOTIFY. (see #1078)
1098 defect 1309988686279777 1394116802333132 b10-auth low shane DNS Outstanding Tasks new AuthCommandTest.loadUnreadableZone succeeds when run as root I had the following test fail:


[ RUN ] AuthCommandTest.loadUnreadableZone
command_unittest.cc:58: Failure
Value of: rcode
Actual: 0
Expected: expected_code
Which is: 1
[ FAILED ] AuthCommandTest.loadUnreadableZone (25 ms)


This happens if the tests run as root, because the test creates a file with 000 permissions, which root can read anyway.

Jinmei suggests just giving a non-existent file may be a better way that doesn’t depend on any particular permissions.
1103 defect 1310402021665576 1311341770675316 Unclassified medium jelte new catching import error in python libs In some of the libraries, import errors (mainly for pydnspp, but also for a few others) are caught, at which point an error is printed. While converting to the new logging system we encountered a problem (see the comments in #763); the logging system is most likely not initialized

More generally, we shouldn’t just log an error, as this is a fatal problem (it’ll crash the moment it needs said library anyway), so we should let it fail immediately anyway.

src/lib/python/isc/notify/notify_out.py has a comment here now, but the rest of the libraries need to be checked as well.
1105 enhancement 1310473722839822 1310474454221938 libdns++ very low UnAssigned shane assigned RR type implementation: MD Implement the obsolete MD type, from RFC 1035.

See ticket #809 for more discussion.
1106 enhancement 1310473785333211 1313582676381837 libdns++ very low UnAssigned shane new RR type implementation: MF Implement the obsolete MF type, from RFC 1035.

See ticket #809 for more discussion.

1107 enhancement 1310473853848925 1313582681893664 libdns++ very low UnAssigned shane new RR type implementation: MB Implement the experimental MB type, from RFC 1035.

See ticket #809 for more discussion.
1108 enhancement 1310473955423418 1313582686292099 libdns++ very low UnAssigned shane new RR type implementation: MG Implement the experimental MG type, from RFC 1035.

See ticket #809 for more discussion.
1109 enhancement 1310474201832276 1313582691197308 libdns++ very low UnAssigned shane new RR type implementation: MR Implement the experimental MR type, from RFC 1035.

See ticket #809 for more discussion.
1110 enhancement 1310474284398978 1313582695437207 libdns++ very low UnAssigned shane new RR type implementation: NULL Implement the experimental NULL type, from RFC 1035.

See ticket #809 for more discussion.

1111 enhancement 1310474403634561 1313582537504788 libdns++ low UnAssigned shane new RR type implementation: WKS Implement the obsolete WKS type, from RFC 1035.

See ticket #809 for more discussion.
1115 enhancement 1310474824660331 1313582557711430 libdns++ low UnAssigned shane new RR type implementation: X25 Implement the X25 type, from RFC 1183.

See ticket #809 for more discussion.
1116 enhancement 1310474895547774 1313582562531717 libdns++ low UnAssigned shane new RR type implementation: ISDN Implement the ISDN type, from RFC 1183.

See ticket #809 for more discussion.
1117 enhancement 1310474945010499 1313582567266142 libdns++ low UnAssigned shane new RR type implementation: RT Implement the obsolete RT type, from RFC 1183.

See ticket #809 for more discussion.
1118 enhancement 1310474993156733 1313582700717027 libdns++ very low UnAssigned shane new RR type implementation: NSAP Implement the NSAP type, from RFC 1706.

See ticket #809 for more discussion.
1119 enhancement 1310475065968108 1313582704985366 libdns++ very low UnAssigned shane new RR type implementation: NSAP-PTR Implement the obsolete NSAP-PTR type, from RFC 1348.

See ticket #809 for more discussion.
1120 enhancement 1310475159294084 1313582575283701 libdns++ low UnAssigned shane new RR type implementation: SIG Implement the SIG type, from RFC 4034, RFC 3755, and RFC 2535.

See ticket #809 for more discussion.
1121 enhancement 1310475443187757 1313582580513220 libdns++ low UnAssigned shane new RR type implementation: KEY Implement the obsolete KEY type, from RFC 4034, RFC 3755, and RFC 2535.

See ticket #809 for more discussion.
1122 enhancement 1310475517598220 1313582585337682 libdns++ low UnAssigned shane new RR type implementation: PX Implement the PX type, from RFC 2163.

See ticket #809 for more discussion.
1123 enhancement 1310475767183953 1313582590248389 libdns++ low UnAssigned shane new RR type implementation: GPOS Implement the GPOS type, from RFC 1712.

See ticket #809 for more discussion.
1124 enhancement 1310475871076257 1313582594865796 libdns++ low UnAssigned shane new RR type implementation: LOC Implement the obsolete LOC type, from RFC 1876.

See ticket #809 for more discussion.
1125 enhancement 1310475920791835 1313582709246387 libdns++ very low UnAssigned shane new RR type implementation: NXT Implement the obsolete NXT type, from RFC 3755 and RFC 2535.

See ticket #809 for more discussion.
1126 enhancement 1310476004246675 1313582713481903 libdns++ very low UnAssigned shane new RR type implementation: EID Implement the proposed EID type.

I think this is the document that describes it:

http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt

See ticket #809 for more discussion.
1127 enhancement 1310476068410202 1313517185584957 libdns++ very low UnAssigned shane new RR type implementation: NIMLOC Implement the proposed NIMLOC type.

I think this is the document that describes it:

http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt

See ticket #809 for more discussion.
1129 enhancement 1310476252872049 1313582618639231 libdns++ low UnAssigned shane new RR type implementation: ATMA Implement the ATMA type, described here:

http://broadband-forum.org/ftp/pub/approved-specs/af-saa-0069.000.pdf

See ticket #809 for more discussion.
1131 enhancement 1310476401657054 1313582624301884 libdns++ low UnAssigned shane new RR type implementation: KX Implement the KX type, from RFC 2230.

See ticket #809 for more discussion.
1132 enhancement 1310476477176274 1313582628590271 libdns++ low UnAssigned shane new RR type implementation: CERT Implement the CERT type, from RFC 4398.

See ticket #809 for more discussion.
1133 enhancement 1310476544073758 1313517163948594 libdns++ very low UnAssigned shane new RR type implementation: A6 Implement the experimental A6 type, from RFC 3226 RFC 2874.

See ticket #809 for more discussion.
1134 enhancement 1310476695279842 1313517007876097 libdns++ very low UnAssigned shane new RR type implementation: SINK Implement the proposed SINK type. I think this describes it:

http://tools.ietf.org/html/draft-eastlake-kitchen-sink-02

See ticket #809 for more discussion.
1135 enhancement 1310476782132668 1313582633294354 libdns++ low UnAssigned shane new RR type implementation: APL Implement the APL type, from RFC 3123.

See ticket #809 for more discussion.
1137 enhancement 1310476893334020 1313582642428401 libdns++ low UnAssigned shane new RR type implementation: IPSECKEY Implement the IPSECKEY type, from RFC 4025.

See ticket #809 for more discussion.
1139 enhancement 1310477088100786 1313582646855862 libdns++ low UnAssigned shane new RR type implementation: HIP Implement the HIP type, from RFC 5205.

See ticket #809 for more discussion.
1141 enhancement 1310478266979453 1313582651581469 libdns++ low UnAssigned shane new RR type implementation: TKEY Implement the TKEY type, from RFC 2930.

See ticket #809 for more discussion.
1142 enhancement 1310478398223087 1313516994898133 libdns++ very low UnAssigned shane new RR type implementation: MAILB Implement the obsolete MAILB type, from RFC 1035.

See ticket #809 for more discussion.
1143 enhancement 1310478470861172 1313516980715064 libdns++ very low UnAssigned shane new RR type implementation: MAILA Implement the obsolete MAILA type, from RFC 1035.

See ticket #809 for more discussion.
1146 defect 1310504783125117 1311345305995875 xfrout low vorner new Stop hiding errors in XfrOut There’s this statement in the `xfrout.py.in` file:

#!python
try:
from libutil_io_python import
from pydnspp import

except ImportError as e:
# C++ loadable module may not be installed; even so the xfrout process
# must keep running, so we warn about it and move forward.
log.error(XFROUT_IMPORT, str(e))


This makes sure the process is started even if the DNS library can not be loaded. In such case, the process will be useless, because it won’t understand any requests and this exceptions only masks the real problem (the library is not properly installed or the installation is corrupt), pretending everything is OK and just not answering the queries.

Besides having these bad properties, hiding errors in code kind of smells.

As noted in the https://lists.isc.org/pipermail/bind10-dev/2011-July/002477.html email discussion, this is here because if there’s a problem, the boss keeps restarting it, which is annoying. But I believe this is problem of Boss, not every program that has a fatal unrecoverable problem.

So I suggest we remove this thing and make XfrOut crash if it can’t perform its goal as every well behaved program.
1147 defect 1310505448222589 1394116504566314 Boss of BIND low vorner Common Outstanding Tasks new Boss should give up after n unsuccessful attempts to start a module If a module has a fatal problem and can not be started (eg. it crashes right after being started), boss keeps restarting it and is „jumping“. This isn’t a serious problem, but it eats resources unnecessarily and is annoying, because it fills logs. This sometimes leads to workarounds like the one in #1146.

I suggest that if the started process dies in 10s from being started, we count it as an unsuccessful attempt to start it. If we do 5 of them in a row (without a successful one), we give up more attempts to start it, since it’s hopeless (for some value of 10 and 5).

Then we would add a command an admin could use to ask boss to try again (after the admin thinks the problem was fixed) ‒ reset the count of unsuccessful attempts to 0 again.
1151 enhancement 1310765542268192 1310765542268192 xfrout medium jinmei new xfrout log should better include remote addresses Currently xfrout’s log doesn’t show the remote address of xfr:

2011-07-15 02:36:05.649 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_STARTED transfer of zone jinmei.org./IN has started
2011-07-15 02:36:05.835 INFO [b10-xfrout.xfrout] XFROUT_AXFR_TRANSFER_DONE transfer of jinmei.org./IN complete


it is inconvenient.

Once we merge #772, we can easily get access to the information of
the remote address, so I propose including this information in logs
wherever possible (not only for the above cases).
1156 enhancement 1311251670908353 1311345273476582 build system medium UnAssigned shane new Script like ./configure which checks for libraries needed by BIND 10 We should make a script which works roughly like ./configure, but does not exit when it discovers a missing dependency. Instead it should report all missing dependencies. See the discussion here:

http://bind10.isc.org/wiki/WeeklyMinutes20110719#DependencyManagementfromJinmei

And the e-mail here:

https://lists.isc.org/pipermail/bind10-dev/2011-July/002527.html

For more information.
1158 defect 1311618412847778 1331918709253972 build system medium UnAssigned jinmei new suggestion: avoid OS-specific switch in configure.ac I noticed that in #1155 the following change was introduced to configure.ac:

*solaris*)

# In Solaris, IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT need
Wno-missing-braces
B10_CXXFLAGS=“$B10_CXXFLAGS Wno-missing-braces"
;;


I have a few concerns with this approach:

In general, such OS specific switch is discouraged in autoconf.
And, in fact, not all Solaris versions/installments have this
problem as some of our buildbot showed. For such”cleaner" Solaris,
this setting weakens compiler warning unnecessarily. A better test
is to use AC_TRY_COMPILE with using the offending IN6ADDR_ macros
and specify Wno-xxx only when it’s necessary.

If I understand it correctly, this problem happens only where ASIO
headers are directly included (mainly in libasiolink and libasiodns,
with (inappropriate) a couple of possible exceptions). We should
limit the place of weakening the warning to where it’s absolutely
necessary.
1159 enhancement 1311861739400418 1312308273961656 data source low vorner new Make InMemoryClient::addZone take only InMemoryZoneFinder Currently whatever zone finder can be stored there, which isn’t logical. But currently some tests (eg. for auth/query.cc) uses this to put mock zones in there. The tests should be changed to use mock client as well.

See ticket #1060, comment 9 at the bottom.
1164 enhancement 1312323618366572 1392837303705767 ACL medium jinmei DNS Outstanding Tasks new TSIG ACL should avoid matching TSIG key without validation This is an open issue carried over from #1104.

See the discussion at around
http://bind10.isc.org/ticket/1104#comment:10 (look for “possilbe open
issue”) and its follow ups.

We should resolve this to make the operation safer. It may require
some modifications to libdns++ TSIG APIs.
1169 defect 1313068383649776 1318437718131465 Unclassified medium jreed new some processes not exiting I killed msgq… a little later bind10 parent exited. Some child processes were still left running:



root 1791 0.0 0.3 15724 3348 ttyp4 Il Fri08AM 0:17.10 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-zonemgr
root 3985 0.0 0.3 23188 3300 ttyp4 Il Fri08AM 0:00.40 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-xfrout
root 4343 0.0 0.0 22268 3436 ttyp4 IWl Fri08AM 0:01.01 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-cmdctl
root 15861 0.0 0.0 3856 4 ttyp4 IW Fri08AM 0:00.01 b10-sockcreator



A SIGTERM killed sockcreator and cmdctl for me. I used SIGKILL to kill the zonemgr and xfrout. I did a ktrace but didn’t get any output. If anyone can share ideas on how to see where it is hanging (this is NetBSD), I can reproduce and provide more details.



1170 defect 1313072726548271 1392912709545070 resolver low shane DNS Outstanding Tasks new TTL checks in resolver tests may be too restrictive Jeremy pointed out a recent test failure:

http://git.bind10.isc.org/~tester/builder//BIND10-systest/20110811124500-MacOS/logs/unittests.out

Looked at the tests, and it seems like all of the values for TTL are based on whole second values. This means that if a test happens to run near the end of a given second, that the second may change during that second, and the TTL should go down by 1, as we see there.

Note that this theory may be based on my poor understanding of how TTLs are tracked!
1173 defect 1313113829125671 1339225960135291 data source medium jinmei new DatabaseClientTest should also check best match for findZone For example, the mock abstraction (or accessor) should support both “org”
and “example.org”, and there should be a test checking
findZone(“example.org”) should return a finder for “example.org”, not “org”.

Same for “sub.example.org” to check it’s not only the case for an exact match.

It should be quite easily be fixed.

I consider it a kind of defect in that it’s a missing test case.
1185 defect 1313590040885055 1392912692217191 resolver low jreed DNS Outstanding Tasks new Resolver/listen_on should not require a port Port 53 should be a default and should not be required, for example this shows the problem:



> config add Resolver/listen_on
> config set Resolver/listen_on[2]/address “149.20.57.219”
> config commit
Error: Address must contain both the IPaddress and port
Configuration not committed
> config set Resolver/listen_on[2]/port 5301
> config commit



1188 enhancement 1314011547203507 1314258898983642 data source medium jelte new performance consideration in getRecords()/getAllRecords() (this came out of discussion in #1083)

Currently, in the refactored data source code, the sqlite version creates individual sqlite3_stmt structures for each call to getRecords() and getAllRecords(). This is pretty clean (as they are also finalized on the same level), and allows for multiple iterators over the data at the same time.

However, should we not need that property, it is not necessary to prepare() the query for each statement, so we may want to reconsider this if we are looking for performance improvements.
1189 defect 1314023743154128 1327506596492553 logging low jreed new log output to console buffering I was capturing stderr and stdout (tee’d into a file). After I enabled debug 100. And then did a tail of my output, no change. Then I did the dig resulting in a SERVFAIL and then my output suddenly had all the output over the past 5+ hours. Also sometimes log output wasn’t complete (like no newline). So some buffering problems when outputting to stdout or stderr.

The following is from jabber:

(05:48:33) stephen: I’ve had a very quick look at the log4cplus code and it appears logging output to the console ultimately ends up as a standard C+ call, something along the lines of “cerr << text”.

stephen: So if there are problems with flushing buffers and the like, it points to a problem in the C
+ library on that system. What operating system did these problems occur on?

(05:49:43) jreed: I am surprised I needed to set flush to true. Not useful default for this.

(05:49:58) jreed: This is on Debian Linux. (git.bind10.isc.org)

(05:50:21) stephen: Hmm…

(05:50:59) stephen: AFAIK, when logging to stderr you should not have to flush after each write, it is done for you.

(05:51:34) jreed: The default is stdout.

(05:51:59) jreed: If changing that fixes it, then that is fine. But too many things to change already.

(05:52:14) stephen: Perhaps we ought to make stderr the default.
1191 defect 1314027258905447 1377700979401284 logging low jreed new logging needs “name”

> config add Logging/loggers
> config set Logging/loggers[0]/severity DEBUG
> config show Logging/loggers
Logging/loggers[0]/name “” string (default)
Logging/loggers[0]/severity “DEBUG” string (modified)
Logging/loggers[0]/debuglevel 0 integer (default)
Logging/loggers[0]/additive false boolean (default)
Logging/loggers[0]/output_options [] list (default)
> config set Logging/loggers[0]/debuglevel 100
> config show Logging/loggers[0]/output_options
Logging/loggers[0]/output_options [] list (default)
> config show Logging/loggers[0]/output_options/
Logging/loggers[0]/output_options/ [] list (default)
> config commit
Error: Exception: ‘name’
Configuration not committed



Fixed with:



> config set Logging/loggers[0]/name *
> config commit



In jabber, jelte said:


(11:46:04) jelte: that’s an uncaught exception somewhere (and hence no decent error)

(11:47:04) jelte: from the fix i gather the error should be “name must be set” :)


I think it should just use some default for name (if not defined).
1196 defect 1314223320252340 1336072586386422 Unclassified medium jreed new respond using same source address

$ dig 2001:04f8:3:d::95 bind10.isc.org <br>;; reply from unexpected source: 2001:4f8:3:d::80#53, expected 2001:4f8:3:d::95#53<br><br><br><br>or<br><br><br><br>$ dig 149.20.48.80 bind10.isc.org
;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53
;; reply from unexpected source: 149.20.48.59#53, expected 149.20.48.80#53



I will copy some from jabber:


(12:43:11) jinmei: in general, a DNS server implementation must either listen on a specific address or use the IPv6 pkthdr API to ensure query dest addr = response src addr.

(12:54:48) shane: Yes, I agree. Probably we can use the work of the DHCP team to give us interfaces and we can bind to them.
(12:55:49) vorner: Can we add and remove them (eg. get notified of addition and removal) of interface at runtime? Because when I instruct it to bind to , I mean even future.
(12:56:03) shane: Yes, that’s the idea.
(12:56:36) shane: BIND 9 works that way; apparently IPv6 in Linux is a lot faster if you bind to specific interfaces instead of the wildcard.
(12:56:46) shane: At least, it was in the past… not sure about now.

(13:04:45) jinmei: the solutions may be different for IPv4 and IPv6: for IPv6 we could use the help of API (with possible performance implication as Shane noted); for IPv4 there’s a similar API but it’s not so commonly available, we should probably need to introduce interface (address) scanning mechanism and listen-on every one of them as we find a new one.
(13:05:57) jinmei: FYI: this is what BIND9 does.
(13:06:57) shane: The DHCP code in BIND 10 already uses the technique, if you are interested to see how it works.
(13:07:03) shane: (It’s DHCPv6 only right now.)
(13:07:28) vorner: The scanning of IPv4 could be directly borrowed from bind9, no?
(13:10:31) jinmei: in its essence, yes, I think so.
1203 defect 1314714317047834 1315225670073954 bind-ctl medium jreed new bindctl crash when setting a list item (under another list item) without using a index number I can reproduce with:

config set Logging/loggers[0]/output_options/flush true

(assumimg the Logging/loggers[0] was already added.

Note I forgot to add [0] for output_options[0] here.



> config set Logging/loggers[0]/output_options flush
Error: flush is not a list
> config add Logging/loggers[0]/output_options
> config show Logging/loggers[0]/output_options
Logging/loggers[0]/output_options[0]/destination “console” string (default)
Logging/loggers[0]/output_options[0]/output “stdout” string (default)
Logging/loggers[0]/output_options[0]/flush false boolean (default)
Logging/loggers[0]/output_options[0]/maxsize 0 integer (default)
Logging/loggers[0]/output_options[0]/maxver 0 integer (default)
> config set Logging/loggers[0]/output_options/flush true
Traceback (most recent call last):
File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “work/isc/bind10-install/bin/bindctl”, line 149, in
tool.run
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 128, in run
self.cmdloop
File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 452, in onecmd
Cmd.onecmd
File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 418, in default
self.
parse_cmd(line)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 556, in parse_cmd
self.
handle_cmd(cmd)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 396, in _handle_cmd
self.apply_config_cmd(cmd)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 680, in apply_config_cmd
self.config_data.set_value(identifier, parsed_value)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/config_data.py”, line 671, in set_value
isc.cc.data.set(self._local_changes, identifier, value)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/data.py”, line 214, in set
cur_el[id] = value
TypeError: list indices must be integers, not str



1204 task 1314775155328362 1315225703396808 xfrout low jreed new setup a IXFR-only testing Use BIND 9 to do IXFR only back and forth with our b10-xfrout and b10-xfrin. Automate this for new BIND 10 code.
1205 task 1314780064053048 1318350741680172 configuration low jreed new Import and export configurations from/to different JSON file Create commands to import and export configurations from/to different JSON file.
Or single command to set the filename.

This would be done via bindctl and used by cfgmgr.

In tandem with this, we will need a “check” function. Possibly each module would have its own check function. Need to be able to check even if process (module) is not running.
1211 task 1315387617660619 1396529246918315 xfrin medium stephen DNS Outstanding Tasks new AXFR system test specification Review [http://tools.ietf.org/html/rfc5936 RFC 5936] (the description of AXFR) and produce the specification for a set of system tests to check the implementation of AXFR-in and AXFR-out.
1214 task 1315389768523232 1318350619573428 Unclassified medium stephen new Implement AXFR system tests This depends on #1211.

It may be possible to re-use the BIND 9 tests for AXFR.
1219 defect 1315486600770106 1394116513993003 Boss of BIND medium jreed Common Outstanding Tasks new ccsession error from boss when cfgmgr can’t parse its configuration When the cfgmgr can’t parse its configuration, boss will kill all its processes which are sockcreator, msgq, and cfgmgr. But then it complains:


2011-09-07 17:16:45.476 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR
error during startup: Unable to start ccsession: No answer from
ConfigManager when asking about Remote module Logging


This error is confusing. I don’t think it should happen.
1221 enhancement 1315492060598643 1392912675752174 resolver very low jreed DNS Outstanding Tasks new log when changing / adding address I had no default logging when I did:



> config set Resolver/listen_on[1]/address “0.0.0.0”
> config commit



(sockstat and dig showed me it worked.)
1222 defect 1315493252698584 1392812456460100 resolver high jreed DNS Outstanding Tasks new resolver problems with IPv6 I often have SERVFAILs when some nameservers are AAAA. But sometime later queries are successful. For example:



$ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: SERVFAIL, id: 18552
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;bind10.isc.org. IN A

;; Query time: 4023 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 8 09:41:12 2011
;; MSG SIZE rcvd: 32

4.04s real 0.01s user 0.00s system
$ time dig 127.0.0.1 bind10.isc.org<br><br>; <<>> DiG 9.5.0-P2 <<>> 127.0.0.1 bind10.isc.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 12394
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 8, ADDITIONAL: 13

;; QUESTION SECTION:
;bind10.isc.org. IN A

;; ANSWER SECTION:
bind10.isc.org. 3600 IN A 149.20.48.40

;; AUTHORITY SECTION:
isc.org. 86396 IN NS sfba.sns-pb.isc.org.
isc.org. 86396 IN NS ns.isc.afilias-nst.info.
isc.org. 86396 IN NS ams.sns-pb.isc.org.
isc.org. 86396 IN NS ord.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS ord.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS n10.isc.org.
bind10.isc.org. 3600 IN NS ams.sns-pb.isc.org.
bind10.isc.org. 3600 IN NS sfba.sns-pb.isc.org.

;; ADDITIONAL SECTION:
ams.sns-pb.isc.org. 86396 IN A 199.6.1.30
ams.sns-pb.isc.org. 86396 IN AAAA 2001:500:60::30
ord.sns-pb.isc.org. 86396 IN A 199.6.0.30
ord.sns-pb.isc.org. 86396 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 86396 IN A 149.20.64.3
sfba.sns-pb.isc.org. 86396 IN AAAA 2001:4f8:0:2::19
ams.sns-pb.isc.org. 7200 IN A 199.6.1.30
ams.sns-pb.isc.org. 7200 IN AAAA 2001:500:60::30
n10.isc.org. 7200 IN A 149.20.48.59
ord.sns-pb.isc.org. 7200 IN A 199.6.0.30
ord.sns-pb.isc.org. 7200 IN AAAA 2001:500:71::30
sfba.sns-pb.isc.org. 7200 IN A 149.20.64.3
sfba.sns-pb.isc.org. 7200 IN AAAA 2001:4f8:0:2::19

;; Query time: 2151 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 8 09:41:14 2011
;; MSG SIZE rcvd: 487

2.17s real 0.00s user 0.00s system



And the logging:


2011-09-08 09:41:00.019 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20110809)
2011-09-08 09:41:00.025 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser
2011-09-08 09:41:00.031 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq
2011-09-08 09:41:00.258 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr
2011-09-08 09:41:01.267 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_READING_BOSS_CONFIGURATION reading boss configuration
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_AUTH start authoritative server: False
2011-09-08 09:41:01.296 INFO [b10-boss.boss] BIND10_CONFIGURATION_START_RESOLVER start resolver: True
2011-09-08 09:41:01.297 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver
2011-09-08 09:41:01.304 2011-09-08 09:41:01.345INFO INFO [ b10-boss.boss [] b10-resolver.resolverBIND10_STARTING_PROCESS starting process b10-stats]
RESOLVER_STARTING starting resolver with command line ‘b10-resolver -v’
2011-09-08 09:41:01.3532011-09-08 09:41:01.354 INFODEBUG [ [b10-resolver.resolverb10-boss.boss] ] RESOLVER_CREATED main resolver object createdBIND10_STARTING_PROCESS starting process b10-stats-httpd

2011-09-08 09:41:01.449 2011-09-08 09:41:01.455DEBUG [INFOb10-resolver.cache ] CACHE_RESOLVER_INIT initializing resolver cache for class IN
[b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cmdctl
2011-09-08 09:41:01.532 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 20000 RRsets of class IN
2011-09-08 09:41:01.533 DEBUG [b10-resolver.cache] CACHE_RRSET_INIT initializing RRset cache for 10000 RRsets of class IN
2011-09-08 09:41:01.534 DEBUG [b10-resolver.cache] CACHE_MESSAGES_INIT initialized message cache for 10000 messages of class IN
2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_MSG updating message for ./NS/IN
2011-09-08 09:41:01.537 DEBUG [b10-resolver.cache] CACHE_MESSAGES_UPDATE updating message entry ./NS/IN
2011-09-08 09:41:01.538 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache
2011-09-08 09:41:01.539 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for ./NS/IN in cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache
2011-09-08 09:41:01.540 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./A/IN in cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RRSET_NOT_FOUND no RRset found for l.root-servers.net./AAAA/IN in cache
2011-09-08 09:41:01.541 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for ./NS/IN
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key .2
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset ./NS/IN in the cache
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up ./NS/IN in RRset cache
2011-09-08 09:41:01.542 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ./NS/IN to make space for new one
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./A/IN
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.1
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./A/IN in the cache
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./A/IN in RRset cache
2011-09-08 09:41:01.544 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./A/IN to make space for new one
2011-09-08 09:41:01.545 INFO [b10-boss.boss] BIND10_STARTUP_COMPLETE BIND 10 started
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RESOLVER_UPDATE_RRSET updating RRset for l.root-servers.net./AAAA/IN
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UPDATE updating local zone element at key l.root-servers.net.28
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_UPDATE updating RRset l.root-servers.net./AAAA/IN in the cache
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_LOOKUP looking up l.root-servers.net./AAAA/IN in RRset cache
2011-09-08 09:41:01.546 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for l.root-servers.net./AAAA/IN to make space for new one
2011-09-08 09:41:01.546 DEBUG [b10-resolver.resolver] RESOLVER_SERVICE_CREATED service object created
2011-09-08 09:41:01.548 DEBUG [b10-resolver.cc] CC_ESTABLISH trying to establish connection with message queue daemon at /home/reed/work/isc/bind10-install/var/bind10-devel/msgq_socket
2011-09-08 09:41:01.606 DEBUG [b10-resolver.cc] CC_ESTABLISHED successfully connected to message queue daemon
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_SUBSCRIBE subscribing to communication group Resolver
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “module_spec”, { commands [ { command_args [ ], command_description “Shut down recursive DNS server”, command_name “shutdown” } ], config_data [ { item_default 2000, item_name “timeout_query”, item_optional false, item_type “integer” }, { item_default 4000, item_name “timeout_client”, item_optional false, item_type “integer” }, { item_default 30000, item_name “timeout_lookup”, item_optional false, item_type “integer” }, { item_default 3, item_name “retries”, item_optional false, item_type “integer” }, { item_default [ ], item_name “forward_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ ], item_name “root_addresses”, item_optional true, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { address “::1”, port 53 }, { address “127.0.0.1”, port 53 } ], item_name “listen_on”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “address”, item_optional false, item_type “map”, map_item_spec [ { item_default “::1”, item_name “address”, item_optional false, item_type “string” }, { item_default 53, item_name “port”, item_optional false, item_type “integer” } ] } }, { item_default [ { action “ACCEPT”, from “127.0.0.1” }, { action “ACCEPT”, from “::1” } ], item_name “query_acl”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “rule”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “action”, item_optional false, item_type “string” }, { item_default “,”item_name “from”, item_optional false, item_type “string” } ] } } ], module_description “Recursive service”, module_name “Resolver” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.616 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 0, seq 8, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0 ] }’)
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.712 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.717 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 1, seq 9, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] } ] }’)
2011-09-08 09:41:01.717 DEBUG [b10-resolver.resolver] RESOLVER_CONFIG_UPDATED configuration updated: { listen_on [ { address “::1”, port 53 }, { address “0.0.0.0”, port 53 } ], query_acl [ { action “ACCEPT”, from “any4” }, { action “ACCEPT”, from “::1” } ] }
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53
2011-09-08 09:41:01.718 DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 0.0.0.0#53
2011-09-08 09:41:01.719 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured
2011-09-08 09:41:01.719 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_SETUP query setup
2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_module_spec”, { module_name “Logging” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.719 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 2, seq 10, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { commands [ ], config_data [ { item_default [ ], item_name “loggers”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “logger”, item_optional false, item_type “map”, map_item_spec [ { item_default “,”item_name “name”, item_optional false, item_type “string” }, { item_default “INFO”, item_name “severity”, item_optional false, item_type “string” }, { item_default 0, item_name “debuglevel”, item_optional false, item_type “integer” }, { item_default false, item_name “additive”, item_optional false, item_type “boolean” }, { item_default [ ], item_name “output_options”, item_optional false, item_type “list”, list_item_spec { item_default { }, item_name “output_option”, item_optional false, item_type “map”, map_item_spec [ { item_default “console”, item_name “destination”, item_optional false, item_type “string” }, { item_default “stdout”, item_name “output”, item_optional false, item_type “string” }, { item_default false, item_name “flush”, item_optional false, item_type “boolean” }, { item_default 0, item_name “maxsize”, item_optional false, item_type “integer” }, { item_default 0, item_name “maxver”, item_optional false, item_type “integer” } ] } } ] } } ], module_description “Logging options”, module_name “Logging” } ] }’)
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “get_config”, { module_name “Logging” } ] }’ to group ‘ConfigManager’
2011-09-08 09:41:01.725 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVE trying to receive a message
2011-09-08 09:41:01.727 DEBUG [b10-resolver.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4e68d3fc_2@new-host-3”, group “ConfigManager”, instance “*”, reply 3, seq 11, to “4e68d3fd_4@new-host-3”, type “send” }’, ‘{ result [ 0, { loggers [ { debuglevel 99, name “,”output_options [ { flush true } ] } ] } ] }’)
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_RECURSIVE running in recursive mode
2011-09-08 09:41:01.728 WARN [b10-resolver.resolver] RESOLVER_NO_ROOT_ADDRESS no root addresses available
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_SET_QUERY_ACL query ACL is configured
2011-09-08 09:41:01.728 INFO [b10-resolver.resolver] RESOLVER_STARTED resolver started
2011-09-08 09:41:01.908 DEBUG [b10-stats-httpd.stats-httpd] STATHTTPD_STARTING_CC_SESSION starting cc session
2011-09-08 09:41:02.028 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000
2011-09-08 09:41:02.034 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_CLOSING closing 127.0.0.1#8000
2011-09-08 09:41:02.036 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000
2011-09-08 09:41:08.850 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:3::42(53)
2011-09-08 09:41:10.853 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:71::30(53)
2011-09-08 09:41:12.793 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:4f8:0:2::19(53)
2011-09-08 09:41:12.958 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:6::79(53)
2011-09-08 09:41:12.961 ERROR [b10-resolver.asiolink] ASIODNS_SEND_DATA error 65 sending data using UDP to 2001:500:a::79(53)
2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response
2011-09-08 09:41:14.864 ERROR [b10-resolver.nsas] NSAS_INVALID_RESPONSE queried for ns.isc.afilias-nst.info. but got invalid response




(By the way, I thought at debuglevel 99 it would show my query also.)
1242 defect 1315512398960305 1317283148039437 Unclassified low jreed new removing zone entry from Zonemgr/secondary_zones and Xfrin/zones does not remove it from sqlite3 database

> config remove Zonemgr/secondary_zones[0]
> config remove Xfrin/zones[0]
> config commit
> config show Zonemgr/secondary_zones
Zonemgr/secondary_zones [] list
> config show Xfrin/zones
Xfrin/zones [] list



I remove my single zone as above, but sqlite3 database still has it and it still can be served.
I guess this is a technique to convert a slave to a master zone.

But this should be documented. And maybe a warning should be logged about it too.
1249 enhancement 1317106857327061 1324150829912888 build system medium UnAssigned jinmei new separate unittests with timeouts As we discussed in f2f, it would be helpful if we can separate
unittest cases that involves timeouts (at least for C++ google tests).

What I’d do is
- rename these tests so that they ca be distinguished by a gtest filter.
(e.g. TIMEOUT_test_Something)
- tweak Makefile.am’s so that if we do just ‘make check’ TIMEOUT tests
will be excluded, and if we do something like ‘make check-all’ they
will be included
(this is an example idea. as long as the goal of the ticket is achieved
how to do that doesn’t matter)
1250 task 1317107440290380 1317201824638530 xfrout medium jinmei new add system tests for xfrout ACL and update bind10-guide This is a follow-up task of #1165. Adding a base of system tests will also
help for further development of xfrout (revise AXFR using new data source
API, supporting IXFR, etc)
1254 enhancement 1317131238268370 1317282481995621 Unclassified medium jelte new define LIBRARY_PATH_PLACEHOLDER more centrally
I just had to update nearly every test makefile because the placeholder for the library paths needed another value. Since these are nearly the same almost everywhere, I think we could better define it in configure.ac or somewhere up there (similar to COMMON_PYTHON_PATH)
1255 task 1317141818325243 1318411519335286 Unclassified medium jelte new Document how to add an RR type
What steps to take, what examples to steal from, what utility functions are available, and perhaps most important, what pitfalls to watch out for.

anything to get someone started, etc
1256 defect 1317204574323066 1392912202997929 b10-auth very low shane DNS Outstanding Tasks new Minor error in getopt() processing According to the getopt() man page:


If getopt() finds an option character in argv that was not included in
optstring, or if it detects a missing option argument, it returns ‘?’
and sets the external variable optopt to the actual option character.
If the first character (following any optional ‘+’ or ‘-’ described
above) of optstring is a colon (‘:’), then getopt() returns ‘:’ instead
of ‘?’ to indicate a missing option argument. If an error was
detected, and the first character of optstring is not a colon, and the
external variable opterr is nonzero (which is the default), getopt()
prints an error message.


We use the leading colon sometimes, I think in an effort to avoid the pre-defined error messages, which are ugly and not helpful. However, we then check for ‘?’ in our while() loop, which is an error.

It doesn’t actually show up, since we then follow with the default: statement, however a restructuring of the code could break this. It’s a one-line fix.
1257 defect 1317215987760513 1318411523404056 Unclassified low jreed new configure require at least sqlite3 3.3.9 for sqlite3_prepare_v2 API The error is:


ImportError: /home/jreed/builder/work/BIND10/20110928074701-CentOS5-x86_64-GCC/build/src/lib/datasrc/.libs/libdatasrc.so.0: undefined symbol: sqlite3_prepare_v2



That sqlite3_prepare_v2 API was added in sqlite3 3.3.9 (2007 January 4) and the CentOS version was sqlite-3.3.6-5.
1269 defect 1317316653413624 1318411519920776 Unclassified medium jreed new NameError: global name ‘EINTR’ is not defined (via Ctrl-C) Pressing Ctrl-C caused Traceback:



[b10-msgq] Receive error: EOF
2011-09-29 15:35:04.152 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-msgq (PID 62572)
2011-09-29 15:35:04.154 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 62575)
Exception in thread Thread-1:
Traceback (most recent call last):
File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 71, in serve_forever
r, w, e = select.select([self, self.read_sock], )
select.error:

During handling of the above exception, another exception occurred:

Traceback :
File “/usr/local/lib/python3.1/threading.py”, line 516, in
bootstrap_inner
self.run
File “/usr/local/lib/python3.1/threading.py”, line 469, in run
self.
target(*self.args, **self.kwargs)
File “/usr/local/lib/python3.1/site-packages/isc/util/socketserver_mixin.py”, line 73, in serve_forever
if err.args[0] == EINTR:
NameError: global name ‘EINTR’ is not defined




This is August release and I didn’t test latest. This is on FreeBSD 8.2-RELEASE on amd64. I did see similar bugs, but not the same.
1270 defect 1317316885754664 1318411520449707 data source medium jreed new Failed to set up schema … sqlite3.OperationalError: no such table: zones Note this was from running bind10 as installed using a FreeBSD ports package which was built with CONFIGURE_ARGS= —localstatedir=/var

Notice that the xfrout traceback got interspersed with real b10-auth logging output:



2011-09-29 15:34:59.696 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Failed to set up schema CREATE TABLE zones (id INTEGER PRIMARY KEY, name STRING NOT NULL COLLATE NOCASE, rdclass STRING NOT NULL COLLATE NOCASE DEFAULT ‘IN’, dnssec BOOLEAN NOT NULL DEFAULT 0)
Traceback (most recent call last):
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 723, in
xfrout_server = XfroutServer()
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 616, in init
self.start_notifier
File “/usr/local/libexec/bind10-devel/b10-xfrout”, line 628, in
start_notifier
self.notifier = notify_out.NotifyOut
File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 120, in
init
2011-09-29 15:34:59.731 INFO AUTH_SERVER_STARTED server started
self.
init_notify_out(datasrc_file)
File “/usr/local/lib/python3.1/site-packages/isc/notify/notify_out.py”, line 132, in _init_notify_out
for zone_name, zone_class in sqlite3_ds.get_zones_info(datasrc_file):
File “/usr/local/lib/python3.1/site-packages/isc/datasrc/sqlite3_ds.py”, line 161, in get_zones_info
cur.execute(“SELECT name, rdclass FROM zones”)
sqlite3.OperationalError: no such table: zones



sqlite3 shows:



freebsd8-64-4# sqlite3 /var/bind10-devel/zone.sqlite3
SQLite version 3.7.4
Enter “.help” for instructions
Enter SQL statements terminated with a “;”
sqlite> .tables
schema_version



Maybe different components are using different path to the database?

Some suggestions:

- log output give more information like the path to the database.

- sqlite3_ds.py check before using

- xfrout fail cleanly on failures (no traceback)

The problem is in both components.
1284 defect 1318067328550878 1337188385146694 Unclassified low erickom new Debian SID: Missing file liblog.so.0 library Hello,

I configured and compiled Bind10 successfully on Debian Sid.

but during starting precess of bind10, I received the error mentioned below:

root@kom:/bind10# /usr/local/sbin/bind10
Traceback :
File “/usr/local/sbin/bind10”, line 65, in
import isc.cc
File “/usr/local/lib/python3/dist-packages/isc/init.py”, line 6, in
import isc.config
File “/usr/local/lib/python3/dist-packages/isc/config/init.py”, line 1, in
from isc.config.ccsession import *
File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 44, in
from isc.log import log_config_update
ImportError: liblog.so.0: cannot open shared object file: No such file or directory
root@kom:
/bind10# ps auxww
grep bind10
root 26107 0.0 0.2 3476 752 pts/0 S+ 11:49 0:00 grep bind10
root@kom:~/bind10#

the python package dependency mentioned above is present; please how to ignore the error message?
liblog.so.0
1291 defect 1318362589493900 1331918477360839 Unclassified medium jreed new bad config database results in unclean shutdown I made a mistake in my config database (removed starting brace). This resulted in:



2011-10-11 14:44:14.197 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-cfgmgr
2011-10-11 14:44:14.698 FATAL [b10-cfgmgr.cfgmgr] CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/reed/work/isc/bind10-install/var/bind10-devel/b10-config.db
2011-10-11 14:44:14.725 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process ccsession
2011-10-11 14:44:18.767 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes
2011-10-11 14:44:18.768 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator
2011-10-11 14:44:18.769 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process b10-cfgmgr
Traceback (most recent call last):
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 322, in add_remote_config
answer, env = self.
session.group_recvmsg(False, seq)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/cc/session.py”, line 218, in
receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “./sbin/bind10”, line 682, in startup
self.start_all_processes()
File “./sbin/bind10”, line 618, in start_all_processes
self.start_ccsession(c_channel_env)
File “./sbin/bind10”, line 501, in start_ccsession
self.command_handler)
File “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 188, in init
default_logconfig_handler)
ile “/home/reed/work/isc/bind10-install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 326, in add_remote_config
module_name)
isc.config.ccsession.ModuleCCSessionError: No answer from ConfigManager when asking about Remote module Logging

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “./sbin/bind10”, line 1087, in
main()
File “./sbin/bind10”, line 1036, in main
startup_result = boss_of_bind.startup()
File “./sbin/bind10”, line 684, in startup
self.kill_started_processes()
File “./sbin/bind10”, line 382, in kill_started_processes
self.processes[pid].process.kill()
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1337, in kill
self.send_signal(signal.SIGKILL)
File “/usr/pkg/lib/python3.1/subprocess.py”, line 1327, in send_signal
os.kill(self.pid, sig)
OSError: [Errno 3] No such process



Also left running:



root 13671 0.0 1.2 22568 12100 ttyp7 S 2:44PM 0:00.49 /usr/pkg/bin/python3.1 /home/reed/work/isc/bind10-install/libexec/bind10-devel/b10-msgq


1296 enhancement 1318406506891556 1318587118159926 dhcp very low UnAssigned tomek DHCP Outstanding Tasks new Kea: Pkt an Option should provide interators besides of getOption() Pkt6 and Option classes currently provide getOption() methods.
They should also provide iterator for option container.

This required a bit of thought as such iterator may become invalid if option is modified in the meantime.
1297 enhancement 1318409947165927 1318497930789309 Unclassified low UnAssigned tomek DHCP Outstanding Tasks new Kea: Methods for printing out option content Currently toText() in all option classes print out all info about option (type, length, number of addresses etc.). That is useful for debugging to print out content of the whole message. However, that is less useful for casual logging.

toText() should return short version of the content (e.g. space separated addresses). A new set of methods (toTextDetailed?) should be added.
1302 defect 1318516112811014 1319112489945206 documentation medium jreed new add bindctl configuration examples to guide The README previously had usage examples of using bindctl with “config”.

Put these into the guide.
1304 defect 1318545078673702 1396529256167943 xfrin medium jinmei DNS Outstanding Tasks new xfrin test should retrieve config defaults from the spec file Right now, it’s hardcording some default values, which just happen to
be consistent with the spec file:


class MockCC():
def get_default_value(self, identifier):
# The returned values should be identical to the spec file
# XXX: these should be retrieved from the spec file
# (see MyCCSession of xfrout_test.py.in)
if identifier "zones/master_port":<br> return TEST_MASTER_PORT<br> if identifier zones/class return TEST_RRCLASS_STR
if identifier == zones/use_ixfr return False


Obviously it’s ugly and more difficult to maintain. As commented the
mock class should retrieve the defaults from the spec file. We should
also have some tests to check whether the default values are really
used in other cases (such as “max transfer in”).
1312 task 1318591339707868 1364499059808920 dhcp low tomek DHCP Outstanding Tasks new Kea: Pkt6 and OutputBuffer merge should be investigated DHCP component uses Pkt6 class. There is OutputBuffer that is used in DNS that provides covenient way of writing to a buffer that automatically expands as needed.

Pkt6, Pkt6::data_ replacement to OutputBuffer or other unification should be investigated.
1315 task 1318932830445413 1396529291116443 xfrin medium stephen DNS Outstanding Tasks new IXFR system test - SOA Expiry #1213 started the process of producing system tests for IXFR-in. At the time, the generation of an IXFR request by a slave server when the zone expired was not supported, and so the production of a system test for this functionality has been deferred to this ticket.

(The specification for the IXFR system tests can be found [wiki:IxfrSystemTests here].)
1316 task 1318932997247028 1396529300004921 xfrin medium stephen DNS Outstanding Tasks new IXFR-in System Test - UDP transfers #1213 started the process of producing system tests for IXFR-in. At the time, handling IXFRs over UDP was not supported, and so the production of a system test for this functionality has been deferred to this ticket.

(The [wiki:IxfrSystemTests specification] for the IXFR system tests can be found here.)
1317 task 1318933248158868 1396529309298751 xfrin medium stephen DNS Outstanding Tasks new IXFR-in System Test - special cases #1213 started the process of producing system tests for IXFR. Not included in that ticket were tests for two cases:

* Interruption of an IXFR transfer over TCP aborts the update to the zone.
* Checking that additions and deletions are applied in the right order.

… as special code is required to create the abnormal conditions to test them. (Details of these cases can be found in the comments to #1213.) This ticket requires the creation of the appropriate test framework.
1319 defect 1318958440950029 1320940878874911 Unclassified low jreed new systest can’t find stop.pl on failure (Note: I don’t think this issue is specific to ixfr nor ixfr/in-2.)

If a b10-config.db file has a syntax problem it will cause fatal issues when starting up bind10.

I saw within ixfr/in-2 (when I introduced the error), it attempted to stop:


I:starting server nsx2
I:Couldn’t start server nsx2
R:FAIL
Can’t open perl script /b/work/BIND10-systest/20111018144505-MacOS/build/tests/system/ixfr/stop.pl No such file or directory


stop.pl is located in directory below that.

I think it is because it is referenced from $topdir instead of $SYSTEMTOP.
1335 enhancement 1319188850845259 1319188850845259 dhcp low stephen DHCP Outstanding Tasks new Extend DHCP benchmarking to ramp up packet send rate The DHCP benchmarking tool should be extended to allow the rate at which packets are sent to be ramped up over a period of time.

This will allow the maximum packet rate the DHCP server can handle to be determined.
1337 enhancement 1319192543738139 1319201872095106 dhcp low stephen DHCP Outstanding Tasks new DHCP benchmarking - enhanced reply verification From a [ticket:1263#comment:2 a comment 2 in ticket 1263]:

It would be useful to elaborate on reply verification. V4 server responding with NACK is ok or not? What about v6 server sending REPLY with status-code=no-addrs-avail? That is another thing we could eventually add as a feature. In some scenarios negative response as considered a proper one (test passed) and in others it is not (test failed). Make sure that the verification could be tuneable. For now it can be simple, but it will be more complex later.
1338 enhancement 1319200506808850 1324552147778802 dhcp low tomek DHCP Outstanding Tasks new perfdhcp should have the ability to dump sent/received traffic to file Even though we will work on making this tool as smart as possible, there always be cases when manual investigation is required.

Traffic should be dumped in pcap (tcpdump) format.

Ideally, it would use some existing library to write traffic in proper format.

Due to time constraints, I don’t think we will be able to do this in the November 2011 milestone. We could consider temporary solution that could work, though:

Before test: fork() + system(“tcpdump -i eth0 dhcp”)

Run tests as usual

After test: kill tcpdump


1339 enhancement 1319200820485863 1319200820485863 dhcp low tomek DHCP Outstanding Tasks new perfdhcp should warn if there are any DHCP clients running A small, but useful feature.

If there are any clients running, we should warn about this. This may save us from having strange statistics, like receiving more responses than we sent queries.
1348 defect 1319534720783127 1321962568946624 build system low UnAssigned tomek new make check fails on a fresh tree The likely problem is with dependencies. datasrc test includes isc.log that is not built yet.

A simple workaround is to do “make” before “make check”.

Error message:
lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log:/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/.libs:/home/thomson/devel/bind10-libdhcp4/src/lib/dns/python/.libs br> TESTDATA_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests br> /usr/bin/python3.1 /home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/$pytest
exit ; br> done
Running test: datasrc_test.py
Traceback (most recent call last):
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/datasrc/tests/datasrc_test.py”, line 16, in
import isc.log
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/init.py”, line 6, in
import isc.config
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/init.py”, line 1, in
from isc.config.ccsession import
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/config/ccsession.py”, line 44, in
from isc.log import log_config_update
File “/home/thomson/devel/bind10-libdhcp4/src/lib/python/isc/log/init.py”, line 33, in
from log import

ImportError: No module named log
1352 defect 1319706995872430 1321962564467197 bind-ctl medium vorner new Config go allows setting unusable path It is possible to enter invalid place in the configuration by config go. The following error message when used makes sense after small thinking what happens inside, but users shouldn’t need to care about that. What happened to me was this:


/Logging/loggers> config go [0]
/Logging/loggers[0]> config show
Logging/loggers[0]/name “‘*’” string (modified)
Logging/loggers[0]/severity “DEBUG” string (modified)
Logging/loggers[0]/debuglevel 100 integer (modified)
Logging/loggers[0]/additive false boolean (default)
Logging/loggers[0]/output_options/ list (modified)
/Logging/loggers[0]> config show output_options
Error: Bad format in identifier (extra ]): loggers[0]output_options


Eg. it does show me local values, but it does not add the slash when needed. The config go should probably add one (eg. go directly to loggers[0]/) just like cd in shell does.
1353 defect 1319707427373568 1396529317167555 xfrin low vorner DNS Outstanding Tasks new Wrong reason for transfer failure logged when TSIG fails This log message appears whenever validation of TSIG fails for some reason:


2011-10-26 12:35:52.460 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone example.com./IN failed: TSIG verify fail: FORMERR


However, the FORMERR is misleading. In this exact case, the signature was missing completely (because it was a servfail), but AFAIK it happened at other situations as well. It should tell more details.
1355 defect 1319707819418639 1396529324975048 xfrin low vorner DNS Outstanding Tasks new Xfrin mistakes EOF with timeout When the remote shuts down a connection prematurely (for example it crashes attempting to serve the transfer), Xfrin detects this and reports an error right away. However, it logs it was a timeout (which it wasn’t, as the transfer failed in less than 1 second). This may lead the administrator to look for wrong errors.
1373 defect 1320472719592176 1339225194377791 data source medium jinmei new DataSourceClient::getIterator should differentiate no-such-zone case Currently it throws a generic DataSourceError exception (and the
python version raises isc.datasrc.Error). Since this can be thrown
for other reasons than the case where the specified zone doesn’t
exisit, xfrout cannot decide whether it should return NOTAUTH
or other Rcode.

The bottom line is we should differentiate this case with other errors.
Possibilities include a separate error code with NULL/None (like find())
and a dedicated exception. I personally prefer the former especially
for C++, but that’s debatable.
1374 task 1320473299432823 1322985171982419 data source medium jinmei new implement “ZoneTableIterator” To completely replace the old data source API, we need some more
interfaces to manage “zone tables”. One of them is the “ZoneTableIterator”
(tentaively named) class. It would be created via DataSourceClient,
and provides an interface to iterate over all stored zones in the
data source.

(maybe we should divide this task into a few sub tasks).
1375 task 1320473352815196 1320769939143599 data source medium jinmei new implement “ZoneTableUpdater” To completely replace the old data source API, we need some more
interfaces to manage “zone tables”. One of them is the “ZoneTableUpdater”
(tentaively named) class. It would be created via DataSourceClient,
and provides an interface to add or delete a zone to/from the data
source.

(maybe we should divide this task into a few sub tasks).
1379 enhancement 1320599686548510 1320769939542694 Unclassified low jelte new move zone/address formatters for logging to some util lib
When done, #1298 introduced two functions to format zone/class and ipaddress/port information for easier use when logging or printing them. These functions should be moved to a separate library (and for the address one, we should consider what argument type(s) it should get), like src/lib/python/isc/util/format.py or something.

When done, the logging calls in other modules should be checked and modified to use these functions so we have a consistency in our logging output.

We may need to add these in c++ as well.
1380 task 1320599810674309 1320769940073753 Unclassified medium jelte new move ixfr system tests to lettuce
#1290 introduces a lettuce framework for system tests. If that one has been done, we should try and convert the current IXFR system tests to that framework, as a base for the rest of the IXFR system tests.
1382 enhancement 1320657651881930 1320940411224675 data source medium jelte new datasource interface for signaling capabilities
We do not expect every data source implementation to support every type of action; some will be ‘read-only’, and hence will not support things like updating etc. We can (and do) already throw NotImplemented exceptions if these functions are called, but we should really not call them in the first place if the implementation is not able to do it anyway.

So the proposal is to add a method that returns what the datasource can and cannot do (iteration, updating, journaling, perhaps more) so any callers can more cleanly handle cases where these are not supported.
1385 defect 1320988192785322 1321962565560548 data source medium kevin_tes new Sqlite3ClientBadConfig unit test fail ‘’’make check:’‘’
make[7]: Entering directory `/home/xiejiagui/bind10/src/lib/datasrc/tests’
[] Running 313 tests from 19 test cases.<br>[----------] Global test environment set-up.<br>[----------] 3 tests from FactoryTest<br>[ RUN ] FactoryTest.sqlite3ClientBadConfig<br>factory_unittest.cc:84: Failure<br>Value of: result1.code<br> Actual: 2<br>Expected: result::SUCCESS<br>Which is: 0<br>/bin/bash: line 5: 26559 Segmentation fault ${dir}$tst<br>FAIL: run_unittests<br>=
1 of 1 test failed
Please report to bind10-dev@isc.org
=<br><br>'''gdb:'''<br>.......<br>Starting program: /home/xiejiagui/bind10/src/lib/datasrc/tests/.libs/run_unittests <br>[Thread debugging using libthread_db enabled]<br>[] Running 313 tests from 19 test cases.
[———-] Global test environment set-up.
[———-] 3 tests from FactoryTest
[ RUN ] FactoryTest.sqlite3ClientBadConfig
[New Thread 0x7ffff4086700 (LWP 24771)]
[Thread 0x7ffff4086700 (LWP 24771) exited]
factory_unittest.cc:84: Failure
Value of: result1.code
Actual: 2
Expected: result::SUCCESS
Which is: 0

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff795254d in sqlite3_finalize () from /usr/lib/libsqlite3.so.0


my computer: ubuntu-10.0.4, 64bit

1391 defect 1321817047238332 1321962567921516 configuration medium jinmei new “config add” for a list doesn’t always work For example, this is okay:

> config add Xfrout/zone_config

(zone_config[0] will be created)

but this doesn’t work:

> config add Xfrout/zone_config[0]/transfer_acl
Error: No value given and no default for /Xfrout/zone_config[0]/transfer_acl


and this doesn’t work either:

> config add Xfrout/zone_config[0]/transfer_acl {action “ACCEPT”}
Traceback (most recent call last):
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/Users/jinmei/opt/bin/bindctl”, line 149, in
result = tool.run
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run
self.cmdloop
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd
Cmd.onecmd
File “/opt/local/Library/Frameworks/Python.framework/Versions/3.1/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default
self.
parse_cmd(line)
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 569, in parse_cmd
self.
handle_cmd(cmd)
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 410, in handle_cmd
self.apply_config_cmd
File “/Users/jinmei/opt/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 677, in apply_config_cmd
cmd.params.get)
File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 503, in add_value
self.
add_value_to_list(identifier, value, module_spec)
File “/Users/jinmei/opt/lib/python3.1/site-packages/isc/config/ccsession.py”, line 456, in _add_value_to_list
+ identifier)
TypeError: unsupported operand type(s) for +: ’dict’ and ‘str’

1393 enhancement 1321817734588585 1339829049552844 logging medium jinmei new reduce overhead in python logging See this: https://bind10.isc.org/ticket/1359#comment:11

On a related note, it would be better to pass the original object
to logger rather than passing a string based on the object whenever
possible. Then we can avoid the expensive conversion if the specified
level of logging is disabled.

Example: do this

isc.dns.Name name(‘example.com’)
logger.debug(VERY_MINOR, SOME_NOISY_LOG, name)

instead of

isc.dns.Name name(‘example.com’)
logger.debug(VERY_MINOR, SOME_NOISY_LOG, name.to_text())


Another related note is that we should generally try to provide str()
for Python classes defined in BIND 10.
1394 enhancement 1321818244235633 1339259969883910 logging medium jinmei new unify format_zone_str and format_addrinfo These were introduced in xfrin and subsequently copied to xfrout and
notify_out. They should be moved to some utility library and applications
should refer to it.

Also, in the sense of a note in #1393, I’d suggest making this classes:

#!python
class ZoneFormatter:
def init(self, zone_name, zone_class):
self.zone_name = zone_name
self.
zone_class = zone_class

def str(self):
return self.__zone_name.to_text(True) + ‘/’ + str(self.__zone_class)


And the applicaton pass Formatter objects to logger:


logger.debug(VERY_MINOR, SOME_NOISY_LOG, ZoneFormatter(zname, zclass))


ddns.logger.py defines `ClientFormatter` and `ZoneFormatter`. These
should be unified, too.
1395 defect 1321818672626016 1322756346092314 logging medium jinmei new python isc.datasrc should be usable without logging See src/bin/xfrout/tests/testdata/creatediff.py of trac1371
(or master when merged). If we don’t import isc.org or call
isc.log.init(), it fails:


Traceback (most recent call last):
File “creatediff.py”, line 58, in
‘{ database_file “test.sqlite3” }’)
isc.datasrc.Error: Failed to create DataSourceClient of type sqlite3:Unknown uncaught exception from sqlite3 createInstance: Error creating sqlite3 datasource: attempt to access logging function before logging has been initialized


even though this script doesn’t use any logging in it. This is incovenient.
I believe generic BIND 10 libraries should be usable without logging
setup.

I’m not sure if it’s specific to isc.datasrc or common for other cases
such as isc.acl (not tested). But if it’s the latter, the same comment
applies to them, too.
1400 task 1321820450438137 1328631164980120 statistics medium UnAssigned jinmei assigned auth per qtype statistics
1402 task 1321820484571629 1321962575882605 statistics medium jinmei new auth query statistics (referral, nxdomain, etc)
1403 task 1321820501164239 1321962576500971 statistics medium jinmei new auth TSIG/EDNS related statistics
1406 defect 1321913575345053 1394116525914230 Boss of BIND low jreed Common Outstanding Tasks new boss show_processes format Currently we have for example:



> Boss show_processes
[
[
3722,
“b10-xfrin”
],
[
6802,
“msgq”
],





We should be consistent with formats as much as we can. This should probably be JSON. Here is an idea:



{ boss_processes { pid 3722, name “b10-xfrin” }, { pid 6802, name “msgq” } ….



1408 task 1321962730068690 1394116540316153 Boss of BIND medium vorner Common Outstanding Tasks new Configurable parameters for components Currently, the configuration on Boss/components allows setting the command line parameters. But these are ignored by boss, they need to be propagated through the isc.bind10.Component to the started process.
1409 defect 1321964195762413 1394116552403378 Boss of BIND medium vorner Common Outstanding Tasks new Better checks of Boss/components configuration validity Currently, the boss doesn’t perform any checks on the configuration, it just uses it. It should at last validate it against the spec file and the isc.bind10.Component check it makes sense and throw some better exceptions than the usual „key error“ and like.

However, it’s not that critical, as bindctl seems to perform some basic checks.
1410 enhancement 1321964662534494 1322560922805321 Unclassified medium vorner new Remove command line parameters from processes Some of our processes (like b10-auth) need parameters computed by boss at startup. This is wrong, for two reasons:
* It is impossible to change such settings at runtime.
* We need to handle such processes as special components, making it harder for user to grasp and configure.

So, I think all such parameters should be removed and special components eliminated (at last the ones that aren’t really that special, keeping msgq as special seems inevitable).
1411 enhancement 1321964944968568 1394116563971759 Boss of BIND medium vorner Common Outstanding Tasks new More component states in boss Currently, each component in boss can be either stopped, started or failed. We should extend it to allow more accurate control, notably about:
* Components that are starting up, but they didn’t initialize yet. That would allow to wait for one component to complete startup before starting another one depending on it.
* Waiting to being restarted. Currently it pretends to be stopped and boss itself keeps it in some list.
* Components that were asked to terminate, but didn’t do it yet. This will allow to kill a component that fails to stop after some time.
1412 enhancement 1321965103756754 1394116577753373 Boss of BIND medium vorner Common Outstanding Tasks new Boss should be more reluctant to abort shutdown. Currently, when boss shuts down and a component raises an exception when it is stopped, the shutdown is aborted and the rest of processes are just mercilessly killed. We should catch exceptions, keep stopping the other components and then after everything is stopped, rethrow them. This will allow killing only the components that are broken.
1413 enhancement 1321966062429119 1394116596697670 Boss of BIND medium vorner Common Outstanding Tasks new Runtime change of component configuration Currently, if a configuration of boss component is changed, the boss complains it can’t handle it and suggests to remove the component and then add it again. But the changes should be handled transparently, either by changing local variables in boss (if a core components becomes dispensable, etc) or by restarting the component behind the scene with new parameters, so the user isn’t bothered.
1416 task 1321986603556273 1323178776389778 data source medium jinmei new buffered read of journal I believe !DatabaseJournalReader should do buffered read so that
it can minimize the period of holding the database lock. While it’s
a kind of optimization, I think it’s quite crucial for production-like
environment, and suggest doing so earlier.
1417 defect 1322060080496444 1323178777012801 configuration low jreed new config show and missing index number and slash results in not found for single list entry

> config show Auth/listen_on/
Error: Auth/listen_on/[0]/address not found



Notice above is missing index number like [0] and has a slash which results in showing a list item (address) not found. (Really address and port do exist for [0].)
1418 defect 1322060624107872 1394116814482704 b10-auth low jreed DNS Outstanding Tasks new no logging by default when changing Auth/listen_on I removed some Auth/listen_on entries and changed some values there too. On commit, no logs (default configuration).

I think it should log this.

I thought there was logging for this, but now I can’t find it.
1419 defect 1322061105903298 1323178777674777 configuration medium jreed new confusing and unrelated auth listen_on logging I did the following in bindctl:


> config add Auth/listen_on/
> config show Auth/listen_on
Auth/listen_on[0]/address “::” string (modified)
Auth/listen_on[0]/port 53 integer (modified)
Auth/listen_on[1]/address “0.0.0.0” string (modified)
Auth/listen_on[1]/port 53 integer (modified)
Auth/listen_on[2]/address “::1” string (default)
Auth/listen_on[2]/port 53 integer (default)
> config set Auth/listen_on[0]/port 5353
> config commit
Error: Server configuration failed: Address must contain both the IPaddress and port
Configuration not committed



The default logging showed:



2011-11-23 08:50:05.696 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_MISSING address specification is missing “address” or “port” element in { }
2011-11-23 08:50:05.699 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Address must contain both the IPaddress and port
2011-11-23 08:50:05.702 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Address must contain both the IPaddress and port



1. SRVCOMM_ADDRESS_MISSING what is this { } element?

2. Why does it suggest I am missing an address or port?

3. Why is there an unrelated b10-cmdctl.cmdctl log message here?

Here is an example after starting with no configuration:



> config set Auth/listen_on[0]/port 5353
> config commit
Error: Server configuration failed: Failed to initialize network servers: Permission denied
Configuration not committed



Results in:



2011-11-23 09:08:44.650 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Permission denied)
2011-11-23 09:08:44.652 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Permission denied
2011-11-23 09:08:44.656 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Server configuration failed: Failed to initialize network servers: Permission denied



I will ignore permission denied for b10-auth as I understand that (I am non-root), but what is this CMDCTL_COMMAND_ERROR message? Oh… it is the previous error seen by cmdctl. This is quite confusing.
1422 defect 1322066511138520 1332238414333689 configuration low jreed new config remove /Boss/components/foo and not a list or a named set

> config remove Boss/components/b10-xfrin
Error: /Boss/components/b10-xfrin is not a list or a named_set
> config remove Boss/components b10-xfrin



The first example does not work. The second example is accepted.

I think it is confusing because config show does show it like “/Boss/components/b10-xfrin”.
1423 defect 1322067772031162 1331998412575006 configuration low jreed new config show Boss/components is missing entries

> config show Boss/components
Boss/components/b10-cmdctl/special “cmdctl” string
Boss/components/b10-cmdctl/process null string
Boss/components/b10-cmdctl/kind “needed” string
Boss/components/b10-cmdctl/address null string
Boss/components/b10-cmdctl/params/ list
Boss/components/b10-cmdctl/priority 99 integer (modified)
> config show /Boss/components/setuid
Boss/components/setuid/special “setuid” string
Boss/components/setuid/process null string
Boss/components/setuid/kind “dispensable” string
Boss/components/setuid/address null string
Boss/components/setuid/params/ list
Boss/components/setuid/priority 5 integer



Notice first only shows b10-cmdctl but setuid exists too.

When I restart bindctl, “config show Boss/components” shows over a screenful of many settings.

I can get into this broken state by doing:




> config set Boss/components/b10-stats-httpd/priority 99



(Without commit and note commit does not work anyways for that.)

A “config revert” will fix also.

1425 defect 1322087911350698 1396529357041668 xfrin medium shane DNS Outstanding Tasks new Need backoff algorithm when AXFR refused I was configuring BIND 10 as a secondary, and had not yet updated my master to allow transfers. Every 5 seconds I got this in my log files:


2011-11-23 22:35:54.849 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED
2011-11-23 22:36:00.690 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED
2011-11-23 22:36:05.319 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE AXFR transfer of zone home.time-travellers.org./IN failed: error response: REFUSED


This needs to be made a bit less aggressive.
1438 enhancement 1322502345556404 1392999578081708 Unclassified medium stephen DNS Outstanding Tasks new NSEC3: consistent selection of NSEC3PARAM Consistent selection of NSEC3PARAM record for use in all subsequent NSEC3 code. [http://tools.ietf.org/html/rfc5155 RFC 5155] does not prohibit multiple NSEC3PARAM RRs at the apex of the zone and leaves flexibility in which one is used. The purpose of this ticket is to review the NSEC3 code and to ensure if multiple NSEC3PARAM records are present, the parameters of the same record are used throughout one query. (See [http://tools.ietf.org/html/rfc5155#section-7.3 RFC 5155 section 7.3].)

This relies on the completion of tickets #1431 through #1437.
1441 task 1322598538096248 1323178784715843 Unclassified medium shane new Requirements for sharing a socket This ticket is to document the requirements that we have for sharing a socket, for example to handle both AXFR and queries on a single IP+port, or to handle both DDNS and queries on a single IP+port, or to handle both authoritative and recursive servers on a single machine, and so on.

This may end up being a receptionist, but that is design, and this ticket is about requirements.
1445 defect 1322669839124408 1323357901608466 logging very low jreed new inconsistent use of “SQLite3” in log messages Log messages have “SQLite3Database” (no space), “sqlite”, “SQLite3” and maybe others. Let’s be consistent.
1459 task 1322857184069690 1339516603763329 DDNS medium jelte new Consistency checks in DDNS module (Updating based on jabber chat)

Before the (final) commit in a DDNS update, there is a number of consistency checks we should do.

It was not really clear what “consistency checks” mean, so I’m going
to list additional checks BIND 9 does, which don’t seem to be
implemented in BIND 10 yet (not even in #1457). Note that they are
not only “final” checks, but also checks in prescan or actually
updating the zone.

Some of the checks may not make sense for us (or too advanced at the
moment), so we should discuss any suspicious ones. Also, if we try to
include most of the checks, it may be too big for a single ticket.
Since each individual check is generally independent, we should be
easily able to separate them into multiple tasks.

In prescan:
- reject any meta types including MAILA/MAILB
- reject any attempt of updating NSEC/NSEC3/RRSIG

When adding an RR:
- ignore MD/MF
- ignore wildcard NS/DNAME
- be careful with the coexistence of CNAME and DNSSEC related records
- ignore a 2nd SOA (okay if explicitly deleting the existing one first)
- ignore NSEC3PARAM records with any flags other than OPTOUT.
- merge new RRs with existing RRset: in particular, if a new RR is
being added which is only different with an existing one in TTL,
make sure just the new TTL is used (note that the new TTL may be
larger than the existing one)

When deleting all any type of RRs of a name:
- do not delete RRSIG or NSEC (or NSEC3?)
- in addition, if the name is zone origin, do not delete NSEC3PARAM
(or SOA or NS)

After applying all changes:
- check DNSSEC: Prevent the zone entering a inconsistent state where
NSEC only DNSKEYs are present with NSEC3 chains.
- zone apex has NS, and if the NS name is a subdomain of the zone,
there’s AAAA or A for it.
- check_mx: (depending on configuration) whether MX has AAAA or A, the
mx name is reasonable (not “x.y.z.w”)
- remove_orphaned_ds: “DS records are not allowed to exist without
corresponding NS records”
- if ‘dnssec-secure-to-insecure’ is false, whether at least one DNSKEY
exists.
- if changing from secure to insecure, delete all NSEC3s
- also log it if all changes result in no-op: “redundant request”
1463 task 1322985484551436 1396529365842456 xfrin medium jinmei DNS Outstanding Tasks new use ixfr-in by default Now we support IXFR to AXFR, we should change the default mode of
xfrin protocol from AXFR to IXFR.

(Note: It’s probably better to hold off until #1299 is completed to avoid
conflicts)
1464 task 1322985744645661 1396529373849828 xfrin medium jinmei DNS Outstanding Tasks new do AXFR by ‘retransfer’ command I suggest we do unconditionally AXFR if zone transfer is invoked
via bindctl’s ‘retransfer’ command. It’s more compatible to BIND 9’s
‘rndc retransfer’. (Or maybe we can add an optional ‘type’
parameter for this command whose default is AXFR)

(Note: It’s probably better to hold off until #1299 is completed to avoid
conflicts)
1465 task 1323019258434804 1323019258434804 Unclassified medium larissas new DDNS User Story: DDNS Analysis Tools “[I need] Analysis tools that could aid me in getting more data on what is really going on in our systems. For example, I have a problem that I’m trying to figure out and do not have the tools, or do not know where to find access to what is happening in the”right now" interaction of our DNS with our DHCP and DDNS other than trying to read logs that fly by."
1466 task 1323019367019041 1323019367019041 Unclassified medium larissas new DDNS User Stories: No DDNS Option User request is to have a way to run without DDNS at all:

“Please be conservative & modular with features. If I don’t want something (say dynamic DNS), then I should be able to run without it.”
1469 defect 1323101532101380 1323352586911784 dhcp medium tomek DHCP Outstanding Tasks new SocketInfo may be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket It was pointed out in #1238 review (comment 6) that SocketInfo in IfaceMgr in dhcp can be possibly replaced by boost::ip::udp::socket or asiolink/udp_socket.

1473 task 1323174884190713 1323174884190713 Unclassified medium larissas new DDNS User Stories: Finding inactive DDNS machines “[As an administrator] I need some way to go through DNS and find inactive DDNS machines.”
1474 task 1323174966408510 1338013399079949 Unclassified medium larissas new DDNS User Stories: Make it fast “[As an administrator, I need] for dynamic updates [to take] less time to configure”
1475 task 1323175124648575 1323352683698735 Unclassified medium larissas larissas assigned DDNS User Stories: Samba4 Interoperability “[I need there to be]less issues when running [DDNS] alongside Samba4”
1476 task 1323175219546909 1338013370225107 Unclassified medium larissas larissas assigned DDNS User Stories: ADDNS interoperability
“[As an administrator using DDNS], I need interoperability with Microsoft ADDNS”
1477 task 1323175388880578 1339829595814921 Unclassified medium larissas new DDNS User Stories: TSIG “[As an administrator I want] DDNS with TSIG so I can make sure no one unauthorized is altering my zone data”
1478 task 1323175532090406 1323175532090406 Unclassified medium larissas new DDNS User Stories: Requirements for high volume “[As a large scale domain host] rate of dynamic updates DNSSEC with dynamic updates is very high for us, need configuration parameters to customize for this and logging to track it”
1479 task 1323175854242600 1323175854242600 Unclassified medium larissas new DDNS User Storie: Crash-safe journal “Dynamic updates journal should really become crash-safe.”
1480 task 1323176229810631 1323176229810631 Unclassified medium larissas new DDNS User Stories: Dynamic Updates to specific view “[As an administrator I need] Views and dynamic updates to specific view [so that I can update specific interally or externally facing zones (or other view specific zone data).”
1481 enhancement 1323176461104253 1323356001589423 xfrout low shane new Optimize size on XFR-out https://lists.isc.org/pipermail/bind10-dev/2011-December/002851.html

During review of #1389, it was discovered, that xfrout splits the stream into
messages in an suboptimal way. Currently, it keeps a sum of RR sizes and if this
overflows, it renders the message and starts a new one.

But, the rendering compresses names. This means few more RRs could fit in, if we
are lucky and there are lots of similar names (which there usually are, at last
the names of the RRs, if not inside the real data).

This is not really a big deal, it doesn’t break anything. But it generates more
messages and can increase the size of the whole stream, as we can’t compress
names across message boundary. Having less messages mean having less boundaries
and more compression.

So, I’d like to ask, is it worth fixing? There surely are ways to do it
completely right and fill the messages up to the edge. One would be like this:


message =
* Iterate over the RRs to transfer:
* new_message = message
* new_message.add(rr)
* try to render
* if it overflows:
* send out message
* message =
* message.add(rr)
* else:
* message = new_message


That is, of course, slow. However, if we could save the renderer state and could
„continue“ with another rr added to the message, it could be made fast (it
wouldn’t make the counts in the headers right, but otherwise, we add RRs to the
end of message).

So, do you think, is it worth fixing?
1482 task 1323208794472721 1389878915635667 logging medium jinmei new simple logging format checker using unittests To catch some trivial errors in logging like this:
https://lists.isc.org/pipermail/bind10-dev/2011-December/002897.html
I’d propose the following:

- make sure all python unit tests call `isc.log.resetUnitTestRootLogger()`
- make sure all C++ unit tests call `isc::log::initLogger();
- add a top level make target, e.g. check-logformat, which would do

B10_LOGGER_DESTINATION=stdout make check
grep ‘^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]’ grep ‘%’

and exits with a non 0 code if the output is not empty
- fix any current problems that make this target fail
- configure a buildbot with enabling this target as a regular test
1487 defect 1323234902695730 1323234902695730 documentation medium jinmei new BIND 10 guide should explain more about zonemgr configuration At least
- explain configuring it is (in practice) mandatory for a secondary server to make zone transfers
- provide a configuration example
1490 defect 1323270428663135 1324388409115033 Unclassified medium jreed new redundant logging with SRVCOMM_ADDRESS_FAIL and AUTH_CONFIG_UPDATE_FAIL and missing example This ticket has multiple problems, all related. If I need more tickets, please let me know.

This is related to #1419 but in this case I already had configuration in place so not using bindctl.

I loaded a configuration that listed an IPv6 address that no longer existed on the interface. This resulted in:



2011-12-07 14:26:38.q ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address)
2011-12-07 14:26:38.q ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to initialize network servers: Can’t assign requested address



(Ignore the “q” in timestamp due to out of date log4cplus.)

1) Why log twice?

2) Please have it list the address(es) that has the problem. In my case, it was working with IPv4 and so I was initially confused.

3) Why AUTH_CONFIG_UPDATE_FAIL — this is not an attempt to “update the configuration”. This configuration has been in place for over a month. Also the description for the AUTH_CONFIG_UPDATE_FAIL in the message file does not make sense: “At attempt to update the configuration the server with information from the configuration database has failed, the reason being given in the message.” I think it is missing some words or has wrong grammar.

In addition I had a configuration with both IPv6 and IPv4 addresses that weren’t configured on any interface:



2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_SET_LISTEN setting addresses to listen to
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 2001:4f8:3:d::95#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 149.20.48.80#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: ::1#53
2011-12-07 14:48:53.q DEBUG [b10-resolver.server_common] SRVCOMM_ADDRESS_VALUE address to set: 127.0.0.1#53
2011-12-07 14:48:53.q ERROR [b10-resolver.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (Failed to initialize network servers: Can’t assign requested address)
2011-12-07 14:48:53.q ERROR [b10-resolver.resolver] RESOLVER_CONFIG_ERROR error in configuration: Failed to initialize network servers: Can’t assign requested address



This doesn’t tell me which ones failed.

And notice the SRVCOMM_SET_LISTEN line is incomplete or wrong grammar. Listen “on”?

And why does the auth server have one log message that is quite different from the resolver’s message?
1492 defect 1323277092325829 1324388410159588 Unclassified low jreed new add debug logging for when timer is triggered to notify xfrin Xfrin logs XFRIN_XFR_TRANSFER_STARTED but I don’t know what triggered that.

Please add DEBUG level logging to zonemgr for when the timer is triggered to notify xfrin.

Please add DEBUG level logging to xfrin for when it receives notify and other commands.
1493 defect 1323278376179515 1324388410516405 Unclassified low jreed new tests/system/ixfr/in-2 is missing bind10.run output tests/system/ixfr/in-2 is missing bind10.run output

either it was removed or never saved.

please make sure it is kept around so it can be analyzed.

Note there is the corresponding: tests/system/ixfr/in-2/ns1/named.run


1494 task 1323338178346051 1324388411185427 Unclassified medium shane new Review environment variable use in BIND 10 BIND 10 has inconsistent use of environment variables. This ticket is to review the research Jeremy did in May and update it:

https://lists.isc.org/pipermail/bind10-dev/2011-May/002288.html

A follow-up ticket will actually implement any agreed-upon changes.
1495 enhancement 1323345408263358 1394116826100586 b10-auth low jreed DNS Outstanding Tasks new DEBUG log when NOTIFY is received In addition to #1492, have b10-auth log at some DEBUG level when a NOTIFY is received.
1496 enhancement 1323427164192949 1323955380563870 xfrout low vorner new Making the xfrout messages really full Currently, the xfrout decides when to start a new message based on the size of uncompressed RRs. But the RRs are sent compressed, so this leads to messages that are not completely filled.

It should be possible to do something like incremental message rendering to know the final compressed size.

The actuall benefit of this is unknown, but beleived to be low anyway, so this probably is a low-priority task.
1497 enhancement 1323427485658178 1394116608027166 Boss of BIND medium vorner Common Outstanding Tasks new Chroot for socket creator The socket creator should be able to create a temporary (empty) directory, chroot there and delete the directory. As the socket creator should be the only component running with elevated privileges, it should increase the trust in its safety, even as chroot itself is not primarily security related feature.
1498 enhancement 1323427701350145 1394116620114584 Boss of BIND medium vorner Common Outstanding Tasks new Droping root in socket creator On system where it is possible, the socket creator should drop all the privileges except only the ones needed to bind privileged sockets. Together with #1497, it should provide good trust in its security.
1499 enhancement 1323427995949111 1392912640058718 resolver low stephen DNS Outstanding Tasks new Add upstream nameserver information to debug messages Ticket #1383 improved the debug messages available to diagnose problems in responses received from upstream nameservers. However, missing from each message is information about the nameserver from which the response was received.

This ticket involves making that information available to the debug messages and updating the messages to include it.
1506 task 1324055666064594 1328717731614489 Unclassified medium jelte new extract the common patterns from python modules We have a number of python modules now, and most of those use very similar code (for instance for startup, option parsing, catching signals, etc.), or their code can be made to be very similar.

The suggestion is to extract those pieces, and not have duplicate code.

An addendum is that the dummy module for b10-ddns does a few things a tiny bit differently (for instance no global for catching signals, and a separate main() function), that we should apply to other modules too. This should automatically take care of that (Assuming those things are used in this ‘extracted’ code)

1507 task 1324055909292358 1328621887114801 Unclassified medium jelte new Extract the common dummy classes for python (module) tests We have a number of python tests where we have created dummy classes, for example MySocket, MyCCSession and MockDataSrc, MockDataSourceClient, etc.

It would be nice to have these extracted, not only to prevent duplicate code now, but also to be able to quickly use them when adding new tests (or tests for new modules).
1511 task 1324229809916537 1324388415717726 DDNS medium jelte new Documentation for b10-ddns
Write or complete the b10-ddns manpage and section in the bind10 guide
1521 defect 1324464330071317 1394116634419436 Boss of BIND medium jelte Common Outstanding Tasks new Make boss process close children on SIGHUP and internal fatal errors
There are some scenarios where child processes of the boss are not cleaned up well, notable cases are sending a SIGHUP and uncaught exceptions in the boss code.

In either case, we should always close all child processes if the boss exits, so if it isn’t available yet, we need exception-free process cleanup code (and point the correct handlers to it).

For SIGHUP, this has been more-or-less addressed in #642, but at the time it turned out to be more work than we had time for. The changes made there are probably not applicable anymore, but have been kept around for reference in branches/trac642-historic.
1525 defect 1324557521847740 1331917011391166 build system low UnAssigned jreed new configure should fail immediately if no pkg-config?

checking for pkg-config… no
checking for botan-config… no
./configure: line 16580: —libs: command not found
./configure: line 16581: —cflags: command not found

[failure later]



botan-config-1.10 is my executable name.

Note that later configure.ac does have check and failure for pkg-config (used to for sqlite3), so just move this earlier.
1529 defect 1325077429812275 1326903459326515 libdhcp medium tomek DHCP Outstanding Tasks new ifconfig parser improvements libdhcp+ currently have interface detection implemented that uses netlink. It works on linux only. To validate its correctness, tests parse ifconfig output and match with list returned by libdhcp+.

Unfortunately, this approach has 2 problems:
- some ifconfig outputs vary between Linux versions, e.g. Gentoo version produces slightly different output than Ubuntu
- In case of several addresses assigned to a single interface, ifconfig report alias interfaces while netlink reports a single interface with several addresses assigned.

Jeremy suggested to write an awk script that will produce a consistent output. Shane suggested that Python would be better, as we already use Python.
1530 defect 1325090564832766 1328621888606606 Unclassified medium jreed new BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: ‘xfrin’ I had this strange failure:


2011-12-23 21:16:46.001 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during
startup: Unable to start b10-cfgmgr: ‘xfrin’



Notice is says b10-cfgmgr and ‘xfrin’.

I removed the Boss config for the b10-xfrin.

On next attempt I then got same error for xfrout, so removed its configuration also:



b10-xfrout {kind “dispensable”, special “xfrout”},



Then it worked.

I don’t understand the error message. And I don’t understand what caused these configurations to be there.

As a reminder, see #1219 ticket — I also didn’t understand the same error message. (I created a new ticket instead since this is different.) Also see #1443 — since I can’t even start components to fix the problem.
1536 task 1325287488003233 1327400937432913 data source medium jinmei new ZoneFinder::find should (probably) throw for out-of-zone name See discussions at #1430. In short, calling find() for (clearly)
out-of-zone name should be considered a caller’s bug, so it would make
more sense to indicate it via an exception.

Note: this should be done after #1535. Otherwise it will accidentally
kill notify_out (and xfrout as a result).
1537 defect 1325521971174272 1340064910295911 Unclassified medium shane new Handle error receiving file descriptors I was seeing this in my log file:


2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection
2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection
2012-01-02 16:02:53.168 ERROR [b10-xfrout.xfrout] XFROUT_RECEIVE_FILE_DESCRIPTOR_ERROR error receiving the file descriptor for an XFR connection


Also, b10-xfrout then uses 100% of CPU once this condition occurs.

I discovered that this ultimately comes from fd_share.cc:


const int cc = recvmsg(sock, &msghdr, 0);
if (cc <= 0) {
free(msghdr.msg_control);
if (cc == 0) {
errno = ECONNRESET;
}
return (FD_SYSTEM_ERROR);
}


Looking via strace I find:


select(13, [9 12], [], [], NULL) = 1 (in [12])
recvmsg(12, {msg_name(0)=NULL, msg_iov(1)=[{“”, 1}], msg_controllen=0, msg_flags=0}, 0) = 0


My guess is that is what is happening is that the process on the other side of the Unix domain socket has closed the connection (perhaps due to dying), and that the xfrout gets stuck in a loop.

What I think we should do is:

1. Check for this condition everywhere in the code and re-connect (or error in some meaningful way) when we discover it.
2. Update the documentation to specify that this is necessary.
1544 task 1325761490369172 1328718119508541 statistics medium naokikambe new Resolve the design issues about names in MIB of stats-snmp As result of #930 we found at least two possible issues about names in MIB of stats-snmp in the current design as described in the prototype implement in the experiment branch(kambe-SNMP-stats) and in the document StatsModule#StatsSnmp(#1448).

* The MIB of stats-snmp is statically generated when the BIND 10 is made. And if we change the daemons to run, for example, when we disable the Auth daemon and enable the Resolver daemon, there may be an inconsistency between such static MIB and the statistics list which is dynamically answered by the Stats daemon.

* There might be name duplication in MIB. For example, if one name authQueriestcp is defined in MIB as two different OIDs .1.3.6.1.4.1.2021.255.0.0 and .1.3.6.1.4.1.2021.255.0.2.0.2, we can access to the object firstly matched in MIB by authQueriestcp but we cannot access secondly matched one by same way.

Improve current data mapping between specfile and MIB to resolve these design issues, and then revise the document StatsModule#StatsSnmp.
1569 defect 1326821487398082 1328718154706396 Unclassified medium jelte DHCP Outstanding Tasks new IFaceMgrTest fails on some systems
It may be the ifconfig output format, or perhaps that some systems have a few non-default virtual interfaces). It certainly fails on my Ubuntu system, and apparently on vorner’s gentoo as well.


[ RUN ] IfaceMgrTest.getIface
Interface checks. Please ignore socket binding errors.
IfaceMgr initialization.
Linux: detecting interfaces.
Detected interface lo/1, hwtype=772, maclen=6, mac=00:00:00:00:00:00, flags=10049(LOOPBACK UP RUNNING )
2 addr(s): 127.0.0.1 ::1
Detected interface eth0/2, hwtype=1, maclen=6, mac=20:cf:30:db:d9:19, flags=11043(UP RUNNING MULTICAST BROADCAST )
3 addr(s): 192.168.8.30 2001:470:1f15:17ba:22cf:30ff:fedb:d919 fe80::22cf:30ff:fedb:d919
Detected interface virbr0/3, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST )
1 addr(s): 192.168.122.1
Detected interface vnet0/5, hwtype=1, maclen=6, mac=fe:54:00:49:3c:6f, flags=11043(UP RUNNING MULTICAST BROADCAST )
1 addr(s): fe80::fc54:ff:fe49:3c6f
There are 8 interfaces.
lo/1
eth0/2
virbr0/3
vnet0/5
lo1/1
eth5/2
en3/5
e1000g0/3
iface_mgr_unittest.cc:207: Failure
Value of: tmp->getName()
Actual: “vnet0”
Expected: “en3”
[ FAILED ] IfaceMgrTest.getIface (1 ms)


If this isn’t fixed for the release, I propose we simply disable it in the release branch.
1572 task 1326868754682390 1389878540361599 data source medium jinmei new DS query handling in database data source See #1571. We need to do the same thing for the `DatabaseClient`.
(But this should go to the backlog for the moment, according to
our current task priorities).
1589 task 1326889420293980 1328718171476250 Unclassified medium vorner new Portconfig redesign The isc::server_common::portconfig would need a little bit of redesigning. The logic with the state is not entirely clean, it might become an object holding the configuration and be able to apply it.

Also a better error handling might be helpful.

And it would be good if the portconfig::test_mode wouldn’t be necessary.
1590 defect 1326889474949114 1328718355583811 Unclassified medium vorner new Make SocketCreator not a singleton It might be cleaner to have a local object.
1591 defect 1326889550549884 1328718371895885 Unclassified medium vorner new Handle the case when application can’t inform boss about released socket. If the communication with the boss fails, it might end up in inconsistent state. We should at last kill the application and start over.
1592 task 1326889631478056 1328718386656768 Unclassified medium vorner new Move testutils/socket_request.h Moving it somewhere from testutils (possibly server_common/tests) will make it possible to have a corresponding .cc file and hide the details and gtest.h header.
1594 task 1326889844284424 1328718406743593 Unclassified medium vorner new Use different place for socketcreator master socket The unix domain socket is currently placed under /tmp. This might arguably not the best place for it, at last because of consistency. We should discuss it and move it somewhere else.
1609 task 1327054489254688 1368439257140873 dhcp medium UnAssigned stephen DHCP Outstanding Tasks assigned Review object breakdown of DHCP code Review the object structure of the BIND 10 DHCP code to date and make recommendations about any refactoring needed.
1624 defect 1327415052754054 1329823712899211 Unclassified medium jreed new Unable to start b10-msgq, but it is started and running I started bind10 —verbose:


2012-01-24 08:15:22.099 INFO [b10-boss.boss] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 20111129)
2012-01-24 08:15:22.119 DEBUG [b10-boss.boss] BIND10_CHECK_MSGQ_ALREADY_RUNNING checking if msgq is already running
2012-01-24 08:15:22.138 INFO [b10-boss.boss] BIND10_CONFIGURATOR_START bind10 component configurator is starting up
2012-01-24 08:15:22.158 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_BUILD building plan ‘{}’ -> ‘{’sockcreator’: {’priority’: 200, ‘kind’: ‘core’, ‘special’: ‘sockcreator’}, ‘msgq’: {’priority’: 199, ‘kind’: ‘core’, ‘special’: ‘msgq’}, ‘cfgmgr’: {’priority’: 198, ‘kind’: ‘core’, ‘special’: ‘cfgmgr’}}’
2012-01-24 08:15:22.176 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_RUN running plan of 3 tasks
2012-01-24 08:15:22.192 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on Socket creator
2012-01-24 08:15:22.214 INFO [b10-boss.boss] BIND10_COMPONENT_START component Socket creator is starting
2012-01-24 08:15:22.294 INFO [b10-boss.boss] BIND10_SOCKCREATOR_INIT initializing socket creator parser
2012-01-24 08:15:22.314 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-sockcreator (PID 8761)
2012-01-24 08:15:22.334 DEBUG [b10-boss.boss] BIND10_CONFIGURATOR_TASK performing task start on msgq
2012-01-24 08:15:22.354 INFO [b10-boss.boss] BIND10_COMPONENT_START component msgq is starting
2012-01-24 08:15:22.371 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-msgq
2012-01-24 08:15:22.619 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-msgq (PID 6349)
2012-01-24 08:15:27.753 ERROR [b10-boss.boss] BIND10_COMPONENT_START_EXCEPTION component msgq failed to start: Unable to connect to c-channel after 5 seconds
2012-01-24 08:15:27.757 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component msgq (pid None) failed with unknown exit status
2012-01-24 08:15:27.758 FATAL [b10-boss.boss] BIND10_COMPONENT_UNSATISFIED component msgq is required to run and failed
2012-01-24 08:15:27.759 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 1 of 3 done
2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes
2012-01-24 08:15:27.760 INFO [b10-boss.boss] BIND10_KILL_PROCESS killing process Socket creator
2012-01-24 08:15:27.761 WARN [b10-boss.boss] BIND10_SOCKCREATOR_KILL killing the socket creator
2012-01-24 08:15:27.769 FATAL [b10-boss.boss] BIND10_STARTUP_ERROR error during startup: Unable to start b10-msgq: Component failed during startup



Now it has been a few minutes b10-msgq hasn’t exited yet. I sent a term signal to it and it exited.

I could repeat this.
1625 defect 1327420316714945 1333469720780363 bind-ctl low jreed new config go to a list confusion
> config go Auth/listen_on
/Auth/listen_on> config show
Auth/listen_on[0]/address “::” string (default)
Auth/listen_on[0]/port 53 integer (default)
Auth/listen_on[1]/address “0.0.0.0” string (default)
Auth/listen_on[1]/port 53 integer (default)
/Auth/listen_on> config set Auth/listen_on[0]/port 5300
Error: /Auth/listen_on/Auth/listen_on[0]/port not found
/Auth/listen_on> config go /
> config show Auth
Auth/database_file “/home/reed/builder/work/BIND10/20120124093934-NetBSD5-i386/install/var/bind10-devel/zone.sqlite3” string (default)
Auth/datasources [] list (default)
Auth/statistics-interval 60 integer (default)
Auth/listen_on/ list (default)
> config go Auth/listen_on
/Auth/listen_on> config set [0]/port 5300



The show output is not prefixed with a slash, that makes it appear that the “go” didn’t work or that is configurables below current location. Maybe it should prefix a slash or only show the item, for example:


> config go /Auth/listen_on
/Auth/listen_on> config show
[0]/address “::” string (default)
[0]/port 53 integer (default)
[1]/address “0.0.0.0” string (default)
[1]/port 53 integer (default)

(Note above does not exist yet.)

1629 defect 1327506670328527 1359562886790256 logging medium UnAssigned jreed assigned logging with garbage in it See https://lists.isc.org/pipermail/bind10-dev/2011-December/002901.html

There was a timeout in a lettuce test on December 6.

Wait for bind10 stderr message CMDCTL_STARTED

The stderr output has garbage in it. (I piped through cat v so I could
paste it.)

}}

Today on same system I saw another corrupted log file :



macmini:system jreed$ grep
a –1 ‘[[:cntrl:]]’ ./ixfr/in-2/nsx2/bind10.run
cat -v
2012-01-25 03:58:52.408 DEBUG [b10-cmdctl.cmdctl] CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080
2012-01-25 03:58:52.429 012-01-25 03:58:52.428IINFO ^^ @^XFROUT_NEW_CONFIG Update xfrout configuration^^^^^^^^^^^^^^^^^^^^^^^<br>^2012-01-25 03:58:52.429 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done
2012-01-25 03:59:07.946 INFO [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_STARTED IXFR transfer of zone example/IN started



Looks like corruption in same place.
1630 task 1327515699493178 1327515699493178 Unclassified low jreed shane new Change automatic unit test reporter to warn if percentage of coverage goes down This item came up from the face to face meeting.

With our current policies, any new code should have unit tests. This means that our test coverage percentage should never go down.

The idea of this ticket is for the scripts that we run automatically to produce coverage reports to send an e-mail if it discovers that our test coverage has declined.
1631 task 1327516267222093 1329463682149414 Unclassified medium shane new Turn goals for documentation into a plan to produce This ticket comes from the BIND 10 face to face meeting. We came up with a proposed structure of documentation, and need to create a plan to actually making that happen.
1632 task 1327516567137440 1343912070022677 Unclassified medium jreed shane new Experiment using Doxygen for Python This action came out of the BIND 10 face to face meeting.

We currently use pydoc for our Python documentation, and doxygen for our C++ documentation. However, apparently doxygen can work for both.

We need to investigate what is needed to use doxygen for our Python documentation.
1636 task 1327565743235142 1344438981978028 Unclassified medium shane shane accepted Redesign the BIND 10 Wiki The BIND 10 wiki is not helpful for most people landing there. This needs to be redesigned.
1645 task 1328271184994582 1328271184994582 Unclassified medium shane new Add anti-spam facilities to Trac We are starting to have non-trivial amounts of Trac spam, so we need to investigate tools to block this when possible, or minimize the effects in some way.
1647 defect 1328523121240668 1328805729377714 xfrout medium jelte new logging in xfrout is incomplete
Some error conditions in xfrout should be logged, such as tsig key mismatch. See for starters https://lists.isc.org/pipermail/bind10-users/2012-February/000168.html but we should probably go through the module and add other log messages as well.
1652 enhancement 1328620423271737 1328820919398110 msgq low jreed new msgq write to stderr on startup and exit status If msgq has a failure when it attempts to start, it should write to stderr and also have return some exit status indicating the problem.

(As mentioned in F2F 2012-01.)
1653 defect 1328620761245706 1394116652575675 Boss of BIND very low jreed Common Outstanding Tasks new too much output at startup (As discussed at F2F 2012-01.)

Reduce the logging output for startup of bind10.

For example has both BIND10_COMPONENT_START and BIND10_STARTING_PROCESS at INFO. And other components indicate own startup too like RESOLVER_STARTING. Maybe use a DEBUG level for these?



1654 defect 1328620862874551 1328828613174652 xfrout very low jreed new reduce xfrout logging Reduce xfrout logging.

For example both of these are INFO:


2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration
2012-01-17 16:05:53.911 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done


Maybe one or both can be DEBUG.
1656 defect 1328621163310965 1392911711044514 Unclassified low jreed DNS Outstanding Tasks new ZONEMGR_NO_SOA should not warn when adding new zone It should not WARN the ZONEMGR_NO_SOA when adding a new zone.
1657 defect 1328621237107039 1328810368022696 Unclassified medium jreed new zonemgr should not ask for IXFR on new zone zonemgr should not ask for IXFR on new zone. It should do AXFR.
1658 enhancement 1328621723577463 1328821085547843 logging low jreed new log when adding new configuring new logging When adding or changing to a new logging configuration (loggers, output), then log about it to that new output — that is a single line to introduce it.
1659 defect 1328621858996557 1328812632272980 configuration medium jreed new be able to view default list configurations If using bindctl, you can view a list that has the default configurations. You should be able to view all configurations even if defaults (so don’t have to go find the spec file and interpret it manually).
1661 defect 1328622693273693 1328821109597944 bind-ctl low jreed new config go strangeness Check this out:


> config go Xfrin/transfers_in
/Xfrin/transfers_in> config go ..
/Xfrin> config go zones/
/Xfrin/zones> config go ..
/Xfrin> config go zones
/Xfrin/zones> config show
Xfrin/zones[0]/name “foo” string
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “192.168.2.3” string
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string
Xfrin/zones[0]/use_ixfr false boolean (default)
/Xfrin/zones> config go zones[0]/use_ixfr
Error: /Xfrin/zones/zones[0]/use_ixfr not found
/Xfrin/zones> config go [0]
/Xfrin/zones[0]> config show
Xfrin/zones[0]/name “foo” string
Xfrin/zones[0]/class “IN” string (default)
Xfrin/zones[0]/master_addr “192.168.2.3” string
Xfrin/zones[0]/master_port 53 integer (default)
Xfrin/zones[0]/tsig_key null string
Xfrin/zones[0]/use_ixfr false boolean (default)
/Xfrin/zones[0]> config go tsig_key
Error: /Xfrin/zones[0]/tsig_key not found
/Xfrin/zones[0]> config go /Xfrin/zones[0]/master_addr
/Xfrin/zones[0]/master_addr> config show
Xfrin/zones[0]/master_addr “192.168.2.3” string
/Xfrin/zones[0]/master_addr> config go ..
/Xfrin/zones[0]> config go master_addr
/Xfrin/zones[0]/master_addr> config go ..
/Xfrin/zones[0]> config go /Xfrin/zones[0]/tsig_key
Error: /Xfrin/zones[0]/tsig_key not found
/Xfrin/zones[0]> config show /Xfrin/zones[0]/tsig_key
Error: Xfrin not found
/Xfrin/zones[0]> config show /Xfrin
Error: Xfrin not found
/Xfrin/zones[0]> config go ..
/Xfrin> config go ..
> config show /Xfrin
Xfrin/transfers_in 10 integer (default)
Xfrin/zones/ list


Sometimes it works and sometimes it doesn’t. Notice how it can’t go into tsig_key. Also noitce that /Xfrin is not found.
1662 task 1328622766732752 1329823713576974 documentation medium jreed new documentation: logging quick start examples For the guide, have some quick start examples for logging in addition or instead of the tutorial.
1663 task 1328623332829622 1328627735816334 Unclassified medium jreed new doxygen generation automated on builder Add a doxygen build task to one system on the build farm.

The verbose output may need to be parsed or reduced and trigger failure on some types of issues.
1664 enhancement 1328623686802418 1328821126663106 build system low UnAssigned jreed new configure provide more help for building Have configure have some output about “If having problem building …” even in —help output.

Maybe point to documentation, websites, list addresses.
1670 enhancement 1328882972995808 1394116840891047 b10-auth medium Dr. Jeffry A. Spain DNS Outstanding Tasks new Ability to control version.bind output Question from the users mailing list:

In bind10-devel-20120119, how can the response to ‘dig @server version.bind. CH TXT’ be disabled in a manner equivalent to ‘options { version none; };’ in bind9? Thanks.

https://lists.isc.org/pipermail/bind10-users/2012-February/000184.html

AFAIK this is not possible, but it should be easy and useful to add.
1672 defect 1329168961119532 1392912620635197 resolver low Jeffry A. Spain DNS Outstanding Tasks new b10-resolver crashing with status 11 when compiled with —enable-boost-threads In my most recent build of bind10-devel-20110119, built according to http://bind10.isc.org/wiki/SystemNotesUbuntuOneiric, b10-resolver is failing after being given the query ‘dig @localhost jaspain.net a’, or any query for that matter. Most of the installed prerequisites are newer versions than those in the standard Ubuntu packages that I have used previously with success, so I will try to figure out which one may be causing the problem. Based on the following log excerpts, if you have a sense of where the problem lies, would you please let me know. Thanks.

The following is log from bind10-users mailing list. https://lists.isc.org/pipermail/bind10-users/2012-February/000216.html
Apparently any query caused resolver to crash.



2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_QUERY_ACCEPTED query accepted: ‘jaspain.net./A/IN’ from 127.0.0.1#37965
2012-02-12 23:00:20.613 DEBUG [b10-resolver.resolver] RESOLVER_NORMAL_QUERY processing normal query
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 2)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RECQ_CACHE_NO_FIND did not find in the cache, starting RunningQuery (resolve() instance 2)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone . in the NSAS
2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone .
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve <. IN NS> (resolve() instance 1)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.nsas] NSAS_FIND_NS_ADDRESS asking resolver to obtain A and AAAA records for l.root-servers.net.
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.613 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.676 DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone net.
2012-02-12 23:00:20.676 DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 20 of sockets disconnected, considering all its sockets closed
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 1855 of b10-resolver ended with status 11
2012-02-12 23:00:20.678 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 1855) failed with 11 exit status
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting
2012-02-12 23:00:20.678 WARN [b10-boss.boss] BIND10_START_AS_NON_ROOT_RESOLVER starting b10-resolver as a user, not root. This might fail.
2012-02-12 23:00:20.678 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-resolver
2012-02-12 23:00:20.685 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started b10-resolver (PID 1867)


1674 defect 1329257610581110 1392912596662655 resolver low jreed DNS Outstanding Tasks new confusing CACHE_RRSET_REMOVE_OLD

2012-02-14 18:32:18.196 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ams.sns-pb.isc.org./AAAA/IN to make space for new one


Why remove old RRSet on first query?
1675 enhancement 1329296537935503 1394116664953487 Boss of BIND medium vorner Common Outstanding Tasks new Allow specifying count in an component configuration Currently, if a user wants to run multiple instances of a component (eg. an auth for each core), multiple copies of the component configuration must be specified in Boss/components. It would be more convenient to have a `count` configuration variable and the system would start so many instances by itself.

If the isc.bind10.components.Component class is modified to take care of multiple processes or if multiple component objects are generated from single configuration element is to be decided.
1676 enhancement 1329296772886889 1329823718431454 Unclassified medium vorner new Differentiate instances of the same components in logs If multiple instances of a single component are running, it would be convenient to differentiate them in logs in case the outputs are mixed up (eg. have b10-auth-1, b10-auth-2, etc).

This might turn out to be an easy extension of #1675, when the system knows it should start n instances of single component, it could provide a different number as a command line argument to each of the instances and the component would modify its name in logs according to this.
1677 enhancement 1329297072638129 1329390620126168 Unclassified medium vorner new Remove local log level constants We defined the consistent debug levels (eg. `DBGLVL_START_SHUT`). However, when switching to them, we just redefined the constants used in the existing code to point to these, like this:

#!c++
const int DBG_AUTH_START = DBGLVL_START_SHUT;


This should be cleaned up and the local constants replaced by the global ones. This should be an easy search&replace, but it could be convenient to split it up into multiple tickets by the components, to have smaller diffs to review.
1679 enhancement 1329298384374814 1336568071055568 Unclassified medium vorner new Auto-generate backtraces & crash reports It would be good if whenever a process crashes, a crash report with some useful information is produced and saved somewhere, noted in a log and the admin is asked to send it. The idea is to use whatever is available in the system to get the information, for example use gdb to attach to the process and get the information or use some built-in methods. The crashing process could have a handler for registered all reasonable fatal signals and call a shell script with it’s PID and name and the script would write down system information, call gdb on the PID, produce the backtrace, etc…

It might make sense to register the signals for python too (in case it crashes in the wrapper code) and make sure any uncaught exceptions are caught at the highest level and written down to a file.

I attach a file which does that (from one of my own projects), it is slightly different, it produces the backtrace to the screen and leaves the gdb running, but it can illustrate the idea. While this relies on having gdb installed on the system and having debug information compiled in (which we could enable by default), it would at least increase the chance of getting useful bug report and make it easier for a user to generate them.
1683 task 1329315225571717 1332237437723377 Unclassified medium shane shane new Review all Trac tickets We need to go through our tickets on the Trac site and check the status of them all. Here’s a link:

http://bind10.isc.org/query?status=accepted&status=assigned&status=new&status=reopened&status=reviewing&max=1000&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&col=component&col=time&col=changetime&col=feature&order=id

There are over 600, so this will take awhile. Spending a couple hours a day will hopefully get this done in a month or so.
1685 task 1329315368637216 1329315368637216 Unclassified medium shane new Document and test security procedures We need to write down how we handle security bugs discovered in BIND 10.
1689 defect 1329387513525977 1392999621271534 Unclassified medium shane DNS Outstanding Tasks new Handle RRSIG TTL properly when combining multiple RRSIG into a single RRSet Apparently we improperly modify the TTL when we are dealing with RRSIG within an RRSet. This came out of discussion on ticket #152:

MessageImpl::parseSection() would still need to consider RRSIG type covered when it combines multiple RRSIGs into a single RRset. That would go to a separate ticket.
1694 enhancement 1329402017073627 1330431728587315 bind-ctl medium shane new bindctl should be able to run when BIND 10 is down This is a result of a comment in ticket #304.

Basically, bindctl should be able to do some things when BIND 10 is not running.
1700 task 1329906336862876 1329906336862876 Unclassified medium shane new Trac ticket dependency plugin We should try to get one of the plugins which supports dependencies between Trac tickets
1706 defect 1329928997058676 1330431986105718 msgq medium jreed new msgq exiting early? socket.error: [Errno 104] Connection reset by peer


2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 23285)
2012-02-22 11:20:34.342 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-auth (PID 23286)
2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-zonemgr (PID 23287)
2012-02-22 11:20:34.343 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats (PID 23288)
Traceback (most recent call last):
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 1040, in
xfrout_server = XfroutServer()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-xfrout”, line 922, in init
self.cc.start
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 211, in start
self.
send_spec
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 389, in
send_spec
answer, env = self.
session.group_recvmsg(False, seq)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, in
receive_full_buffer
raise se
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.error: Connection reset by peer
Traceback :
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 692, in
zonemgrd = Zonemgr
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 517, in
init
self.
setup_session()
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/libexec/bind10-devel/b10-zonemgr”, line 536, in setup_session
self.
module_cc.add_remote_config(AUTH_SPECFILE_LOCATION)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 349, in add_remote_config
answer, env = self.session.group_recvmsg
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 266, in group_recvmsg
env, msg = self.recvmsg
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 121, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 230, in receive_full_buffer
raise se
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 203, in
receive_full_buffer
self.receive_len_data
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 163, in
receive_len_data
new_data = self.receive_bytes
File “/home/jreed/builder/work/BIND10/20120222082222-CentOS5-x86_64-GCC/install/lib/python3.1/site-packages/isc/cc/session.py”, line 149, in
receive_bytes
data = self._socket.recv(size)
socket.error: [Errno 104] Connection reset by peer
2012-02-22 11:20:34.443 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 23278 of msgq ended with status 0

1707 defect 1329939626794526 1394116855912999 b10-auth medium jreed DNS Outstanding Tasks new Default configuration was used when mistake in different configuration Default configuration was used when mistake in different configuration:


2012-02-22 13:09:04.846 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created
2012-02-22 13:09:04.855 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Server configuration failed: Failed to open master file: /home/jreed/dnsbenchsuite/tests/root/root.zone.file-canonical
2012-02-22 13:09:04.887 INFO [b10-boss.boss] BIND10_SOCKET_GET requesting socket [::]:53 of type TCP from the creator
2012-02-22 13:09:04.888 ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 13/Permission denied
2012-02-22 13:09:04.889 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”)
2012-02-22 13:09:04.889 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load of configuration failed: Server configuration failed: “Error creating socket on bind”



The only change was the wrong name of the database filename. The config is:


{version 2, Auth {datasources [{zones [{origin “.”, file “/home/jreed/dnsbenchsuite/tests/root/root.zone-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]}}


So why did the second error above happen? Why did it use port 53?

Once I renamed the file, it started fine using port 5300 as expected.

I am not sure if this problem is in cfgmgr or auth.
1709 task 1330001822014872 1336467375269802 dhcp medium stephen DHCP Outstanding Tasks new Consider alternatives to IOAddress for DHCP DHCP code needs to get to low-level features of the address object and often needs to know if it is V6 or V4 and get information depending on the result. For this reason, a general IOAddress may not be the best address abstraction to use in DHCP. This ticket will propose an alternative.
1710 enhancement 1330003336406236 1330432045258370 bind-ctl low vorner new Sort output of config show Just look at config show of, let’s say, Boss/components. The components are not sorted, which makes it harder to get oriented in the output.
1716 defect 1330094081569678 1366910527020037 Boss of BIND very low jreed new use DEBUG for BIND10_LOST_SOCKET_CONSUMER and BIND10_SOCKET_CREATED instead of INFO 2012-02-24 08:13:53.616 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 23

2012-02-24 08:24:35.165 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 23 of sockets disconnected, considering all its sockets closed

Please use DEBUG instead.

(Also it would be nice if the “consumer 23” was identified by name or PID.)
1718 defect 1330109246747787 1330432064257185 data source low jreed new null data source From January 2012 face-to-face meeting:

Idea: create a null data source to check efficiency of the code. A null data source could also serve as an example if people want to build their own.
1719 task 1330109811186048 1330109811186048 Unclassified low jreed new Test with bad packets See #703

Automate tests/tools/badpacket to test auth and resolver with bad packets
1720 task 1330111359741972 1330111359741972 Unclassified medium jreed new add profiling make target As discussed at January 2012 face-to-face, make a —with-gprof configure option, and a make profile target which runs query_bench with some set of data.
1723 enhancement 1330524467215903 1331636636281371 statistics low jreed new access to stats via bindctl It is not very intuitive for accessing stats. For example to see some entries I tried: Stats show Auth rcode, Stats show Auth.rcode, Stats show auth.rcode.nxrrset, and some others before I learned that I should use “Stats show Auth rcode.refused”

I suggest we allow showing a group of stats like Stats show auth, Stats show auth.rcode, and specifically like Stats show auth.rcode.nxrrset.
1724 enhancement 1330524561795476 1331636645298930 statistics low jreed new access to stats via stats-httpd This is related to #1723, but want same for the HTTP interface. It would be nice if the following would work to show all items under auth.queries.

http://n10.isc.org:8000/bind10/statistics/xml/Auth/queries
1729 defect 1330530157958703 1331571605832006 statistics medium jreed new cc session timeout causes noisy traceback from b10-stats-httpd
Traceback (most recent call last):
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 203, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 163, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 149, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 827, in
stats_httpd = StatsHttpd
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 187, in
in it
self.open_mccs
File “/home/jreed/src/bind10/src/bin/stats/b10-stats-httpd”, line 199, in open_mccs
SPECFILE_LOCATION, self.config_handler, self.command_handler)
File “/home/jreed/src/bind10/src/lib/python/isc/config/ccsession.py”, line 186, in
init
self.
session = Session(socket_file)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 57, in init
env, msg = self.recvmsg(False)
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 121, in recvmsg
data = self.receive_full_buffer
File “/home/jreed/src/bind10/src/lib/python/isc/cc/session.py”, line 218, in
receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out
Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘_session’” in > ignored
2012-02-29 15:27:37.994 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 13233 of b10-stats-httpd ended with status 256


This is due to same problem as #1726.

But I open a new ticket since I think its failure should be friendlier, such as:


2012-02-29 15:27:46.824 ERROR [b10-xfrin.xfrin] XFRIN_UNKNOWN_ERROR unknown error: recv() on cc session timed out


or


2012-02-29 15:27:46.854 ERROR [b10-zonemgr.zonemgr] ZONEMGR_SESSION_TIMEOUT timeout on session to command channel daemon


By the way, those two examples maybe should use identical format for same error?

So original problem to be fixed in #1726. Make the output clean in this ticket.
1730 defect 1330531611749244 1332509420767998 Unclassified medium jreed new OpenBSD meta ticket OpenBSD openbsd5-64 5.0 amd64

But it is not enabled in the build farm yet due to some issues:

system include header ordering needs
#1644

incomplete pc file for botan and wrong filename for botan-config
#1640

perfdhcp.c uses pselect
#1639

IntervalTimerTest.invalidArgumentToIntervalTimer failure
#1727

python import and versioned modules
#1728

HashTest tests fail on OpenBSD
#1812

IfaceMgrTest.sendReceive6 test hangs on OpenBSD
#1824

CC Session timeouts / ConfigManager not responding (on OpenBSD)
#1829

install-sh issue on OpenBSD
#1835
1734 defect 1330551648536980 1331571692456641 Boss of BIND medium jreed new ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component … failed with 0 exit status I noticed this when I restart resolver and auth as in #1733.

I did:


> Resolver shutdown
> Auth shutdown


The logs showed:



2012-02-29 15:23:40.820 DEBUG [b10-resolver.cc] CC_GROUP_SEND sending message ‘{ command [ “stopping”, { module_name “Resolver” } ] }’ to group ‘ConfigManager’
2012-02-29 15:23:40.820 INFO [b10-resolver.resolver] RESOLVER_SHUTDOWN resolver shutdown complete
2012-02-29 15:23:40.827 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Resolver’ was sent
2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 11275 of b10-resolver ended with status 0
2012-02-29 15:23:40.828 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-resolver (pid 11275) failed with 0 exit status
2012-02-29 15:23:40.828 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-resolver is starting


Notice the “ERROR” for 0 exit status. That seems wrong. I don’t see any error here.

Then:



2012-02-29 15:23:45.847 DEBUG [b10-auth.datasrc] DATASRC_SQLITE_CLOSE closing SQLite database
2012-02-29 15:23:45.848 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache
2012-02-29 15:23:45.848 DEBUG [b10-cmdctl.cmdctl] CMDCTL_COMMAND_SENT command ‘shutdown’ to module ‘Auth’ was sent
2012-02-29 15:23:45.868 INFO [b10-boss.boss] BIND10_LOST_SOCKET_CONSUMER consumer 17 of sockets disconnected, considering all its sockets closed
2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 12084 of b10-auth ended with status 0
2012-02-29 15:23:45.870 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth (pid 12084) failed with 0 exit status
2012-02-29 15:23:45.870 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-auth is starting


Same thing again: ERROR for 0 exit status.

These don’t seem to be errors to me.
1737 enhancement 1330563639383383 1331636855978016 statistics low jreed new store statistics data on shutdown Feature request: store statistics data on shutdown and maybe re-use it on next startup. Not sure yet. Just opening this ticket so this idea can be recorded.

This is not a high priority, since other tools can fetch the XML and then manage how they want.
1740 defect 1330640620273079 1331577732027152 bind-ctl medium jreed new bindctl crash on stats set
> Stats set Boss boot_time 2012-02-03T22:49:49Z
Traceback (most recent call last):
File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ‘do’ + cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ’do_Stats’

During handling of the above exception, another exception occurred:

Traceback :
File “/home/reed/opt/bind10/bin/bindctl”, line 149, in
result = tool.run
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 138, in run
self.cmdloop
File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 466, in onecmd
Cmd.onecmd
File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 432, in default
self.
parse_cmd(line)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 568, in parse_cmd
self.
validate_cmd(cmd)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 399, in _validate_cmd
cmd.params[param_name] = isc.config.config_data.convert_type(param_spec, cmd.params[param_name])
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 112, in convert_type
map = ast.literal_eval(value)
File “/usr/pkg/lib/python3.1/ast.py”, line 49, in literal_eval
node_or_string = parse(node_or_string, mode=’eval’)
File “/usr/pkg/lib/python3.1/ast.py”, line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File “”, line 1
boot_time2012-02-03T22:49:49Z
^
SyntaxError: invalid token


Here is another different example:



File “”, line 1
last_update_time“2012-03-01T22:21:42Z”
^
SyntaxError: invalid syntax
1742 enhancement 1330693514506461 1331038947010571 message-library low stephen new Have message compiler exit with an error if a duplicate message ID is detected Ticket #1741 reports a case where a duplicate ID is used in a message file. This was only noticed by chance, as the message compiler outputs a warning message but otherwise exits normally.

The message compiler should be modified to output an error message when this condition is detected, and to exit with a non-zero status. That would cause a build to stop when a duplicate ID is found and so make the problem more obvious.
1743 task 1330700156041242 1391544186391937 data source medium jreed new [meta] support NSEC in in-memory datasource NXDOMAIN result only returns RRSIG for the SOA, but no NSEC.

(Additional task is lettuce test(s) — open new tickets as needed.)
1753 task 1330793748465085 1392999461740805 data source medium jinmei jinmei DNS Outstanding Tasks assigned use object pool for in-memory finder contexts By default ZoneFinder::Context needs to be allocated from heap
(by `new`) for every call to find(). The cost would not be negligible
for performance sensitive version like the one for the in-memory data
source.

I’d suggest introducing an object pool such as boost::object_pool
so the major resource of Context can be resused over multiple calls to
find(). I’d maintain the pool in the `InMemoryClient` that created
the finder and use the same pool for all zones.

The in-memory version of Context class will need to be “resettable” so
we release resources in the context when it goes back to the pool.
It will also require some modifications to the base Context call.
1755 defect 1330939939098902 1347891866607468 data source medium jinmei new “ANY_SUB” query in sqlite3_accessor needs to be updated See https://lists.isc.org/pipermail/bind10-dev/2012-March/003167.html

In short:
- we need to revise the query so ‘' will be placed last (and so we'll<br> probably have to use rname instead of name)<br>- let the caller append the '’

I also wonder whether this can correctly detect the following case:
Zone has b.example.com.
*.example.com.
Query a.b.example.com must result in NXDOMAIN, not wildcard match.
It’s nicer if we can confirm that too.
.
1761 enhancement 1331030390320577 1331635774132797 data source medium shane new Change the SQLite data source so that it supports binary labels See the thread started here:

https://lists.isc.org/pipermail/bind10-dev/2011-September/002630.html
1765 defect 1331144039722679 1331636583333687 bind-ctl medium jreed new config go, then config show datasources does no work

> config go Auth
/Auth> config show
database_file listen_on
datasources statistics-interval
/Auth> config show datasources
/Auth> config show Auth
/Auth> config show /Auth
Error: Auth not found
/Auth> config show data
database_file datasources
/Auth> config show_json
{datasources [{zones [{origin “smallzone”, file “/home/jreed/dnsbenchsuite/tests/smallzone/master.zone.file-canonical”}], type “memory”}], listen_on [{port 5300, address “127.0.0.1”}]}
/Auth> config show datasources
/Auth> config go /
> config show Auth/data
database_file datasources
> config show Auth/data
database_file datasources
> config show Auth/datasources
Auth/datasources[0]/type “memory” string
Auth/datasources[0]/class “IN” string (default)
Auth/datasources[0]/zones/ list
>



(notice tab completion in output above)

An additional problem is config show /Auth doesn’t work.
1766 enhancement 1331158406719092 1331636915476954 data source low jinmei new placeholder: python binding for ZoneFinder::Context It’s currently only in C++.

As discussed in http://bind10.isc.org/ticket/1607#comment:11
python binding wasn’t provided because it was not clear if we need it.

This ticket is a placeholder for it so we can revisit this point later.
1770 enhancement 1331287704347235 1396529381183472 xfrin medium jelte DNS Outstanding Tasks new xfrin command to show transfers in progress
It would be nice to have a command that shows transfers in progress in the xfrin module; possibly with some extended information from the information collected in #1280.
xfrin bindctl
1776 task 1331719471784379 1331917664425822 build system medium UnAssigned shane assigned git repository should set version to something Jeremy proposed that we should set the version string in our software to something. Right now it is whatever the last release was, or sometimes updated since then, but it is not helpful and sometimes misleading. Some notes are available in our [wiki:WeeklyMinutes20120313#Versioninthemasterconfigure.acJeremy5minutes meeting minutes].

Ideally we would set the version string to something like:

git-259eea4da2d634ee7cbf28eb34ac076d2a8ed50d

We would need a way to override this on our release branches, of course.

If we cannot do that, then possibly using just “git” or “master” as the version identifier is okay.
1777 enhancement 1331733353163112 1336592052344382 Unclassified medium jelte new resetting vectors in auth::Query
#1747 and its predecessors introduced three vectors for storing the rrsets that get added to response messages. These vectors currectly get reserved to contain 64 rrsets each, but in theory they might grow. It was suggested that if they ever become larger than this, it might be good to reset them (back to a reserved size of 64, or whatever value turns out to be good).

The idea is that if they are abnormally large, the are replaced by new vectors during reset(). In normal cases this wouldn’t happen (and the overhead is a size check for each). If much larger, the replacement should clear up unused memory for these.

But see the discussion in #1747
1797 defect 1331972495039357 1392811741870737 b10-auth medium jinmei DNS Outstanding Tasks new CNAME should include auth and additional b10-auth doesn’t include the authority and additional section
in the case of CNAME. This does not necessarily be incorrect per
the spec, but I don’t think it’s intentional but rather a bug.

I propose we handle it just like the SUCCESS case. (As a bonus)
this will also make the big, ugly switch of Query::process()
a bit more concise.

This should be a pretty easy task.
1801 task 1331999509260329 1336748005828429 Unclassified medium jelte new NSEC in-mem; lettuce tests for NSEC responses
Create lettuce tests for NSEC responses. On the one hand it should be relatively easy; the framework is already there (we have lettuce tests for NSEC3). OTOH, there may not be a clear (rfc-based) list on what tests to write.

Technically, this depends on #1800 (and #1799 and #1798), but in theory these could be written in parallel (or even before; BDD-style).
1811 task 1332132785079358 1336577058868652 Inter-module communication medium naokikambe new Consider how to address multiple instances As a result of #1751, each auth instance uses its own PID for addressing itself so that stats would identify one of multiple auth instances. But that way is a short-term narrow solution as discussed in [comment:ticket:1751:10]

Furthermore we need a long-term wide solution, not only between auth and stats, for addressing multiple instances.
1817 task 1332236902882641 1336577260560153 data source medium vorner new Cleanup object for SQLite3 statements We manually reset a SQLite3 statement each time it is used. This is both little bit too much code and can keep the statement not reset on some unexpected exception (which is not fatal, as we reset the statement before use again, but it is clearly not optimal).

The task is to create a class that would hold the statement and reset it on destruction and use it to hold the statements inside the methods using them.
1821 defect 1332341006212027 1336577914147394 Unclassified medium jreed new inconsistent verbose logging Some components honor a -v (or —verbose) switch to enable maximum debug logging.

But not all is set to maximum. For example, it provides complete logging for “auth” but not “datasrc”.

This is confusing.

One fix is to either clearly document this. Another fix is to make everything “*” logged at DEBUG 99 when using —verbose.
1822 task 1332342771530688 1336577964165257 logging medium jreed new review logging details The task(s) to review existing logging was discussed at the January 2012 F2F. http://bind10.isc.org/wiki/January2012MeetingMinutes#LoggingIssues

This probably needs to be broken up into separate tasks maybe by component level.

This is to:

Review readability and understandability of the log descriptions.

Confirm that the log severity is correct.

Confirm that debug levels are correct (for example 30 and below is useful for admins, but we have non-developer details at higher levels).

Do we have excess messages? Too many messages for same issue?

Missing useful logging?
1827 defect 1332430142589214 1340809921054942 build system medium UnAssigned muks new Install bind10 shared objects and other resources in versioned directories bind10 modules (.so) used to have a version in their filenames. Due to issues on OpenBSD, now they’re created without the version. Currently, bind10 modules are installed in `$prefix/libexec/bind10-devel/modules` whereas they should be installed in `$prefix/lib/bind10-devel-/modules` (note the change from libexec to lib and the version added to the directory name). The same should be done for the installation paths of any version-specific resources.

Whether we want to implement this should be discussed, and a list of what all need to be versioned should be made. This work would involve build system changes and also some minor changes to code for using the correct paths.
1830 defect 1332444460478829 1336644551015538 Unclassified medium jreed new traceback in cfgmgr shutdown The initial problem was caused by some cc session timeouts / cfgmgr not listening as seen in ticket #1829. But shutdown stills seems wrong:


2012-03-22 19:11:34.701 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component cfgmgr is being stopped
2012-03-22 19:11:34.702 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking cfgmgr to shut down

2012-03-22 19:11:35.729 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to cfgmgr (PID 25628)

2012-03-22 19:11:35.832 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to b10-cmdctl (PID 7154)
2012-03-22 19:11:35.837 INFO [b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to msgq (PID 16242)
Traceback (most recent call last):
2012-03-22 19:11:35.842 File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 107, in
sys.exit(main())
INFO File “/home/jreed/src/bind10/src/bin/cfgmgr/b10-cfgmgr”, line 95, in main
cm.run()
[ File “/home/jreed/src/bind10/src/lib/python/isc/config/cfgmgr.py”, line 526, in run
b10-boss.boss] BIND10_SEND_SIGKILL sending SIGKILL to cfgmgr (PID 25628)
2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 7154 of b10-cmdctl ended with status 9
2012-03-22 19:11:35.951 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 25628 of cfgmgr ended with status 9
2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 16242 of msgq ended with status 9
2012-03-22 19:11:35.952 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete


(Notice how logs are mixed. That is ticket #1704)
1835 task 1332509337004142 1389102214188351 build system medium jreed jreed accepted install-sh issue on OpenBSD

/bin/sh /bin/sh /home/jreed/src/bind10/install-sh d
//home/jreed/opt/bind10/var/bind10-devel

Caused by:
$c m 644
install_sh_PROGRAM = ${SHELL} $
c
install_sh_SCRIPT = ${SHELL} $(install_sh) c
mkinstalldirs = $ $
d
install_sh = ${SHELL} /home/jreed/src/bind10/install-sh


$ /bin/sh /bin/sh
/bin/sh[2]: syntax error: `(’ unexpected


The problem is caused by http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-lib_am_header-vars_am and http://www.openbsd.org/cgi-bin/cvsweb/ports/devel/automake/1.11/patches/patch-automake_in

I reported this to their ports team. I am opening this ticket to track it from our side too.
1837 task 1332770526219153 1336652421972022 Unclassified medium jelte new log/print b10-dbutil command when db is out of date
If any module (most probably b10-auth) finds that the sqlite3 database it is trying to use is out of date, it should log (or print, if it is a printed error) the command needed to upgrade it, including the full path to the database file(s)

e.g. ‘please run b10-dbutil —upgrade /foo/bar/bind10-zones.sqlite3’
1840 task 1332841559982496 1336654818626401 Unclassified medium jelte new handling several databases at once in b10-dbutil
Right now b10-dbutil can only upgrade one database at a time. It was suggested that it should perhaps be able to do multiple (as you can technically have several database backends at the same time). But it did not seem much of a priority when doing #963, so here is the deferred task.
1841 task 1332841736950079 1336745465447674 Unclassified low jelte new port b10-dbutil tests to lettuce
The tests created for b10-dbutil in #963 were done in shellscript. We should port them to lettuce tests (these really are system tests anyway)
1842 task 1332850908086397 1336654981957369 Unclassified medium vorner new Integrate the b10-dbutil into system start Currently, if the database schema is old, the system starts, but will complain about the problem somewhere in the middle of logs. That is too late.

We should integrate a call to `b10-dbutil —check` into the startup, before anything that would provide service is attempted and if it fails, don’t attempt to start it. This task will probably need to be split into smaller ones:
* Support for „synchronous“ commands in the boss (currently, a component is forked off and we don’t care much any more until it fails, but this should start it and wait for the process to terminate, either successfully or fail).
* Add support to dbutil to read the list of databases from configuration through the message queue.
* Include the dbutil invocation in the guide how to enable and start auth.
1844 defect 1332851322907622 1336655517870037 bind-ctl medium vorner new The config unset help is wrong If I execute the above command, it prints this:

> config unset help
Command unset (Unset a configuration value (i.e. revert to the default, if any).)
help (Get help for command)
Parameters:
identifier (string, mandatory)
The identifier specifies the config item. Child elements are
separated with the ‘/’ character. List indices can be
specified with ‘[i]’, where i is an integer specifying the
index, starting with 0. Examples: ‘Boss/start_auth’,
‘Recurse/listen_on[0]/address’. If no identifier is given,
shows the item at the current location.


Which is wrong for several reasons:
* The examples are outdated, these no longer exist.
* It says it is mandatory, but still includes the „If no identifier is given“ condition.
* Talks about showing the item, not clearing it.
1848 defect 1332859129521998 1355947936419631 Unclassified medium jreed new msgq disappeared causes great shutdown confusion I received:


2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared


I don’t know what caused this. This ticket is mostly about what happens next. It is “fatal” so boss starts a BIND10_SHUTDOWN as expected.


2012-03-27 07:22:22.964 FATAL [b10-boss.boss] BIND10_MSGQ_DISAPPEARED msgq channel disappeared
2012-03-27 07:22:22.964 INFO [b10-boss.boss] BIND10_SHUTDOWN stopping the server
2012-03-27 07:22:22.965 ERROR [b10-boss.config] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_CONFIGURATOR_STOP bind10 component configurator is shutting down
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component Socket creator is being stopped
2012-03-27 07:22:22.965 INFO [b10-boss.boss] BIND10_SOCKCREATOR_TERMINATE terminating socket creator
Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in
sys.exit(main())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main
cm.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run
answer = self.handle_msg(msg);
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg
2012-03-27 07:22:22.967 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component msgq is being stopped
answer = self.handle_module_spec)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, in
handle_module_spec
spec.get_full_spec())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in send_module_spec_to_cmdctl
self.cc.group_sendmsg
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg
}, isc.cc.message.to_wire)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg
cc = self.
socket.send(data)
socket.error: [Errno 32] Broken pipe
2012-03-27 07:22:22.967 ERROR [b10-auth.cc] CC_READ_ERROR er2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_COMPONENT_STOP component b10-auth is being stopped
2012-03-27 07:22:22.976 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking b10-auth to shut down
2012-03-27 07:22:22.977 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 7 done
ror reading data from command channel (End of file.)2012-03-27 07:22:22.977 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
2012-03-27 07:22:22.977 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe

2012-03-27 07:22:22.980 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-27 07:22:22.982 FATAL [b10-auth.cc] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
2012-03-27 07:22:22.982 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: ASIO write failed: Broken pipe
2012-03-27 07:22:22.970 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.)
2012-03-27 07:22:22.984 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56861 of b10-auth-4 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56860 of b10-auth-2 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56859 of b10-auth-3 ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56858 of b10-auth ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56851 of cfgmgr ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56850 of msgq ended with status 256
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 56849 of Socket creator ended with status 0
2012-03-27 07:22:23.977 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete



The above is much to noisy and doesn’t give me much clue on what happened.
1849 defect 1332876790346463 1336661869166721 Unclassified medium jreed new traceback in msgq self.sendbuffs (as previously mentioned in #1847)

This is on the macmini system:


Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 551, in
msgq.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 460, in run
self.run_poller()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 479, in run_poller
self.process_write
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-msgq”, line 391, in
process_write
(_, msg) = self.sendbuffs[fileno]
KeyError: 8323074


I have it configured for four b10-auth components. This happens maybe one out of every five times I try. I have seen it maybe 6 times.
1850 defect 1332877306895467 1336729330422770 Unclassified medium jreed new core dump at isc::server_common::portconfig::installListenAddresses when Error while reading data from cc session on macmini:

core from b10-auth


#0 0x930a3176 in __kill ()
#1 0x930a3168 in kill$UNIX2003 ()
#2 0x9313589d in raise ()
#3 0x9314b9bc in abort ()
#4 0x00653347 in isc::server_common::portconfig::installListenAddresses ()
#5 0x0000d29d in AuthSrv::setListenAddresses ()
#6 0x0001bccc in (anonymous namespace)::ListenAddressConfig::build ()
#7 0x0001b0e3 in configureAuthServer ()
#8 0x0000dce6 in AuthSrv::updateConfig ()
#9 0x00024f89 in (anonymous namespace)::my_config_handler ()
#10 0x00396760 in isc::config::ModuleCCSession::handleConfigUpdate ()
#11 0x003985c1 in isc::config::ModuleCCSession::ModuleCCSession ()
#12 0x00025846 in main ()


This was configured with four b10-auth components.

I think the corresponding logging is:


2012-03-27 12:32:10.427 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file.


There were several “Error while reading data from cc session” and CC_READ_ERROR and a traceback in b10-cfgmgr at same time:


Traceback (most recent call last):
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 112, in
sys.exit(main())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/libexec/bind10-devel/b10-cfgmgr”, line 100, in main
cm.run()
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 558, in run
answer = self.handle_msg(msg);
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 535, in handle_msg
answer = self.handle_module_spec)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 485, in
handle_module_spec
spec.get_full_spec())
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/config/cfgmgr.py”, line 511, in _send_module_spec_to_cmdctl
rver_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Error while reading data from cc session: End of file.
self.cc.group_sendmsg(spec_update, “Cmdctl”)
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg
2012-03-27 12:32:10.427 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-auth-4 (pid 34532) failed: process exited normally with exit status 256
}, isc.cc.message.to_wire(msg))
File “/Local/Users/jreed/dnsbench/work/master/20120327130322/install/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg


(note that some regular logging is mixed in above)
1851 defect 1332881865392315 1360930892151771 Unclassified medium UnAssigned jreed assigned finding python modules should not append for example my installed bind10 has:


import sys; sys.path.append (‘/var/users/jreed/dnsbench/work/master/201203272003
37/install/lib/python3.1/site-packages’)

from bind10_config import LIBEXECPATH


But the LIBEXECPATH is defined from the /usr/local/lib/ version of bind10_config.py and not my version in my path above.

This causes all types of confusion when communicating with wrong msgq and cfgmgr so gets wrong configurations.
1854 enhancement 1332944504898895 1336730512437894 Unclassified medium jreed new directory for configuration files Currently for in-memory datasource (and other configurations), the file may be an absolute path to the master zone file or it is relative to the directory BIND 10 is started from.

That behavior may be dangerous I think since you never know where the admin will be located when running bind10 boss.

But it is useful for testing.

We should have some default directory configurable.

And if not set this means relative. (jelte’s idea from jabber) (Or maybe set to “.” for relative?)
1855 defect 1332945511404703 1336730692492694 Unclassified medium jreed new Error: Unknown configuration identifier: datasources/ Reporting error… should say what is missing or wrong:



> config set Auth/datasources[0]/type “”
> config commit
Error: Unknown configuration identifier: datasources/
Configuration not committed



2012-03-28 10:17:07.641 ERROR [b10-auth.auth] AUTH_CONFIG_UPDATE_FAIL update of configuration failed: Unknown configuration identifier: datasources/
2012-03-28 10:17:07.642 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Unknown configuration identifier: datasources/


I was attempting to change a working “memory” zone to “” to disable it (as a test).
1859 defect 1333031352406559 1336731045404127 Unclassified medium jreed new many auth servers results in Unable to open domain socket on macmini I can reproduce the following frequently on the macmini system by attempting to run around 15 b10-auth components:



2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 19, to “4f746d5e_12@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3455974382” } ] }’)
2012-03-29 07:10:38.818 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘{ from “4f746d5e_3@macmini.lab.isc.org”, group “Boss”, instance “*”, reply 2, seq 18, to “4f746d5e_11@macmini.lab.isc.org”, type “send” }’, ‘{ result [ 0, { path “/tmp/sockcreator-SWQsjy/sockcreator”, token “t3513635662” } ] }’)
2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused
2012-03-29 07:10:38.819 FATAL [b10-auth.server_common] SRVCOMM_EXCEPTION_ALLOC exception when allocating a socket: Unable to open domain socket /tmp/sockcreator-SWQsjy/sockcreator: Connection refused
2012-03-29 07:10:38.819 INFO [b10-boss.boss] BIND10_SOCKET_CREATED successfully created socket 37


Other times I get other failures like in #1850 or like:



2012-03-29 07:13:47.201 ERROR [b10-auth.cc] CC_READ_ERROR error reading data from command channel (End of file.)
2012-03-29 07:13:47.201 DEBUG [b10-auth.cc] CC_DISCONNECT disconnecting from message queue daemon
2012-03-29 07:13:47.202 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
2012-03-29 07:13:47.202 DEBUG [b10-auth.datasrc] DATASRC_CACHE_DESTROY destroying the hotspot cache


(Also often my sockcreator is left running.)

I used the following script to generate my configuration:



#!/usr/bin/awk -f

BEGIN{

print “{ersion 2,”;

print “uth {atasources [”;
print “{ones [{rigin xample ile ests/smallzone/master.zone.file-canonical}], ype emory}],”;
print “isten_on [{ort 5300, ddress 27.0.0.1}]},”;

print “oss {omponents {”;

for (i = 1; i <= ARGV[1]; i++) {

print “10-auth-” i “ {ind eeded pecial uth}”;

if (i < ARGV[1]) { print “,”; }

}

print “
”;

}



The command line argument is the number of b10-auth components to run.

I think this is a macmini or portability issue. I can run 50 of the b10-auth server components on Linux fine.

1861 defect 1333129676122232 1350619070112693 data source medium jinmei new SQLite3 DB creation code should be consolidated With the introduction of b10-dbutil, we now have 4 places that create
initial DB file for the SQLite3 data source:
- isc.datasrc.sqlite3_ds Python module (used by b10-loadzone)
- two places in C++ libdatasrc (old and new APIs)
- b10-dbutil (although, technically, it only does ‘upgrade’ rather than ‘create’)

This is obviously bad. Although some of the above will be retired
(hopefully) soon, we should basically maintain the DB schema only in a
single place.

My suggestion is to introduce a python module that defines the latest
SQLite3 schema, and have dbutil use it. b10-dbutil wold also have a
“create” option, and on ‘make install’ we not only check compatibility
but also create a new one if the DB file doesn’t exist.

After that, remove the DB creation code from libdatasrc.
1862 enhancement 1333129799230681 1336126333995496 data source medium jinmei new have b10-dbutil reports upgrade progress It could take long time to upgrade a large SQLite3 DB file to
a new version. It would be nice if it could keep showing the progress
like b10-loadzone.
1864 defect 1333137073260916 1336731070940783 Unclassified medium jreed new bindctl help help is indented too many help in bindctl shows indented “help”. It has one too many tabs:


$ echo Stats show help
bindctl cat -tv
Command show I (Show the specified/all statistics data)
I^Ihelp (Get help for command)
Parameters:
owner (string, optional)
module name of the owner of the statistics data
name (string, optional)
statistics item name of the owner

Exit from bindctl
1865 task 1333139411442035 1336126350407522 libdns++ medium UnAssigned jinmei new python wrapper for findNSEC3 Not for any urgency, but for completeness. Shouldn’t be difficult.
1867 task 1333175462970721 1394116865894633 b10-auth medium jinmei DNS Outstanding Tasks new use util::io::SocketSessionForwarder for passing xfr from auth to xfrout I believe this will also help resolve various issues in xfrout such as
busy loop-like problem. Both auth and xfrout need to be updated, but
that will probably be too big for a single task, so I propose we first
update auth, only with unittests, and keeping the current code for the
actual operation. xfrout part is #1868.

Once the xfrout part is completed, we’ll switch the auth part too.
1868 task 1333175654854404 1334677602625827 xfrout medium jinmei new use SocketSessionReceiver for receiving xfr messages from b10-auth at xfrout This is the xfrout part of #1867 (and depends on it).

With this change, we can also eliminate the hack of `_guess_remote()`
because the `SocketSession` framework also forwards the source address
information.

We’ll also update b10-auth to enable the code using
`SocketSessionForwarder` for forwarding xfr messages.
1871 defect 1333237139536879 1353314743437578 build system medium UnAssigned jinmei new cleanup: unify pydnspp and isc.dns to the latter Just as we agreed before.

Also, it’s probably better to move src/lib/dns/python to
src/lib/python/isc/dns.

1874 defect 1333551385070802 1336731318521911 Unclassified medium jreed new xfrout traceback EOF read where not expected This is on OpenBSD. I started bind10 as non-root using no custom configuration.


2012-04-04 14:46:24.649 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-xfrout is starting
2012-04-04 14:46:24.743 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-xfrout

2012-04-04 14:46:25.229 INFO [b10-boss.boss] BIND10_SOCKET_GET requesting socket [::]:53 of type TCP from the creator
2012-04-04 14:46:25.229 ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 1/Operation not permitted
2012-04-04 14:46:25.231 ERROR [b10-auth.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”)
2012-04-04 14:46:25.231 ERROR [b10-auth.auth] AUTH_CONFIG_LOAD_FAIL load of configuration failed: Server configuration failed: “Error creating socket on bind”
2012-04-04 14:46:25.233 INFO [b10-auth.auth] AUTH_SERVER_STARTED server started
Traceback (most recent call last):
File “/home/jreed/builder/work/BIND10/20120404131458-OpenBSD5-amd64/install/libexec/bind10-devel/b10-xfrout”, line 30, in
from isc.notify import notify_out
2012-04-04 14:46:25.470 File “/home/jreed/builder/work/BIND10/20120404131458-OpenBSD5-amd64/install/lib/python3.2/site-packages/isc/notify/init.py”, line 1, in
from isc.notify.notify_out import *
INFOEOFError: EOF read where not expected
[2012-04-04 14:46:25.535b10-stats.stats2012-04-04 14:46:25.540] STATS_STARTING startingINFO
[b10-boss.boss] BIND10_PROCESS_ENDED process 8258 of b10-xfrout ended with status 256
2012-04-04 14:46:25.545 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component b10-xfrout (pid 8258) failed: process exited normally with exit status 256
DEBUG [b10-cmdctl.cmdctl] CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080
2012-04-04 14:46:25.614 DEBUG [b10-stats-httpd.stats-httpd] STATHTTPD_STARTING_CC_SESSION starting cc session
2012-04-04 14:46:25.637 INFO [b10-stats-httpd.stats-httpd] STATHTTPD_STARTED listening on 127.0.0.1#8000
2012-04-04 14:46:34.751 INFO [b10-boss.boss] BIND10_COMPONENT_START component b10-xfrout is starting
2012-04-04 14:46:34.751 INFO [b10-boss.boss] BIND10_STARTING_PROCESS starting process b10-xfrout
2012-04-04 14:46:35.068 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration
2012-04-04 14:46:35.069 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG_DONE Update xfrout configuration done


First time xfrout failed, but it was restarted.
1875 enhancement 1333551990124337 1392999665435486 Unclassified medium jreed DNS Outstanding Tasks new bindctl query zone database For troubleshooting, it may be useful to allow bindctl to query the zone database(s) to bypass DNS server, bypass ACLs, etc. Maybe a DataSrc module, such as:


$ echo datasrc query name=www.example.net class=IN type=A
bindctl
{
Zone “example.net.”,
Datasrc “in-memory”,
name “www.example.net.”,
class “IN”,
ttl 1200,
type “A”
}


(Something like that.)

This is a low priority feature request.
1876 enhancement 1333552555735348 1373458366327233 configuration medium jreed new consistent and lowercase configuration command names, module names Configuration command names should match the executable names or maybe the name without the b10-prefix. Or allow both to work.

For example: “stats-httpd show”.

Lower case bindctl commands should work.

And related (from jinmei): I’d also suggest we generally be more consistent about “Auth” vs “auth” etc, and I’d rather use the latter more consistently. For example, the module name for auth in the spec file could be “auth”, instead of Auth module_name “Auth”,

I think this is one task, but if not, then make a separate ticket for this.
1877 enhancement 1333552920154173 1336731623052919 bind-ctl medium jreed new bindctl: help module command bindctl “help” should be more intuitive. “Stats help show” does not work. “Stats show help” does work. Jelte suggested: “help stats show” — we have three other votes for this feature suggestion of “help module command”.

(The lowercase module name is ticket #1876.)

Also while here maybe the help output should restate the module name:


> help stats show
stats Command show (Show the specified/all statistics data)
help (Get help for command)
Parameters:
owner (string, optional)
module name of the owner of the statistics data
name (string, optional)
statistics item name of the owner


Not sure what to do with the “help” in example above if we’d keep that syntax too.
1879 defect 1333576723604465 1339224705535780 Unclassified medium jinmei new unify “scoped socket” helper class We have several copies of something like `ScopedSocket` (see, e.g.,
src/lib/util/io/socketsession.cc). To avoid having duplicate code
we should unify them. maybe it makes most sense to be moved from
inside socketsession.cc to a separate header file under util/io, and
have all others refer to it.

See also http://bind10.isc.org/ticket/1820#comment:8
1881 enhancement 1333646112010919 1394116881176322 b10-auth medium jreed DNS Outstanding Tasks new b10-auth behavior when XFR not expected to answer This is from this https://lists.isc.org/pipermail/bind10-dev/2011-December/002961.html thread on bind10-dev mailing list:

On Tue, 20 Dec 2011, JINMEI Tatuya / ???? wrote:

> It’s also strange to me that b10-auth still doesn’t consume 100% CPU
> time even if it should be too busy and actually drops queries.
>
> Maybe related to this point, I guess we should allow b10-auth simply
> returns REFUSED or some other error to xfr requests immediately if
> it’s not expected to answer them. The ability of disabling xfrout is
> nice, but what it currently means that b10-auth tries to forward the
> requests but fails to establish a connection to xfrout (resulting in
> an exception) for every request. That’s an obvious waste, and maybe
> that’s the reason for the idle time.
1886 defect 1334253307817980 1336745646607449 Unclassified very low jreed new CACHE_LOCALZONE_UNKNOWN and CACHE_MESSAGES_UNKNOWN key should show the RR type 2012-04-12 17:43:40.363 DEBUG [b10-resolver.cache] CACHE_LOCALZONE_UNKNOWN entry with key k1.isc.org.28 not found in local zone data

2012-04-12 17:43:40.363 DEBUG [b10-resolver.cache] CACHE_MESSAGES_UNKNOWN no entry for k1.isc.org.28 found in the message cache


So instead of “28” should show “/AAAA” (see CACHE_RESOLVER_LOOKUP_MSG for example).
1887 defect 1334266643626730 1336732005305853 bind-ctl medium jreed new config show junk does not fail
> config show kfhdkjdfhkj
>


I think this should say:


Error: kfhdkjdfhkj not found


On a related note:


> config show Auth/lkfsdhkjdshjk
Error: lkfsdhkjdshjk not found
>


I think that should say:


Error: /Auth/lkfsdhkjdshjk not found

1888 defect 1334266955271552 1391062406615661 Unclassified low jreed new What is IncompleteName?
> config add Xfrout/zone_config
> config diff
{’Xfrout’: {’zone_config’: [{’origin’: ’’}]}}
> config commit
2012-04-12 21:40:56.298 INFO [b10-xfrout.xfrout] XFROUT_NEW_CONFIG Update xfrout configuration
2012-04-12 21:40:56.302 ERROR [b10-cmdctl.cmdctl] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Failed to handle new configuration: IncompleteName
Error: Failed to handle new configuration: IncompleteName
Configuration not committed


Maybe the error should be more precise on what is incomplete? (origin)
1898 defect 1334680812652536 1355845517550153 logging medium jreed new losing startup and ongoing bind10 logs Even if all logging is configured to go to a defined file destination, at startup (-verbose) 130 lines were still output to console. Also later logs may still go to it; see #1897 and #1190. This is noisy and the admin will need own way to manage these separate logs.

See http://bind10.isc.org/wiki/WeeklyMinutes20120326
and https://lists.isc.org/pipermail/bind10-dev/2012-March/003281.html for discussion.

(Not yet putting suggestions into this ticket. Just opened this ticket so not forgotten.)
1902 defect 1334921275984501 1336126493899654 libdns++ medium UnAssigned muks new pydnspp should implement wrapper for NameParserException pydnspp should implement wrapper for NameParserException so that Python scripts can catch NameParserException instead of providing a tuple of various child exceptions.
1903 enhancement 1334943597459011 1336743058191068 Boss of BIND low jreed new allow bind10 —data-path to be used for msgq_socket (and others) Ran “bind10 p ~/tmp" fails with:
}}

That doesn’t tell why.

Also why is BIND10_SOCKCREATOR_KILL done?

Run it again with
v:


Traceback (most recent call last):
File”/usr/local/libexec/bind10-devel/b10-msgq“, line 545, in
setup_result = msgq.setup()
File”/usr/local/libexec/bind10-devel/b10-msgq“, line 194, in setup
self.setup_listener()
File”/usr/local/libexec/bind10-devel/b10-msgq“, line 180, in setup_listener
raise e
File”/usr/local/libexec/bind10-devel/b10-msgq", line 173, in setup_listener
self.listen_socket.bind(self.socket_file)
socket.error: [Errno 13] Permission denied


Now I see the manual page already mentions that —data-path doesn’t support it yet but may be extended.

I am opening this ticket as a feature request so it will work for msgq and other files.
1904 defect 1334951192497114 1336745705538784 cmd-ctl very low jreed new cmdctl configurations and non-root If trying to run bind10 without privileges but was installed to system directories then cmdctl can’t read its data files. And so can’t use bindctl to modify the cmdctl configurable settings to select different cmdctl data files. (BIND 10 was installed by someone else and I did’t have root permission on the system when I tried.)

There probably should be an easier way.

This is low priority. But just opening this so it is not forgot.
1905 defect 1335168057204932 1398197069485483 build system medium UnAssigned cas assigned error compiling BIND 10 on Solaris 10 x86pc High level error:

configure:15298: error: Can’t compile against Python.h

error in config.log:
/opt/csw/lib/gcc/i386-pc-solaris2.10/4.6.3/include-fixed/sys/feature_tests.h:341:2: error: #error “Compiler or options invalid for pre-UN
IX 03 X/Open applications and pre-2001 POSIX applications”
1910 defect 1335306460292381 1384947936854931 build system high jreed shane assigned “make install” failure I am trying to install BIND 10 and it fails, complaining about py-compile:


test -z “/tmp/bind10/lib/python3.2/site-packages/isc/datasrc”
/bin/mkdir p “/tmp/bind10/lib/python3.2/site-packages/isc/datasrc”
/usr/bin/install
c -m 644 init.py master.py sqlite3_ds.py ‘/tmp/bind10/lib/python3.2/site-packages/isc/datasrc’
../../../../../py-compile: Missing argument to —destdir.
make[7]: * Error 1
make[7]: Leaving directory `/home/shane/tmp/bind10/src/lib/python/isc/datasrc’
make[6]:
* [install-am] Error 2
make[6]: Leaving directory `/home/shane/tmp/bind10/src/lib/python/isc/datasrc’
make[5]: * [install-recursive] Error 1
1913 task 1335400589251896 1335400589251896 libdns++ medium UnAssigned jinmei new task breakdown for MasterLexer class Assuming we agreed with introducing something like the `MasterLexer`
class (the name is still tentative) briefly described in
http://bind10.isc.org/wiki/ZoneLoadingAPIDesign
we’ll break its implementation into actual task(s) of a bitable size.

What we do is:
- understand BIND9’s lib/isc/lex.c, especially its isc_lex_gettoken()
- fix the class definition, simplifying the BIND 9 version for our
purpose
- define a set of tasks to implement it
1915 task 1335691466166465 1366960973250933 msgq medium vorner new Convenient way of receiving and sending notifications The CC library should have a function to:
* Send a notification by the name of the notification and possibly parameters (slim wrapper around group_sendmsg, mostly just mangling the recipient name).
* Register a callback which will be called whenever there’s a notification of a given name.
* Unregister a notification.

We said the notifications will use some part of the channel namespace, so for
example to notify about a new zone, we’d send a message to the address
`notifications/new-zone-data` with parameter containing the zone origin and
class, maybe even which datasource it is in. The used convention should be
documented.

The receiving of notifications might depend on #1914, but it is maybe easier to
solve by a CC-global map of channels and callbacks independently. Maybe at
least the callback class (or whatever it will be) from #1914 should be reused.

It should be considered what happens when the same notification is registered
multiple times with different callbacks and how to unregister them. While being
able to receive multiple callbacks from the same event is more convenient as
independent parts of code need not to worry about it, it might also be more
complex inside CC then. The decision should be clarified in documentation.
1916 task 1335691891330235 1363702793258173 msgq medium vorner new Convenient RPC We need methods `remote_call_sync` and `remote_call_async` on the CC session.
They will be mostly wrappers around `group_sendmsg`, `group_recvmsg` and
whatever the new method of #1914 will be called.

The synchronous one should take the name of module, the command and parameters.
The result should be returned as the return value of the method. If an error is
returned, it should be turned into an exception.

The asynchronous one should get a callback which will be called with either the
result or error, but the case should be signalled by a boolean parameter (so it
doesn’t have to parse the result).

This will rely on #1914.
1917 task 1335692134735404 1337097952242646 msgq low vorner new Python wrappers for C++ version of CC session As we want to get rid of separate implementations of python and C+ libraries
for this communication, we need to implement the wrapper of the C
+ code. The
interface should be similar to the current python one, to minimize the amount
of porting of modules to the new interface.

It should include new methods from #1914, #1915 and #1916. This ticket should
either wait for them to finish or it can be split into two parts, one of which
is implemented beforehead to allow more parallelism.
1919 task 1335692619296160 1335692619296160 msgq medium vorner new Shutdown command of msgq After #1918, we want to add a command to shut down the message queue. This one can then be used in boss on system shutdown.

We don’t want to quit the message queue until the shutdown is sent to all modules. This should be solved by some smart ordering inside the boss in the long term, but we may want to have a short delay in the msgq shutdown just for now.
1921 task 1335693198161257 1335693198161257 msgq medium vorner new Connection and disconnection notifications The system needs to be notified of modules connecting and disconnecting from the msgq. It should be reported by the msgq daemon itself.

This depends on #1918.
1922 defect 1335693380290015 1335693380290015 configuration medium vorner new Get rid of the „Shutting down“ message Currently, the config manager needs to know when a module shuts down. The
notification is now sent by the module itself, before it shouts down. This is
unreliable. We should switch to the notifications from ticket #1921 and drop
the current shutting down command.
1923 task 1335696977149216 1337097957711134 msgq low vorner new Multi-component addressing This task should expand the addressing capabilities of msgq. Assume that `xyz`
is the name of one of the channels there. A message sent there will be
delivered to all clients subscribed to the channel. A message sent to `xyz[i]`
(variable `i`, for example `xyz[1]`) should be delivered to `i`-th client
subscribed to the channel (in some deterministic ordering of the clients). A
message sent to `xyz[*]` (literal `*`) is sent to a randomly chosen client
subscribed to the channel (new random choice for each message sent there).
1925 task 1335698065785955 1335698065785955 msgq medium vorner new Answer tracking in msgq If a message contains `’needs-answer’: true`, the message queue needs to track
the message and the answer to it. If the recipient does not send an answer and
disconnects, or if a (configurable, with large default) timeout happens, the
recipient should be notified by an error. This will help remove the tracking of
timeouts from all modules and also make them centrally configurable. Majority
of the error cases will be solved without timeouts.
1926 task 1335698530464408 1335698530464408 msgq medium vorner new RPC reliability The goal here is to take the methods of #1916 and include the `’needs-answer’: true` in the header part of the messages sent out. Also, we want to remove the timeout handling from modules, as all errors should be handled in msgq in tickets #1924 and #1925.

Also, to make sense with multi-instance components, the recipient of RPC message should be done with `[*]`, as we want exactly one answer (as per #1923).

The dependency on #1924 and #1925 is soft ‒ the code will work without the changes, but the errors wouldn’t be handled.
1928 task 1335699740527867 1367825737994614 msgq medium vorner new Msgq tests: failure modes In addition to #1927 (which should be done first, as we may want to reuse a lot
of the code there), we should also test the failure modes, like unclean
connection drops (in the middle of receiving or sending a message), protocol
violations, infinite blocking, sending a message to self, etc. We need to make
sure the daemon will not crash and will continue to provide service to at least
other connections.
1929 task 1335700387752667 1335700387752667 msgq medium vorner new Msgq tests: stresstesting This is continuation of #1926. The goal here is to test the situation where the message system is under stress and check it doesn’t crash or misbehave. This includes:
* Some very large messages.
* A lot of messages.
* A lot of concurrent connections.
* A message that is sent or received only partially and there’s other traffic going elsewhere.
1933 defect 1335914409993651 1394116912240678 b10-auth medium jreed DNS Outstanding Tasks new very high load and bad performance with REFUSED As seen in ticket #1932, all zones were refused due to an error in 1 out of 19 zones.

Thsi was a very busy server getting around 17000 packets per second. With one auth server it could only send out around 1300 packets per second. When I added seven other auth servers it could send out 2600 packets per second. (8 CPU system.)

The processes all had 100 CPU or very near.<br><br>In most cases, my queries resulted in timeouts or in refused.<br><br>Once the one zone was fixed and reconfigured (I set the file name to same file and ran config commit), the CPU load dropped to 33 for each b10-auth and the no more timeouts.

1935 enhancement 1335915522355632 1336740343315200 logging medium jreed new test logging This is a feature request. Add a way for bindctl to test logging.

Maybe:

> Logging log string name severity debuglevel

Logging log “this is a test” “foo.bar” INFO 0

Or use string=“” name=“” severity=“” and debuglevel=“” and some can be optional.

It is not friendly or reliable to temporarily configure some high debugging just to verify it works.

This would be useful to troubleshoot logging configurations.
1936 enhancement 1335916022356619 1336740941872895 Unclassified medium jreed new What packet resulted in AUTH_PACKET_PARSE_ERROR ?
2012-05-01 23:27:33.825 DEBUG [b10-auth.auth] AUTH_PACKET_PARSE_ERROR unable to
parse received DNS packet: RDLENGTH mismatch: 2 != 0


What packet resulted in AUTH_PACKET_PARSE_ERROR?

Getting around 17000 queries per second so hard to know. I got this error 984 times in about 11 seconds. (1000 SERVFAILs were sent.)

Documentation has:


AUTH_PACKET_PARSE_ERROR unable to parse received DNS packet: %1

This is a debug message, generated by the authoritative server when an attempt to parse a received DNS packet has failed due to something other than a protocol error. The reason for the failure is given in the message; the server will return a SERVFAIL error code to the sender.

1940 task 1335966634974018 1336741891209535 Unclassified medium jelte new document bindctl execute commands
There is internal documentation on the command (and the directives it handles from its input file/data), but I forgot to include external docs (guide, manpage).

Needs to describe:
- the command itself
- the various built-in commands (currently there is just one)
- the file

and input format;
- lines are simply commands
- directives (echo and #comments)
1941 defect 1335985254056418 1346126699229061 statistics medium jreed new stats lossage (multiple auth servers) Hopefully this diff shows the problem. A few hours later:


— stats.2012-05-02 2012-05-02 14:18:12.000000000 0000
+ stats.2012-05-02-b 2012-05-02 18:39:44.0000000000000
@ -2,7 +2,7 <br> "Auth": {<br> "opcode.iquery": 0, <br> "opcode.notify": 0, <br>- "opcode.query": 197712176, <br>+ "opcode.query": 64437582, <br> "opcode.reserved10": 0, <br> "opcode.reserved11": 0, <br> "opcode.reserved12": 0, <br>@ –15,24 15,24 @<br> "opcode.reserved8": 0, <br> "opcode.reserved9": 0, <br> "opcode.status": 0, <br>- "opcode.update": 2174024, <br>- "queries.tcp": 39456, <br>- "queries.udp": 197672720, <br>+ "opcode.update": 670391, <br>+ "queries.tcp": 492, <br>+ "queries.udp": 64437090, <br> "rcode.badvers": 0, <br>- "rcode.formerr": 25186, <br>- "rcode.noerror": 7110972, <br>+ "rcode.formerr": 9432, <br>+ "rcode.noerror": 2167568, <br> "rcode.notauth": 0, <br>- "rcode.notimp": 2174024, <br>+ "rcode.notimp": 670391, <br> "rcode.notzone": 0, <br>- "rcode.nxdomain": 190529535, <br>+ "rcode.nxdomain": 62249923, <br> "rcode.nxrrset": 0, <br>- "rcode.refused": 71657, <br>+ "rcode.refused": 20091, <br> "rcode.reserved11": 0, <br> "rcode.reserved12": 0, <br> "rcode.reserved13": 0, <br> "rcode.reserved14": 0, <br> "rcode.reserved15": 0, <br>- "rcode.servfail": 2295891, <br>+ "rcode.servfail": 693537, <br> "rcode.yxdomain": 0, <br> "rcode.yxrrset": 0<br> }, <br>@ –41,1041,10 @<br> }, <br> "Stats": {<br> "boot_time": "2012-04-26T18:26:48Z", <br>- "last_update_time": "2012-05-02T14:18:10Z", <br>+ "last_update_time": "2012-05-02T18:39:36Z", <br> "lname": "4f999368_7ethel.isc.org“,
-”report_time“:”2012-05-02T14:18:12Z“,
-”timestamp“: 1335968292.523756
+”report_time“:”2012-05-02T18:39:44Z“,
+”timestamp": 1335983984.223934
}
}



Note that auth servers are restarting often, see ticket #1937.
1943 defect 1336047980463678 1336742012803978 bind-ctl medium jreed new confusing Error: Bad format in identifier in bindctl I made two mistakes (add instead of set and typo for closing bracket):


> config add Auth/listen_on[22/address 192.175.48.1
Error: Bad format in identifier (] before [): listen_on[Auth


But error message is confusing:

- ] is not before [, maybe say missing ] ?

- what is listen_on[Auth ?
1945 defect 1336119921975999 1339481035769313 build system medium UnAssigned jelte new LDADD order in makefiles
In a number of makefiles (mostly for unittests), we link to dependencies (such as gtest) before linking to the bind10 libraries. Since we don’t version every single merge on our libraries, this causes problems on test systems where bind10 happens to be installed to one of the system directories.

So we should go through all the Makefiles, and reorder the LDADD directives.

Oh and probably put in a comment like
# link to bind10 libraries before dependencies
1946 defect 1336140274349390 1336742484061996 Unclassified medium jreed new log requested address (listen_on config) that failed At least one of these three log messages should specifically tell me what configuration or requested address failed. With many configured it is difficult to know what causes problem:



2012-05-04 13:19:30.q ERROR [b10-boss.boss] BIND10_SOCKET_ERROR error on bind call in the creator: 49/Can’t assign requested address

2012-05-04 13:19:30.q ERROR [b10-resolver.server_common] SRVCOMM_ADDRESS_FAIL failed to listen on addresses (“Error creating socket on bind”)

2012-05-04 13:19:30.q ERROR [b10-resolver.resolver] RESOLVER_CONFIG_ERROR error in configuration: “Error creating socket on bind”



Also see #1094 as maybe that should be solved at the same time.
1947 task 1336140761893048 1336742514942722 configuration medium jelte new ‘diffs’ for configuration
Currently, changes in configuration are handled quite ad-hoc; for ‘basic’ items such as strings or numbers, this is not much of a problem, as they are either changed or not. But for lists and maps, it would be better to have specific diffs (values added, removed, updated). Right now when a list item is changed, the whole list is considered to be modified (for instance when you add a listen_on port).

This may end up being more than one ticket worth of effort, in which case it’ll become a meta-ticket. It may also be part of a bigger effort (as discussed in the april 2012 F2F) to change how configuration works. Depending on the work we end up creating for that, this ticket should be included (or, if this is included by other ticket(s) for that work, invalidated).
1949 task 1336448139294803 1336742583292277 data source medium jinmei new proposed sqlite3 schema cleanups As discussed on
https://lists.isc.org/pipermail/bind10-dev/2012-April/003373.html
I propose some schema cleanups for the SQLite3 data source:

- remove the ‘owner’ column from the nsec3 table
- remove the ‘sigtype’ column from the records table
- rename ‘rdtype’ to ‘rrtype’ in the records table

The first one will require extending the zone iterator API for the
database-based data sources.

Also, if we do this cleanup before replacing the loadzone tool using
the generic API, the second and third ones (especially the latter)
will require updating it (more specifically, the
isc.datasrc.sqlite3_ds module).

dbutil will also need to be updated.
1961 task 1336491574429147 1336745519063483 documentation low tomek new Doxygen/Developer’s guide improvements Developer’s guide should:

1. include Python code
2. Maybe link on left list to BIND10 Developer’s Guide should say Index or front page.
3. Do something with “Related Pages” link on the left panel.

See ticket #1531 for brief discussion.
1963 task 1336500817439486 1336500817439486 data source medium jinmei new in-memory NSEC cleanups As we are now going to start concurrent development for this feature,
it’s quite likely that we’ll end up having some duplicate or otherwise
redundant code. This ticket is a placeholder to clean up these things.

Feature wise it’s not absolutely mandatory, so I’m placing it in the
next sprint proposed queue, rather than to the current sprint.

This task depends on #1803, #1804, #1805, #1806, #1807, #1808, #1809,
(maybe #1810), and #1962.
1965 defect 1336516214430848 1392912565119726 resolver medium jreed DNS Outstanding Tasks new resolver returning SERVFAIL Queries for isc.org/A or related return SERVFAIL from b10-resolver:


2012-05-08 22:19:46.q DEBUG [b10-resolver.resolver] RESOLVER_QUERY_ACCEPTED query accepted: ‘www.isc.org./A/IN’ from 149.20.57.188#64225
2012-05-08 22:19:46.q DEBUG [b10-resolver.resolver] RESOLVER_NORMAL_QUERY processing normal query
2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 2)
2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_RECQ_CACHE_NO_FIND did not find in the cache, starting RunningQuery (resolve() instance 2)
2012-05-08 22:19:46.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS
2012-05-08 22:19:46.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.
2012-05-08 22:19:48.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS
2012-05-08 22:19:48.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.
2012-05-08 22:19:50.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS
2012-05-08 22:19:50.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.
2012-05-08 22:19:52.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS
2012-05-08 22:19:52.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.



1966 defect 1336522632391664 1391068203548032 logging medium jinmei new logger formatter does too much in the destructor While working on #1964, I noticed the destructor of the log::Formater
class had quite a lot of responsibility. In the context of #1964, the
check mode can throw an exception, which is obviously bad. Even with
forgetting it, the destructor calls Logger::output(), which internally
calls log4cplus modules that we cannot directly control and cannot be
really sure if it’s really safe.

Although I agree it’s a neat trick to let the destructor finish the
output, it seems to me quite fragile to rely on at such a sensitive
place as a destructor.

I propose an alternative approach, which should be much safer in this
regard, and hopefully will not damage the convenience of the current
notation too much:

- introduce another method to `Formatter`, say, output(). It
calls logger_>output. In the check mode, it also performs the
“excess placeholder” check, and throws an exception if it finds an
error. It records the fact it’s called so that it cannot be called
more than once .
(not absolutely necessary but for convenience) also introduce
another additional method, say, endarg(). It’s similar to arg(),
but it also calls the newly introduced output().
- the `Formatter` constructor now only does simpler and safer cleanup,
such as deleting the message (btw, it seems to be possible that the
message can leak depending on how the formatter is constructed. We
should also fix that). Also, in the check mode, it checks whether
output() has been called (or an exception has been thrown due to the
format check error), and if not, abort the program by assert()
(note that we cannot throw here).
- The caller is responsible for completing the logging statements with
either endarg() or explicit output(). If broken, we’ll lose that log
message in the normal mode, and we should be able to detect that via
an automated test that uses the check mode.

A bonus of this approach is that we can now use exception for the
“excess placeholder” check, which was changed to assert() in #1964
as an urgent care regression fix.
1970 defect 1336722259437328 1336742930232087 xfrout medium jelte new xfrout only reads zone list on startup
If you add a zone in any way, xfrout does not now about it until it is restarted, which is obviously wrong and annoying for users.

This has been reported: https://lists.isc.org/pipermail/bind10-users/2012-May/000328.html

I am not sure when we intended to do the more general xfrout fixes, if not soon I suggest we come up with a workaround for this (for instance trigger a reload if it sees a config update containing zones going to auth, but any approach is fine with me, maybe even a fixed ‘reread zones’ command)
1972 task 1336803332893735 1338309195499652 statistics high jinmei new redesign statistics spec The current way of defining statistics counters is not really
manageable. See auth.spec: we repeat something like this for 16
times:

{
item_name “opcode.query”,
item_type “integer”,
item_optional true,
item_default 0,
item_title “Received query requests”,
item_description “The number of total request counts whose opcode is query”
},


for the 16 per-opcode statistics counters. This approach won’t be
feasible for larger scale counters such as per RR-type ones. It’s
also not clear how we define the spec of per zone counters.

This is a design task where we revisit the spec design so that it will
be applicable to various types of counters including the above ones.
1973 task 1336803507427252 1341217911811311 statistics medium jinmei new reimplement the current set of statistics counters with new design See #1972. In this task we’ll re-implement the currently supported
auth statistics counters based on the revised spec.
1977 defect 1337098706962540 1392912546508628 resolver medium jreed DNS Outstanding Tasks new b10-resolver crash in asio b10-resolver cored with signal 11, Segmentation fault.

The logs had:


2012-05-11 23:31:56.q DEBUG [b10-resolver.reslib] RESLIB_RESOLVE asked to resolve (resolve() instance 1)
2012-05-11 23:31:58.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.
2012-05-11 23:31:58.q DEBUG [b10-resolver.nsas] NSAS_SEARCH_ZONE_NS searching NSAS for nameservers for zone isc.org.
2012-05-11 23:31:58.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS
2012-05-11 23:31:58.q DEBUG [b10-resolver.reslib] RESLIB_NSAS_LOOKUP looking up nameserver for zone isc.org. in the NSAS

started again here

2012-05-11 23:32:00.q DEBUG [b10-resolver.asiodns] ASIODNS_FD_ADD_TCP adding a new TCP server by opened fd 10




(gdb) bt
#0 isc::nsas::ZoneEntry::ResolverCallback::success (this=0x803162280,
response_message=0x7fffffffcf80) at shared_ptr.hpp:169<br>#1 0x000000080188a255 in callCallback (this=0x803159400, success=Variable "success" is not available.<br>)<br> at recursive_query.cc:784<br>#2 0x000000080188d3a9 in clientTimeout (this=0x803159400)<br> at recursive_query.cc:750<br>#3 0x000000080188994a in asio_handler_invoke<asio::detail::binder1<boost::_bi::bind_t<void, boost::_mfi::mf0<void, isc::asiodns::<unnamed>::RunningQuery>, boost::_bi::list1<boost::_bi::value<isc::asiodns::<unnamed>::RunningQuery*> > >, asio::error_code> > (function=<br> {handler_ = {f_ = {f_ = {__pfn = 0x80188d320 <clientTimeout>, __delta = 0}}, l_ = {<boost::_bi::storage1<boost::_bi::value<isc::asiodns::<unnamed>::RunningQuery*> >> = {a1_ = {t_ = 0x803159400}}, <No data fields>}}, arg1_ = {value_ = 0, category_ = asio::error::system_category}}) at mem_fn_template.hpp:49<br>#4 0x0000000801889d7c in do_complete (owner=0x80301f080, base=Variable "base" is not available.<br>)<br> at handler_invoke_helpers.hpp:39<br>#5 0x0000000800f98508 in asio::detail::task_io_service::do_one (<br> this=0x80301f080, lock=0x7fffffffe170, this_idle_thread=0x7fffffffe180)
at task_io_service_operation.hpp:34
#6 0x0000000800f979b4 in isc::asiolink::IOService::run (this=Variable “this” is not available.
)
at task_io_service.ipp:129
#7 0x0000000000423c7b in main (argc=2, argv=Variable “argv” is not available.
) at main.cc:248


It also happened on May 10, but I don’t have logging before that. (I rotate every 50 files and it is logging a lot.)
1979 enhancement 1337146220342434 1337762298156579 build system medium UnAssigned muks new Make utility functions for finding common resources This bug comes from #1628. Currently, a lot of the components have code like this:


# If B10_FROM_SOURCE is set in the environment, we use data files
# from a directory relative to that, otherwise we use the ones
# installed on the system
if “B10_FROM_SOURCE” in os.environ:
SPECFILE_LOCATION = os.environ[“B10_FROM_SOURCE”] + os.sep + br> “src” + os.sep + “bin” + os.sep + “ddns” + os.sep + “ddns.spec”
else:
PREFIX = “prefix
DATAROOTDIR = “datarootdir
SPECFILE_LOCATION = “datadir” + os.sep + “PACKAGE” + os.sep + “ddns.spec”
SPECFILE_LOCATION = SPECFILE_LOCATION.replace(“${datarootdir}”, DATAROOTDIR)br> .replace(“${prefix}”, PREFIX)

SOCKET_FILE = bind10_config.DATA_PATH + ‘/ddns_socket’
if “B10_FROM_BUILD” in os.environ:
if “B10_FROM_SOURCE_LOCALSTATEDIR” in os.environ:
SOCKET_FILE = os.environ[“B10_FROM_SOURCE_LOCALSTATEDIR”] + br> “/ddns_socket”
else:
SOCKET_FILE = os.environ[“B10_FROM_BUILD”] + “/ddns_socket”


It is duplicated code, which is inconsistent in the various copies. Any change in our process (where we install things, or the env variable we use to override settings) would mean editing many files. We should ideally have utility functions such as one that returns a path to the spec file when passed the name of the component.
1980 enhancement 1337146728894040 1363790236078313 build system low UnAssigned muks reviewing Make a way to populate /AUTHORS and the authors.bind code from a single list of authors This ticket is to generate both /AUTHORS and the authors.bind code in static_datasrc.cc, tests, and any other places (such as manual) from a single list of authors.

I’ve set the priority low, and assigned it to myself as I want to do it and get it reviewed (hence the bug).
1981 defect 1337244632650871 1339541588379494 Unclassified medium muks reopened Investigate ForwardTest failure (occured just once) Someone should investigate why this failure occured:

[———-] 7 tests from ForwardTest
[ RUN ] ForwardTest.construct
[ OK ] ForwardTest.construct (6 ms)
[ RUN ] ForwardTest.connect
[ OK ] ForwardTest.connect (29 ms)
[ RUN ] ForwardTest.close
[ OK ] ForwardTest.close (0 ms)
[ RUN ] ForwardTest.pushAndPop
../../../../../src/lib/util/tests/socketsession_unittest.cc:537: Failure
Value of: recv(client_sock.fd, recvbuf, sizeof(recvbuf), setRecvDelay(client_sock.fd))
Actual: 11
Expected: sizeof(recvbuf)
Which is: 12
Google Test trace:
../../../../../src/lib/util/tests/socketsession_unittest.cc:553: Passing TCP/IPv6 session
../../../../../src/lib/util/tests/socketsession_unittest.cc:539: Failure
Value of: string(recvbuf)
Actual: “IND10 test”
Expected: string(TEST_DATA)
Which is: “BIND10 test”
Google Test trace:
../../../../../src/lib/util/tests/socketsession_unittest.cc:553: Passing TCP/IPv6 session
[ FAILED ] ForwardTest.pushAndPop (27 ms)
[ RUN ] ForwardTest.badPush
[ OK ] ForwardTest.badPush (1 ms)
[ RUN ] ForwardTest.pushTooFast
[ OK ] ForwardTest.pushTooFast (2 ms)
[ RUN ] ForwardTest.badPop
[ OK ] ForwardTest.badPop (4 ms)
[———-] 7 tests from ForwardTest (70 ms total)


Full log: http://git.bind10.isc.org/~tester/builder/BIND10-distcheck/20120517015444-FreeBSD8-i386/logs/distcheck.out
1983 defect 1337396107469804 1394116928887294 b10-auth medium jinmei DNS Outstanding Tasks new asiolink::IOMessage should contain the local endpoint See http://bind10.isc.org/ticket/1539#comment:8

We need to add a ‘local endpoint’ parameter to the `IOMessage`
constructor and implement the trivial getter method for it.

The DNS server classes in asiodns should set the local endpoint, too.

Then, assuming #1539 has been merged by then, update b10-auth so
it uses the correct local endpoint when forwarding update requests.
1985 defect 1337396553488284 1394117001298027 b10-auth medium jinmei DNS Outstanding Tasks new eliminate duplicate hardcoding for ddns UNIX socket file both in auth and ddns (Updating the ticket based on some followup discussion).

Right now both b10-auth and b10-ddns hardcode the constant for the
UNIX domain socket between them. We should unify it some way based on
the principle of “don’t repeat yourself”.

Specifying it in the b10-ddns configuration was one idea to solve this
issue, but that idea seemed to be controversial. Other possible
approaches are
- have b10-ddns tells b10-auth its existence with additional
information including the file path. #1986 will also be resolved
this way.
- introduce some C++ header file for commonly used constants like
this, also introduce a python wrapper that defines corresponding
python constants, and have ddns and auth refer to these.

Now this task would be requiring some design level considerations, and
any prior estimations would be unreliable. Maybe this should be a
topic of the 1-week hardening sprint later.
1987 task 1337626721807376 1338312687306077 bind-ctl medium jelte new ‘wait for’ command in bindctl execute handling (or something similar)
As pointed out on bind10-users (https://lists.isc.org/pipermail/bind10-users/2012-May/000339.html), the execute command has a limitation (which is partially called by not supporting commands/configuration for non-running moduels);

it is not possible to start a module and immediately configure it, since the module is just started, it is not known by bindctl yet, so configuration and commands to said module would result in a ‘Module Unknown’ error.

The proposed solution is to add a !wait for [time] command, which would call
self.__update_all_modules() (we currently have no more efficient update mechanism), and then check if the module that is waited for has appeared yet.
The optional time argument would give a timeout, at which point execute should just give up.

If we have this as a command, we should consider adding ‘config commit’ to init_auth_server, and then call that new command for each module init_auth_server starts, so that anyone who includes init_auth_server in other scripts can be assured that the new modules are running afterwards.
1988 defect 1337667310447181 1337828757654641 Unclassified medium bettydreamit new auth module is missing??? > config add Auth/datasources
Error: Module ‘Auth’ unknown or not running

1990 enhancement 1337811966497632 1338204144740418 Unclassified medium jinmei new customize EqualityFunc of python tests assertEqual() of python tests are not helpful for user defined
classes. See, e.g. this: http://bind10.isc.org/ticket/1512#comment:15

I’ve looked into the unittest implementation and found that we need to
customize the builtin equality-check method.

The following diff is an example for such customization.

#!diff
diff —git a/src/lib/python/isc/ddns/tests/session_tests.py b/src/lib/python/isc/ddns/tests/session_tests.py
index 1bf4e40..caefa97 100644
— a/src/lib/python/isc/ddns/tests/session_tests.py
+ b/src/lib/python/isc/ddns/tests/session_tests.py
@ -67,9 +67,13 @ class SessionTest:

def check_response:
‘’’Perform common checks on update resposne message.’‘’
+ def opcode_equality_func(opcode1, opcode2, msg):
+ if not opcode1 == opcode2:
+ raise AssertionError(str(opcode1) +’ != ’
str)
self.assertTrue)
# note: we convert opcode to text it’d be more helpful on failure.
- self.assertEqual.to_text, msg.get_opcode.to_text)
self.addTypeEqualityFunc(Opcode, opcode_equality_func)
+ self.assertEqual(Opcode.UPDATE (), msg.get_opcode())
self.assertEqual(expected_rcode.to_text(), msg.get_rcode().to_text())
# All sections should be cleared
self.assertEqual(0, msg.get_rr_count(SECTION_ZONE))


I propose defining such customized functions for some major isc.dns
(and some other) classes such as Name, RRType, RRClass, introduce an
easy to use it (some kind of mixin), and use it for some of existing
tests.
1992 enhancement 1337884061278528 1340870927699257 xfrout medium jinmei new support “also-notify” Roughly speaking, it’s a way to allow a user to specify a list
of secondary servers to which BIND 10 needs to send notifies
(even if they are not explicitly listed in the zone’s NS or the
address of them cannot easily be got from the zone itself).

Some other configuration details need to be considered, too.

See https://lists.isc.org/pipermail/bind10-users/2012-May/000347.html
1993 task 1337885900197669 1338278221560591 Unclassified medium jinmei new simple style checker I’ve noticed we often find some coding style/guidline issues in
code review. Spending too much time for this level of thing is not
really productive (the overhead of each specific case may be marginal,
but if it repeats the total cost could be substantial) and as we have
more new developers, it’ll be more likely/more often to happen.

So I propose some simple checker tool that warns about possible issues
that are against the documented guideline. The developer is expected
to run it on the branch diff before asking review. The script doesn’t
have to eliminate false positives completely, as it’s only expected to
be run by human. And it doesn’t have to be comprehensive; it should
be sufficient to catch some common issues:
- line length
- (if possible) naming convention (camel or ’_’concatinated etc)
- brace position
- redundant space at EOL or in blank lines
- parenthesis policy (in particular, use them for return)
- spacing

It would be something similar to google cpplint
http://google-styleguide.googlecode.com/svn/trunk/cpplint/cpplint.py
but can be much simpler and more ad hoc.
1994 enhancement 1337895894537206 1338261911169896 Unclassified medium shane new RFC 5001 (NSID) support, configuration This ticket covers part of implementing RFC 5001.

http://tools.ietf.org/html/rfc5001

The RFC identifies a lot of information that could be returned.

I propose that we provide configuration that supports:

1. Disabling NSID completely
2. Specifying a fixed string to be returned
3. Returning gethostname()

BIND 9’s default is disabled, so possibly this is what BIND 10 should default to. Although I tend to think that option 3 is the best.
1995 enhancement 1337896212845751 1338261997261388 Unclassified medium shane new RFC 5001 (NSID) support, protocol support This ticket covers part of implementing RFC 5001.

http://tools.ietf.org/html/rfc5001

This ticket covers the actual packet processing, of detecting the EDNS0 option on a query and then appending the EDNS0 information on the answer.
1996 enhancement 1337896396643604 1338262109947504 Unclassified low shane new RFC 5001 (NSID) support, ACL This ticket covers part of implementing RFC 5001.

http://tools.ietf.org/html/rfc5001

This ticket covers using ACLs to restrict access to NSID information.
1998 task 1337951136715043 1341220988396261 Unclassified medium jelte new move Formatter classes from DDNS to util
The DDNS work introduces a few Formatter classes used in logging code. These seem general enough to move to util.

They also contain a bit of controversy; their implementation may cause slowdown instead of speed-up, but this needs to be looked into.
2001 enhancement 1338012040512908 1338012441225910 libdns++ medium UnAssigned jinmei new extend libdns++ EDNS class for EDNS options For NSID support, we’ll (probably) need additional interfaces for the
EDNS class so the application of the class can get/set the options
(and for operator’s convenience update toText to include options).

The documentation currently states:
#!cpp
/// This class is also supposed to support %EDNS options such as NSID,
/// but the initial implementation does not include it. This is a near term
/// TODO item.


Note our famous “near term TODO”.
2002 enhancement 1338012516779776 1338012516779776 libdns++ medium UnAssigned jinmei new python wrapper for EDNS option extensions This is python wrappers for #2001.

Would not necessarily urgent for the NSID support in practice,
but will be necessary for completion.
2006 task 1338014094971275 1338483356070368 Unclassified medium jinmei new create a meta ticket for NSID otherwise we’ll easily forget some once something is dropped
from a sprint.
2007 task 1338014433625130 1338014433625130 data source medium jinmei new redesign in-memory data source structure So we can substantially reduce memory footprint, and eventually
extend it to a shared-memory version.

In some sense it shouldn’t be much different from the current data
structure. But we need to use some “serialized” representations
instead of directly holding higher level libdns++ objects.
2008 task 1338281807489713 1341221033241770 Unclassified medium jelte new remove equal additions and deletions from diff.py
As noted in the review of #1456 (http://bind10.isc.org/ticket/1456?replyto=11#comment:11), it would be nice if the ‘single update mode’ of the isc.xfrin.diff.Diff class (or wherever we may move it to), would remove reverse duplicates (i.e. where the same exact record is both added and deleted).

So when adding a record, if that exact record is in delete already, remove it from delete, and vice versa (or alternatively, if you also want to do duplicate checking, collect them all and filter them later). Care has to be taken around the SOA record though.

This way, the class would also be usable for ixfr-from-differences, where usually most of the contents are the same. Otherwise it’d delete the entire zone data an add it again, which would make it unsuitable for later ixfr-out.
2010 defect 1338305459167076 1341221052606456 Unclassified medium jreed new lettuce test that runs auth and resolver at same time Task is to add a lettuce test that runs both b10-auth and b10-resolver simultaneously.
2011 defect 1338325030366430 1338325030366430 logging medium jinmei new setUnitTestRootLoggerCharacteristics has been removed? There’s code comment mentioning a seeming function called
`setUnitTestRootLoggerCharacteristics`:

// Now set reset the output destination of the root logger, overriding
// the default severity, debug level and destination with those specified
// in the environment variables. (The two-step approach is used as the
// setUnitTestRootLoggerCharacteristics() function is used in several
// places in the BIND 10 tests, and it avoid duplicating code.)


But it doesn’t even seem to be declared anywhere. Maybe it’s some
leftover? If so, the comment should be updated.

I guess it’s a good topic for hardening.
2012 defect 1338408260078736 1344342249933354 bind-ctl very low jreed new bindctl needs a home bindctl assumes home directory exists (or writable):


Could not chdir to home directory /home/jreed: No such file or directory
jreed@oldgit:/$ bindctl
[TEMP MESSAGE]: username :root password :bind10
Username:root
Password:
[“login success”]
Traceback (most recent call last):
File “/usr/local/bin/bindctl”, line 151, in
result = tool.run()
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 137, in run
if not self.login_to_cmdctl():
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 242, in login_to_cmdctl
CSV_FILE_NAME)
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 183, in _save_user_info
os.mkdir(dir, 0o700)
OSError: [Errno 2] No such file or directory: ‘/home/jreed/.bind10/’


This is an odd/rare case so low priority. But traceback output is unfriendly.
2015 defect 1338530771008910 1344258783353101 build system low UnAssigned muks new Use AM_V_GEN where applicable in the build system We generate files in several places in our build system (such as .cc and .h from .mes files, etc.). Because we use silent rules with automake, the Makefile.am rules to build these targets should be preceded with AM_V_GEN so they are run silently.

This bug is filed as an offshoot from #1704.
2021 task 1338833669300835 1340123540777779 DDNS very low jinmei new make config handler of b10-ddns more friendly This is a deferred task from #2013.

The config handler for b10-ddns (the only configurable thing is ACL
right now) is pretty primitive and not very user friendly:

- It doesn’t indicate which part of the given configuration is wrong
(e.g., try adding multiple ACLs for several zones, including one
typo in a zone name so it won’t be a valid domain name; or even
leave it as an empty string). It should be more helpful by being as
specific as possible. Such a problem actually exists in other
applications, so we might even consider some generalized framework
and apply it here (but it may be a subject of a bigger task of
config cleanups)
- Duplicate zone (ACL) configuration is currently just ignored. It’s
probably better to reject it or at least make a local log a
message (see also the test_config_handler test, searching for
“duplicate”)

I’m pushing it to the current sprint with a lower priority in case we
run out of open tasks. But I don’t think this is a critical missing
feature, so it can wait.

2022 enhancement 1338890135885082 1341222454906020 Unclassified medium jelte new DDNS improvement: destroy transaction within handle() Current, in the DDNS Session class, after _create_diff() is called within handle(), the DDNS Session has a ongoing transaction until it it either completed or the session itself is destroyed. This should not prove much of a problem, since we are not expecting to keep these objects around, but it would be cleaner if the transaction was only valid within the handle() call.

Best approach is probably to use the Context interface and a with statement.
2029 defect 1339093344883510 1392917410794714 resolver medium jreed DNS Outstanding Tasks new NSAS repeating same tasks near simultaneously Check this out:


2012-06-07 17:46:39.093 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.093 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.142 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.143 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.146 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.147 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.199 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.200 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one
2012-06-07 17:46:39.201 DEBUG [b10-resolver.cache] CACHE_RRSET_REMOVE_OLD removing old RRset for ns4.yahoo.com./A/IN to make space for new one


The complete logs including entries in between is at http://git.bind10.isc.org/~jreed/J.yahoo.txt

It appears to be doing the same job over and over again even in the same tenth of a second. (As you can see from the log this happened for other queries too.)
2030 defect 1339093412028712 1392917494149615 resolver medium jreed DNS Outstanding Tasks new NSAS wrongly recording nameservers are unreachable I think a problem with looking up “yahoo.org. IN MX”


2012-06-07 17:46:39.058 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for
2012-06-07 17:46:39.058 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns3.yahoo.com. returned an empty answer section


caused all the other nameservers associated with it to be marked as “unreachable”.

The full log is 793 lines so I put it here:
http://git.bind10.isc.org/~jreed/J.yahoo.txt

This is related to #2029.
2031 defect 1339093559189871 1392917434350600 resolver medium jreed DNS Outstanding Tasks new NSAS permanently cache unreachable namservers? A query continually resulted with SERVFAIL even 6 days after the first problem.
The initial logs showed:


2012-06-01 00:12:44.449 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for
2012-06-01 00:12:44.449 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns.norplex-communications.net. returned an empty answer section

2012-06-01 00:12:44.458 DEBUG [b10-resolver.reslib] RESLIB_NXDOM_NXRR NXDOMAIN/NXRRSET received in response to query for
2012-06-01 00:12:44.458 DEBUG [b10-resolver.nsas] NSAS_EMPTY_RESPONSE response to query for ns.norplex-communications.com. returned an empty answer section

2012-06-01 00:12:48.286 DEBUG [b10-resolver.nsas] NSAS_ERROR_RESPONSE error response of SERVFAIL returned in query for ns.norplex-communications.com.
2012-06-01 00:12:48.286 DEBUG [b10-resolver.nsas] NSAS_ERROR_RESPONSE error response of SERVFAIL returned in query for ns.norplex-communications.net.
2012-06-01 00:12:48.286 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback - nameservers are unreachable
2012-06-01 00:12:48.286 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback nameservers are unreachable



So then later queries would not even attempt to use the nameservers recorded with problems:


2012-06-06 00:10:56.084 DEBUG [b10-resolver.reslib] RESLIB_RUNQ_FAIL failure callback - nameservers are unreachable


This ticket is not about wrongly recording that they are unreachable when they were but about recording this info for long time. (When I restarted b10-resolver it worked correctly for my lookup.)

The goal of this ticket is so the NSAS doesn’t permanently cache the problem and let it attempt again later to reach the nameservers.

As for the issues that caused this problem to happen in the first place, see #2030 and #2029.
2032 enhancement 1339122813726830 1339607723599071 Unclassified medium corbachev new Request for web interface to configure bind Please consider adding option to enable simple web interface to edit main configs, add and reconfigure zones from web interface
2034 enhancement 1339441837677952 1339441837677952 dhcp4 medium UnAssigned tomek DHCP Outstanding Tasks new msgq tests for DHCPv4 and DHCPv6 components Currently there are no tests for msgq integration in dhcpv4 and dhcpv6 components. The same is true for auth. There are only tests that verify callbacks that handle commands received over msgq, not the actual message passing over msgq.

Jelte confirmed on jabber that there are no such tests for auth and suggested that perhaps lettuce tests would be the easiest way to write them.
2037 defect 1339547993165937 1341224666868728 configuration medium jinmei new remote config handler (python) always gets full config (I don’t know if it’s python specific. I’ve not checked it with the
C++ version)

I’ve noticed if I specify a callback to add_remote_config() or
add_remote_config_by_name(), the new_config parameter of the update
always contains full configuration of the remote module, not just the
latest update.

One specific way to confirm this is:
- configure zonemgr with some non default secondary_zones
- run b10-ddns on trac2020 (or master when it’s merged)
- see the DDNS_SECONDARY_ZONES_UPDATE log message (it’s for that non
default config value for zonemgr)
- tweak some other config value of zonemgr (e.g. lowerbound_retry) and
commit it on bindctl
- see the DDNS_SECONDARY_ZONES_UPDATE log message, even if
secondary_zones is not updated.

I don’t know what’s the expected behavior, but this seems to be
suboptimal (b10-ddns expects to get only updates, although having
redundant updates don’t do harm except for the unnecessary overhead of
updating).

From a quick look at the code, one way to change this behavior would
be to add remove_identical() for the remote config case in
ccsession.py:check_command_without_recvmsg(). But I’m not sure if
it’s actually okay that cfgmgr sends the entire config, not only the
update. So, depending on that, we might rather fix cfgmgr.

Further, if we make more fundamental cleanups to the config framework,
maybe we should solve it as part of it.
2038 defect 1339621750397732 1392812476406513 secondary manager high jinmei DNS Outstanding Tasks new zonemgr’s config_handler doesn’t provide strong exception guarantee If I read it correct, zonemgr can partially update its internal
configuration when it encounters an error in the middle of the update
handler. In particular, it can even partially update the
“secondary_zones” list if there’s an error in the middle of the list.

This is generally bad, but now that ddns shares the config info it’s
even more serious: zonemgr and ddns could keep running with
inconsistent information. (And I misunderstood another related point:
I thought cfgmr sent updates to “observer” modules that shows their
interest in remote configs via add_remote_config only after the “real”
module validated it, but on a closer look I realized cfgmgr doesn’t
actually distinguish the “real” module and “observers”, and just
broadcasts updates to all registered modules. IMO this behavior is
also bad and should be fixed, but that’s another topic).
2039 defect 1339630028471121 1339630028471121 Inter-module communication medium jinmei new cfgmgr returns “success” to GET_MODULE_SPEC if the module is not found see its `__handle_get_module_spec` method:

#= ‘’:
module_name = cmd[’module_name’]
spec = self.get_module_spec(cmd[‘module_name’])
if type(spec) != type({}):
# this is a ModuleSpec object. Extract the
# internal spec.
spec = spec.get_full_spec()
answer = ccsession.create_answer(0, spec)


If get_module_spec cannot find the given name of module, it returns
the code of 0 (success) with an empty dict.

I don’t know if it’s the intended (or good) behavior, but at least it
doesn’t seem to be something different from what
add_remote_config_by_name() expects. It tries to construct
`ModuleSpec` with whatever is returned by cfgmgr as long as the result
code is 0:

#!python
if rcode == 0:
module_spec = isc.config.module_spec.ModuleSpec(value)
if module_spec.get_module_name() != module_name:
raise ModuleCCSessionError(“Module name mismatch:”
module_name
" and " +
module_spec.get_module_name())
self._add_remote_config_internal(module_spec,
config_update_callback)



Then the constructor fails and raises an exception of
`ModuleSpecError`, which will be propagated to the calling
application. I’d say it’s quite surprising for the application, which
would generally expect either success or getting
`ModuleCCSessionError`.

My first suggestion is to revise cfgmgr so it returns an error to
GET_MODULE_SPEC if it cannot find the module. The current behavior
doesn’t make sense to me at all because there shouldn’t be any valid
empty spec (there should be at least the module name).

But if this behavior is really deemed to be reasonable, my second
suggestion is to update add_remote_config_by_name() so it checks the
returned spec and raises `ModuleCCSessionError` if it’s empty.

Having apps handle both exceptions just doesn’t make sense to me.
2043 defect 1339708084575262 1354013288245025 Unclassified low muks new Fix remaining Python warnings about unclosed files and sockets File and socket objects must be explicitly closed with `.close()` when done using them, otherwise they generate warnings (and depending on the interpreter, may be destroyed much later than expected, keeping the underlying fd alive).

As part of bug #1828, we fixed many of these warnings. There are still a few non-obvious ones left. There are also some which have been introduced since the time when the trac1828 branch was created.

This is a new bug to fix those issues.
2045 task 1339763907747064 1340085297099865 data source medium vorner new Reuse data source clients on reconfiguration of ClientList When the configure function is called, we may want to use the existing data sources from previous configuration. This is important because we don’t want to reload all the cached zones.

The idea is to store the configuration in DataSourceInfo and search the previous ones to look if there’s one with the same configuration.
2047 enhancement 1339764313669637 1343687828422211 data source medium vorner new Abstract base for DataSourceClientContainer It would be nice to have an abstract base class for `DataSourceClientContainer`, so we can have a separate implementation for the tests. We don’t want to do the dynamic loading in tests of something using the data source factory.

Then we can remove the `DataSourcePair` trick in `ConfigurableClientList`.
2049 task 1339828105269906 1339828105269906 data source medium jinmei new “exclusive” mode of DataSourceClient In the current implementation of database-based data source clients,
the zone iterator and updater use a separate database accessor
(by “cloning”) so that it can be used separate from the factory
client.

In general cases it’s probably okay, but it doesn’t have to be so
if the client is used by a single thread and iterator or updater
isn’t used in parallel with other client features such as zone
finders. “cloning” would normally mean opening a separate connection
to the database server and can be expensive, so it probably makes
sense if we allow an application to skip it based on application’s
choice.

For xfrin or xfrout this may not be that a big deal, but for ddns I
guess it can be substantial for performance.

My suggestion is to introduce a notion of “exclusive” mode for the
`DataSourceClient` object, and allows an app to specify it by, e.g.,
calling `setExclusive(bool)` method. When enabled, getIterator()
and getUpdater() don’t clone the accessor, and it’s app’s
responsibility to use it safely.
2050 task 1339828173807099 1339828173807099 DDNS medium jinmei new use the “exclusive” mode of DataSourceClient in b10-ddns See #2049. It probably makes sense for b10-ddns to use this mode.
2055 task 1339975561793615 1339975561793615 Unclassified medium jinmei new asiolink wrapper for io_service::post() We’ll need this for non-I/O asynchronous operations, such as
“background” reloading of a zone into memory or “background” releasing
of the old version of the zone afterwards.

It would be something simple like
`asiolink::IOService::post(boost::function)`.

(note: as a last resort we could refer to the underlying asio
io_service object using get_io_service() and call post() on it, but
that breaks the whole purpose of asiolink and should be basically
avoided).
2056 task 1340007585822908 1349502584750412 data source medium jinmei new ZoneFinder::Context::getNegativeProof When we revise the in-memory zone data in a memory-efficient manner,
getting the owner name of an RRset will probably become relatively
expensive because it’s quite likely that the underlying specialized
`RRset` implementation doesn’t hold it in the form of dns::Name
object.

So, in order to make this revision without sacrificing lookup
performance too much, we’ll probably need to make it possible for the
in-memory implementation to customize post-lookup operation where the
default behavior would rely on using the owner name of the returned
RRset of the initial lookup.

This is one such case, and already experimentally tried in trac1607exp
branch. Referring to that branch, what should be implemented is:

#!cpp
// Called for NXDOMAIN/NXRRSET cases and return NSEC/NSEC3 RRsets
// for the corresponding DNSSEC proof. It (will) consist of small helper
// private methods for specific cases (NSEC or NSEC3, NXDOMAIN or NXRRSET).
//
// - NSEC + NXRRSET
// find() already returns the direct proof. So it should already
// be efficient. The ramining issue is the corresponding wildcard
// proof.
// Default version: calls find() for the qname again, with the
// NO_WILDCARD option and add the returned NSEC.
// Optimized in-memory version: it should know where in the rbtree the
// original (non wildcard) search stopped and can use the information
// to get the NSEC proof for the non existence of the qname itself.
// - NSEC + NXDOMAIN
// find() already returns the NSEC for the non existent proof, so it
// should be already efficient. The ramining issue is the proof that
// there’s even no wildcard match.
// Default version: construct the best possible wildcard name from qname
// and the NSEC that proves non-existent of the name, and internally
// calls find(NSEC) for that name.
// Optimized in-memory version: it should know the closest encloser in
// the previous search and can identify the wildcard name and its
// previous name, then subsequently its NSEC.
//
// - NSEC3 + NXDOMAIN
// Default version: use findNSEC3() to get closest encloser proof, use
// the result to identify the possible wildcard, and use findNSEC3()
// to get proof for its non-existence.
// Optimized in-memory version: it should know the closest encloser in
// the original search. get corresponding NSEC3 directly, construct
// next closer and wildcard from the closest encloser, calculate hash
// and get the covering NSEC3.
// - NSEC3 + NXRRSET (no wildcard)
// Default version: use findNSEC3() to get either closest encloser proof
// (optout DS case) or matching NSEC3.
// Optimized in-memory version: it knows the corresponding rbtnode
// for the qname. Get the hash value from it and get its NSEC3.
// If it doesn’t exist and qtype was DS, search the tree back toward
// the root until it finds a matching NSEC3.
// - NSEC3 + NXRRSET (wildcard)
// Default version: use findNSEC3() to get the closest encloser proof,
// construct the wildcard name based on the result, and get the NSEC3
// for it.
// Optimized in-memory version: similar to the NSEC3 + NXDOMAIN case.
// But the wildcard name should exist so it could even more optimize
// it by directly getting the wildcard node and its NSEC3.


And in this ticket we’ll only need to do the “default version”. It
should be essentially straightforward refactoring.

When done, also update `auth::Query` so it uses this implementation.
It’s better to do it before trying to implement the in-memory
optimization in case we miss something in the interface.
2057 task 1340007672808736 1349502603456158 data source medium jinmei new ZoneFinder::Context::getWildcardProof See #2056 for background. This is another one of such things,
referring to trac1607exp branch:

#!cpp
// Called for SUCCESS/CNAME cases when it’s wildcard substitution
// and return NSEC/NSEC3 RRset that proves the original qname doesn’t
// exist in the zone.
// - With NSEC
// Default version: calls find() for the qname again, with the
// NO_WILDCARD option and add the returned NSEC.
// Optimized in-memory version: same for the NSEC + NXRRSET case above.
// - With NSEC3
// Default version: call findNSEC3() in the recursive mode and returns
// the NSEC3 covering the next closer name.
// Optimized in-memory version: Like the NSEC case it should know the
// closest encloser in the original search and easily construct the
// next closer name from it. Then calculate hash for it and search
// for the covering NSEC3.


And in this ticket we’ll only need to do the “default version”. It
should be essentially straightforward refactoring.

When done, also update `auth::Query` so it uses this implementation.
It’s better to do it before trying to implement the in-memory
optimization in case we miss something in the interface.
2058 task 1340007745301834 1392999474913479 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned ZoneFinder::Context::getDelegationProof See #2056 for background. This is another one of such things,
referring to trac1607exp branch:

#!cpp
// Called for DELEGATION case. Return either DS (if it’s signed
// delegation), NSEC/NSEC3 (if unsigned delegation and the parent is
// signed with NSEC/NSEC3).
//
// Default version: internally calls find() for the delegation name/DS.
// On SUCCESS return the answer RRset; On NXRRSET + NSEC (and if NSEC
// returned), return the returned (NSEC) RRset; On NXRRSET + NSEC3,
// call findNSEC3() recursive mode for the delegation name, and return
// exact or closest encloser proof.
// Optimized in-memory version: it should know the rbtree node for the
// delegation point. If it has DS, return it; if not but it has NSEC,
// return it; otherwise same as NSEC3 + NXRRSET (no wild) case for
// getNegativeProof().


And in this ticket we’ll only need to do the “default version”. It
should be essentially straightforward refactoring.
2059 task 1340007843573584 1349502616913693 data source medium jinmei new ZoneFinder::Context::getSynthesizedCNAME See #2056 for background. This is another one of such things,
referring to trac1607exp branch:

#!cpp
// Called for DNAME case. (Somehow) construct the synthesized CNAME
// for the qname with the DNAME. Return Rcode of NOERROR () normally,<br> // but YXDOMAIN() if CNAME cannot be constructed because the name would
// be too long.
//
// Default version: extract the DNAME RDATA, construct the synthesized
// cname by splitting and concatinating labels, create a new standard
// CNAME RRset and sets its (only) RDATA to the created cname.
// Optimized in-memory version: construct the synthesized cname
// essentially same way, but possibly more efficiently exploiting the
// internal representation of the in-memory RDATA (without involving
// expensive name splitting and concatinating). To avoid resource
// allocation it might use some pool of “free (and empty)” internal
// RRset.


And in this ticket we’ll only need to do the “default version”. It
should be essentially straightforward refactoring.

When done, also update `auth::Query` so it uses this implementation.
It’s better to do it before trying to implement the in-memory
optimization in case we miss something in the interface.
2061 defect 1340021443124274 1364222742550492 DDNS medium UnAssigned muks assigned Add custom update tool for use in DDNS tests, and finish DDNS tests This comes from bug #1461 comment 7: Jelte said:

>Right, so i made test for the first 2 test sets (the system ones), and an outline for the third, but it needs better xfrout-notify control.
>
>I have taken a look at the compliance tests as well, but for those we are going to need a custom update tool, since a lot of them require malformed updates that nsupdate will not send :)
>
>Anyway, changes in trac1461, i made one more general change in the lettuce setup, bind10 is now always invoked with -n (no hotspot cache). I thought about making it optional but at this time I could not think of much reasons not to set it.
>
>I’ll create a ticket for the tool and compliance tests, perhaps said tool can also be a base for our own nsupdate implementation, should we want one.

As I’ve been tasked to merge #1461, I’m creating this new bug. Assigning it to Jelte. Also marking it as next-sprint proposed so it doesn’t get lost.
2063 enhancement 1340050232013828 1343999697340466 DDNS medium jinmei new support DDNS update forwarding what the summary says (we may need to break this down into
multiple sub tickets).
2064 defect 1340058331522531 1347892372632275 Unclassified medium jinmei new components “kind” needs to be specified explicitly even for default
> config add Boss/components b10-ddns
> config show Boss/components

Boss/components/b10-ddns/special null string
Boss/components/b10-ddns/process null string
Boss/components/b10-ddns/kind “dispensable” string (default)
Boss/components/b10-ddns/address null string
Boss/components/b10-ddns/params/ list
Boss/components/b10-ddns/priority null integer

> config commit
Error: ‘kind’
Configuration not committed
> config set Boss/components/b10-ddns/kind dispensable
> config commit
(succeeds)


This is confusing at best.

Another matter, piggybacked: it accepts it even if “address” is
unspecified. But without this the bind10 process cannot tell ddns
a shutdown and needs to fall back to SIGTERM. This is also not good.

p.s. Frankly, I’m reluctant to fix each and every one of such peculiar
thing one-by-one. This seems to be a general issue of the
config/bindctl framework. If we have a clearer definition of which is
default, which is mandatory, relationship “optional” vs “default” etc
and provides generic framework based on it, this kind of thing should
be automatically avoidable by the framework and the spec definition.

See also #1489.
2065 enhancement 1340059601449163 1343999729595134 DDNS medium jinmei new support BIND9-compatible update-policy ACL for DDNS For controlling the permission for specific domain names,
specific type of RRs, etc.

See the corresponding BIND 9 option:
http://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html#dynamic_update_policies

This ticket doesn’t intend to provide a full compatibility to the BIND
9 counter part, but it should at least support the “name” and
“subdomain” nametype. For example, we should be able to specify
the following in some zone specific configuration of b10-ddns:

grant key.dyn.example.com name foo.dyn.example.com AAAA


which would allow updates to foo.dyn.example.com/AAAA by a DDNS
request signed with a TSIG key whose key name is key.dyn.example.com.

This task will probably have to be broken down into multiple subtasks:
at least it would (probably) need to update the generic ACL framework to allow
this to happen and update b10-ddns and python ddns module so they
understand and handle this fine-grained access control.
2068 defect 1340132472855708 1340132472855708 logging medium jinmei new a convenient interface to choose lock policy for logging It’s annoying that interprocess file lock is required by default.
for example, b10-dbutil will fail if the lock file can be created
only by a specific group of users.

There should be some easy way for each application can specify which
lock policy (at least including “none”) should be used for logging
at the initialization time. We also need a python interface for that.

On top of that, I suggest we use the “none” policy by default, and
require explicit setting for those who need interprocess locking.
The only benefit the lock provides is to avoid mixed logging output
by multiple processes. While it’s nice, but not crucial for the
system to work. It’s much, much worse that some tool cannot even
start due to the failure of getting access to the unnecessary lock
file. The default should prevent that from happening.
2069 defect 1340169825729785 1343999939762506 xfrout medium muks new Xfrout’s “notify” command handler needs a unit test Xfrout’s “notify” command handler needs a unit test. The command handler used to do a comparison with notify_out.ZONE_NEW_DATA_READY_CMD, but that is incorrect as notify_out.ZONE_NEW_DATA_READY_CMD is no longer “notify”. This has been fixed in master, but `make check` passed even otherwise, so we really should have a unit test to check if the “notify” command is handled by xfrout.
2070 defect 1340200674636222 1363707326433028 Unclassified medium muks new UDPDNSServiceTest.defaultUDPServerFromFD fails on NetBSD UDPDNSServiceTest.defaultUDPServerFromFD fails on NetBSD:


[———-] 4 tests from UDPDNSServiceTest
[ RUN ] UDPDNSServiceTest.defaultUDPServerFromFD
unknown file: Failure
C+ exception with description “Socket is already connected” thrown in the test body.
[ FAILED ] UDPDNSServiceTest.defaultUDPServerFromFD
[ RUN ] UDPDNSServiceTest.explicitDefaultUDPServerFromFD
unknown file: Failure
C
+ exception with description “Socket is already connected” thrown in the test body.
[ FAILED ] UDPDNSServiceTest.explicitDefaultUDPServerFromFD (0 ms)
[ RUN ] UDPDNSServiceTest.syncUDPServerFromFD
unknown file: Failure
C++ exception with description “Socket is already connected” thrown in the test body.
[ FAILED ] UDPDNSServiceTest.syncUDPServerFromFD (0 ms)
[ RUN ] UDPDNSServiceTest.addUDPServerFromFDWithUnknownOption
[ OK ] UDPDNSServiceTest.addUDPServerFromFDWithUnknownOption (1 ms)
[———-] 4 tests from UDPDNSServiceTest (1 ms total)


Full log: http://git.bind10.isc.org/~tester/builder//BIND10/20120620122512-NetBSD6-i386-GCC/logs/unittests.out

This is in src/lib/asiodns/tests/

Setting Next-Sprint-Proposed milestone so we don’t forget to talk about it.
2072 defect 1340629688917551 1341322996122238 Unclassified medium jreed new b10-ddns and Broken pipe on component removal b10-ddns can be enabled to be started even though its dependencies are not enabled. So it will start and stop continually. So when stopping it, it may not be running:


> config remove Boss/components b10-ddns
> config commit
Error: [Errno 32] Broken pipe
Configuration not committed


I think this was caused by: boss asking it to shut down, but it already was not running due to no zonemgr, and timed just right since hadn’t re-started again.
2073 defect 1340630182332925 1341228551885938 configuration medium jreed new unified way to define zones with attributes This ticket is to track tasks for designing and implementing a unified way to define zones with attributes (like BIND 9’s “zone” configuration).

Also it may be useful to consider this known maybe by cfgmgr and not zonemgr. (That is have access to this configuration without needing otherwise-unused daemon handling timers.)
2074 defect 1340630446417143 1341323012787554 DDNS medium jreed new b10-ddns requires zonemgr even if doesn’t use secondary timers Currently b10-ddns requires b10-zonemgr; it will exit soon after starting if zonemgr is not running. (And boss will restart again and again.)

b10-ddns should not need zonemgr in the case when it does not need a list of secondary zones because it is a primary only server. (It needs no zone timers.)

See ticket #2073 about unified way to configure zones.
2075 defect 1340636558439227 1343999992107800 Boss of BIND medium jreed new simplify components address syntax Currently the guide documents about the address setting for Boss/components: ``It is the address used by the component on the b10-msgq message bus. The special components already know their address, but the usual ones don’t. The address is by convention the thing after b10-, with the first letter capitalized (eg. b10-stats would have “Stats” as its address).‘’

And later about using “DDNS” for DDNS: ``Likewise, “address” may look unnecessary because b10-ddns would start and work without specifying it. But for it to shutdown gracefully this parameter should also be specified.’’

I think it should be more automatic; we should not need to manually define address “FOO” for “b10-foo”. Maybe it should be case insensitive and get rid of that convention “with the first letter capitalized”).
2076 enhancement 1340707744327952 1341217549078115 documentation low jreed fdupont accepted bind10 guide needs some updates doc/guide/bind10-guide.xml needs some updates:
- (1.1) it is dubious bind10 is not supported on debian 6
- (1.2) there is nothing about boost: has someone checked if
bind10 can be run without an installed boost? and on all supported
systems?)


2077 enhancement 1340796378392537 1344000011453380 Unclassified medium fdupont new add NO_EXPECT_DEATH I suggest to add a NO_EXPECT_DEATH C++ compilation flag in order to handle systems where runtime checks are configuration dependent. For instance WIN32 with its Release and Debug versions, here with NO_EXPECT_DEATH for Release only the EXPECT_DEATH() macro of gtest works as expected.

PS: the change is:
#ifdef EXPECT_DEATH
->
#if defined(EXPECT_DEATH) && !defined(NO_EXPECT_DEATH)
2078 task 1340812563541638 1344000777521570 Boss of BIND medium jreed new lettuce test for bind10 -u See ticket #2067 for background.

Add a feature test for bind10 -u.

There is now a unittest that also tests the gid too.
2079 defect 1340835794964978 1347891098005004 data source medium jinmei new ZoneFinder’s FIND_GLUE_OK should better be named FIND_IGNORE_ZONECUT See http://bind10.isc.org/ticket/1771#comment:25

I’m pushing this to the next-sprint-proposed queue to see if others
think it’s worth changing. If not, I’m okay just closing this ticket
without a change.

Note: if we decide to work on it, we’ll need to do related, maybe
not so obvious cleanups, too. For example, it’s better to rename
variables like “glue_ok”.
2080 enhancement 1340849226910860 1341323076073668 Unclassified medium muks new Python 3.2 as dependency We currently have Python 3.1 as a dependency. Bumping it to Python 3.2 gives us
some new features such as use of `with` statement on socket objects and verbosity options in
unit tests (among others).

We have to check if Python 3.2 is old enough that it is available in various distros. Maybe we should also ask our users what they think about moving to Python 3.2.
2081 defect 1340872037991238 1341355616387606 libdns++ medium UnAssigned fdupont new EXPECT_EQ worry Another EXPECT_EQ() which doesn’t compile on Windows.
src/lib/dns/tests/rdata_nsec3param_like_unittest.cc (new file)
2082 defect 1340883378291836 1357551390414613 Unclassified medium fdupont new bad ASIO update the asio/detail/impl/socket_ops.ipp was updated this year but
to an incorrect version of close() on not Unix systems.
I updated it according to the last ASIO distrib in trac826,
commit 352788b..3aa5044
2085 task 1340930847288893 1360150243778105 Unclassified medium muks new [meta bug] Add isc.sysinfo.SysInfo implementations for various operating systems See bug #2062. This bug should be worked on only after #2062 is in master.

Currently #2062 only has a Linux implementation of `isc.sysinfo.SysInfo` to gather system information. We should add implementations for other operating systems such as BSDs, MacOS and Solaris.

* #2062 - Linux
* #2121 - OpenBSD
* #2122 - FreeBSD
* #2172 - MacOS
* #2691 - Solaris
* #2692 - NetBSD

See also a related ticket, #2693, which changes the behavior in the face of unknown systems.
2101 task 1340960971663886 1345616806816802 data source medium jinmei new [meta] memory-efficient version of InMemory Zone This feature consists of some other subfeatures:

- Updates to libdns++ `LabelSequence`: #2086, #2087
- Introduce `MemorySegment`: #2088
- `RBTree` updates so it will be more memory efficient, using offset
pointer and provide other support methods: #2089, #2090, #2091,
#2092, #2093
- Memory efficient `Rdata` encoding: #2094, #2095, #2096
- Introduce `RdataSet` and define new `RRset`: #2097, #2098
- `InMemoryZone` client/finder update: #2107, #2108, #2109, #2110, #2218
- Update `ZoneTable`: #2100
- Integration: #2219 (when all others are done)

General notes: when we complete this, we’ll have a slightly different
version of the proposed design
http://bind10.isc.org/wiki/InMemoryZoneDesign
- It will encode names in RDATA as raw data for `LabelSequence`, not a
pointer to the corresponding tree node
- As a result, it doesn’t support additional section shortcut

I thought the above tasks are already pretty big, so it’s probably
better to complete a suboptimal but workable version first.

It’s unlikely that we’ll revise the existing in-memory data source
implementation incrementally without making it unworkable for the
moment. So, realistically, we should implement these while keeping
the current version intact (using a slightly different name or
separate subdirectory, etc), and when everything is done, replace the
existing one with the new one (that itself will probably have to be a
separate task - which is #2219).

Also, we may want to rename `RBTree` more generic using this
opportunity, such as `DomainTree` so that if and when we want to
change the internal tree algorithm from RB tree the class name won’t
be affected.
2102 enhancement 1340967814023962 1344267943630342 Unclassified low fdupont new type of test is bool in if (test) then (true_branch) else (false_branch) the type of is bool (and branches have compatible types). Windows C++ compiler emits a warning when the test has another type, i.e., it is checked against 0, because it can impact the performance (and BTW is bad style).
An example is the ASSERT_TRUE()s in src/lib/acl/tests/loader_test.cc which are against pointers (so ASSERT_TRUE(foo) -> ASSERT_TRUE(foo != NULL))
2111 task 1341047150737960 1345615919151980 data source medium jinmei new Define a dedicated result context and additional record handling. This is a revised version of current `RBNodeResultContext`
and `InMemoryZoneFinder::Context`. But right now additional shortcut
is not available, so it’s actually pretty simple.

Iterate over each RDATA of the given RRset using the encoded version
of iterator, and use findNode() to get the node for each name field of
the RDATA whose attribute indicates additional handling is needed.
Then go through the nodes’ `RdataSet` to find specified type of data.
Construct `TreeNodeRRset` for them and push them to the result.

One open question is whether we should distinguish “glue ok” case or
not. I’m now inclined to skip this differentiation, but we can
discuss it.

Depend on #2096, and in practice, on #2107, #2108 and #2109 (and
even #2110 for comprehensive support).
2117 enhancement 1341390485944063 1345214203180295 Unclassified medium fdupont fdupont new win32 DLLs Private ticket to experiment again the build of libraries as DLLs on WIN32 (currently they are static which greatly minimize diffs but raise some issues for datasrc (minor) and python (severe)).
2118 enhancement 1341426209525716 1394117013611767 b10-auth medium shane DNS Outstanding Tasks new use some additional polling in SyncUDPServer Jinmei discovered that he could improve efficiency by checking for multiple packets in our UDP packet handler. The discussion is on the mailing list:

https://lists.isc.org/pipermail/bind10-dev/2012-July/003623.html
2125 defect 1342135631141938 1344004668256835 configuration medium jreed new cannot add update_acl and then set The guide says for update_acl “Due to a limitation of the current implementation, it doesn’t work if you first try to just add a new entry and then set it to a given rule.”

Probably needs to be fixed at higher level and no specific to update_acl.
2127 task 1342184987644846 1342184987644846 data source medium vorner new Remove old data sources After #1976 is merged, nothing would be using the old data sources. We should remove the dead code from the libraries and aliminate the old sqlite3 data source.
2129 task 1342185167612103 1396529388626513 xfrin medium vorner DNS Outstanding Tasks new Migrate XfrIn to use ClientList The XfrIn uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list.

This depends on #2051. Needed by #2132.
2130 task 1342185213203996 1349716216445398 xfrout medium vorner new Migrate XfrOut to use Client List The XfrOut uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list.

This depends on #2051. Needed by #2132.
2131 task 1342185402427592 1349716253572416 DDNS medium vorner new Migrate DDNS to use Client List The DDNS uses the new data source API, but it is hardcoded to create a sqlite3 client with the Auth/database_file file as configuration. It should use the global data_sources configuration and create the data source through a client list.

This depends on #2051. Needed by #2132.
2132 task 1342185639341008 1342185639341008 Unclassified medium vorner new Remove Auth/database_file configuration Once the tickets #2129, #2130 and #2131 are merged, no component would be using the Auth/database_file configuration option. It should be removed then (both from the spec file, from documentation and from all the test configurations through the source tree.
2134 task 1342208430704438 1344004696911587 Unclassified medium shane new Library organization We had a discussion about the BIND 10 libraries, which have many names that are too generic and/or likely to collide with system libraries:

http://bind10.isc.org/wiki/WeeklyMinutes20120712#Renamelibraries

We decided that while a specific rename (libutil #2071) would be a short term solution, we need to consider the organization and naming of our libraries in general. This task of this ticket is to create a proposal around that issue.

See wiki page at http://bind10.isc.org/wiki/LibraryNaming for brainstorming.
2144 enhancement 1342613197126933 1365279674125677 Unclassified medium fdupont fdupont reviewing add nonassignable super class When a class is defined with a const member and no explicit assignment operator the compiler can’t build the operator and some raise a warning (4512 with MSVC).
The idea is to clone the noncopyable super class from boost and to derived all impacted classes (and structures?) from it. BTW I suggest to do the same for noncopyable (where both the copy constructor and the operator = are declared but left undefined).
include files should be in util.
I’ll provide the list of classes and structures.
2146 enhancement 1343053652656661 1364490687183305 dhcp medium tomek DHCP Outstanding Tasks new Investigate dhcp{4,6} start-up merge possiblity DHCPv4 and DHCPv6 servers have many similarities:
- main() functions in src/bin/dhcp{4,6}/main.cc
- ControlledDhcpv{4,6}Srv classes.
- TestDhcpv6Daemon from srv/bin/dhcp{4,6}/tests/dhcp{4,6}_test.py

Some form of merge should be investigated. A common base class, or perhaps template would be helpful.

It should be noted that in some cases the code is similar now, but is expected to grow differently in the future, so unification should not be the automatic answer and some thought should be given.
2149 defect 1343122626859625 1344004972004547 DDNS medium jelte new retry send ‘setup connection’ in b10-ddns
ticket 1986 added a command that is sent from b10-ddns to b10-auth, which sets up the internal connection to forward packets.

It also contains a message from auth to ddns should auth be restarted. However, on startup, if ddns is just slightly faster than auth in getting started, auth never gets the message, and b10-ddns hangs for 4 seconds waiting for an answer (the connection does get set up eventually, but it will cause errors if it is attempted to be used initially, b10-ddns is dead in the water for the full 4 second, not answering to commands and updates).

Fundamentally, the problem is the lack of real async io in b10-ddns, however, a quick workaround would be to set the internal timeout lower than the default, and retry a few times before erroring.

We also need an option for the ‘nonblocking’ version of check_command to check for multiple commands I think.

(I have some code, which i’ll put in the branch, but it may need some unit tests, and now my lettuce tests fail on an entirely different cmdctl error)
2153 defect 1343337795566338 1389660643648801 libdns++ medium UnAssigned jinmei new change Message::addRRset param to ConstRRsetPtr I believe, after #254, we can make the `rrset` parameter of
Message::addRRset() to `ConstRRsetPtr`:
#!cpp
void addRRset(const Section section, RRsetPtr rrset, bool sign = false);


And then we can get rid of const_pointer_cast from auth/query.cc.

Would also depend on #2161.
2156 enhancement 1343369210028990 1380606572666551 b10-auth medium UnAssigned y-aharen StatsRedesign assigned Collect socket statistics items in Auth module Collect socket statistics items (e.g. opcode, qtype, edns0) in Auth module, and increment counters.

To collect information, some investigation on boost::asio library is required.

This ticket depends on #2154.
2162 defect 1343429086134221 1359700877022331 data source medium jinmei new rename datasrc/zone.h to datasrc/iterator.h “zone.h” sounds too generic (historically it indeed defined a `Zone`
class, but not any more). I propose:

- rename zone.h to zone_finder.h and only define `ZoneFinder` there
- create zone_updater.h and zone_journal_reader.h, and move the
definitions of `ZoneUpdater` and `ZoneJournalReader` to the new
files, respectively.
- rename iterator.h to zone_iterator.h (for consistency, and
“iterator” is also pretty generic)
2167 defect 1343537466343590 1343720618503683 data source medium jinmei new clarify whether to keep inmemory datasrc as a loadable module After #1976 the in-memory data source implementation is now part of
libdatasrc, rather than a separate loadable module. If that’s the
course we’re taking, it’d be better to clean up the loadable module
setup (remove _link.cc, stop creating .so, etc).
2170 task 1343734502281945 1352286024992189 Unclassified medium shane new Consistent place to configure socket file paths This came up during a recent BIND 10 team call:

WeeklyMinutes20120712#Consistentwaytodefinepathstosocketfilesforalluses

There are several places where this type of information is stored:
- src/lib/python/bind10_config.py
- in specific python scripts like xfrout.py
- in some C++ files like auth/common.{h,cc}

Jinmei reports:


It’s just a mess. When you need to know the path, you’ll need to
find multiple places. When you need to add a new path, there can be
several ways and it’s also possible that you invent yet another
place. Also, there are some inconsistent cases like #1903.

So, what exactly I would envision is:

- introduce a unified place to define this information for all
modules. ideally this should be the only source for both Python and
C.
- Python scripts and C
sources refer to this place and use the
information appropriately.
- Document the policy and how you add new things to the unified place.
2174 defect 1343832196323445 1392917463577802 resolver medium jreed DNS Outstanding Tasks new Various issues with NSAS_WRONG_ANSWER log message The messages documentation has:

NSAS_WRONG_ANSWER queried for 1 RR of type/class 2/%3, received response 4/5

A NSAS (nameserver address store - part of the resolver) made a query for a resource record of a particular type and class, but instead received an answer with a different given type and class.

This message indicates an internal error in the NSAS. Please raise a bug report.


The definition of ERROR is:

Something has happened such that the program can continue but the
results for the current (or future) operations cannot be guaranteed to
be correct, or the results will be correct but the service is impaired.
For example, the program started but attempts to open one or more network
interfaces failed.


The log message I saw is:

2012-07-31 15:21:20.q ERROR [b10-resolver.nsas] NSAS_WRONG_ANSWER queried for dns1.nj2.dns-roots.net. RR of type/class AAAA/IN, received response CNAME/IN


Well I can manually see that a query for AAAA using @dns1.nyc.dns-roots.net. does answer with a CNAME. And following that CNAME does not have a AAAA.

I am opening this ticket for:

1) docs says it “indicates an internal error in the NSAS. Please raise a bug report.”

2) Maybe ERROR is the wrong logging severity. Why is it an ERROR because a response (or query) from outside should not cause the program to misbehave.

3) The log message itself is confusing. Is it wrong to receive a CNAME response?

4) The log message doesn’t tell us what server it queried and received the answer from.
2192 defect 1345054990930274 1364462652152271 Inter-module communication medium jinmei new look into openbsd socket error See this
http://git.bind10.isc.org/~tester/builder/BIND10/20120815131128-OpenBSD5-amd64/logs/unittests.out

This happens periodically, and the only effective workaround seems to
be to reboot the machine.

It looks like a kernel bug, but we are not very sure about that.
We should at least figure out (if possible) a simpler way to reproduce
the problem. My guess is that if we repeat forwarding FDs via unix
domain sockets some resource leaks in the kernel and it eventually
triggers the problem.
2193 defect 1345147419116720 1352302954085665 sysinfo medium jinmei new unnecessary warning about ‘being non root’ from sysinfo I saw this warning from isc-sysinfo ran on a FreeBSD server:


NOTE: You have to run this program as the root user so that it can
collect all the information it requires. Some information is
only available to the root user.


but, as far as I can see, there’s no information that is missing
whether or not I run it as a root. I further suspect it’s applicable
to all BSD variants (I see this note on MacOS too).

I suspect it’s another example of the Linux-centric mindset. we need
to fix it; the top level behavior must be generic.
2195 defect 1345160808725129 1352303180669216 sysinfo medium jinmei new sysinfo leaks ‘Broken pipe’ exception If I pass the output of isc-sysinfo to another process via a pipe
and that process doesn’t consume all input from sysinfo, sysinfo
itself dies with an uncaught exception of IOError (Broken pipe):


% isc-sysinfo
head –1
ISC Sysinfo tool
Traceback (most recent call last):
File “/home/jinmei/opt/bin/isc-sysinfo”, line 136, in
main()
File “/home/jinmei/opt/bin/isc-sysinfo”, line 121, in main
write_value(f, ’s', s.get_net_connections)<br> File "/home/jinmei/opt/bin/isc-sysinfo", line 42, in write_value<br> out.write(fmt value)
IOError: [Errno 32] Broken pipe


This is not really grace.
2196 enhancement 1345171155895164 1380606604009221 b10-auth medium UnAssigned fujiwara StatsRedesign assigned Update Auth to support differential statistics updates Add a new command “getstats_delta” which returns differences of statistics data from previous command.
It suppresses items which values are zero.
“getstats” and “getstats_delta” commands should be used exclusively.
2199 enhancement 1345181298018249 1379679554271664 b10-auth medium UnAssigned y-aharen StatsRedesign assigned Add a configuration item to specify zones to collect statistics in Auth module Add a configuration item ‘statistics_zones’ into Auth module.

‘statistics_zones’ is a list item. It can specify a set of zone names to collect per-zone statistics items. If the list is empty, no per-zone statistics item is collected.
2200 enhancement 1345181299847212 1379679562707672 b10-auth medium UnAssigned y-aharen StatsRedesign assigned Collect per-zone query/response statistics items in Auth module Collect query/response statistics items (e.g. opcode, qtype, edns0) in Auth module, and increment counters.

Zone origin of processing query can be get with isc::datasrc::ZoneFinder::getOrigin().
Modify isc::auth::statistics::Counters::inc() to add a functionality to identify zones and increment corresponding counters.
2214 enhancement 1345278333284841 1349877405338151 Unclassified medium fdupont new import/export decoration for DLLs DLLs require import/export decoration, !declspec/!declspec(dllexport) on WIN32 for instance.
The idea is:
- add a dll.h in all library directories
- decorate external symbols
- in rare cases force the instantiation of classes (e.g., util/buffer.cc)
(current reference is trac2117)

2215 enhancement 1345286271103687 1353005386496311 Unclassified medium fdupont new make socket code portable the socket code makes too often the assumption the OS is Unix:
- “file descriptor”
- use of PF_UNIX
- int > asio/detail/socket_types.hpp
fdshare -> socketshare
etc
2217 enhancement 1345498657967631 1352989248493593 Unclassified medium fdupont new portable timing functions gettimeofday() and *sleep() are Unix bound. Equivalents exist for Windows, do I propose to factorate them in the util library…
2221 enhancement 1345781571215368 1361955721744470 build system low UnAssigned muks assigned Add verbosity=2 as an argument when running Python unittests In #2165, we had a case where Python test output was printed in the order in which the tests occurred in the file, but were run in a different order. I looked at the wrong testcase as the cause of later failures for some time.

Currently the test names are not printed as they are run. Adding `verbosity=2` to the `unittests.main()` call should make these be printed. But this argument is available on Python 3.2+ only. So we should use a try/except block and make it verbose where it’s available.
2224 enhancement 1346115172112820 1355231466251207 configuration low naokikambe new Remove b10-stats from default startup modules As discussed at https://lists.isc.org/pipermail/bind10-dev/2012-August/003747.html, after #2136,#2137, and #2138, b10-stats is no longer needed as a default startup module. So remove b10-stats from there. That is, remove the following setting from bob.spec:
#!patch
diff —git a/src/bin/bind10/bob.spec b/src/bin/bind10/bob.spec
index 442d46f..840aa8e 100644
— a/src/bin/bind10/bob.spec
+ b/src/bin/bind10/bob.spec
@ -8,7 +8,6 @
item_type “named_set”,
item_optional false,
item_default {
- b10-stats { address “Stats”, kind “dispensable” },
b10-cmdctl { special “cmdctl”, kind “needed” }
},
named_set_item_spec {

Also we need to update the lettuce test and the document related to this. This task is similar to #1885.
2227 defect 1346329692253160 1353960131571037 data source medium jreed new re-add a temporary hotspot cache ChangeLog 455 (I think) removed the existing hot spot cache mechanism.

Attached to this ticket is a graph showing a drop after when the default hotcache was removed. I mark this ticket as a defect (versus a task or feature) due to this performance regression.

It is useful in case of huge external databases that cannot be loaded into in-memory.

vorner suggested: I think an query-answer cache (with rendered response packets) would make more sense.
2228 task 1346349954425253 1352399046149632 Unclassified medium larissas jinmei assigned research requirements for DB-based data source performance I’ve never heard specific requirements on the performance of
DB-based zones and expected operational environments, including:

- what kind of setup it is: number of zones, size of zones, type of
zones (e.g. delegation-centric or leaf, with or without DNSSEC,
with or without wildcards), usual query patterns (whether it has a
lot of NXDOMAIN results, whether there are many wildcard
substitutions, etc)
- which level of response performance is requested: less than 1Kqps?
several thousands qps? more than 10K?

I don’t think it a good strategy just to try to do any possible
improvement techniques like #2227 without knowing these. We should
clarify that first.
2239 task 1346761860036830 1394117025375992 b10-auth medium jinmei DNS Outstanding Tasks new change UDP/TCP/SyncUDPServer so they don’t pass query message object In #2160, we changed `SyncUDPServer` so it doesn’t clear the query_
`Message` object. In fact, it could even remove that member variable
if it wasn’t requested by the API contract. Unfortunately we cannot
simply remove them without making non trivial changes to `UDPServer`
and `TCPServer` classes and the b10-resolver implementation.

IMO, it’s better to make the xxx server classes independent from
`Message` management. This ticket is a placeholder to do this task.
Specifically:

- remove the “query” parameter from the callback functions
- remove the “query” member variables from XXX server classes
- update b10-auth so it maintains `Message` internally (now that it’s
not given via the callbacks). This should be easy.
- Same for b10-resolver. This may be a bit trickier due to the
recursive-resume operations.
2240 enhancement 1346933828268607 1352375924286591 data source medium jreed new add all zones by default with data_sources cache-enable Currently when cache-enable is true for a data source, then all the zones not listed in cache-zones become unavailable.

vorner suggested loading all by default.
2241 enhancement 1346936395646672 1352375972570814 Unclassified medium jreed new version components? I upgraded a running version (from June 21) but didn’t restart all, just did a “Auth shutdown” to restart a single component:


2012-09-06 07:48:24.569 DEBUG [b10-auth.cc] CC_GROUP_SEND sending message ‘{ co
mmand
[ “get_module_spec”, { module_name “data_sources” } ] }’ to group ‘Co
nfigManager’
2012-09-06 07:48:24.569 DEBUG [b10-auth.cc] CC_GROUP_RECEIVE trying to receive a
message
2012-09-06 07:48:24.570 DEBUG [b10-auth.cc] CC_GROUP_RECEIVED message arrived (‘
{ from “4fe3ae00_2@t1.m.reedmedia.net”, group “ConfigManager”, instance “*”, reply 10, seq 214121, to “50489b97_68@t1.m.reedmedia.net”, “type”
: “send” }’, ‘{ result [ 0, { } ] }’)
2012-09-06 07:48:24.591 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed:
module_name missing in { }


I know it is not safe behaviour to do this with a development version after a big upgrade, but maybe we should have the components identify themselves or otherwise have some way to know what they are compatible with. So instead of confusing fatal error message it could say it is an incompatible version?

2242 defect 1346937302724276 1352376248594117 Unclassified medium jreed new what is specifically wrong with “Bad config data for Auth”? I shutdown BIND 10 from June and restarted today’s master with my old configuration.


2012-09-06 07:49:22.523 ERROR [b10-xfrout.xfrout] XFROUT_MODULECC_SESSION_ERROR
error encountered by configuration/command module: Bad config data for Auth: {’statistics-interval’: 62, ‘datasources’: [{’zones’: [{’origin’: ‘example.org’, ‘file’: ‘/home/reed/work/isc/bind10/all-types.zone-canonical’}], ‘type’: ‘memory’}], ‘listen_on’: [{’port’: 5300, ‘address’: ‘::’}, {’port’: 5300, ‘address’: ‘0.0
.0.0’}]}


The same thing also happens for DDNS_GET_REMOTE_CONFIG_FAIL (two times, three times) and then DDNS_MODULECC_SESSION_ERROR for trying to use Auth’s configuration.

The starting of xfrout and ddns repeatedly are trying to start now. The b10-auth process is running though.

It doesn’t say what part is bad. If this was a very long configuration, it could be very difficult to track down.


I may have tracked it down:


> config remove Auth/datasources[0]
> config commit
Error: Error in config validation: Unknown item statistics-interval
Configuration not committed


But config show Auth doesn’t show it.

(I see it is mentioned in changelog 468.)

Maybe a new ticket is needed to allow to remove an unknown item.

So I stopped all of bind10 and manually edited the file to remove statistics-interval.
2243 defect 1346937538678402 1352376301873141 DDNS medium jreed new what is “no module_name in module_spec”? I restarted all of bind10 master; my previous configuration was from a June instance.


2012-09-06 08:10:55.840 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed
to get Zonemgr module configuration 1 times: no module_name in module_spec
2012-09-06 08:10:56.846 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed
to get Zonemgr module configuration 2 times: no module_name in module_spec
2012-09-06 08:10:57.856 WARN [b10-ddns.ddns] DDNS_GET_REMOTE_CONFIG_FAIL failed
to get Zonemgr module configuration 3 times: no module_name in module_spec
2012-09-06 08:10:58.865 ERROR [b10-ddns.ddns] DDNS_MODULECC_SESSION_ERROR error
encountered by configuration/command module: no module_name in module_spec


This loops.

What is no “module_name in module_spec”? It doesn’t tell me what to fix so I can get it running again.

Also the last ERROR should be FATAL, since the process ends.
2245 defect 1346963704798241 1357751153173337 Unclassified medium jreed new cache-enable true causes crash at startup Setting cache-enable true at run-time doesn’t fail. Later (stop and then) start of bind10 fails.

A similar detailed example was posted to the bind10-users list; see https://lists.isc.org/pipermail/bind10-users/2012-September/000391.html

My own example failed with:


2012-09-06 15:22:12.758 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Auto-detection of zones to cache is not yet implemented, supply cache-zones parameter
2012-09-06 15:22:12.758 DEBUG [b10-auth.cc] CC_DISCONNECT disconnecting from message queue daemon
2012-09-06 15:22:12.758 DEBUG [b10-auth.cc] CC_UNSUBSCRIBE unsubscribing from communication group data_sources

2012-09-06 15:22:13.811 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to msgq (PID 20075)
2012-09-06 15:22:13.812 [b10-msgq] Closing socket fd 9
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 8
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 5
[b10-msgq] Receive error: EOF
[b10-msgq] Closing socket fd 7
[b10-msgq] Receive error: EOF
INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats-httpd (PID 19437)
2012-09-06 15:22:13.822 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-xfrout (PID 20911)
2012-09-06 15:22:13.829 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-cmdctl (PID 7189)
2012-09-06 15:22:13.829 INFO [b10-boss.boss] BIND10_SEND_SIGTERM sending SIGTERM to b10-stats (PID 28795)
Traceback (most recent call last):
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-xfrout”, line 1065, in
xfrout_server = XfroutServer()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-xfrout”, line 936, in init
self.cc.start
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 212, in start
self.
send_spec
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 442, in
send_spec
seq = self.
session.group_sendmsg(msg, “ConfigManager”)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 268, in group_sendmsg
}, isc.cc.message.to_wire(msg))
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 101, in sendmsg
cc = self.socket.send
socket.error: Broken pipe
Traceback :
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 626, in
run
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 585, in run
CommandControl, idle_timeout, verbose)
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 483, in
init
self.cmdctl = CommandControlClass
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 234, in
init
self.
setup_session()
File “/home/reed/opt/bind10/libexec/bind10-devel/b10-cmdctl”, line 250, in setup_session
self.command_handler)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 198, in
init
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 419, in add_remote_config
self.
add_remote_config_internal(module_spec, config_update_callback)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 343, in add_remote_config_internal
answer,
= self.session.group_recvmsg
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg
env, msg = self.recvmsg
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer
self.
receive_len_data()
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 160, in
receive_bytes
raise ProtocolError(“Read of 0 bytes: connection closed”)
isc.cc.session.ProtocolError: Read of 0 bytes: connection closed
Exception socket.error: error(32, ‘Broken pipe’) in > ignored
2012-09-06 15:22:13.930 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 7189 of b10-cmdctl ended with status 256
2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 20911 of b10-xfrout ended with status 256
2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 19437 of b10-stats-httpd ended with status 15
2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 28795 of b10-stats ended with status 15
2012-09-06 15:22:13.931 INFO [b10-boss.boss] BIND10_PROCESS_ENDED process 20075 of msgq ended with status 0
2012-09-06 15:22:13.932 INFO [b10-boss.boss] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete


The msgq shutdown before users of it.

The second problem is that the error is fatal, but was no fatal when set via bindctl.

Third problem is that I can’t run bindctl to fix it now.
2249 defect 1347292197641927 1352376365413504 Boss of BIND medium jreed new order of shutdowns should not allow msgq or cfgmgr to exit before other components See https://lists.isc.org/pipermail/bind10-dev/2012-September/003793.html

The order of the logging and timestamps may be misleading, but it seemed to show that the cfgmgr shutdown cleanly and msgq received a SIGTERM before b10-xfrin tried to use them.


2012-09-03 16:03:18.877 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking
cfgmgr to shut down

2012-09-03 16:03:18.877 INFO [b10-boss.boss] BIND10_STOP_PROCESS asking
b10-xfrin to shut down

2012-09-03 16:03:19.878 INFO [b10-boss.boss] BIND10_PROCESS_ENDED
process 1953 of cfgmgr ended with status 0
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_PROCESS_ENDED
process 1957 of b10-auth-1 ended with status 256
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_PROCESS_ENDED
process 1959 of b10-stats ended with status 0
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM
sending SIGTERM to msgq (PID 1952)
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM
sending SIGTERM to b10-xfrin (PID 1954)
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM
sending SIGTERM to b10-zonemgr (PID 1955)
2012-09-03 16:03:19.879 INFO [b10-boss.boss] BIND10_SEND_SIGTERM
sending SIGTERM to b10-cmdctl (PID 1958)

2012-09-03 16:03:19.884 ERROR [b10-xfrin.config] CONFIG_SESSION_STOPPING_FAILED error
sending stopping message: [Errno 32] Broken pipe
2012-09-03 16:03:19.887 ERROR [b10-zonemgr.config] CONFIG_SESSION_STOPPING_FAILED
error sending stopping message: [Errno 32] Broken pipe


Then zonemgr crashes (as seen at https://lists.isc.org/pipermail/bind10-users/2012-September/000391.html):


Traceback (most recent call last):
File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 699, in

zonemgrd = Zonemgr()
File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 523, in
init
self.setup_session
File “/opt/bind10/libexec/bind10-devel/b10-zonemgr”, line 542, in
setup_session
self.module_cc.add_remote_config
File
“/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line
419, in add_remote_config
self.
add_remote_config_internal(module_spec, config_update_callback)
File
“/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line
343, in add_remote_config_internal
answer,
= self.session.group_recvmsg
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 275, in group_recvmsg
env, msg = self.recvmsg
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 130, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 239, in receive_full_buffer
raise se
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 212, in
receive_full_buffer
self.receive_len_data
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 172, in
receive_len_data
new_data = self.receive_bytes
File “/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”,
line 158, in
receive_bytes
data = self.socket.recv
ConnectionResetError: Connection reset by peer
Exception BrokenPipeError: BrokenPipeError in method ModuleCCSession.
del_ of object at 0x7f4106438390>> ignored



From the logging above it appears that stopping the msqg and cfgmgr didn’t get postponed.

Also see ticket #2245 which has similar example.
2253 defect 1347371970104106 1352376418499589 configuration medium jreed new new start logging about CFGMGR_CONFIG_FILE but doesn’t really exist Starting bind10 for the first time says:


2012-09-11 06:55:49.001 INFO [b10-cfgmgr.cfgmgr] CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /usr/local/var/bind10-devel/b10-config.db


Actually the file does not exist.

Maybe reword this? Or create a file and say it was created?
2256 task 1347383687931778 1348582252121413 data source medium jreed new postgresql data source design This task is to research, design, and create new work tickets as applicable for implementing a new datasource for Postgresql. This could consider a closed database and derive it on the existing sqlite3 datasource.

This is for the first October 2012 sprint.
2257 defect 1347394145953157 1352376497054190 Unclassified medium jreed new noisy Boss shutdown — socket.error: [Errno 104] Connection reset by peer This is not master but latest snapshot. Brand new install, first time ran:


jreed@debian-64-4:~/src/bind10-devel-20120816$ echo Boss shutdown
bindctl

Exit from bindctl
jreed@debian-64-4:~/src/bind10-devel-20120816$ Exception in thread Thread-1:
Traceback (most recent call last):
File “/usr/lib/python3.1/threading.py”, line 516, in bootstrap_inner
self.run
File “/usr/lib/python3.1/threading.py”, line 469, in run
self.
target(*self.args, **self.kwargs)
File “/usr/local/libexec/bind10-devel/b10-cmdctl”, line 351, in handle_msg_from_msgq
self.
module_cc.check_command(False)
File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 259, in check_command
msg, env = self.session.group_recvmsg
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 275, in group_recvmsg
env, msg = self.recvmsg
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 130, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 239, in receive_full_buffer
raise se
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 212, in
receive_full_buffer
self.receive_len_data
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 172, in
receive_len_data
new_data = self.receive_bytes
File “/usr/local/lib/python3/dist-packages/isc/cc/session.py”, line 158, in
receive_bytes
data = self._socket.recv(size)
socket.error: [Errno 104] Connection reset by peer

2259 defect 1347394484523301 1352376578620496 build system medium UnAssigned jreed new linking know about rpath for shared libraries It would be nice to have it linked so it knows the rpath of its libraries.


jreed@debian-64-4:~/src/bind10-devel-20120816$ /usr/local/sbin/bind10
Traceback (most recent call last):
File “/usr/local/sbin/bind10”, line 68, in
import isc.cc
File “/usr/local/lib/python3/dist-packages/isc/init.py”, line 6, in
import isc.config
File “/usr/local/lib/python3/dist-packages/isc/config/init.py”, line 1, in
from isc.config.ccsession import *
File “/usr/local/lib/python3/dist-packages/isc/config/ccsession.py”, line 45, in
from isc.log import log_config_update
ImportError: libb10-cfgclient.so.0: cannot open shared object file: No such file or directory


A workaround is to run “ldconfig”. This problem is common on Linux systems, but not on all other systems,
2260 defect 1347397995391278 1352376618720595 build system medium UnAssigned jreed new datasrc_test.py can’t find log library The library name and location is known. How about allowing having the linker include the rpath information?


for pytest in datasrc_test.py sqlite3_ds_test.py clientlist_test.py ; do br> echo Running test: $pytest ; br> LD_LIBRARY_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/datasrc/.libs: LD_LIBRARY_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/datasrc/.libs:$LD_LIBRARY_PATH br> PYTHONPATH=:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log_messages:/home/jreed/src/bind10-devel-20120816/src/lib/python:/home/jreed/src/bind10-devel-20120816/src/lib/python:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log:/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/.libs:/home/jreed/src/bind10-devel-20120816/src/lib/dns/python/.libs br> TESTDATA_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests br> GLOBAL_TESTDATA_PATH=/home/jreed/src/bind10-devel-20120816/src/lib/testutils/testdata br> B10_FROM_BUILD=/home/jreed/src/bind10-devel-20120816 br> /usr/bin/python3 /home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/$pytest
exit ; br> done
Running test: datasrc_test.py
Traceback (most recent call last):
File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests/atasrc_test.py”, line 16, in
import isc.log
File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/init.py”, line 6, in
import isc.config
File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/config/init.py”, line 1, in
from isc.config.ccsession import
File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/config/ccsession.py”, line 45, in
from isc.log import log_config_update
File “/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/log/init.py”, line 33, in
from log import

ImportError: No module named log
make[7]: * Error 1
make[7]: Leaving directory `/home/jreed/src/bind10-devel-20120816/src/lib/python/isc/datasrc/tests’
make[6]:
* [check-am


This is similar to #2259.
2261 task 1347460185245460 1365688994937772 data source medium jreed new move data_sources category and flatten configuration Lets abbreviate the data_sources configuration so it doesn’t have any “classes” intermediate item.

Also let’s move and/or rename the data_sources so it is not at the top level — it is specific to DNS at this time.

Some ideas:

dns_data/IN[0]

data_sources/dns/IN[0]

dns/data_sources/IN[0]

dns/zones/…

This is based on a conversation vorner and I had in jabber over a week ago. He said our spec doesn’t have a way to put the IN or CH classes directly below the top-level. (For example data_sources/IN[0] doesn’t currently work?)
2262 task 1347460531379972 1365688943454064 configuration medium jreed new move tsig_keys from top level of configuration Similar to #2261 …

Let’s move tsig_keys from the configuration top level. It is not a generic feature.

Maybe put to /dns/tsig_keys ?

Also consider flattening it (to remove intermediate “keys”), like /dns/tsig_keys[0] ? But that probably does not matter.
2263 task 1347461008670872 1364422096767280 configuration medium jreed new be able to select cfgmgr plugins Maybe allow the admin to enable/disable cfgmgr plugins.

Or maybe even the loading (and unloading) of a specific plugin can be automated, such as when a user of the plugin is started (or stopped). For example if b10-auth starts, then the cfgmgr can be told that the data_sources plugin is needed?

Currently the configurations are always available not matter if they aren’t needed; for example the DNS specific code is loaded even if running a DHCP server only.

It is loaded at startup and plugins can’t currently be unloaded. It just looks in a directory and loads everything there. For example, share/bind10-devel/config_plugins/ currently contains b10logging, datasrc_config_plugin, and tsig_keys.

I don’t know if it is possible to never load the b10logging plugin, but the others could be skipped.

Also while here consider using a consistent naming scheme for these plugin files. Even their corresponding spec files may have different base names.
2265 task 1347885919245418 1347986992488636 Unclassified medium jelte new cleanup: remove Renderer::clear() calls
In 1357, we found that essentially it is always mandatory to call Renderer::clear() before Message::toWire(), so we put it in there at the start. Not doing clear() overwrites the header as the start of the already rendered message, leaving the new header uninitialized, and it creates bad compressed domain names in the new packets. Apart from that, truncation may go wrong, and in case of truncation, the renderer is cleared anyway (So there isn’t even a reliable contract on whether or not the renderer is cleared).

There are however probably quite a few now unnecessary calls to Renderer::clear() that could now be cleaned up.
2271 defect 1347991347011911 1389878238332575 data source medium jinmei new complete in-memory zone iterator From code inspection there seem to be some open issues for the
in-memory zone iterator (I’m referring to the new version).

- #1666 - It doesn’t cover NSEC3 RRsets.
- It doesn’t seem to cover RRSIGs in the “separate RRs” mode.
- #2539 - It doesn’t implement getSOA().

We’ll need these, e.g., if we want to allow xfrout to use the
in-memory iterator for AXFR.

Note: if we complete this ticket we should be able to close #1666.
2277 task 1348211552352583 1396529414606376 xfrin high vorner DNS Outstanding Tasks new Lettuce tests for partially signed xfrin We need lettuce tests for the feature in #1357. What it should contain:
• A valid transfer with some messages in the middle being unsigned. Possibly both AXFR and IXFR.
• An invalid IXFR transfer ‒ the first message is signed, then there’s bunch of unsigned messages. The last one is missing signature or the signature is wrong. Check nothing is committed into the database.

This either needs some kind of fake server which we can instruct to send invalid data, or by having the wire data ready in a file and answering it using some kind of socat or nc.
2279 task 1348237353326097 1348237353326097 Unclassified medium jelte new requirements for configuration framework improvements
There are at least 3 ‘topics’ of configuration improvements we can make:

1 the general framework (classes that hold/transfer/act on configuration data)
2 bindctl itself
3 the layout of configuration

In principe, the 3rd is somewhat separate (though no less important); and 2 kind of depends in a lot of things on 1 (due to the lowlevel datatypes we have used for both specs and data, bindctl and config_data on the python side have gotten quite muddled, and ugly).

So the first task is to reboot the framework discussion I started some time ago; and I think the real very first task is to identify, now that we have experience with the current system, and what it can and cannot do, the requirements, for there turned out to be quite a few more than the current system was designed for;

For instance, we would probably like to have custom data types (to add, for instance, an IP address or range, something DHCP certainly needs, and which would also be usable in ACLs; if these would be compounds, they may also fill the requirement of ‘repeated’ configuration bits, where different configurable things have the same layout (listen ports for auth and resolver, to name one). Another thing that is sorely lacking is diffs. We also need a more generalized way of checking them, and recover from errors. But there is probably much, much more.
2280 defect 1348244167352358 1348244167352358 dhcp medium UnAssigned tomek DHCP Outstanding Tasks new Subnet/Pool collections should be ordered by first address Performance improvement.

See Shephen’s comment (comment:7:ticket:2238) about ordering subnet6. The same principle applies to Pool6, Subnet6, Pool4 and Subnet4.
2283 task 1348295723628260 1394117057886307 b10-auth medium jinmei DNS Outstanding Tasks new [meta] avoid using getName() and getRdataIterator() for in-memory In the new version of in-memory data source `RRset::getName()` and
`RRset::getRdataIterator()` are more expensive than the generic
versions. So we’ll need to allow specialization for the in-memory
data source where we can skip these expensive methods in the query
processing.

The basic idea is to extend the finder context class so it will have
specific methods for these cases, and implement optimized in-memory
version.

We can do this incrementally.

The specific tickets are:
- (This won’t work) #2060 ZoneFinder::Context::getAtOrigin, #2284 for in-memory
- #2309 define ZoneFinder::findAtOrigin(), #2310 for in-memory
- #2058 ZoneFinder::Context::getDelegationProof, #2286 for in-memory
- #2056 ZoneFinder::Context::getNegativeProof, #2336 and #2337 for in-memory
- #2057 ZoneFinder::Context::getWildcardProof, #2288 for in-memory
- #2059 ZoneFinder::Context::getSynthesizedCNAME, #2287 for in-memory
2286 task 1348295990912804 1394117069998309 b10-auth medium jinmei DNS Outstanding Tasks new in-memory version of ZoneFinder::Context::getDelegationProof See #2283 and #2058.

This is the optimized version of #2058.

Depends on #2058, and on completion update auth Query::process().
2287 task 1348296076724293 1394117088223823 b10-auth medium jinmei DNS Outstanding Tasks new in-memory version of ZoneFinder::Context::getSynthesizedCNAME See #2283 and #2059.

This is the optimized version of #2059.

Depends on #2059.
2288 task 1348296135092736 1394117098567268 b10-auth medium jinmei DNS Outstanding Tasks new in-memory version of ZoneFinder::Context::getWildcardProof See #2283 and #2057.

This is the optimized version of #2057.

Depends on #2057.
2293 defect 1348586476831646 1352377040906624 build system medium UnAssigned jreed new solve frequent BenchMarkTest.run failures We have had near 100 timing failures in BenchMarkTest. This is on virtual machines: FreeBSD, NetBSD, and Debian5 (but none of the other VMs) and on physical Solaris Sparc machine (but no other physical systems).

Here is an example:


[ RUN ] BenchMarkTest.run
benchmark_unittest.cc:119: Failure
Expected: (sleep_time + duration_margin) > (bench.getDuration() * ONE_MILLION), actual: 75000 vs 75077
benchmark_unittest.cc:125: Failure
Expected: ((sleep_time + duration_margin) / static_cast(sub_iterations)) > (bench.getAverageTime() * ONE_MILLION), actual: 3260.8695652173915 vs 3264.217391304348
benchmark_unittest.cc:128: Failure
Expected: (static_cast(sub_iterations) / (sleep_time + duration_margin)) < (bench.getIterationPerSecond() / ONE_MILLION), actual: 0.00030666666666666668 vs 0.00030635214513099882
[ FAILED ] BenchMarkTest.run (129 ms)


Let’s rework this so BenchMarkTest.run does not fail like this anymore.
2294 task 1348645424320065 1352377071334219 xfrout medium vorner new Lettuce test for long-running xfr-out It turned out in #2222 that it’s hard to test the fact that statistics number
of currently running transfers is incremented when the transfer starts and then
decremented after the transfer.

We need a support to have a longer-running transfer. The proposal is to have
larger zone and a client that starts the transfer, but does not eat the data
off the TCP connection, so the buffers fill. We then can wait as long we need
to check the statistics counters.

This capability could be used for more things than just that, for example, we
could try running more transfers in parallel.
2295 defect 1348705901541729 1352377091964987 data source medium jinmei new clarify the semantics of datasrc/memory/ZoneData::isSigned() Currently, different parts of the in-memory data source related
classes use different semantics:

- the zone loader (memory_client.cc) set it to true when it adds
NSEC/NSEC3 or NSEC3PARAM RRs to the zone
- the zone finder implementation considers the zone is “NSEC3 signed”
regardless of the value of “is signed” flag (so the zone loader
behavior for NSEC3/NSECPARAM is meaningless)
- in the zone data documentation, it’s (intentionally) left open, but
hinted as if it means the zone has a DNSKEY RR (at the origin).

The difference is not an immediate issue, but when we support
incremental zone signing or migration between NSEC and NSEC3, there
can be an intermediate state where the zone should rather be
considered “unsigned” even if it contains some NSEC or NSEC3 RRs.
And then the difference and the current assumption may cause real
troubles.

So my suggestion is to adopt the hint policy in the zone data
documentation: set the “signed” flag of zone to true iff the has a
DNSKEY RR at the origin (and make sure this condition is preserved
when we add incremental zone updates). The zone finder implementation
should check both “signed” and `isNSEC3Signed()` conditions to set the
“NSEC3 signed” flag.
2296 defect 1348751559318985 1355231529482491 statistics low jreed jreed assigned b10-stats-httpd reset when missing files I will have to research further, but when b10-stats-httpd was missing some file, it didn’t respond via HTTP and connection was just reset. It should at least provide some http error code or some friendly message.

Nothing was logged about it. In fact, I have no stats logging. So it should log when missing file too.
2303 task 1349155518681419 1352385934219841 build system medium UnAssigned jinmei new disable generating static link library objects (.a’s) because BIND 10 generally relies on dynamic links (and some only work
with dynamic links, such as loadable modules).

Building library objects for static links and using it for tests have
been known to be useful for finding some kinds of bugs, so I think it
still makes sense to keep the mode of generating .a’s, but the default
should probably be better to be changed.

I’ve not confirmed that myself, but there’s a suggestion of adding
this to configure.ac:

LT_INIT([disable-static])

2308 task 1349301567802181 1356550999624950 Unclassified medium jreed new [meta] beta ticket This ticket is to track other tickets toward the first production release. (As discussed on http://bind10.isc.org/wiki/WeeklyMinutes20121003 — actually one day earlier.) Add ticket numbers as needed for the following:

* #2368 complete and generic zone file parser and loader This is the most feature that we will put into the beta

* docs: how to run unittests and more about lettuce tests (we don’t release lettuces tests currently, they are only in repos); see #2341

- #2305 bindctl documentation also document that bindctl is a low-level interface and that we plan a more intuitive simple interface too?

- Upgrade docs (how to restart)

- document what is not “production quality”

- document if dhcp is supported, or where should be used (and how)

- #2306 document “execute”

- quick start guide — update it

- #1044 ssl cert generation

- #1622 logging still in multiple files after rotation document we need a certain log4cplus minimum version? configure abort or complain if old version?

- #1190 output or logging from msgq
maybe stick in separate log file?

- get rid of any asserts during shutdown

- #1049 get rid of kill 9 during shutdown

#1858 sockcreator still running (after bind10 not running) or hanging

- #2367 select features to build and install

- #1901 (and ?) consistent naming, like Auth or auth or b10-auth; and plugin spec files that don’t match feature names; boss or Boss or “bind10”.

- #1898 bind10 logging should go to configured logger

- #680 awkward [TEMP MESSAGE] from bindctl

The following items would be great to have, but are very unlikely to be done before the beta & subsequent release:

* UI improvements? need refactoring/rewriting of internal code there

* #2256 SQL database backend

* BIND 9/10 configuration interoperability

- #2307 perfdhcp manual

- system/architecture documentation (not user) — need to decide

- versions for components — remove them? or update them currently we just ignore the versions
what are the values of the separate versions?
if just is a release version, confusing to bump for no reason (if no code changed)
if do ship independently, having versions may or may not be good
bump all versions?
ask the list (the would be users) …

- #2255 get rid of multiple data source configurations (also see #2261)

- #1351 get rid of multiple TSIG configurations (also see #2262)
2328 task 1349493491373965 1349493920215789 Unclassified medium jinmei new Designing incremental updates to in-memory zone data We need to extend the in-memory data source implementation so we
can incrementally update existing data after DDNS or IXFR-in.
Several things have to be considered:

- “merge” and “subtract” interface for `RdataSet`. Regarding merge,
we also need to avoid having duplicate RDATAs.
- removing names from `DomainTree`
- making sure a name is removed from `DomainTree` when all its `RdataSet`s
are removed
- inter module protocol for updates (in particular, DDNS/xfrin and auth)
- extend `datasrc::ClientList` class to support updates
- update auth/DDNS/xfrin to implement these
- (there should be more)

The goal of this ticket is to have these discussions, led by someone
with initial proposals, and create specific development tickets.
2329 task 1349494343760692 1352386404688231 data source medium jinmei new SQL schema update design We recently had a discussion of updating the DB schema for SQL-based
data sources, mainly for performance reasons.

We’ll need to have discussions on more specific ideas, and (if we
agree on the need for some change) create tickets for actually
updating it.

But it doesn’t make much sense to have this discussion without knowing
performance requirements. This should be clarified first.
2330 task 1349494768880002 1349494768880002 data source medium jinmei new design of “zone table” APIs We need to define a set of additional interfaces to manipulate
(conceptual) “zone tables”, which include:

- interfaces for adding/deleting a specific zone in the underlying data
source
- getting a full list of zones (of a specific class, maybe) of the
underlying data source
- if we store more attributes of zones in the underlying data source
(e.g., whether it’s primary or secondary, in case of secondary a
list of primary servers, etc), interfaces for getting access to or
updating these

The goal of this ticket is to have discussions on these topics, maybe
led by someone with initial proposals, and create specific development
tickets.
2333 task 1349500109643077 1349500109643077 data source medium jinmei new add tests about type NSEC query at a parent zone cut See this thread
http://www.ietf.org/mail-archive/web/dnsext/current/msg12756.html

The BIND 10 implementation (either from in-memory or database) always
returns the referral, just like other ordinary types.

It’s still not clear (to me) what the server should do, but the
sense seems to be “it’s implementation dependent”. Assuming that’s
the consensus, this ticket is to add some unit (and maybe system)
tests to explicitly confirm the behavior, and describe why we behave
that way somewhere.
2334 task 1349500313336605 1349500313336605 data source medium jinmei new MySQL data source (client) design This is MySQL variant of #2256, depending on which one we implement
first.

We first need actual user requirements though. Designing DB backend
details without knowing them would be a waste of time.
2336 task 1349502093415262 1349502290213025 data source medium jinmei new in-memory version of ZoneFinder::Context::getNegativeProof, NSEC case See #2283 and #2056.

This is the optimized version of #2056, only for the NSEC part.

When the zone is NSEC3 signed, simply forward the processing
to the default method implemented in #2056 until we complete
the NSEC3 part of the optimization (#2337).
2337 task 1349502257628406 1349502257628406 data source medium jinmei new in-memory version of ZoneFinder::Context::getNegativeProof, NSEC3 case See #2283, #2056, and #2336

This is the optimized version of #2056, only for the NSEC3 part.
Depends on #2336. It completes the optimization by implementing
the NSEC3 part and using that instead of the default version.

2338 defect 1349635009931702 1352389395354184 data source medium muks new Add tests for ZoneDataUpdater Bug #2268 introduced the `ZoneDataUpdater` class. It did not add tests as these are covered already by `InMemoryClient`’s tests. There are many testcases to do with validation that are in `InMemoryClient`’s tests (the `ZoneDataUpdater` code used to first be a part of `InMemoryClient`).

This bug is to add direct tests for `ZoneDataUpdater` by porting all the data related tests from `InMemoryClient`’s tests.

In addition to these tests, be sure to add a test that checks that `ZoneDataUpdater::add()` throws when a NULL `ConstRRSetPtr` is passed in the `rrset` arg. This test was removed in the memory client as it’s not possible to get this condition there. But you can get this condition when directly using the `ZoneDataUpdater::add()` method.
2341 enhancement 1349687938078247 1391178713040892 documentation medium fdupont new lettuce doc About lettuce:
- it is not included into dev distribs (I can’t see a good reason?)

- the documentation must stress the fact it is a python2 (vs python3)
tool (BTW with botan build it gives a second dependency on python2)

- it requires the ~/.bind10/default_user.csv either install explicitely
(from tests/system/common) or by a call to bindctl

I propose to include the last two points into the lettuce doc.
2343 task 1349696498818998 1352471972382693 dhcp4 medium stephen DHCP Outstanding Tasks new Delayed-ack for IPv4 DHCP Server To avoid the bottleneck concerned with disk accesses, ACKs back to clients will be queued. Only when the database update for a batch of ACKs has been committed will they be sent.

This is essentially an implementation of the ISC DHCP “delayed-ack” feature in Kea.
2344 task 1349696556430671 1352472031375212 dhcp6 medium stephen DHCP Outstanding Tasks new Delayed-ack for IPv6 DHCP Server Implementation of #2343 but for IPv6
2345 enhancement 1349696671719426 1397640730796484 dhcpdb low stephen DHCP Outstanding Tasks new Expired lease housekeeper routines Leases in the database have an expiry time. Rather than have the server processes worry about them, a separate “housekeeper” process will run periodically and deleted expired leases.

Depending on the approach, this will be a separate process or periodically called routine in the main process (or both, depending on configuration).
2346 defect 1349790997987212 1349791038429087 dhcpconf medium tomek DHCP Outstanding Tasks new DHCP CfgMgr: sanity checks Add checks that forbid:

- adding pools to a subnet that overlap with other pools
- adding subnets to CfgMgr that overlap with existing subnets
2350 task 1349803363313998 1349803363313998 documentation medium tomek DHCP Outstanding Tasks new Define a framework for unit-test documentation Many unit-tests lack description of their scope and purpose. It would be useful to have a consistent way to document them.

One simple approach to that problem is to define a macro that will call TEST and TEST_F macros from gtest, but will take additional parameter(s).

Such additional parameter would be test description.
Another parameter to consider would be the component the test is covering (auth, resolver, dhcp4, dhcp6 etc.)

With such extension, it would be possible to write a script that will parse all unit-test code and generate test report. Together with GTEST_OUTPUT=xml:results.xml passed to unit-tests, it would allow us to generate a proper test report that could be further processed.
2351 enhancement 1349816754827449 1350004645365372 build system low UnAssigned fdupont new src/lib/exceptions WIN32 port src/lib/exceptions (include its tests subdir) WIN32 port.
Note this will be mainly about the win32build stuff as the port is nearly trivial.

(please:
- include it into a sprint as soon as it is ready
- assign a reviewer)
2352 defect 1349882126257390 1349889953030269 dhcp6 medium tomek DHCP Outstanding Tasks new Improve DUID handling 1. Implement OptionDUID class and start using it for client-id and server-id
2. Support other DUID types
3. Improve src/lib/dhcp/tests/duid_unittest.cc to cover data in LLT and LL formats.

The code from Dhcpv6Srv::setServerID() in src/bin/dhcp6/dhcp6_srv.cc can be refactored/reused.
2354 defect 1349956974347120 1349957000488054 dhcp very low tomek DHCP Outstanding Tasks new Implement DUID-based client-id for DHCPv4 We may want to implement client-id based on DUID (RFC4361).

See [comment:7:ticket:2140 Shawn’s comment].
2358 defect 1350341323876465 1350341557789119 logging medium jinmei new DBGLVL_xxx should be in .cc, and in specific name space `DBGLVL_xxx` constants defined in log_dbglevels.h break a couple of
fundamental rules of C++.

- It shouldn’t be in unnamed namespace (`namespace {}`). Having it in
a shared header file easily leads to breaking the one definition
rule.
- It shouldn’t be defined in the header file. Since they are
constants smart linkers may avoid generating duplicate copies, but
as far as I know it’s not guaranteed by the language.

Solution is easy:

- Declare them in a specific namespace, like isc::log
- Only declare them in the header file; define them in a separate .cc:

#cpp
// in log_dbglevels.cc
const int DBGLVL_START_SHUT = 0;

2359 defect 1350368392771235 1350368392771235 build system medium UnAssigned jinmei new restruct libb10-util In #1870, I noticed only buffer.h from lib/util (headers) was really
necessary to build sample b10-host program. Some others are used
internally in libb10-dns, but I suspect many others are not
necessary. In particular, it shouldn’t need interprocess locks
or memory segment stuff.

Since we’ve been wanting to make dns
as standalone as possible it’s
not really a good trend.

I suggest we reorganize lib(b10)util as follows:

- libb10-util: containing minimal set that is necessary to be
published
- libb10-util-internal (or something): all others

Further, I suggest merging libb10-exceptions to libb10-util. Now that
having generic “util” library, which would be needed to be linked
for any BIND 10 related programs I don’t see advantage of keeping the
very tiny separate library for the exception definitions.

And, if possible, I suggest we revisit the current way of creating
ad hoc sub libraries like util-io or util-thread, clarifying the
categorization policy (and document it). But that would be a topic of
a separate ticket.
2362 task 1350493197895896 1352389532432683 Unclassified medium jreed new add system test to load a simple zone into sqlite3 and then query in it Add lettuce test to load a simple zone into sqlite3 and then query in it.
2368 task 1350624854745111 1358891183357441 Unclassified medium jinmei new [meta] complete and generic zone file parser and loader This will eventually replace b10-loadzone and revise dns
masterLoad.

In the very initial phase, I propose introducing a generic lexer and
master file parser using the lexer. The parser initially only handles
a limited set of entire syntax. Then update the data source loader
and b10-loadzone using them. In the next phase we’ll support
more variations of master file syntax .

For the initial phase, we’ll need to do:
- generic lexer: #2369, #2370, #2371, #2372, #2373, #2375,
- generic parser: #2376, #2377
- zone loader: #2378, #2379, #2380

Absolute minimum for the beta release:

- all of the “initial phase” tasks listed above
- `MasterLoader` enhancements: #2427, #2428, #2429, #2431
- rdata updates: #2382, #2442, #2497, #2498 , #2523)
- in-memory load extensions : #2470
- datasrc updates: #2541, #2542

Possible bonus features for beta. Either of the following two:
- basic zone validation: #2432, #2433, #2435, #2436, #2499
- in-memory load extensions : #2440, #2441

Or maybe consider for small visible enhancements: #2518, #2519, #2520

Post beta features:
- other libdns
objects updates: #2383 (more important/urgent), #2384, #2381 (less important), #2518, #2519, #2520, #2534
- complete rdata updates: #2386(NSEC,DS), #2387(DNSKEY,NSEC3,NSEC3PARAM), #2389(A,AAAA), #2390(NS,MX,PTR), #2391(AFSDB,DLV), #2426(generic), #2521(RRSIG, DHCID, OPT), #2522(RP, MINFO, TSIG), #2656(CNAME,DNAME,SRV)
- advanced `MasterLoader` feature: #2430 ($GENERATE)
- advanced zone validation: #2434
- zone validation after xfrin: #2437, #2438, #2439
2394 defect 1350680533360621 1352900214403596 Unclassified medium jinmei new clarify the use case for some basic exceptions As discussed in #2207 (see, e.g., the relevant part of
http://bind10.isc.org/ticket/2207#comment:14), it the intended usage
of the some exceptions defined exceptions/exceptions.h
doesn’t seem clear and different developers use it for different
purposes.

That’s particularly so for `Unexpected`. When I first introduced it
(I believe it was me who added it), I intended it to mean really
“exceptional” events where we’d rather assert() the condition. An
example (not limited to that) would be failure of some system level
API that would basically be expected to succeed. Another case is an
indication of inconsistent state of a class but when we cannot 100%
eliminate the possibility that it’s triggered by a (misbehaving)
application. Something like `Unexpected` tends to be a kitchen sink
(after all, any exception should generally indicate an “unexpected”
event, isn’t it?), so I wanted to limit the use case of it.

Whether or not this intent makes sense, the reality in our code is
that it’s used for other purposes like when an application passes a
NULL pointer when it shouldn’t. So, there’s at least some confusion
here.

The bottom line goal of this ticket is to document the intended
purpose of `Unexpected`. If there are other confusing exception
types, we should also clarify it in documentation.

Then, my personal proposal for `Unexpected` is the one I originally
intended as described above. But we can discuss that.

I also suggest unifying `InvalidParameter` and `BadValue` in this
ticket. I don’t remember how we end up having these two, but it
doesn’t make sense to me to separate these cases (I actually don’t
even understand what’s the difference between these).
2395 defect 1350932119567239 1394117303087834 b10-auth medium jinmei DNS Outstanding Tasks new introduce a simpler way of using faked data source from auth tests Some of the current tests in auth_srv_unittest tweaks existing
data source clients by bruteforcing its contents (using the
`getDataSources()` interface and directly rewrites the internal).
IMO it relies too much on the internal of data source clients and
makes both the class and tests fragile. For tests of client-list
itself it might be considered a necessary evil, but for tests of their
users I think it goes too far.

This also one major reason we currently need (in #2211, hopefully soon
in master) the `swapDataSrcClientLists`, which also makes the
`DataSrcClientsMgr` integrity weaker. It’s also the reason why we
need to return a shared pointer from
`DataSrcClientsMgr::Holder.findClientList()` (because this test
internally destroys the original due to the brutteforce replacement)
even though it could return a bare pointer based on its nature.

What we actually need is, IMO, a cleaner way for tests like
`AuthSrvTest` to use some faked data source clients (e.. one that
throws on `findZone()`, instead of relying on the low level internal
details of the client list implementation.

This task is to design such a way and implement it.
2397 task 1351014426324480 1352900273164276 data source medium jelte new exception hierarchy within datasources
In #2210, we discovered we could use an exception hierarchy (or at the very least a clear distinction) within datasources, mainly to distinguish between configuration problems, setup problems (config ok but something is wrong, like bad connection or inconsistent data), and internal problems such as bugs. Right now most of it is generalized into the DataSourceError.

This may also be related to zone loading.
2399 defect 1351049559561246 1352092606869957 logging medium jinmei new make Logger::getLoggerPtr() thread safe If I understand it correctly, the delayed initialization of
the `Logger` class is not thread safe:
#!cpp
LoggerImpl* getLoggerPtr() {
if (!loggerptr_) {
initLoggerImpl();
}
return (loggerptr_);
}


initLoggerImpl() could be called by multiple threads at the same time,
and due to this:

#!cpp
void Logger::initLoggerImpl() {
if (isLoggingInitialized()) {
loggerptr_ = new LoggerImpl(name_);
} else {
isc_throw(LoggingNotInitialized, “attempt to access logging function”
“before logging has been initialized”);
}
}

creating `LoggerImpl` could be done multiple times.

(btw: the implementation of isLoggingInitialized could also be
controversial, but this is probably safe in practice due to the
assumption of initLogger()).

The (bad) effect of this is probably not catastrophic: maybe it’s just
losing some fixed (and small) amount of memory in the worst case, at
least in practice. But I may be wrong, and in any case such leak
isn’t good anyway.

One way of fixing this would be to introduce some global mutex that is
initialized at the time of initLogger(), and do something like this:
#!cpp
if (isLoggingInitialized()) {
Locker locker(the_global_mutex);
if (loggerptr_ == NULL) {
loggerptr_ = new LoggerImpl(name_);
}

2400 defect 1351050190372171 1394117313724402 b10-auth medium jinmei DNS Outstanding Tasks new notify auth::DataSrcClientsMgr when the builder thread dies Currently, there’s no effective way to notify the main thread of
b10-auth that runs the `DataSrcClientsMgr` object when the separate
thread running `DataSrcClientsBuilder` object dies due to an
unexpected exception. This is not good: the auth server keeps running
with older zone data without noticing it, and the communication queue
is growing.

So the current implementation takes a harsh way: the builder thread
terminates the entire process by `assert(false)`. This is still
suboptimal.

We should provide a way to notify the main thread when the builder
thread needs to terminate itself due to an unexpected exception.
My current idea is something like this:

- introduce another shared variable (of boolean), say, builder_ok_.
it’s a member of the manager, set to true initially, and its pointer
will be passed to the builder.
- on unexpected termination, the builder sets it to false. (this
could be protected by a mutex, but that’s not absolutely necessary)
- the manager checks variable every time it sends a new command to the
builder or allow the application to access the client lists via the
holder. If the value has been changed to false, it takes an
appropriate action (in practice, it would throw a fatal exception to
terminate the process anyway).
2401 task 1351050568839511 1394117111284765 b10-auth medium jinmei DNS Outstanding Tasks new synchronous communication between DataSrcClientsMgr and DataSrcClientsBuilder I think we need to provide a “synchronous mode” of command exchange
between the `auth::DataSrcClientsMgr` and `auth::DataSrcClientsBuilder`
classes.

Test and benchmark code will need this for deterministic behavior,
and I guess in some cases the main auth server will need it. For
example, in the very initial startup it may rather block than
prematurely returning REFUSED to all queries.

One possible approach is to introduce sequence numbers for commands
and another communication queue between the manager and builder. When
the manager wants a specific command to be done in the synchronous
mode, it sends it to the builder with a valid (non 0 or something)
sequence number. If a command has a valid sequence number, the
builder notifies the manager of its completion via the separate queue
with that number (and probably some result code).
2402 enhancement 1351081352160614 1352907454056092 Unclassified medium fdupont fdupont new split cryptolink sign/verify As discussed in the bind10-dev mailing list, PKCS!#11 and some other crypto libraries make a difference between a context for a signing or for a verify operation, so typically the update() function has two different and incompatible instances.
There are two ways to fix this in crypto link:
- the hard/heavy but statically checked way by split classes into a verify and a sign variants
- the soft but dynamically checked way but just adding a 2 item enum about the expected operation
The bind 9 PKCS!#11 only experiment showed the second/soft way is enough.
2403 task 1351084699857220 1369645377203862 documentation medium stephen DHCP Outstanding Tasks new Provide developer documentation for DHCP MySQL back end Need to provide some developer documentation for the DHCP MySQl backend.
2405 enhancement 1351113196187775 1351113196187775 dhcp medium stephen DHCP Outstanding Tasks new Extend Lease4/Lease6 classes with checks on valid data The Lease4/6 classes are current “structs”. They should be promoted to classes and access to the members concealed behind methods, to allow for the checking of data being put into the class.
2406 enhancement 1351167511983747 1397640667196087 Unclassified low fdupont fdupont Common Outstanding Tasks new alternative crypto provider A ticket for my own R&D/learning.
The idea is to replace Botan by another crypto provider. Of course it is easier today with only HMAC then it will be with RSA & co.
2407 defect 1351177344496958 1352902326530476 bind-ctl medium jreed new quit should work for bind10 even if no logged in I had a bindctl running. I guess at some point it became disconnected but I didn’t know. Anyways I typed “quit” at its prompt“


> quit
Error reading saved username and password from /home/jreed/.bind10/default_user.csv: [Errno 13] Permission denied: ‘/home/jreed/.bind10/default_user.csv’
[TEMP MESSAGE]: username :root password :bind10
Username:


So I log in again and it does quit (Exit from bindctl) automatically.

Please ignore the context of the problem with no default user/password saved. I understand that. But it does provide a way to show the problem.

Please allow a”quit" in bindctl to quit bindctl without the round-trip to cmdctl (and beyond).
2408 defect 1351177556434480 1352902335254225 bind-ctl medium jreed new tab completion not working for named_set Tab completion here does not work:

config show data_sources/classes/IN

Even if I type “[” or “[0” it does not work.

I expect it to show me IN[0]. Same problem with CH.

I don’t see the problem with Logging/loggers — it adds [0] automatically.
2411 defect 1351264422812210 1352910014733868 build system medium UnAssigned jreed new BIND 10 build doesn’t find and link to Valgrind library The valgrind runs on the centos system didn’t HAVE_VALGRIND_HEADERS.

This ticket is to do one of the following:


add —with-valgrind-include=PATH option

or include the huge valgrind.h file in the bind10 tree (please do not!)

or do not use the valgrind macros and just use a SKIP_DEATH_TESTS environment variable (such as LETTUCE_SETUP_COMPLETED).

I file this as a defect since some failures reported by valgrind builder.
2413 defect 1351511664829597 1368439375765197 dhcp medium stephen DHCP Outstanding Tasks new Handle time overflow in lease structures Currently the cltt in a lease structure is expressed as a time_t, and the valid lifetime field as a uint32_t. The expiration time of the lease is stored in the database and is calculated as

expiration = cltt + valid_lifetime

With no restriction on valid_lifetime, it is easy for the time calculation to overflow. (On a 32-bit system, time_t is 32-bits).
2419 defect 1351689998333770 1373457948889567 configuration medium UnAssigned tomek assigned ConfigData::getFullConfig() should return child elements content ConfigData::getFullConfig() currently returns only list of elements on top level, but it should return all child elements as well. This will likely be trivial to implement as stringValue() -> str() change.
2423 defect 1351795830694974 1352910036776504 Unclassified medium jreed new log4cplus threads and python Segmentation fault in notify_out_test.py On three NetBSD 6.0 systems, when log4cplus-1.1.0 is built with threads (the default) it fails like:


Running test: notify_out_test.py
…………..[1] Segmentation fault (core dumped) PYTHONPATH=/home…
* Error code 139


For example:
http://git.bind10.isc.org/~tester/builder/BIND10/20121030163907-NetBSD6-i386-GCC/logs/unittests.out

This happens with python31 and python32. Here is a backtrace:



Core was generated by `python3.2’.
Program terminated with signal 11, Segmentation fault.
#0 0xbae55082 in std::string::assign(char const*, unsigned int) ()
from /usr/lib/libstdc.so.7
bt
#0 0xbae55082 in std::string::assign
from /usr/lib/libstdc
.so.7
#1 0xbb0721a1 in
log4cplus::detail::clear_tostringstream(std::basic_ostringstreamstd::char_traits, std::allocator >&) ()
from /usr/pkg/lib/liblog4cplus-1.1.so.5
#2 0xbb072285 in log4cplus::detail::get_macro_body_oss() ()
from /usr/pkg/lib/liblog4cplus-1.1.so.5
#3 0xbb242dfd in isc::log::LoggerImpl::outputRaw (this=0xba75b500,
severity=0xba3ff444, message=...) at logger_impl.cc:141<br>#4 0xbb241854 in isc::log::Logger::output (this=0xbb5e5b20, <br> severity=0xba3ff444, message=…) at logger.cc:129
#5 0xbb81b451 in ~Formatter (this=0xba3ff440, in_chrg=out>)
at ../../../../../src/lib/log/log_formatter.h:167
#6 ::Logger_performOutput:log::Logger>,
boost::mfi::mf1,
isc::log::Logger, char const* const&>,
boost::
bi::list2, boost::arg<2> >
> > at log.cc:538
#7 0xbb81bd1f in ::Logger_info
at log.cc:581
#8 0xbbabf054 in PyCFunction_Call from
/usr/pkg/lib/libpython3.2.so.1.0
#9 0xbbb121ed in PyEval_EvalFrameEx from
/usr/pkg/lib/libpython3.2.so.1.0
#10 0xbbb12066 in PyEval_EvalFrameEx from
/usr/pkg/lib/libpython3.2.so.1.0
#11 0xbbb13ba1 in PyEval_EvalCodeEx from
/usr/pkg/lib/libpython3.2.so.1.0
#12 0xbbaad599 in function_call from /usr/pkg/lib/libpython3.2.so.1.0
#13 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0
#14 0xbbb10e93 in PyEval_EvalFrameEx from
/usr/pkg/lib/libpython3.2.so.1.0
#15 0xbbb12066 in PyEval_EvalFrameEx from
/usr/pkg/lib/libpython3.2.so.1.0
#16 0xbbb12066 in PyEval_EvalFrameEx from
/usr/pkg/lib/libpython3.2.so.1.0
#17 0xbbb13ba1 in PyEval_EvalCodeEx from
/usr/pkg/lib/libpython3.2.so.1.0
#18 0xbbaad4b1 in function_call from /usr/pkg/lib/libpython3.2.so.1.0
#19 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0
#20 0xbba9d195 in method_call from /usr/pkg/lib/libpython3.2.so.1.0
#21 0xbba8a08c in PyObject_Call from /usr/pkg/lib/libpython3.2.so.1.0
#22 0xbbb0c381 in PyEval_CallObjectWithKeywords
from /usr/pkg/lib/libpython3.2.so.1.0
#23 0xbbb445c8 in t_bootstrap from /usr/pkg/lib/libpython3.2.so.1.0
#24 0xbba514ea in ?? from /usr/lib/libpthread.so.1
#25 0xbb968ea0 in
_lwp_park50 () from /usr/lib/libc.so.12
#26 0xba200000 in ?? ()
#27 0xbbac0b2e in PyObject_GetAttr () from
/usr/pkg/lib/libpython3.2.so.1.0
#28 0xbbb0dd30 in PyEval_EvalFrameEx () from
/usr/pkg/lib/libpython3.2.so.1.0
#29 0xbb99487b in free () from /usr/lib/libc.so.12
#30 0xbbb44058 in PyObject_GC_Del () from
/usr/pkg/lib/libpython3.2.so.1.0
#31 0xbbaac830 in PyFrame_BlockPop () from
/usr/pkg/lib/libpython3.2.so.1.0
#32 0xbb9925b0 in ?? () from /usr/lib/libc.so.12
—Type to continue, or q to quit—
Backtrace stopped: previous frame inner to this frame (corrupt stack?)


This problem does not happen with log4cplus-1.0.4 nor when log4cplus-1.1.0 is built —without-threads.

I do not see the problem on a FreeBSD system.

I first brought this up on mailing list; here is the thread: https://lists.isc.org/pipermail/bind10-dev/2012-October/004011.html
2424 defect 1351796004415290 1355230432630181 Unclassified medium jreed new seg fault in src/bin/auth/tests On my NetBSD 6.0 system with log4cplus 1.1.0 built —without-threads (see #2423), sometimes make check fails in src/bin/auth/tests/.

One example is:

[ RUN ] AuthSrvTest.DDNSForwardClose
log4cplus:ERROR Error in strftime(): 0
[1] Segmentation fault (core dumped) B10_FROM_BUILD=/…
* Error code 139


It has also failed in AuthSrvTest.DDNSForwardCreateDestroy and also failed when all tests complete. It cored about 7 out of 45 tries.

Here is a backtrace:


Reading symbols from /home/reed/work/isc/bind10/git/bind10-CLEAN/src/bin/auth/tests/.libs/run_unittests…done.
[New process 77]
[New process 76]
[New process 1]
Core was generated by `run_unittests’.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5
(gdb) bt
#0 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#1 0x00007f7ff48413ac in ?? () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#2 0x00007f7ff4841c80 in ?? () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#3 0x00007f7ff4841ebb in log4cplus::PatternLayout::formatAndAppend(std::ostream&, log4cplus::spi::InternalLoggingEvent const&) ()
from /usr/pkg/lib/liblog4cplus-1.1.so.5
#4 0x00007f7ff482de6a in log4cplus::FileAppender::append(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#5 0x00007f7ff482554c in log4cplus::Appender::doAppend(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#6 0x00007f7ff48223be in log4cplus::helpers::AppenderAttachableImpl::appendLoopOnAppenders(log4cplus::spi::InternalLoggingEvent const&) const ()
from /usr/pkg/lib/liblog4cplus-1.1.so.5
#7 0x00007f7ff483b613 in log4cplus::spi::LoggerImpl::callAppenders(log4cplus::spi::InternalLoggingEvent const&) () from /usr/pkg/lib/liblog4cplus-1.1.so.5
#8 0x00007f7ff540e78c in isc::log::LoggerImpl::outputRaw (
this=0x7f7ff7b56580, severity=, message=)
at logger_impl.cc:141
#9 0x000000000042ed88 in ~Formatter (this=0x7f7ff13ffa00,
in_chrg=) at ../../../../src/lib/log/log_formatter.h:167
#10 isc::auth::datasrc_clientmgr_internal::DataSrcClientsBuilderBase::run
at ../../../../src/bin/auth/datasrc_clients_mgr.h:473
#11 0x00007f7ff32086ba in operator
at /usr/pkg/include/boost/function/function_template.hpp:760
#12 isc::util::thread::Thread::Impl::run
at thread.cc:71
#13 0x00007f7ff2609d75 in ?? from /usr/lib/libpthread.so.1
#14 0x00007f7ff1a759f0 in
_lwp_park50 () from /usr/lib/libc.so.12
Cannot access memory at address 0x7f7ff1400000
(gdb) info threads
Id Target Id Frame
* 1 LWP 1 0x00007f7ff484c328 in log4cplus::helpers::Time::getFormattedTime(std::string const&, bool) const ()
from /usr/pkg/lib/liblog4cplus-1.1.so.5

The current thread has terminated. See `help thread’.
2425 defect 1351806520630337 1355230458867272 Unclassified medium jreed new IOFetchTest.TcpSendReceive33 failure Today, on the FreeBSD git server I hit:


[ RUN ] IOFetchTest.TcpSendReceive33
io_fetch_unittest.cc:435: Failure
Value of: result
Actual: 1
Expected: expected
Which is: 0
io_fetch_unittest.cc:450: Failure
Value of: result_buff
->getLength()
Actual: 0
Expected: return_data.size
Which is: 33
io_fetch_unittest.cc:458: Failure
Value of: equal, return_data
.end(), start)
Actual: false
Expected: true


I can not repeat it.

but looking at other failure logs, I found:

http://git.bind10.isc.org/~tester/builder/BIND10/20110511195001-NetBSD5-amd64/logs/unittests.out
http://git.bind10.isc.org/~tester/builder/BIND10/20110511195001-NetBSD5-amd64/logs/unittests.out
http://git.bind10.isc.org/~tester/builder/BIND10/20121010043500-FreeBSD8-i386/logs/unittests.out
http://git.bind10.isc.org/~tester/builder/BIND10/20121010043500-FreeBSD8-i386/logs/unittests.out

So I open this ticket.
2434 task 1351836462430077 1355230610396324 libdns++ medium UnAssigned jinmei new implement validateZone, advanced part Subtask of #2368, and part of post-load checker. Depend on #2432,
and would be better to do it after #2433.

Regarding the checks, see BIND 9’s lib/dns/zone.c:integrity_checks().

The checks include:
- out of zone owner-name
- existence of glue for each delegation NS
- same for MX, SRV

Note that this task requires `RRsetCollection`s foreach interface.
2444 task 1351838707895518 1355230678479343 data source medium jinmei new task breakdown for shared-memory and/or mmap support
2446 task 1351840432189436 1355230683505899 data source medium jinmei new task breakdown for incremental in-memory zone update so we don’t have to do full reload after IXFR-in or DDNS.
2448 task 1351848128308568 1355384003065505 build system medium UnAssigned jelte new configure.ac missing checks for —enable-generate-docs This is really mostly only relevant for devs updating documentation, but the configure checks done when doing —enable-generate-docs have some room for improvement:

on debian, if you do —enable-generate-docs, but don’t have the ‘xmlto’ package installed, you get a rather cryptic error (I had only installed docbook and xsltproc initially):


checking for xsltproc… /usr/bin/xsltproc
checking if /usr/bin/xsltproc works… I/O error : Attempt to load network entity http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl
warning: failed to load external entity “http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl”
cannot parse http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl
configure: error: “Error with /usr/bin/xsltproc using release/xsl/current/manpages/docbook.xsl”


Also, elinks is needed in the build process

we probably want a few checks for both of these in configure.ac :)
2452 enhancement 1351849300525441 1353959324159342 Boss of BIND medium shane new Deal with persistent instistence that we have a deamon mode Jeremy keeps complaining because we don’t daemonize. We’ve discussed this several times at great length, but it seems the fact that we don’t is a real concern.

One possibility is to add a section to the documentation explaining how to run as a daemon, for example:


$ nohup bind10 >/dev/null 2>&1 &


Another possibility is for the rest of the BIND 10 team to hold me down and just implement a daemon mode while I can’t stop them. Were this to happen, we should probably use the mechanism proposed in PEP 3143:

http://www.python.org/dev/peps/pep-3143/

Which will likely become a part of standard Python soonish. (For now, we can just ship the python-daemon library with our code.)
2453 task 1351851087918955 1394117121016571 b10-auth medium jelte DNS Outstanding Tasks new immediate feedback when mistyping zone name with Auth loadzone
Now that zones are (re)loaded in the background, the system may seem to succesfully load a zone when doing ‘Auth loadzone ’ in bindctl. It does log an error, but it would be much better to check immediately.

The proposal is to factor out the initial code from doLoadZone() in datasrc_clients_mgr.h, and call it both in doLoadZone, and in the loadZone that does the other checks (but only to see if the zone is known). This means doing the lookup twice, but for a loadzone command, I do not believe that this overhead is so much we should not check.

Note that the clients map probably needs to be locked.
2454 defect 1351875585562440 1355231570788842 build system very low UnAssigned jreed new ./configure —with-lcov skips gtest detection Using ./configure —with-lcov enables gtest but skips the detection so later the gtest.h header is not found.

This is low priority. The workaround is simply to use —with-gtest-source=PATH or —with-gtest=PATH
2455 defect 1351878963561794 1355232338080309 Boss of BIND medium jreed new bind10 parent should not exit if b10-auth exits with fatal This is similar to #2393.

I reproduced by “execute init_authoritative_server” and “config commit”. Due to bug #2457, b10-auth crashed. (It should not have. That is #2393.)

This ticket is so bind10 boss should not exit either.
2457 defect 1351879118611991 1355230911686057 data source medium jreed new in-tree b10-auth fails due to missing static.zone Running run_bind10.sh and bind10 is not installed and starting auth server, I received:


2012-11-02 10:45:24.969 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Unknown uncaught exception from static createInstance: Failed to open master file: /Local/Users/jreed/opt/bind10/share/bind10-devel/static.zone: No such file or directory


This is basically the same as #2159. Make sure when running in-tree it can access static zone.

Also this should not be fatal — missing access to a zone file should not crash b10-auth and bind10. That is tickets #2393 and #2455 respectively.
2460 defect 1351998161796609 1392812501652178 data source high jinmei DNS Outstanding Tasks new make ConfigurableClientList::getCachedZoneWriter thread safe This is a continuation of #2459.

While the suggested solution in #2459 solves the immediate problem by
a relatively simple patch, it’s suboptimal performance-wise because
getCachedZoneWriter() involves expensive DB accesses several times,
some may be even blocking: one is findZone(), and the other is
getIterator(). The latter is especially problematic in that it opens
a new DB connection.

Fortunately, getIterator() itself should be thread safe as long as
`DatabaseAccessor::clone()` of the underlying DB accessor
implementation is thread safe (which is the case for our SQLite3 version).

So my suggested better (but requiring larger changes) solution is as
follows:

- extend `ConfigurableClientList` so the caller can know if a
specified zone is “cached” (and no, I don’t like to use
`getDataSources()` for this purpose. IMO it discloses too much
internal details of the class and restricts future changes of the
implementation). One possibility is to extend find() (like
extending exact_match_ to a generic flags).
- revise getCachedZoneWriter() so it only looks for in-memory data
sources. findZone() on in-memory data source should be thread safe,
so there’s no risk of race here. We’ll need to extend
findInternal() a bit to make this possible.
- in b10-auth (or any other possible user of getCachedZoneWriter()),
the builder thread first checks if it really needs to do reload
using the first extension. It protects this operation by the mutex.
If it does, the builder calls the revised getCachedZoneWriter()
without the protection of mutex.
2461 task 1351999231784042 1355231026387521 data source medium jinmei new clarify thread consideration for DataSourceClient This is a related topic of #2459, at a bit higher level.

Even the issue of #2459 aside, b10-auth now breaks a design assumption
of `DataSourceClient`:
#!cpp
/// If the application uses multiple threads, each thread will need to
/// create and use a separate DataSourceClient. This is because some
/// database backend doesn’t allow multiple threads to share the same
/// connection to the database.

because it shared the same client object by multiple threads through
`ConfigurableClientList`.

But, actually, the above note may be a bit too strong. Due to the
introduction of `DatabaseAccessor::clone() and the use of it in many
of its methods (of its database version of derived class)
`DataSourceClient` should now be pretty thread safe except for
findZone(). (As noted in #2460, based on the assumption that
`DatabaseAccessor::clone()` is thread safe).

Considering these facts, I think we should revise the thread
consideration. My basic suggestion is:

- The derived class implementation must ensure all methods are thread
safe except for findZone() (and subsequent use of `ZoneFinder`)
- If `DataSourceClient` is shared by multiple threads, the application
is responsible for protecting calls to findZone() (and subsequent
use of `ZoneFinder`) by multiple threads.

On top of this, we might also make some extensions:
- introduce a thread-safe mode to findZone(). It will internally
clone() the accessor (in the case of the DB-based version).
- on the other hand, introduce a share-mode to other methods. For
example, DDNS would probably like to keep the same connection for
updating zones; it would be expensive if it needs to open a new DB
connection for every update message. It would apply to xfrin, too,
(although probably less critical, assuming xfr-in events are less
frequent).

In this ticket I suggest just making documentation clarification as
suggested above. doc for `ConfigurableClientList` should also be updated.
2466 defect 1352222250038057 1355524321407882 Unclassified medium jinmei new define public static class const integral members explicitly See http://bind10.isc.org/ticket/2371#comment:19

In summary, if we define things like this
#cpp
// in foo.cc
const int foo_const; // no need for initialization; it’s in the declaration


Note that all of “public, static, const, and integral” matter.

And we should remove some workaround we did in tests, such as that for
`Name::MAX_WIRE` in name_unittest.

From a quick grep, the candidate constants are as follows:

bin/dhcp6/dhcp6_srv.h: static const size_t MIN_MAC_LEN = 6;
lib/bench/benchmark.h: static const int TIME_FAILURE = 1;
lib/bench/benchmark.h: static const int ITERATION_FAILURE =
1;
lib/datasrc/memory/zone_data.h: static const ZoneNode::Flags WILDCARD_NODE = ZoneNode::FLAG_USER2;
lib/dhcp/duid.h: static const size_t MAX_DUID_LEN = 128;
lib/dhcp/iface_mgr.h: static const unsigned int MAX_MAC_LEN = 20;
lib/dhcp/iface_mgr.h: static const uint32_t RCVBUFSIZE = 1500;
lib/dhcp/iface_mgr.h: static const int INVALID_SOCKET = –1;
lib/dhcp/option6_iaaddr.h: static const size_t OPTION6_IAADDR_LEN = 24;
lib/dhcp/option_data_types.h: static const bool valid = false;
lib/dhcp/option_data_types.h: static const int len = 0;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 1;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 2;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 4;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 1;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 2;
lib/dhcp/option_data_types.h: static const bool valid = true;
lib/dhcp/option_data_types.h: static const int len = 4;
lib/dns/edns.h: static const uint8_t SUPPORTED_VERSION = 0;
lib/dns/labelsequence.h: static const size_t MAX_SERIALIZED_LENGTH =
lib/dns/message.h: static const uint16_t DEFAULT_MAX_UDPSIZE = 512;
lib/dns/message.h: static const uint16_t DEFAULT_MAX_EDNS0_UDPSIZE = 4096;
lib/dns/name.h: static const size_t MAX_WIRE = 255;
lib/dns/name.h: static const size_t MAX_LABELS = 128;
lib/dns/name.h: static const size_t MAX_LABELLEN = 63;
lib/dns/name.h: static const uint16_t MAX_COMPRESS_POINTER = 0x3fff;
lib/dns/name.h: static const uint16_t COMPRESS_POINTER_MARK8 = 0xc0;
lib/dns/name.h: static const uint16_t COMPRESS_POINTER_MARK16 = 0xc000;
lib/dns/tsigrecord.h: static const uint32_t TSIG_TTL = 0;
lib/log/logger.h: static const size_t MAX_LOGGER_NAME_SIZE = 31;
lib/log/message_initializer.h: static const size_t MAX_MESSAGE_ARRAYS = 256;

2469 defect 1352395162307188 1352472050129443 dhcpconf medium marcin DHCP Outstanding Tasks new DHCPv6 Config Parser: when setting global value, values in subnets should be changed. The following scenario will not work properly with DHCPv6 config parser:
1. Set global configuration values
2. Add new subnet without any values other than subnet and pool (this makes the subnet inherit global values)
3. Change any of the global values - this should force change of the particular value in the subnet object but it doesn’t.

In the step 3. function that does configuration will receive the request to change global value and only global value is changed. Another thing that should happen at this point is the check that global value has been changed and all corresponding values within subnets should be affected but parsing algorithm does not force this by itself. We need to implement a logic that will iterate through all existing subnets and if their configuration is inherited from global configuration they should be updated accordingly. The major problem here is that when we create a subnet we do not record whether it is dependent on global values or local values. This has to be recorded on subnet object creation.

2474 defect 1352474026543734 1352474026543734 dhcp low stephen DHCP Outstanding Tasks new Extend comments in DHCPv6 server unit test From #2414#comment:10

In the advertiseOptions test, here are some comments needed in the new code that sets up the Solicit message. In particular: why do we have to set the link local address: fe80::abcd? What are the magic numbers 234, 1500, 3000?

This ticket covers the addition of those comments.
2477 enhancement 1352732290742385 1353420108479371 Unclassified very low jreed new add a timeout to b10-host example Add a timeout to examples/host/b10-host command.
2478 enhancement 1352801052400699 1355231552410399 libdns++ low UnAssigned shane new ILNP RR types The IETF has a new RFC, which includes some new RR types.

http://www.rfc-editor.org/rfc/rfc6742.txt

These are:

NID
L32
L64
LP
2482 defect 1352925473786230 1353426094174692 bind-ctl low jreed new strange bindctl error message I used tab completion to enter listen_on … I didn’t notice the start bracket before I pressed enter:


> config show Resolver/listen_on[
Error! Bad format in identifier (] before [): listen_on[Resolver


The error message seems worded wrong and has noise at end too.
2483 defect 1352978287969006 1352978287969006 dhcp medium stephen DHCP Outstanding Tasks new DHCPv6 test failed on FreeBSD Commit 15d4aa034c1a841bdf744d777aceeb0962aff8bc failed the DHCP6 tests on FreeBSD with:

Running test: dhcp6_test.py
…..F.
==
FAIL: test_portnumber_nonroot (main.TestDhcpv6Daemon)
———————————————————————
Traceback :
File “/b/work/BIND10/20121115022843-FreeBSD8-i386/build/src/bin/dhcp6/tests/dhcp6_test.py”, line 197, in test_portnumber_nonroot
self.assertEqual, 1)
AssertionError: 0 != 1

———————————————————————

Ran 7 tests in 7.665s

FAILED (failures=1)
Note: Purpose of some of the tests is to check if DHCPv6 server can be started,
not that is can bind sockets correctly. Please ignore binding errors.
Running command: ../b10-dhcp6 v
Process finished, return code=
15, stdout=167 bytes, stderr=948 bytes
Check that specifying port number 0 is not allowed.
Running command: ../b10-dhcp6 p 0
Process finished, return code=1, stdout=0 bytes, stderr=240 bytes
Check that
p option is check against bogus port number (999999).
Running command: ../b10-dhcp6 p 999999
Process finished, return code=1, stdout=0 bytes, stderr=245 bytes
Check that
p option is check against bogus port number (123garbage).
Running command: ../b10-dhcp6 p 123garbage
Process finished, return code=1, stdout=0 bytes, stderr=249 bytes
Check that
p option requires a parameter.
Running command: ../b10-dhcp6 p
Process finished, return code=1, stdout=0 bytes, stderr=233 bytes
Check that specifying unprivileged port number will work.
Running command: ../b10-dhcp6
v sp 10547
No data available from stdout
No data available on stderr
Process finished, return code=15, stdout=0 bytes, stderr=0 bytes
Check that connection to BIND10 msgq can be disabled.
Running command: ../b10-dhcp6
v sp 10547
Process finished, return code=–15, stdout=167 bytes, stderr=530 bytes
* Error code 1
2484 defect 1352992952701411 1353429571454689 logging medium jreed new errant log4cplus output
2012-11-15 09:19:47.227 DEBUG [b10-boss.boss] BIND10_STARTED_PROCESS_PID started
b10-auth (PID 27908)
log4cplus:ERROR LoggerImpl::getChainedLogLevel()- No valid LogLevel found
2012-11-15 09:19:47.329 INFO [b10-auth.auth] AUTH_SERVER_CREATED server created
2485 defect 1352993476240523 1362579275617936 bind-ctl high jreed new bindctl crash on show of removed item
> config show data_sources/classes/IN[1]
data_sources/classes/IN[1]/type “MasterFiles” string
data_sources/classes/IN[1]/params {test2.example.org “/home/reed/opt/bind-HEAD/etc/test2.zone”} any
data_sources/classes/IN[1]/cache-enable true boolean
data_sources/classes/IN[1]/cache-zones/ list
> config remove data_sources/classes/IN[1]
> config commit
> config show data_sources/classes/IN[1]
Traceback (most recent call last):
File “/usr/pkg/lib/python3.1/cmd.py”, line 213, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/home/reed/opt/bind10/bin/bindctl”, line 162, in
result = tool.run
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 152, in run
self.cmdloop
File “/usr/pkg/lib/python3.1/cmd.py”, line 139, in cmdloop
stop = self.onecmd
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 476, in onecmd
Cmd.onecmd
File “/usr/pkg/lib/python3.1/cmd.py”, line 215, in onecmd
return self.default
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 442, in default
self.
parse_cmd(line)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 639, in parse_cmd
self.
handle_cmd(cmd)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 426, in handle_cmd
self.apply_config_cmd
File “/home/reed/opt/bind10/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 719, in apply_config_cmd
values = self.config_data.get_value_maps
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 723, in get_value_maps
self.
append_value_item(result, spec_part, identifier, all, True)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 630, in _append_value_item
list_value, status = self.get_value(identifier)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 603, in get_value
value = self.get_default_value(identifier)
File “/home/reed/opt/bind10/lib/python3.1/site-packages/isc/config/config_data.py”, line 522, in get_default_value
result = result[list_indices.pop(0)]
IndexError: list index out of range
2487 enhancement 1353018967743173 1355230404992158 libdns++ medium UnAssigned fdupont new port the example host.cc to python The idea is to port the high level part of host.cc code to python using the DNS library bindings.
2493 defect 1353340370764144 1394117135914699 b10-auth medium jelte DNS Outstanding Tasks new segfault in b10-auth when it can’t connect to msgq socket I ran it as a wrong user, and I expect b10-auth to report the permission denied error and quit, so far so good, but when it is cleaning up it segfaults:


2012-11-19 15:45:49.929 FATAL [b10-auth.cc] CC_NO_MSGQ unable to connect to message queue (Permission denied)
2012-11-19 15:45:49.935 FATAL [b10-auth.auth] AUTH_SERVER_FAILED server failed: Unable to connect to message queue: Permission denied
Segmentation fault (core dumped)


Stacktrace:

Program terminated with signal 11, Segmentation fault.
#0 std::Rb_tree, std::Select1st >, std::less, std::allocator > >::find (this=0x70,
__k=…) at /usr/include/g/bits/stl_tree.h:1519
1519 iterator j = M_lower_bound,M_end,k);
where
#0 std::Rb_tree, std::Select1st >, std::less, std::allocator > >::find at /usr/include/g
/bits/stl_tree.h:1519
#1 0x00007f7ff6824e7d in find (__x=…, this=0x70) at /usr/include/g++/bits/stl_map.h:697
#2 isc::config::ModuleCCSession::removeRemoteConfig (this=, module_name=…) at ccsession.cc:718
#3 0x00000000004324b3 in main (argc=, argv=) at main.cc:259


Looks like either the remote config data needs a cleaner initialization or that main.cc call needs to check first whether is succeeded setting up in the first place
2495 enhancement 1353356094194014 1355231635340475 Unclassified very low jreed new suggest b10-rndc component I don’t want existing rndc to be continued for the long-term, but this suggestion is for b10-rndc daemon to listen and handle rndc communication as a temporary migration method.
2502 defect 1353527907878371 1394117155606271 b10-auth medium jreed Common Outstanding Tasks new Missing logging identifier for “ERROR [b10-auth.auth] Unable to lock logger lockfile” Missing logging identifier:


2012-11-21 03:02:14.427 ERROR [b10-auth.auth] Unable to lock logger lockfile


(See missing fifth field.)
2505 defect 1353924978740800 1354024460634557 Unclassified low naokikambe new add “module_description” into spec files of Xfrout, Zonemgr, and DDNS There is no “module_description” in spec files of Xfrout, Zonemgr, and DDNS. Add descriptions for them. The current output of the help command in bindctl is:

> help
..
Available module names:
help Get help for bindctl.
config Configuration commands.
execute Execute a given set of commands
Stats Stats daemon
Cmdctl Interface for command and control
data_sources
The sources of authoritative DNS data
tsig_keys The TSIG keyring is stored here
Boss Master process
Logging Logging options
Xfrin XFR in daemon
Auth Authoritative service
Xfrout
Zonemgr
DDNS
StatsHttpd Stats HTTP daemon
>
2508 defect 1353966214176587 1392911757068627 b10-auth low jreed DNS Outstanding Tasks new ddns socket file create by default by b10-auth b10-auth should not create a ddns socket file by default. Maybe an option should be added?
2509 defect 1353966810204549 1355231262386019 Boss of BIND medium jreed new extra comma in configuration and zombie cfgmgr I generated a list of data sources and my params had a trailing comma.
This caused cfgmgr to become a defunct zombie (on Linux) process.

I only realized since bind10 every second does log BIND10_WAIT_CFGMGR. I tested with different wait times.


2012-11-26 16:32:16.584 DEBUG [b10-boss.boss] BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_COMPONENT_START_EXCEPTION component cfgmgr failed to start: Configuration manager process has not started
2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_COMPONENT_FAILED component cfgmgr (pid None) failed: unknown condition
2012-11-26 16:32:17.584 FATAL [b10-boss.boss] BIND10_COMPONENT_UNSATISFIED component cfgmgr is required to run and failed
2012-11-26 16:32:17.584 ERROR [b10-boss.boss] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 3 done
2012-11-26 16:32:17.584 INFO [b10-boss.boss] BIND10_KILLING_ALL_PROCESSES killing all started processes


Here is an example:

{version 2,
Auth {listen_on [{port 5300, address “127.0.0.1”}]},
Boss {components {b10-auth {kind “needed”, special “auth”
,
data_sources {classes {IN [{params {
1.example, type “MasterFiles”, cache-enable true}]



I do get a message like:


2012-11-26 16:51:18.501 FATAL [b10-cfgmgr.cfgmgr] CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/var/bind10-devel/b10-config.db


But that may be overlooked after many BIND10_WAIT_CFGMGR lines.
2510 defect 1353967657546859 1394117188163238 b10-auth medium jreed DNS Outstanding Tasks new b10-auth should not accept queries while configuring I have many zones configured that take about 30 seconds to load.
While loading and before AUTH_DATASRC_CLIENTS_BUILDER_RECONFIGURE_SUCCESS, queries for records within all zones (I think all) return REFUSED.

I think it should not accept queries while loading a configuration.
2511 defect 1353968104991083 1394117217243645 b10-auth medium jreed DNS Outstanding Tasks new defining a data_sources/classes/IN disables the builtin CH By default, b10-auth has version.bind.

But when configuring a

data_sources {classes {IN [{params {

}

(and that works)

The CH class seems to be gone. At least queries for it now return REFUSED.

I thought there was a ticket already about this, but I can’t find it now.

This may be known behaviour since setting data_sources in the configuration overrides the default settings. I think that is confusing. But maybe the fix is just to document it better (or point me to it).
2514 enhancement 1354037430379482 1355231426264247 statistics medium jinmei new dump statistics in DSC-compatible format An operator I met last week asked me for supporting this. We didn’t
talk about any details, but I guess this means we produce XML data
that can be interpreted by a DSC presenter like this one:
http://dns.measurement-factory.com/tools/dsc/sample-xml/certain_qnames_vs_qtype.xml.txt
2519 task 1354246919650948 1354246919650948 libdns++ medium UnAssigned jinmei new python wrapper for MasterLoader Not directly related to our current feature, but I think
the `dns::MasterLoader` class is quite useful in Python for general
purposes, too, so I suggest providing a Python wrapper for it.

Depend on #2377.
2520 task 1354247827483257 1354247827483257 libdns++ medium UnAssigned jinmei new incremental base_n decoding I noticed that base_n decoding with our current API can be less
efficient, especially for cases like base64 encoded RRSIG signatures.
named-signzone produces text like this:

86400 RRSIG A 5 3 86400 20121225123000 (
20121125123000 57167 jinmei.org.
pEyYj5y9+NuEZYtyhQlbiEddPGJvPp6Zyorh
Xv5oSaUMkNDF8cxxMo4Ba15VuuHAj8L+r51Q
jUxOOVE502UvtO+4cpLYK9MEjC+PKEeGMtQP
Bed0fp8g6vtjvsNNaIVcwbu2BipKVwR4ZRoa
su4HWjT7bmgDp6xgILbSXusKcPo= )


So our parser will get the signature part as 5 separate strings.
With our current API we’d have to concatenate these into a single
string and pass it to decodeBase64(). That’s a waste, and
maybe non negligible because a large signed zone will have many
RRSIGs.

So I propose introducing an extension to the current decoder API so
that we can decode this type of textual input incrementally.
Specifically, we define and implement the following class:

#!cpp
class Base64Decoder {
public:
// Constructor with resulting vector. result will be filled in with
// the decoded data.
Base64Decoder(vector& result);

// decode the given string into binary and append the data to the result
// vector. Note that ‘len’ may not be a multiple of 4, so this class
// needs to have internal buffer to avoid intermediate decode error.
// Example: if the initial length is 9, decode the first 8 bytes, and
// keep the last byte in the internal buffer. In the next call to add,
// it conceptually prepend the internal buffer to the given string,
// and repeat the same thing. Also note that if the given string contains
// a padding character, some special consideration is necessary.
void add(const char* str, size_t len);

// tell the class all encoded data have been passed. This method checks
// error cases.
void finish();
};


I believe we can use the existing internal implementation for most of
the difficult part of the class, so it shouldn’t be that difficult as
it might look.

Depending on difficulty of this task, also consider providing the same
feature for hex decoder. We can use it for the generic form of RDATA.
This should be a rare case so less critical.

As far as I can see we don’t need it for base32 in practice.
2523 task 1354259225877814 1357662509292928 libdns++ low UnAssigned jinmei new supported generic form of rdata text for well-known type Depend on #2382 and #2426.

Due to the expected size of #2382, I plan to exclude one corner case
for that task to this separate ticket: supporting ‘ n xxxx’ form
for well-known (predefined) RR types, so we can parse the following
form of RR:

e.example. IN A 4 0A000001


See BIND 9’s lib/dns/rdata.c:unknown_fromtext() and
rdata_validate(). We should be able to support it in the same way.
2532 enhancement 1354550401159446 1354550401159446 dhcpdb medium tomek DHCP Outstanding Tasks new DHCP: deleteAllLeases() call would be useful A call wiping the whole database is useful for testing, e.g. I want start fresh in every test.

This should be generic mechanism added to LeaseMgr.
2533 task 1354622059755896 1397640730796484 dhcpdb low stephen DHCP Outstanding Tasks new Refactor MySQL tests to be generic tests for all database backends Currently the set of tests for the interface to the DHCP database is MySQL-specific. However, as we add new backends, the same tests will need to be done. This ticket is for the refactoring of the MySQL tests into a set of generic tests for any backend.
2537 task 1354711996901497 1355233277920562 data source medium vorner new Make construction and usage of ZoneTableSegment consistent The ZoneTableSegment has static `::create` and `::destroy` methods. But the
InMemoryClient mandates the ZoneTableSegment is passed as `shared_ptr`. But once
inside `shared_ptr`, it is not possible to get out and it insists it’ll destroy
it itself using `delete` ‒ which means the `::destroy` may never be used.

We need to use either one or the other approach, since this interface is clearly wrong.
2538 task 1354712595729630 1355922013248689 data source medium vorner new Explain the format and purpose of ZoneTableSegment::create config parameter The `ZoneTableSegment::create` takes a config parameter. It is currently ignored and it is not explained:
* How it’ll look like, what information it’ll contain, etc.
* Where it comes from. I don’t think it is practical to ask users to write a
config about the used segments for each zone, or something. IMO it should
work just by turning the b10-memorymgr on in boss, and everything else
should be auto-negotiated with it, or something. Things like if the data is
passed to the auth (or other consumers) by a memory-mapped file, or shared
memory, should be in the memorymgr configuration.

Currently, everything that needs a zone table segment, just passes something like NullElement or some other dummy value. It’s not clear where such config will appear at the place where the create is called.
2540 defect 1354717880768326 1354718842401759 dhcp very low tomek DHCP Outstanding Tasks new DHCP cleanup: cfgmgr -> cfg_mgr, remove Doxygen errors This is a result of #2270 review. Some things were pushed to this ticket to avoid complex merge (2270 is based on old code that had everything in src/lib/dhcp, which is not split into two dirs).

To do:
- rename cfgmgr.{cc
h} to cfg_mgr.{cc h}
- remove all outstanding Doxygen errors
- rename tests in dhcp6.ConfigParser (pool_out_of_subnet => poolOutOfSubnet)
- add test for Uint32Parser in dhcp6 (similar to dhcp4)
2543 task 1354809987710448 1354809987710448 dhcpdb medium stephen DHCP Outstanding Tasks new Create version of “dbutil” for DHCP code dbutil.py is a Python script for checking and upgrading the DNS database schema. A similar utility is required for the DHCP schema.

It is likely that this and the DNS version will have a lot in common. If possible, the DNS version should be refactored so that the two version use common code.
2547 enhancement 1354882012310503 1364490793173501 dhcp very low tomek DHCP Outstanding Tasks new Implement Lease{4,6}Ptr::operator== that always throws It’s a common mistake to compare pointers to leases rather than leases themselves. To easier detect such cases, there should be a comparison operator that always throws.

See ticket:2404#comment:12.
2550 defect 1355222881333769 1355233360381511 logging medium jelte new logging stdout fallback includes debug even without -v
After #2445, if bind10 starts and can’t even get a decent configuration, all initial logging is dumped to stdout. However, due to some intricacies in the logging system, this includes any log message (so also DEBUG even if -v was not used). See that last few comments at #2445.

Right now I don’t really know a good solution to this, but we should fix this at some point :)

A possible solution is to not use ‘if verbose then logger.setLogLevel(debug)’ but rather initialize the logging system depending on the command arguments (if verbose init(debug)’. But there are probably some nasty subtleties there.
2551 task 1355223004359644 1355933599315213 Unclassified medium jelte new add a few more tests for denial of existence in single-name zones
Tickets #2503 and #2504 fixed a couple of issues regarding single-name zones and denial of existence. These added some tests for non-existent names. We should probably also explicitely test existing names but non-existent types (NOERROR/NODATA responses) with this.

This should not trigger any new errors, but just in case it does we are delegating this to a separate ticket.
2552 defect 1355235210670085 1355933620320048 logging low jreed new log output has two spaces after INFO On some systems I see two spaces after INFO for log messages.
So I can’t parse by splitting on single space.

On two different platforms using log to file.
using log4cplus-1.0.4 and log4cplus-1.1.0

2554 defect 1355252445972891 1355920929430576 configuration medium jreed new ConfigManager not responding I thought there was ticket already about this, but search won’t find it.

I did the following:



> config add Logging/loggers[0]/output_options
> config set Logging/loggers[0]/output_options[0]/destination file
> config set Logging/loggers[0]/output_options[0]/output /home/reed/work/isc/bind10/log/bind10.log
> config show Logging/loggers[0]/output_options
Logging/loggers[0]/output_options[0]/destination “file” string (modified)
Logging/loggers[0]/output_options[0]/output “/home/reed/work/isc/bind10/log/bind10.log” string (modified)
Logging/loggers[0]/output_options[0]/flush true boolean (default)
Logging/loggers[0]/output_options[0]/maxsize 0 integer (default)
Logging/loggers[0]/output_options[0]/maxver 0 integer (default)
> config set Logging/loggers[0]/output_options[0]/maxsize 1048576
> config set Logging/loggers[0]/output_options[0]/maxver 25
> config commit
Error: Module ‘ConfigManager’ not responding
Configuration not committed



The process was not hanging though. And it did not crash and restart. I exited bindctl and ran it again and then did the above again with a “config commit” after each step and it worked.
2555 task 1355346509088160 1355933643944332 Unclassified medium jelte new clean up exceptions in sqlite3_accessor
During #2541, we noticed that the exceptions that are thrown are a tad inconsistent; sometimes sqlite3 errors get thrown as SQLite3Error, sometimes as DataSourceError, and we should probably use InvalidOperation for things like double startTransaction() calls, and calls that expect a transaction to be active but are not.

If these are changed, don’t forget to update the python wrapper!

These might have some unexpected side-effects so please plan to run it past the buildbots as well :) (and plan a bit of extra time to fix those)
2556 defect 1355349624807504 1392914179832213 resolver medium jreed jreed DNS Outstanding Tasks assigned output from bind10 (when Resolver shutdown) I am using master as of yesterday. It includes #2445 (“The system no longer prints initial log messages to stdout …”).

When I do “Resolver shutdown” in bindctl, I get output from bind10:


pure virtual method called
terminate called without an active exception
pure virtual method called
terminate called without an active exception
pure virtual method called
terminate called without an active exception

(I did it three times.)

I don’t know where this comes from, but I guess it is b10-resolver. I didn’t reproduce by using “Auth shutdown”.

In jabber, jinmei mentioned: ``unimplemented pure virtual should normally be detected at compile time … I suspect it’s some system-dependent run time error … something like the use of incompatible binary’’

2560 defect 1355493697148956 1366315107364874 Unclassified medium jreed new stats crash on cc timeout The following is from last release (20121115). The bind10 parent was suspended on purpose for testing something else, and then b10-stats crashed:


Traceback (most recent call last):
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 158, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 687, in
stats.start
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 373, in start
self.do_polling
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/libexec/bind10-devel/b10-stats”, line 256, in do_polling
= self.cc_session.group_recvmsg
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg
env, msg = self.recvmsg
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/jreed/dnsbench/work/origin/bind10-20121115-release/20121126190544/install/lib/python3.1/site-packages/isc/cc/session.py”, line 227, in _receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out
[b10-msgq] Closing socket fd 10
[b10-msgq] Receive error: EOF


This is repeatable.

b10-stats should not crash with noisy traceback if something is temporarily unavailable.
2561 defect 1355498007520120 1369645338678726 dhcp low UnAssigned stephen DHCP Outstanding Tasks assigned Extract common code from IFaceMgr::receive4 and IFaceMgr::receive6 These two methods share a lot of common code which could be abstracted into a separate common method.
2564 task 1355523924002534 1357617053725280 Unclassified medium jinmei new MasterLoader needs to perform minimal validation for SOA It should do something equivalent to the following BIND 9 code:
#!c
if (type == dns_rdatatype_soa &&
(lctx->options & DNS_MASTER_ZONE) != 0 &&
dns_name_compare(ictx>current, lctx>top) != 0) {
char namebuf[DNS_NAME_FORMATSIZE];
dns_name_format(ictx->current, namebuf,
sizeof(namebuf));
(*callbacks->error)(callbacks, “s:lu: SOA”
“record not at top of zone (%s)”,
source, line, namebuf);
result = DNS_R_NOTZONETOP;
if (MANYERRS (lctx, result)) {
SETRESULT (lctx, result);
read_till_eol = ISC_TRUE;
target = target_ft;
continue;
} else if (result != ISC_R_SUCCESS)
goto insist_and_cleanup;
}


i.e., reject “example.com/SOA” for the example.org zone.

I intended to do it in #2377, but #2377 didn’t address it. Note that
there’s no other point that we can do this effectively, unless we
require expensive whole-zone search in the post-load validation phase
by default.

As the BIND 9 code shows, we should also introduce a loader option
that allows to skip this check.
2567 task 1355924925391852 1392912356234725 loadzone medium jreed DNS Outstanding Tasks new add lettuce tests for various b10-loadzone uses This may need to have multiple tickets.

The task here is not defined yet.

This is a reminder to:

add lettuce tests for new b10-loadzone uses.
2569 defect 1355952477190748 1392811764178012 data source medium jreed DNS Outstanding Tasks new RR class (CH) does not match the zone class (CLASS0)
2012-12-19 21:11:07.221 ERROR [b10-auth.auth/94094] AUTH_DATASRC_CLIENTS_BUILDER_RECONFIGURE_DATASRC_ERROR Error setting up data source: Unknown uncaught exception from static createInstance: RR class (CH) does not match the zone class (CLASS0) in /usr/local/share/bind10/static.zone at line 10


The static zone has:


BIND. 0 CH SOA bind. authors.bind. 0 28800 7200 604800 86400

(This comes from the installation.)

My configuration had:


> config show all data_sources/classes/CH
data_sources/classes/CH[0]/type “static” string
data_sources/classes/CH[0]/params “/usr/local/share/bind10/static.zone” any
data_sources/classes/CH[0]/cache-enable false boolean
data_sources/classes/CH[0]/cache-zones [] list


2578 task 1355970985485155 1392912404382782 loadzone medium jinmei DNS Outstanding Tasks new add “-q” (quiet) option to b10-loadzone As discussed in review of #2380. It’s probably useful if the user
can suppress info level (or maybe even any level of) logging from
b10-loadzone, e.g, when it’s invoked from a cron.

My suggestion is:

- Add q option, which disables info level logs; if specified multiple
times it suppress any level of logs
(optionally) add “-l” option, which specifies the output (destination) of log
messages.
2579 task 1355971467458989 1358258297254066 libdns++ medium UnAssigned jinmei new limit max value of RRTTL on construction (?) See http://bind10.isc.org/ticket/2429#comment:11

RFC2181 limits the max value of TTL to `2^31-1`. We might want to
enforce this restriction at the time of the construction of `RRTTL`
object.

There are some obvious advantages of this, but I think the decision
is not that obvious:
- Limiting it at the API level is not compatible with BIND 9.
- It’s not clear what we should do when an out-of-range (but still
within uint32_t) value is specified. Silently reset it to 0?
(this may result in some surprise). Or throw an exception? (but
it’s probably not good for the “from wire” case, where RFC specifies
treating it as 0).

So this ticket is created basically for the record, rather than
proposing a specific task. If we see the stronger need to address
this topic, we can discuss it and create a development ticket.
2580 task 1355971956530260 1358258313144506 data source medium jinmei new warn inconsistent RR TTLs on zone loading See http://bind10.isc.org/ticket/2470#comment:13

Currently, we ignore inconsistent TTLs for RRs of the same RRset
on loading. The minimum TTL will be silently used for the in-memory
case; in the case of database-based data sources, a warning will be
logged at the time of lookup, but the operator cannot notice it until
then.

As discussed in the above link, there didn’t seem to be an easy
solution. It’s also related to a higher level discussion on
where/how we do some kinds of checks, especially if they may not be
effectively doable in the post-loading validation phase.

This ticket is probably non-estimatable until these points are
clarified.
2584 defect 1356559708306665 1358257028879296 bind-ctl low jreed new odd bindctl config error Sometime ago I did:


> config show Boss/components/b10-
Error: Boss/components/b10-/kind not found


The error message is confusing. It probably should say “Error: Boss/components/b10- not found” (and not “/kind”).
2589 defect 1356951968621455 1356951968621455 Unclassified medium tomek DHCP Outstanding Tasks new Lease4 should use HWAddr structure HWAddr structure has been implemented. Lease4 definition should use it.
2599 task 1357316100717515 1366410445414634 dhcp medium UnAssigned stephen DHCP Outstanding Tasks assigned DHCP Testing: V4 features - general Write a description of the tests for section 4a (“DHCPv4 features - general”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.)

The description and results should be attached to this ticket.
2602 task 1357316307595663 1366410485018271 dhcp medium UnAssigned stephen DHCP Outstanding Tasks assigned DHCP Testing: V6 features - robustness Write a description of the tests for section 5b (“DHCPv6 features - robustness”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.)

The description and results should be attached to this ticket.
2603 task 1357316834188828 1366410506172836 dhcp medium UnAssigned stephen DHCP Outstanding Tasks assigned DHCP Testing: V4 Options Write a description of the tests for section 6 (“Options”) of the Test Plan for V4 only, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the testing is manual.)

The description and results should be attached to this ticket.
2609 defect 1357561132205638 1357670359783267 Unclassified medium vorner new SERVFAIL on all queries while b10-loadzone is running Configure a large zone in SQLite (without the in-memory cache). When it is
queried, it answers the query. But when b10-loadzone is run to update the zone,
auth returns SERVFAIL to all queries, because the database is locked


2013-01-07 13:05:55.158 ERROR [b10-auth.auth/19124] AUTH_PROCESS_FAIL message processing failure: Unexpected failure in sqlite3_step: database is locked


Updating a zone shouldn’t cause a disruption (with the cz. zone, it takes like
5 minutes to load the new zone to the DB, which is not good).

I know this may not be fixable due to SQLite limitations. But we should probably at least warn about loading too large zones there.
2610 defect 1357561447700041 1364462864841128 data source medium vorner new Query for large zone in SQLite datasrc takes a very long time I tried loading a large zone into SQLite data source (without the in-memory
cache, over 3M records). Then I queried for a SOA record of the zone. The query
got answered correctly, but after something like 12 seconds of b10-auth running
on 100% CPU. And my CPU is pretty fast.

Such performance is unusable for any practical purpose for such a large zone. I
thought we fixed such problem by some indices, but it seems it didn’t help
enough.
2611 enhancement 1357561627203666 1392912423464590 loadzone low vorner DNS Outstanding Tasks new Use multiple threads in b10-loadzone I tried to load a large zone (over 3M records) by b10-loadzone. It took over 5
minutes, taking 100% CPU. Large part of the time is probably datasource
handling (in this case the sqlite3 library). It may be worth trying to do the
parsing in one thread and pass batches of RRs to a second thread that’d do the
writes.
2612 enhancement 1357572050905034 1357572273327226 libdns++ medium UnAssigned muks new Make isc::dns::RRsetCollection collate RRsets in any order This is a ticket to make `isc::dns::RRsetCollection`’s constructors collate RRsets in any order (see #2432 comment 25, and the rest of that ticket).
2613 enhancement 1357572242336946 1358765087972458 libdns++ medium UnAssigned muks new Make RRsetCollectionBase iterator implementation compatible with Boost foreach Make RRsetCollectionBase iterator implementation compatible with Boost foreach. Currently it has a basic forward iterator implementation.
2614 task 1357585856845272 1392912440090723 loadzone medium jinmei DNS Outstanding Tasks new update b10-loadzone using generic DB creation When b10-loadzone tries to load a zone to a data source but the data
source is not even yet initialized (which means, in the current
implementation, there is no SQLite3 DB file), it relies on
`DataSourceClient` internally performs this initialization.

But such initialization should actually be removed from
`DataSourceClient` (it’s provided for compatibility, but was not
intended to be a part of its responsibility)
and its support is actually incomplete .
(this part was my misunderstanding).

The right solution is to complete #1861, and have b10-loadzone use the
generic data source initialization module.

Maybe we shouldn’t make it automatic though, and rather implement it
as an option to b10-loadzone.
2615 defect 1357655644079487 1357655644079487 dhcp medium stephen DHCP Outstanding Tasks new Server should check address validity before renewing lease This ticket has been created in response to an issue raised in the discussion on ticket #2488.

If a DHCP server hands out a lease for an address to a client, and is then reconfigured so that the address is removed from the pool of addresses available to the server, it should refuse to renew the lease for that address. At present, the leases is renewed with no checks on address validity.
2616 defect 1357658423222321 1359555915401090 msgq low jreed jreed assigned existing msgq has confusing error if another bind10 tries to start I accidently tried to start bind10 again. The existing msgq logged:


2013-01-08 10:17:36.446 ERROR [b10-msgq.msgq/3646] MSGQ_RECV_ERR Error reading from socket 9: EOF


It is a “low-level error” but this is confusing. Should existing msgq have an error?
2620 defect 1357746769141925 1358257586319389 Unclassified medium shane new b10-cmdctl-usermgr should check permissions on start I tried to add a user:


$ ./b10-cmdctl-usermgr
Desired Login Name:shane
Choose a password:
Re-enter password:
Traceback (most recent call last):
File “./b10-cmdctl-usermgr”, line 124, in
main()
File “./b10-cmdctl-usermgr”, line 114, in main
save_userinfo(name, pw, salt, filename)
File “./b10-cmdctl-usermgr”, line 59, in save_userinfo
csvfile = open(filename, ‘a’)
IOError: [Errno 13] Permission denied: ‘cmdctl-accounts.csv’


There should be 2 changes:

1. The program should check permissions when it starts, so I don’t go through the steps of adding a user when they won’t work.

2. If for some other reason updating user information fails (permissions can change after the program starts, or NFS mounts can disappear, or whatever), the program should catch the problem and give a nicer error rather than dumping a stack trace.
2625 defect 1357837288414049 1384874965166881 tests low jreed new lettuce timing failure for starting cmdctl for In-memory datasource backed by sqlite3 Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it three times out of six runs. The stderr output shows that was not started yet. I guess it should wait a little longer.

Scenario: 2. In-memory datasource backed by sqlite3
features/inmemory_over_sqlite3.feature:14



And wait for master stderr message CMDCTL_STARTED
# features/terrain/steps.py:34



AssertionError: Timeout waiting for process output: [u’CMDCTL_STARTED’]
2626 defect 1357837659000476 1358257851348750 tests low jreed new lettuce timing failure for DDNS ACL Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it only one time out of six runs.

Scenario: ACL
# features/ddns_system.feature:89



A query for new1.example.org should have rcode NXDOMAIN # features/terrain/querying.py:204



AssertionError: Expected: NXDOMAIN, got NO_ANSWER

Here is some stderr output that may be related (but I am not sure):



2013-01-10 15:19:22.774 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_LOAD_ZONE loading zone secondary.org. (class IN)
2013-01-10 15:19:22.776 WARN [b10-zonemgr.zonemgr/2025] ZONEMGR_NO_SOA zone secondary.org. (class IN) does not have an SOA record
2013-01-10 15:19:22.776 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_STARTED zonemgr started

2013-01-10 15:19:26.273 DEBUG [b10-zonemgr.zonemgr/2025] ZONEMGR_REFRESH_ZONE refreshing zone secondary.org. (class IN)
2013-01-10 15:19:26.858 ERROR [b10-ddns.ddns/2029] DDNS_START_FORWARDER_FAIL Error sending request for DDNS UPDATE forwarding to b10-auth: recv() on cc session timed out
2013-01-10 15:19:26.858 INFO [b10-ddns.ddns/2029] DDNS_STARTED ddns server is running and listening for updates
2013-01-10 15:19:27.224 DEBUG [b10-auth.cc/2026] CC_GROUP_RECEIVE trying to receive a message
2013-01-10 15:19:31.225 ERROR [b10-auth.cc/2026] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 125)
2013-01-10 15:19:31.225 FATAL [b10-auth.auth/2026] AUTH_SERVER_FAILED server failed: asynchronous read failed

2013-01-10 15:19:31.226 INFO [b10-auth.auth/2026] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped
2013-01-10 15:19:31.226 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 13: EOF
2013-01-10 15:19:31.227 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 10: EOF
2013-01-10 15:19:31.227 DEBUG [b10-auth.datasrc/2026] DATASRC_SQLITE_DROPCONN SQLite3Database is being deinitialized

2013-01-10 15:19:31.231 INFO [b10-boss.boss/2007] BIND10_PROCESS_ENDED process 2026 of b10-auth ended with status 256
2013-01-10 15:19:31.231 ERROR [b10-boss.boss/2007] BIND10_COMPONENT_FAILED component b10-auth (pid 2026) failed: process exited normally with exit status 256
2013-01-10 15:19:31.231 FATAL [b10-boss.boss/2007] BIND10_COMPONENT_UNSATISFIED component b10-auth is required to run and failed

2013-01-10 15:19:31.238 INFO [b10-xfrout.xfrout/2035] XFROUT_RECEIVED_SHUTDOWN_COMMAND shutdown command received
2013-01-10 15:19:31.242 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 6:
2013-01-10 15:19:31.256 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 11: EOF
2013-01-10 15:19:31.259 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 14: EOF
2013-01-10 15:19:31.259 ERROR [b10-msgq.msgq/2011] MSGQ_RECV_ERR Error reading from socket 15: EOF
2013-01-10 15:19:32.239 INFO [b10-boss.boss/2007] BIND10_PROCESS_ENDED process 2008 of Socket creator ended with status 0

2013-01-10 15:19:32.244 INFO [b10-ddns.ddns/2029] DDNS_SHUTDOWN ddns server shutting down
2013-01-10 15:19:32.250 ERROR [b10-ddns.ddns/2029] DDNS_UNCAUGHT_EXCEPTION uncaught exception of type ConnectionResetError: [Errno 104] Connection reset by peer
2013-01-10 15:19:32.336 INFO [b10-boss.boss/2007] BIND10_RECEIVED_SIGNAL received signal SIGTERM
2627 defect 1357838156458055 1358257874118945 tests low jreed new lettuce timing failure for ConfigManager Lettuce failure on CentOS 5.8 with python 3.3.0. This does not happen every time, but I saw it two times out of six runs.

Scenario: ACL
# features/ddns_system.feature:89



When I set DDNS ACL 0 for 127.0.0.1 to REJECT # features/terrain/nsupdate.py:161



AssertionError: ‘Error’ was found in bindctl output:
Error: Module ‘ConfigManager’ not responding
Configuration not committed

Exit from bindctl

The stderr output has:


2013-01-10 15:40:53.133 DEBUG [b10-auth.cc/31350] CC_REPLY replying to message from ‘{ from “50eee103_6@centos5-64-4.lab.isc.org”, group “Auth”, instance", seq 15, to "”, type “send” }’ with ‘{ result [ 0 ] }’
2013-01-10 15:40:53.133 DEBUG [b10-auth.cc/31350] CC_START_READ starting asynchronous read
2013-01-10 15:40:53.133 DEBUG [b10-ddns.ddns/31358] DDNS_SESSION session arrived on file descriptor 11
2013-01-10 15:40:53.134 WARN [b10-ddns.ddns/31358] DDNS_DROP_CONN dropping connection on file descriptor 11 because of error Receiving a forwarded FD failed: Connection reset by peer
2013-01-10 15:40:54.749 DEBUG [b10-zonemgr.zonemgr/31349] ZONEMGR_REFRESH_ZONE refreshing zone secondary.org. (class IN)
2013-01-10 15:40:57.131 ERROR [b10-cmdctl.cmdctl/31353] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Module ‘ConfigManager’ not responding
2628 defect 1357859297991535 1362587630328172 libdns++ medium UnAssigned jreed new python missing IPv6 support I am fine with stalling or closing this ticket for now. But I am entering these details so that someone searching about a failure will have notes about it.

If python is missing IPv6 support, the build will fail with:


message_fromWire19.wire ../../../../../../src/lib/dns/tests/testdata/message_fromWire19.spec
Traceback (most recent call last):
File “../../../../../src/lib/util/python/gen_wiredata.py”, line 1275, in
obj.dump(output)
File “../../../../../src/lib/util/python/gen_wiredata.py”, line 691, in dump
bin_address = socket.inet_pton(socket.AF_INET6, self.address)
socket.error: can’t use AF_INET6, IPv6 is disabled
* Error code 1


Or tests may fail like:


[ RUN ] MessageTest.fromWireCombineRRs
unknown file: Failure
C+ exception with description “IN/AAAA RDATA construction from wire failed: insufficient buffer length: 0” thrown in the test body.
[ FAILED ] MessageTest.fromWireCombineRRs
[ RUN ] MessageTest.fromWirePreserveAnswer
unknown file: Failure
C
+ exception with description “IN/AAAA RDATA construction from wire failed: insufficient buffer length: 0” thrown in the test body.
[ FAILED ] MessageTest.fromWirePreserveAnswer (1 ms)
2630 defect 1357911445042839 1358258109413327 build system medium UnAssigned jreed new configure —with-pythonpath problems ./configure —with-pythonpath was set to a binary that no longer existed:


./configure: line 15351: /usr/pkg/bin/python3.2: No such file or directory
(standard_in) 1: parse error
./configure: line 15352: test: !=: unary operator expected
./configure: line 15356: /usr/pkg/bin/python3.2: No such file or directory


It should check if it exists/executable first.

Looked further at the —with-pythonpath and see another bug.


reed 5577 1.6 0.1 8616 844 ttyp0 T 11:53AM 0:56.72 yes -c import sys; sys.stdout.write(sys.version[:3])


If you use argument but didn’t set it configure hangs forever with the above. No value defaults to “yes” which is a unix tool :)

I have a minor patch to improve both problems:


diff —git a/configure.ac b/configure.ac
index 892bc6c..103cfc8 100644
— a/configure.ac
+ b/configure.ac
@ -239,7 +239,7 @ AC_HELP_STRING
if test “$python_path” = auto; then
AM_PATH_PYTHON
-else
elif test -x “$python_path” ; then
# Older versions of automake can’t handle python3 well. This is an
# in-house workaround for them.
PYTHON=$python_path
@ -249,6 +249,9 @ else
PYTHON_EXEC_PREFIX=‘$(exec_prefix)’
AC_SUBST
PYTHON_VERSION=)“`]
+ if test”x$PYTHON_VERSION" = “x” ; then
AC_MSG_ERROR([“Python $PYTHON did not work.”])
+ fi
if test `echo “$PYTHON_VERSION >= 3.1”
bc` != 1 ; then
AC_MSG_ERROR([“Python version too old: $PYTHON_VERSION, need 3.1 or higher”])
fi
@ -263,6 +266,8 @ else
AC_SUBST(pyexecdir)
pkgpyexecdir=‘${pyexecdir}/’$PACKAGE
AC_SUBST(pkgpyexecdir)
else
AC_MSG_ERROR([“Set —with-pythonpath to an existing Python 3 executable.”])
fi

# We need to store the default pyexecdir in a separate variable so that
2633 defect 1358154392108510 1358154392108510 dhcpconf medium marcin DHCP Outstanding Tasks new Improve log messages in the DHCP Config Managers In the DHCP configuration parsers (src/bin/dhcp4/config_parser.cc and src/bin/dhcp6/config_parser.cc) a number of log messages should be improved. Corrections to log messages include but are not limited to:
- ensure that all log messages start with a lower-case letter or that all messages start with upper-case letter, currently it is not consistent
- some of the log messages are prefixed with e.g. ‘’, some not, whether this prefix is used or not should be consistent across all log messages
- many massages are vague as they don’t refer to a particular item in the configuration, e.g. fictitious log message: ’‘should be rather logged as ’’. etc.

2636 defect 1358279114198564 1380607988411624 statistics medium jreed jreed assigned stats crash OPS told me that the as112 server nagios check showed memory usage went up. (But looking at this, it happened after the crash.)

I logged in and saw in my logs that stats server crashed:


2013-01-15 19:00:00.791 ERROR [b10-auth.auth/95428] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-01-15 19:00:01.152 ERROR [b10-auth.cc/95426] CC_TIMEOUT timeout reading data from command channel
2013-01-15 19:00:01.154 ERROR [b10-auth.auth/95426] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-01-15 19:00:01.154 ERROR [b10-auth.cc/95426] CC_LENGTH_NOT_READY length not ready
2013-01-15 19:00:01.154 ERROR [b10-auth.auth/95426] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-01-15 19:01:06.404 ERROR [b10-auth.cc/95422] CC_TIMEOUT timeout reading data from command channel
2013-01-15 19:01:07.169 ERROR [b10-auth.cc/95424] CC_TIMEOUT timeout reading data from command channel
2013-01-15 19:01:07.269 ERROR [b10-auth.auth/95422] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-01-15 19:01:07.269 ERROR [b10-auth.cc/95422] CC_LENGTH_NOT_READY length not ready
2013-01-15 19:01:07.269 ERROR [b10-auth.auth/95422] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-01-15 19:01:08.103 ERROR [b10-auth.auth/95424] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-01-15 19:01:08.104 ERROR [b10-auth.cc/95424] CC_LENGTH_NOT_READY length not ready
2013-01-15 19:01:08.104 ERROR [b10-auth.auth/95424] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-01-15 19:01:12.717 INFO [b10-boss.boss/95413] BIND10_PROCESS_ENDED process 95423 of b10-stats ended with status 256
2013-01-15 19:01:12.780 ERROR [b10-boss.boss/95413] BIND10_COMPONENT_FAILED component b10-stats (pid 95423) failed: process exited normally with exit status 256
2013-01-15 19:01:12.785 INFO [b10-boss.boss/95413] BIND10_COMPONENT_START component b10-stats is starting
2013-01-15 19:01:12.792 INFO [b10-boss.boss/95413] BIND10_STARTING_PROCESS starting process b10-stats
2013-01-15 19:01:13.876 ERROR [b10-auth.cc/95429] CC_TIMEOUT timeout reading data from command channel
2013-01-15 19:01:14.339 ERROR [b10-auth.auth/95429] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-01-15 19:01:14.340 ERROR [b10-auth.cc/95429] CC_LENGTH_NOT_READY length not ready
2013-01-15 19:01:14.340 ERROR [b10-auth.auth/95429] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-01-15 19:01:15.084 INFO [b10-stats.stats/78714] STATS_STARTING starting


The redirected bind10 output showed:

Traceback (most recent call last):
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 212, in receive_full_buffer
self.
receive_len_data()
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 172, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 158, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/usr/local/libexec/bind10/b10-stats”, line 687, in
stats.start
File “/usr/local/libexec/bind10/b10-stats”, line 373, in start
self.do_polling
File “/usr/local/libexec/bind10/b10-stats”, line 256, in do_polling
= self.cc_session.group_recvmsg
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 275, in group_recvmsg
env, msg = self.recvmsg
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 130, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/usr/local/lib/python3.1/site-packages/isc/cc/session.py”, line 227, in _receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out


Now Stats show has:


{
Auth {
opcode.iquery 4,
opcode.notify 1542,
opcode.other 0,
opcode.query 11446454195,
opcode.status 0,
opcode.update 906151246,
queries.tcp 4529597,
queries.udp 12348077390,
rcode.badalg 0,
rcode.badkey 0,
rcode.badmode 0,
rcode.badname 0,
rcode.badsigvers 0,
rcode.badtime 0,
rcode.badtrunc 0,
rcode.formerr 469435,
rcode.noerror 35305553,
rcode.notauth 198,
rcode.notimp 906151250,
rcode.notzone 0,
rcode.nxdomain 11319210406,
rcode.nxrrset 0,
rcode.other 0,
rcode.refused 91402768,
rcode.servfail 57451,
rcode.yxdomain 0,
rcode.yxrrset 0
},
Boss {
boot_time “2012-12-19T21:41:21Z”
},
Stats {
boot_time “2013-01-15T19:01:14Z”,
last_update_time “2013-01-15T19:32:27Z”,
lname “50f5a77a_1c@ethel.isc.org”,
report_time “2013-01-15T19:32:27Z”,
timestamp 1358278347.888214
}
}


The end of the dmesg output has:


Limiting icmp unreach response from 25027 to 200 packets/sec
Limiting icmp unreach response from 25088 to 200 packets/sec
Limiting icmp unreach response from 26449 to 200 packets/sec
Limiting icmp unreach response from 28994 to 200 packets/sec
Limiting icmp unreach response from 28885 to 200 packets/sec
Limiting icmp unreach response from 30465 to 200 packets/sec
Limiting icmp unreach response from 3801 to 200 packets/sec
swap_pager_getswapspace(16): failed
swap_pager_getswapspace(8): failed
swap_pager_getswapspace(16): failed
swap_pager_getswapspace(12): failed
swap_pager_getswapspace(16): failed
swap_pager_getswapspace(12): failed
swap_pager_getswapspace(9): failed
swap_pager_getswapspace(5): failed
swap_pager_getswapspace(16): failed
swap_pager_getswapspace(12): failed
swap_pager_getswapspace(9): failed
swap_pager_getswapspace(5): failed
swap_pager_getswapspace(16): failed
swap_pager_getswapspace(12): failed
swap_pager_getswapspace(9): failed
swap_pager_getswapspace(5): failed


/var/log/messages around time of crash:

Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(8): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed
Jan 15 19:01:06 ethel kernel:
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed
Jan 15 19:01:06 ethel kernel:
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(16): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(12): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(9): failed
Jan 15 19:01:06 ethel kernel: swap_pager_getswapspace(5): failed


Maybe something grew to huge?
2638 task 1358505070322866 1358505070322866 Unclassified medium jelte new make dns::rdata::generic::detail::CharString public
With the current hidden-by-convention approach, it requires we either use pimpl in all the rdata implementations we need them in, or forward-declarations (which are tricky because it is a typedef). In both cases it also forces dynamic allocation of memory which isn’t really necessary.

So we should make it public. For now I think we can just move the definition to isc::dns or isc::dns::rdata. (discussion of whether to make it a Real Class is pending).

2639 enhancement 1358512747943875 1358517052009858 logging medium shane new b10-msg utility for looking up message information at the command line Seen in a message on the bind-users list:

> By the way, all of the BIND10 logging
> messages are unique and we provide a paragraph or more documentation for
> each of its 933 possible log identifiers!)

I haven’t checked whether you have that, but that screams for a CLI
utility to show the paragraph without having to browse documentation. :)

https://lists.isc.org/pipermail/bind-users/2013-January/089541.html

So the idea would be to have a simple utility so that you could execute like this:


$ b10-msg BIND10_SELECT_ERROR
There was a fatal error in the call to select(), used to see if a child process has ended or if there is a message on the message bus. This should not happen under normal circumstances and is considered fatal, so BIND 10 will now shut down. The specific error is printed.


We can think of possible extensions to this (like an interface which supports tab-expansion, or searches by regular expression, and so on), but I think this basic approach would cover 95% of use cases.
2640 enhancement 1358512887389021 1358517061091407 message-library medium shane new man page version of BIND 10 Messages Manual Based on a recommendation from the bind-users list:

I would see the man page as indispensible, and a bespoke
utility as merely cool.

https://lists.isc.org/pipermail/bind-users/2013-January/089547.html

We should have a “man” version of the ‘’BIND 10 Messages Manual’’.
2645 enhancement 1358771923263191 1358771923263191 dhcp6 low tomek DHCP Outstanding Tasks new Create class for DUID generation There is currently a code written in Dhcp6_srv (loadServerID, generateServerID, writeServerID) to handle DUID creation and management. It was pointed out in #2597 that it should probably be done in a separate class.

Naive approach would be to move this to DUID class, but that would include dependency on DUID to also use IfaceMgr. It would also make this code and its dependency included in other projects that possibly don’t care about DUID generation, e.g. relay.

It should be also pointed out that the DHCPv6 client uses exactly the same approach to generate client-id.

2646 defect 1358774152413552 1358774152413552 dhcpconf medium marcin DHCP Outstanding Tasks new Default values not handled by DHCP config parsers. The DHCP configuration parsers do not handle default values very well. This specifically refers to setting option values and option definitions. For example, the ‘’dhcp4’‘is the default option space for each option. However, when leaving the default value the parser will simply receive partial configuration (that excludes space name). This in turn will cause an error message that the’‘space’’ parameter is missing. For this reason it is necessary to implement some conditions in option parsers that set default value for various parameters when they are not received from the Config Manager.
2651 enhancement 1358784002534987 1358867807975916 dhcp low tomek DHCP Outstanding Tasks new Need unit-tests to verify that dhcp{4,6}.spec are sane Marcin and I we independently discovered the same bug in spec files. It was very easy to fix it (extra comas), but such a thing should be detected by unit-tests.

We currently seem to not have tests for spec files. We should developm something to cover this gap.
2652 enhancement 1358855649861495 1360148780548373 data source medium muks new Implement `getUpdater()` in `InMemoryClient` This ticket is an offshoot of #2499.

Implement a `ZoneUpdater` and make `InMemoryClient::getUpdater()` return it. Also use this updater for zone validation and remove the call to `dns::checkZone()` in `loadZoneDataInternal()`.
2660 task 1359065168556168 1359383378274013 build system medium UnAssigned jreed new generate changelog This ticket is to track work on generating changelog — so I have a trac number for a git branch. I will update this description later.


The ChangeLog was moved to NEWS. A makefile hook is added to create the ChangeLog from the git history.
2662 task 1359099750158732 1360904398730386 data source medium jinmei new provide some post-load logs I suggest providing log messages after zone loading corresponding to
the following BIND 9 logs:

#!c
} else if (!isc_serial_ge(serial, oldserial))
dns_zone_log(zone, ISC_LOG_ERROR,
“zone serial (u/u) has gone”
“backwards”, serial, oldserial);
else if (serial == oldserial && !hasinclude &&
strcmp(zone->db_argv[0], “_builtin”) != 0)
dns_zone_log(zone, ISC_LOG_ERROR,
“zone serial (u) unchanged. "<br> "zone may fail to transfer "<br> "to slaves.", serial);<br>
<br><br>and<br><br>#!c<br> if (! dns_db_ispersistent(db))<br> dns_zone_log(zone, ISC_LOG_INFO, "loaded serial u%s”, serial,
dns_db_issecure(db) ? " (DNSSEC signed)" : “”);


I actually wanted to do this as part of completed zone-load tasks, but
I missed the opportunities.

While maybe less common these days now many people generate zone files
from a tool (mainly for DNSSEC signing), forgetting to increment the
serial is a quite common operational error. So I believe it’s pretty
important (especially the second one).

From a quick look this shouldn’t be very difficult: I believe we can
easily do it for the generic/DB-based data sources by updating
`ZoneLoader` so it remembers the preload SOA and compares it to the
new one (then produce the corresponding log).

For in-memory, it seems possible by updating `ZoneWriterLocal`. Or,
if we do #2652 it’ll be covered by the general case.
2663 defect 1359117145675776 1396529423105366 xfrin medium vorner DNS Outstanding Tasks new b10-xfrin creates empty zone when first download fails When you:
1) Let b10-xfrin download a new zone (that doesn’t exist yet in the database)
2) Make the transfer fail (tried with validation, but I suspect broken transfer or TSIG will do the same effect)

The database will now contain a zone with no records in it. The zone is created outside of the transaction. When the transfer fails, the transaction that filled in some records is rolled back, but the zone stays. This probably also means the empty zone is present for the whole time when the zone is being downloaded (even when the download is then successful), which is a smaller problem than leaving it there forever, but it still doesn’t sound exactly right.
2664 task 1359122858102731 1365507266443189 Unclassified medium vorner new Gentoo ebuild for bind10 When we’re getting near the release, it is probably time to create a ebuild package for gentoo (and for all dependencies that are not in portage yet). They’d probably be happy to accept it to sunrise at least (repository with new programs for people interested in them).

Few notes:
* There are probably some flags that can be turned to use flags.
* Probably create as a slot, so it can be installed in parallel with bind9.
2668 defect 1359470768919605 1370403875269307 data source medium jreed new DATASRC_DATABASE_FIND_TTL_MISMATCH (BIND 9 is different from BIND 10) I noticed my logs had:

2013-01-25 07:13:17.494 WARN [b10-auth.datasrc/41040] DATASRC_DATABASE_FIND_TTL_MISMATCH TTL values differ in sqlite3_zone.sqlite3 for elements of bind10.isc.org./IN/RRSIG, setting to 3600

2013-01-25 07:13:17.495 WARN [b10-auth.datasrc/41040] DATASRC_DATABASE_FIND_TTL_MISMATCH TTL values differ in sqlite3_zone.sqlite3 for elements of bind10.isc.org./IN/RRSIG, setting to 3600


The server is a slave. The master is a BIND 9 server. The other BIND 9 slaves don’t modify the TTL.

There are some TTLs in the set that are 7200.

The log message should be modified to point to specification and explain clearly why BIND 10 is different than BIND 9.

2674 defect 1359629949359117 1360318276356631 Inter-module communication low vorner new Use data types consistently in isc::cc::Session The Session uses some binary integers in the wire protocol. However, it mixes the types on read and write, sometimes using `size_t`, sometimes `uint32_t` and sometimes `unsigned int`. The other length is sometimes `uint16_t` and sometimes `unsigned short`.

The python counterpart consistently uses the `U` and `H` modifiers to read and write them, so `uint32_t` and `uint16_t` should be used consistently in the C++ part too. Currently, it works mostly because of luck.
2675 task 1359643295139480 1360148794237669 Unclassified medium vorner new Get rid of the -v switches The -v switches of many our binaries are not working correctly. As discussed in the ML, we should get rid of them, since we are not clear on what they should be doing in the first place anyway.
2677 defect 1359647101840965 1363364542686411 build system medium UnAssigned stephen new General clang issues Whilst addressing #2673, I also noticed the following warnings. The environment was OSX 10.8 with clang 4.1:

‘’’src/lib/config’‘’

CXX ccsession.lo
ccsession.cc:345:32: warning:’&&‘within’
‘[-Wlogical-op-parentheses]
cur_name[0] '*' && cur_name[1] ’.‘) {
^~
ccsession.cc:345:32: note: place parentheses around the’&&‘expression to silence this warning
cur_name[0] '*' && cur_name[1] ’.‘) {
^
1 warning generated.


’‘’src/lib/asiodns’‘’

CXX libb10_asiodns_la-udp_server.lo
In file included from udp_server.cc:30:
In file included from ../../../src/lib/asiolink/udp_socket.h:31:
../../../src/lib/asiolink/io_asio_socket.h:347:37: warning: unused parameter ’data’ [-Wunused-parameter]
virtual void asyncReceive(void* data, size_t, size_t, IOEndpoint*, C&) {
:

(There are a number of these)


CXXLD libb10-asiodns.la
libtool: link: warning: `/opt/log4cplus/lib/liblog4cplus.la’ seems to be moved
clang: warning: argument unused during compilation: ‘-pthread’

The “-pthread” message appears at other points in the BIND 10 build, not just in src/lib/asiodns.


CXX run_unittests-dns_server_unittest.o
dns_server_unittest.cc:674:18: warning: expression result unused [-Wunused-value]
EXPECT_THROW(TCPServer(this>service, 0, AF_UNIX, this>checker_,
~~~~~~
/opt/gtest-1.5.0/include/gtest/gtest.h:1681:21: note: expanded from macro ‘EXPECT_THROW’
GTEST_TEST_THROW_

:

(There are a number of these)

When dealing with unavoidable warnings in a particular part of the build, we should decide whether we disable that particular warning (e.g. -Wno-unused-parameters) or disable the promotion of warnings to errors (-Wno-error).
2680 defect 1359700281082406 1360054324329427 Boss of BIND medium jinmei new shutdown cfgmgr later It’s better to shut down cfgmgr later than other normal modules
such as auth, xfrin, and whatnot on system shutdown. These modules
send a “stopping” message to cfgmgr, but if cfgmgr dies sooner, msgq
will encounter EPIPE on forwarding it to cfgmgr, leading to some of
the error logs discussed in #2617. It’s not actually critical, but
is not really clean and can be annoying.
2682 defect 1359723666367648 1359723666367648 dhcp6 low marcin DHCP Outstanding Tasks new DHCPv6 config parser accepts the creation of subnet without any address pool specified. This issue has come up during the execution of the v6.general.negative test located in the dhcp-val repo (tests/common).

The following config config file is accepted: v6.general.negative.3.cfg:

# Create a new subnet and do not specify the pool.

config add Dhcp6/subnet6
config set Dhcp6/subnet6[0]/subnet “2001:db8:1::/64”
config commit


IMO, having a subnet without a pool in general does not makes sense now . However the DHCP team may need some further discussions whether this is an issue that should be fixed or it is desired behaviour.

The same applies to the DHCPv4 configuration.
2683 task 1359730190846306 1360150371123630 documentation very low jwright new BIND10 guide: slightly misleading description of “-a” option for bindctl In Section 8.1," bindctl command-line options," it is stated that the -a <address> or —address=<address> option sets “IP address that BIND 10’s b10-cmdctl module is listening on. By default, this is 127.0.0.1.” In fact, leaving off the <address> part of the command results in an error:

bindctl: error: option requires 1 argument

I was expecting somehow that typing in “./bindctl a" or "./bindctl —address" would result in a session established on the default IP address, but I got the error instead. So, perhaps the wording should just be: "IP address that BIND 10’s b10-cmdctl module is listening on." Then, in a separate note above the 8.1 section, say something to the effect of "The default IP address that bindctl listens on is 127.0.0.1. This can be overridden with the "a” or “—address” options described below."
2684 enhancement 1359950854684865 1360676277290241 bind-ctl medium jwright new bindctl “config show” should show [all] as an option When I go into bindctl, and issue the command “config show,” the resulting help output should show that [all] is a valid parameter. Instead, it just outputs the following:

> config show
Stats/ module
tsig_keys/ module
data_sources/ module
Logging/ module
Boss/ module
Cmdctl/ module
Msgq/ module

[all] ‘’is’’ listed in Section 8.6.1 of the BIND 10 Guide, but the inline help should have it, too.
2685 enhancement 1359951011992870 1360148913576168 bind-ctl medium jwright new bindctl should pause printing output if that output exceeds 24 lines I’m running VirtualBox VMs of Ubuntu 12.04 server in text-only mode. That defaults to the standard 24 lines of output, and there is no option to scroll back in the console output. We should make bindctl pause its output with a “more”-type prompt when output exceeds 24 lines (for example, when I enter the command “config show all”).
2686 defect 1359985447377558 1377246743384592 bind-ctl medium jwright DHCP-QA Defects new Trying to bring up Kea server via instructions in BIND 10 Guide; fails I’m running BIND10/Kea latest (as of last week 01/28). I am attempting to bring up a DHCP v4 server per the instructions at http://bind10.isc.org/docs/bind10-guide.html#dhcp4. The commands fail:

> “login success”] login as too
> config add Boss/components b10-dhcp4
> config set Boss/components/b10-dhcp4/kind dispensable
> config commit
201302-03 23:40:52.722 ERROR [b10-cmdctl.cmdctl/1260] CMDCTL_COMMAND_ERROR error in command set_config to module COnfigManager: Component kind cannot be dispensable
Error: Component kind cannot be dispensable
Configuration not committed
>
2687 task 1359999032372395 1360148065475117 build system low jreed jreed assigned src/lib/python/isc/log_messages/work/init.py in tarball What is purpose of src/lib/python/isc/log_messages/work/init.py in the distributed tarball?

I received an off-list email about issue that the file is included but a “distclean” removes it. It is inconsistent.

Can someone explain src/lib/python/isc/log_messages/work/Makefile.am ?

It has python_PYTHON set, so this is added to DIST_COMMON (becomes part of tarball). I am guessing it should not use python_PYTHON. Anyways a ./configure generates it so shouldn’t be in the tarball.

But distclean removes it (is part of CONFIG_CLEAN_FILES).
2688 task 1359999345042955 1360072363206282 logging medium jreed new syslog by default I did an informal poll to see what should be default logging.
https://lists.isc.org/pipermail/bind-users/2013-January/089540.html

The majority believes that the BIND9 default of using syslog is a good default choice.

This ticket is to change the default in /src/bin/cfgmgr/plugins/logging.spec and comments in b10logging.py and fix documentation and lettuce (and other tests?) to use syslog by default.

It would be useful so we can have a consistent startup method. As for now, the output goes to console so packagers/users will need to define their own way to handle this.
2691 enhancement 1360147564380902 1364463352097481 sysinfo medium shane new Add support for Solaris in isc-sysinfo Add support for Solaris in isc-sysinfo. This is a sub-ticket of #2085.
2693 enhancement 1360150216295047 1360934802977317 sysinfo medium shane new isc-sysinfo should report unknown systems Since #2128 is complete we get generic information on unknown systems.

We should say “isc-sysinfo does not know how to report for system %s yet, please mail to get this system added”.

This is related to ticket #2085, although only loosely.
2694 defect 1360169989784482 1361175790908910 sysinfo low jreed new sysinfo and root note src/bin/sysinfo/sysinfo.py.in has statement if running as non-root:


NOTE: You have to run this program as the root user so that it can
collect all the information it requires. Some information is
only available to the root user.


I believe this is platform specific (like Linux using netstat -p).
But for NetBSD and some others running as root has no difference.

I think some setting in src/lib/python/isc/sysinfo/sysinfo.py can define if root is desired or not and the tool only output the note if set.
2695 defect 1360174074273001 1360676397523869 bind-ctl low bwynkoop@isc.org new bindctl error message wording awkward > config
Error! command name is missed
>

I believe a better wording would be “command name is missing” or the simpler and clearer “missing command name”
2706 task 1360609952554595 1373458069669143 documentation medium jinmei Next-Sprint-Proposed new describe how to run scan-build (clang static analyzer) It doesn’t seem to be a trivial task. We should show workable
instructions in wiki. See also #2665.
2707 defect 1360621685486751 1360676826509174 bind-ctl low bwynkoop@isc.org new bindctl Logging help not helpful > Logging help
Module Logging Logging options
Available commands:
help Get help for module.
>
bindctl help
2711 enhancement 1360662359347021 1373458475834490 cmd-ctl medium shane bwynkoop@isc.org new bindctl should be case-insenstive We discussed this quite some time ago:

http://bind10.isc.org/wiki/WeeklyMinutes20110705

But I can’t find a ticket about it.

bindctl should be case-insensitive (although possibly also case-preserving?)

See also ticket #2709.
2715 defect 1360666817651102 1366242822277493 bind-ctl medium cas new bindctl bails out on non ASCII characters bindclt bails out on non ascii characters (german Umlauts, French acute …)

It happens during login or on the command-line. It can be triggered by a user having non-ascii chars in the password or by mistyping on the keyboard.

bindclt should gracefully handle UTF-8 input.

Error message (password):

[root@inline bind10]# bindctl
Error reading saved username and password from /root/.bind10/default_user.csv: [Errno 2] No such file or directory: ‘/root/.bind10/default_user.csv’
[TEMP MESSAGE]: username :root password :bind10
Username:root
Password: Traceback (most recent call last):
File “/usr/local/bin/bindctl”, line 162, in
result = tool.run()
File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 149, in run
if not self.login_to_cmdctl():
File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 242, in login_to_cmdctl
passwd = getpass.getpass()
File “/usr/local/lib/python3.3/getpass.py”, line 71, in unix_getpass
passwd = raw_input
File “/usr/local/lib/python3.3/getpass.py”, line 132, in
raw_input
line = input.readline()
File “/usr/local/lib/python3.3/encodings/ascii.py”, line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: ‘ascii’ codec can’t decode byte 0xc3 in position 0: ordinal not in range(128)


Error message CLI:


[root@inline bind10]# bindctl
Error reading saved username and password from /root/.bind10/default_user.csv: [Errno 2] No such file or directory: ‘/root/.bind10/default_user.csv’
[TEMP MESSAGE]: username :root password :bind10
Username:root
Password:
[“login success”]
> help¿
Traceback (most recent call last):
File “/usr/local/bin/bindctl”, line 162, in
result = tool.run()
File “/usr/local/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 152, in run
self.cmdloop()
File “/usr/local/lib/python3.3/cmd.py”, line 126, in cmdloop
line = input(self.prompt)
UnicodeDecodeError: ‘ascii’ codec can’t decode byte 0xc2 in position 4: ordinal not in range(128)
2716 defect 1360667324886897 1363023870131914 Unclassified medium cas new password in ~/.bind10/default_user.csv is cleartext the password for bindctl is stored in clear text. Although the file is proteced by user permissions, it might end up where un-authoritized persons can read it (in a backup, disk removed from server etc).

if possible the password should be stored as a salted hash
2718 enhancement 1360672347014306 1360672347014306 dhcp medium marcin DHCP Outstanding Tasks new Stateless DHCP configuration: allow access to global options if subnets are not configured. The current version of the software does not allow access to global options if there is no subnet specified. In the stateless DHCP configuration it is possible that the subnet is not configured but still we may want to respond to the user with options that are globally configured.

With this change, the current way we access options through the subnet remains untouched. The additional feature is to provide an access to the global options storage so as the server can pick from them if there is no subnet configured.

This change is required for either DHCPv4 or V6.
2724 task 1360698285537921 1366409877231113 dhcp medium UnAssigned jwright DHCP Outstanding Tasks assigned DHCP Testing: Logging Write a description of the tests for section 2 (“Logging”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.)
The description and results should be attached to this ticket.
2725 task 1360698404085325 1366409930523893 dhcp medium UnAssigned jwright DHCP Outstanding Tasks assigned DHCP Testing: Configuration Write a description of the tests for section 3 (“Configuration”) of the Test Plan, and run them. (Ultimately the tests will be automated, but for the release of the 2012 work, the test is manual.)
The description and results should be attached to this ticket.
2727 enhancement 1360750871304543 1373458603992278 Unclassified medium cas new directories for scripts This is a feature request. I’m willing to implement and the feature if there is consensus that it is useful for the general userbase.

b10-cmdctl has the ability to execute scripts. in 1.0.0-beta, there is only one predefined script “init_authoritative_server”, which is hard coded in “command_sets.py”

The request is to provide two directories for storing scripts. One directory for BIND10 “internal” scripts, that will be refreshed if the BIND 10 software will be refreshed. One directory for “user-scripts”, that will not be touched during updates.

b10-cmdctl should read the scripts provided in these directories and monitor/poll these directories for changes and read new/changed scripts.

The scripts should be presented in bindctl, and should also be available through other interfaces / APIs

Script should have descriptive names and inline-documentation (maybe like Python doc-strings)

A script in the user directory with the same name as a script in the system directory should overlay the one in the system directory (only the user script visible). This will enable site administrators to provide customized versions of the system scripts.
2728 enhancement 1360751512443185 1373458690313673 Unclassified medium cas new configuration snapshots and restore This is a feature request. I’m willing to implement and the feature if
there is consensus that it is useful for the general userbase. However it possibly requires support in the core modules which I would need help with.

The idea is to provide commands (in bindctl and/or via other interfaces) to “snapshot” and “restore” a BIND 10 configuration. The snapshot should be able to save the whole configuration (all modules) or just single modules (like auth or dhcpv4). The snapshot should contain all the configuration but not the data (for DNS, the configuration of the server but not the zone list or zone content).

A similar “snapshot” function for data (DNS zones and DHCP scopes) might be useful, but is out of the scope of this request.

The user should be able to “name” a snapshot with a descriptive name. Optionally, snapshots should be secured by a password/pass-phrase and encrypted (could be done by external tools, such as “gpg”). Snapshots should also store a timestamp and the user that created the snapshot.

The user interfaces should have a function to enumerate the available snapshots and a function for the user to select and load a snapshot.

Loading/restoring a snapshot will replace the current running configuration with the configuration for the snapshot. It will not change DNS zone data or DHCP scope data.

The user interfaces should also provide functions to re-name and remove snapshots.
2729 defect 1360752293837680 1362490597771947 logging low cas new logging of configuration changes This might well be an “enhancement”, but in my view for a system with dynamic configuration like BIND 10 the absence of such a feature is a (minor) defect.

changes in the BIND 10 configuration should be send to the b10-cmdctl log channel

This is often required as an configuration audit trail by some industries (banking, pharmaceutical )

The log entry should contain:
* date and time
* username
* name of the changed configuration setting, example: Logging/loggers[0]/output_options[0]/flush
* old and new value: “true” -> “false”

Same should be logged for state changes (loading / unloading modules, starting / stopping components). (most state changes are logged but not the user name who initiated the state change, like with “Boss shutdown”).
2730 defect 1360758386877228 1362490646870730 Unclassified low cas new “config remove” should allow the same identifier as printed with “config show” The identifier for removing configuration items is different from the representation in “config show”.

The identifier for a list is show as “data_sources/classes/CH”, the identifier needed for “config remove” is “data_sources/classes CH”. That is confusing, and it prevents the use of copy and paste.

Example (real world):

> config show all
data_sources/classes/CH [] list
data_sources/classes/IN [] list
Logging/loggers[0]/name “*” string
Logging/loggers[0]/severity “DEBUG” string
Logging/loggers[0]/debuglevel 0 integer (default)
Logging/loggers[0]/additive false boolean (default)
Logging/loggers[0]/output_options[0]/destination “file” string
Logging/loggers[0]/output_options[0]/output “/var/log/bind10.log” string
Logging/loggers[0]/output_options[0]/flush false boolean
Logging/loggers[0]/output_options[0]/maxsize 204800 integer
Logging/loggers[0]/output_options[0]/maxver 8 integer
Cmdctl/key_file “/usr/local/etc/bind10/cmdctl-keyfile.pem” string (default)
Cmdctl/cert_file “/usr/local/etc/bind10/cmdctl-certfile.pem” string (default)
Cmdctl/accounts_file “/usr/local/etc/bind10/cmdctl-accounts.csv” string (default)
tsig_keys/keys [] list (default)
Boss/components/b10-stats/special null string
Boss/components/b10-stats/process null string
Boss/components/b10-stats/kind “dispensable” string
Boss/components/b10-stats/address “Stats” string
Boss/components/b10-stats/params [] list
Boss/components/b10-stats/priority null integer
Boss/components/b10-cmdctl/special “cmdctl” string
Boss/components/b10-cmdctl/process null string
Boss/components/b10-cmdctl/kind “needed” string
Boss/components/b10-cmdctl/address null string
Boss/components/b10-cmdctl/params [] list
Boss/components/b10-cmdctl/priority null integer
Stats/poll-interval 60 integer (default)
> config remove data_sources/classes/CH
Error! identifier in remove_value() does not contain a list index, and no value to remove
> config remove data_sources/classes
Error! identifier in remove_value() does not contain a list index, and no value to remove
> config remove data_sources
Error! identifier in remove_value() does not contain a list index, and no value to remove
> config remove data_sources/classes CH
> config commit
2731 defect 1360759987198017 1362490779398336 bind-ctl high cas new after removing modules, the modules still show in bindctl When modules are removed from the configuration, the modules still show in the “help” screens of bindctl.

Only after bindctl is closed and restarted again the module list is gone.

bindctl should update its internal list of modules on “config remove”

It is irritating to see modules that cannot be used in the list of available configurations.

Example:

> config remove /Boss/components b10-auth
> config remove /Boss/components b10-xfrin
> config remove /Boss/components b10-xfrout
> config remove /Boss/components b10-zonemgr
> config diff
{’Boss’: {’components’: {’b10-cmdctl’: {’kind’: ‘needed’, ‘special’: ‘cmdctl’}, ‘b10-stats’: {’kind’: ‘dispensable’, ‘address’: ‘Stats’
}
> config commit

> help
usage: [param1 = value1 [, param2 = value2]]
Type Tab character to get the hint of module/command/parameters.
Type “help(? h)” for help on bindctl.
Type “ help” for help on the specific module.
Type “ help” for help on the specific command.

Available module names:
help Get help for bindctl.
config Configuration commands.
execute Execute a given set of commands
Xfrout
Zonemgr
Logging Logging options
Cmdctl Interface for command and control
tsig_keys The TSIG keyring is stored here
Xfrin XFR in daemon
Auth Authoritative service
Boss Master process
Stats Stats daemon
data_sources
The sources of authoritative DNS data
2732 defect 1360760630613760 1362490926774612 bind-ctl medium cas new the logger configuration should validate the name property against a list of valid module.library names with the current (1.0.0-beta) logging configuration it is easy to create a non working logging configuration. the “name” property seem to allow any kind of text and is not validating the “name” against a list of valid modules and module.library pairs.

A misunderstanding of the concept of “name” (not a good name for the property, something like “selector” would be better) or a typo will create a logger configuration that silently fails. That is very hard to troubleshoot, esp. for logger configurations that will only produce log output in special error conditions.

a “config commit” should validate the “name” property and should report an error if the value does not match a possible valid “module.library” combination. The error should give information on how to obtain a list of all valid values for the “name” property.
2733 defect 1360761144501613 1362491059082595 configuration medium cas new it should be possible to use the module.library or module.function identifier printed in logs in the logger configuration the logger configuration and the logging output are using different names.

it should be possible to use the same “module.library” or “module.function” names that are printed in the log output in the logger configuration.

Example (this should be valid):

> config set Logging/loggers[1]/name “b10-boss”
should create the same configuration as
> config set Logging/loggers[1]/name “Boss”

having different identifiers for the same item is confusing and a source or errors (and support calls)
2734 enhancement 1360764331898419 1373458983238462 Unclassified medium cas new in the message documentation, list the module.library that creates the message in the message documentation “bind10-messages.html”, it would be useful to have information which module.library will cause this log message.

A operator of BIND 10 could scan through the document and decide on the messages log. For that she/he needs the knowledge which module.library pair to configure in the loggers “name” property to log the messages.
2735 defect 1360790995609993 1362491220378297 build system medium UnAssigned jreed new tests using outside components See http://git.bind10.isc.org/~tester/builder//BIND10-valgrind/20130213183503-CentOS5-x86_64-GCC/logs/unittests.out

The error was:


make[7]: Entering directory `/home/b10builder/builder/work/BIND10-valgrind/20130213183503-CentOS5-x86_64-GCC/build/src/lib/log/tests’
terminate called after throwing an instance of ‘isc::util::InterprocessSyncFileError’
what(): Unable to use interprocess sync lockfile (Permission denied): /home/jreed/pkgsrc/new/bind10/work/bind10-1.0.0-rc/logger_lockfile
/bin/sh: line 5: 6899 Aborted /bin/sh ../../../../libtool —mode=execute ${dir}$tst



This is user b10builder running a cronjob in a unique build (and install) directory. It tried to use a file from a different user in a different home!

I assume this was caused by this:

The test using python3.3 found in its default path:
/usr/pkg/lib/python3.3/site-packages/bind10_config.py
which has:


if “B10_FROM_SOURCE” in os.environ:

LIBEXECPATH = ‘:’.join([‘/home/jreed/pkgsrc/new/bind10/work/bind10-1.0.0-rc/src/bin/’ + p for p in


Ouch. We can’t assume that source location exists anymore. That is a temporary work directory — and it is not even the same version of BIND10! And we should never hardcode it in an installed file.
2736 defect 1360797436889212 1362491337089756 bind-ctl medium jreed new Allow new bindctl to work with old cmdctl, old cfgmgr
[“login success”] login as root
> Boss shutdown
Traceback (most recent call last):
File “/usr/local/bin/bindctl”, line 162, in
result = tool.run()
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 158, in run
self.cmdloop()
File “/usr/local/lib/python3.1/cmd.py”, line 138, in cmdloop
line = self.precmd(line)
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 348, in precmd
self.update_all_modules_info
File “/usr/local/lib/python3.1/site-packages/bindctl/bindcmd.py”, line 343, in
update_all_modules_info
self.config_data = isc.config.UIModuleCCSession(self)
File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 487, in init
self.update_specs_and_config()
File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 517, in update_specs_and_config
self.request_current_config()
File “/usr/local/lib/python3.1/site-packages/isc/config/ccsession.py”, line 508, in request_current_config
raise ModuleCCSessionError(“Bad config version”)
isc.config.ccsession.ModuleCCSessionError: Bad config version


I see this often when I upgrade. My upgrade method is to replace software while
still old is running.

If it is incompatible, at least a friendly message about it.
2739 enhancement 1360848124334750 1364305549436496 Unclassified high cas new when adding a master zone from a zone file, bindctl does not report errors if the zone cannot be loaded if a zone file cannot be loaded because of errors or incomplete support in the parser, bindctl does not report back any error.

2744 defect 1360876268119808 1363343684296820 cmd-ctl medium jreed new CmdctlException issues in TestSecureHTTPServer
Running test: cmdctl_test.py
………………………FF..
<br>FAIL: test_check_file (__main__.TestSecureHTTPServer)<br>----------------------------------------------------------------------<br>Traceback (most recent call last):<br> File "/usr/ports/new/bind10/work/bind10-1.0.0-rc/src/bin/cmdctl/tests/cmdctl_test.py", line 478, in test_check_file<br> self.assertRaises(CmdctlException, check_file, file_name)<br>AssertionError: CmdctlException not raised by check_file<br><br>
FAIL: test_check_key_and_cert (main.TestSecureHTTPServer)
———————————————————————-
Traceback (most recent call last):
File “/usr/ports/new/bind10/work/bind10-1.0.0-rc/src/bin/cmdctl/tests/cmdctl_test.py”, line 503, in test_check_key_and_cert
keyfile, certfile)
AssertionError: CmdctlException not raised by _check_key_and_cert


I saw this with FreeBSD 8.1-RELEASE amd64.
2745 enhancement 1360879509019289 1362491510975026 Unclassified medium cas new format of TSIG keys looks like a data format encoded inside a string The TSIG string format “name:base64secret:algorithm” is a data-format encoded inside a configuration string.

It would be more “clean” to have the fields mapped into a JSON map:


> config set tsig_keys/keys/example.com { secret “c2VjcmV0”, algorithm “hmac-md5” }


instead of


> config add tsig_keys/keys “example.com.:c2VjcmV0:hmac-md5”
2752 task 1360904231687926 1392811289878919 data source medium UnAssigned jinmei DNS Outstanding Tasks assigned define and implement ZoneDataUpdater::delete() It’s the delete operation version of `ZoneDataUpdater::add()`, takes
normal and RRSIG rrsets to be deleted from the zone.

Delete operation is trickier than add:
- when the node becomes empty, and if it’s a leaf node in the zone
(i.e., not empty non terminal), we should also delete the
corresponding tree node.
- If, as a result of the previous operation, the parent node of the
just-deleted tree node becomes empty, it should also be deleted.
This process continues recursively, toward the zone origin.
- But we shouldn’t delete the zone origin node (that’s the integrity
assumption of our implementation)

And, while implementing zone node deletion, we may find the need for
additional extensions to `DomainTree`.

All of these things may require breaking this feature into several sub
tasks, but at this moment I’m not sure.

It at least depends on #2750 and #2751.
2754 enhancement 1360930550728201 1362577680909209 configuration medium cas new bindctl config validation should print the configuration path that created an error After a long editing session, I want to commit the config and I get

> config commit
Error: Error in config validation: Unknown item filetype
Configuration not committed


as a user, I have no idea where this error occurs, there is no context.

The error message should print the config reference (path) where the error occurs

This is 1.0.0-rc
2755 enhancement 1360931289338099 1362577000016672 configuration medium cas new the use of “list” structures for configuration considered harmful configuration lists are very hard to deal with in BIND 10.

The index numbers change on additions and deletions, and the index number is not known in the beginning of a configuration session, it must first be looked up, which makes it impossible to change the values by scripting. In a large installation with thousands of zones, mapping zone configurations to index-numbers is very hard and error prone.

using named sets would be simpler to use, it would allow to script configuration changes

examples are
data_sources/classes/CLASS[]
Logging/loggers[]
Auth/datasources[]
Auth/listen_on[]


it would be simpler to reference the configuration items as named sets:

data_sources/classes/IN/sqlite3

or

Logging/loggers/boss-log/debuglevel

or

Auth/listen_on/192.0.2.53/port

or

Auth/datasources/memory/zones

List structures work well for configuration items that have no structure themselves (such as a list of IP addresses in an ACL).
2758 defect 1360944449204594 1362132245318248 dhcp medium jinmei DHCP Outstanding Tasks new util/io_utilities.h shouldn’t be used in production DHCP code See http://bind10.isc.org/ticket/2749#comment:2

dhcp6_srv.cc, etc, should use other (and safer) API instead of
this stuff.
2761 defect 1360956374813401 1363105284370978 bind-ctl medium cas new CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe on Init shutdown When I shutdown BIND 10 from bindctl “Init shutdown”, I’m getting this error and stack trace:


2013-02-15 20:23:59.178 ERROR [b10-stats.config/3471] CONFIG_SESSION_STOPPING_FAILED error sending stopping message: [Errno 32] Broken pipe
Traceback (most recent call last):
File “/usr/local/libexec/bind10/b10-cfgmgr”, line 131, in
2013-02-15 20:23:59.182 ERROR [b10-auth.cc/3470] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 2)
sys.exit(main())
File “/usr/local/libexec/bind10/b10-cfgmgr”, line 119, in main
cm.run()
File “/usr/local/lib/python3.3/site-packages/isc/config/cfgmgr.py”, line 600, in run
Traceback (most recent call last):
File “/usr/local/libexec/bind10/b10-stats”, line 687, in
msg, env = self.cc.group_recvmsg(False)
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 280, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 147, in recvmsg
return self.recvmsg(nonblock, seq)
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 135, in recvmsg
data = self.receive_full_buffer
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 217, in
receive_full_buffer
self.receive_len_data
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 177, in
receive_len_data
new_data = self.receive_bytes
File “/usr/local/lib/python3.3/site-packages/isc/cc/session.py”, line 165, in
receive_bytes
raise ProtocolError(“Read of 0 bytes: connection closed”)
isc.cc.session.ProtocolError: Read of 0 bytes: connection closed


Version 1.0.0-rc
2766 enhancement 1361113203054534 1362132247498937 dhcp4 medium cas DHCP Outstanding Tasks new reconsider the use of varbinary in database tables The dhcp4 component (maybe also the dhcp6 component) makes use of the varbinary datatype:

hwaddr varbinary(20) YES MUL NULL
client_id varbinary(128) YES MUL NULL

while this might give a performance benefit over text encoded fields, it makes working with common “off the shelf” database tools difficult, as the value stored is just a binary blob and hard for a user to work with.

if the performance penalty is not too big, the use of varbinary might be reconsidered in favor for a dataype that is easy to handle for users (e.g. typing into SQL statements in the mysql command line tool when searching for all leases of a certail client-id or hw-address).

searching for a hw-addr in an SQL database is quite a common task for DHCP administrators. A common text encoding (08:00:27:CB:AA:68) would make that task much easier.
2767 enhancement 1361113885337653 1362132249213775 dhcp4 medium cas DHCP Outstanding Tasks new dhcp option data format currently BIND 10 supports DHCP option data as CSV or Hex. In the future, other formats might be supported.

The proposal is to change
config set Dhcp4/option-data[0]/csv-format true

to
config set Dhcp4/option-data[0]/format csv
and
config set Dhcp4/option-data[0]/format hex

this scheme will allow for future extensions that support other format encodings other than hex or csv.

2769 task 1361214868405851 1362577876529766 xfrout medium jreed new document Xfrout/also_notify
2773 enhancement 1361272493216719 1361272493216719 dhcp medium marcin DHCP Outstanding Tasks new Implement remaining standard options for DHCP4 and 6 Currently a limited set of standard options is defined. In the same time the configuration parser prevents definition of standard options by the user. See: https://lists.isc.org/pipermail/bind10-users/2013-February/000443.html. In practice, this means that standard options which definitions are not added into the code are not usable.

Therefore, we need to add definitions of all remaining standard options so as users don’t need to add definitions themselves.
2774 task 1361277636447741 1380797308041960 libdhcp medium UnAssigned shane emhn@isc.org DHCP Outstanding Tasks assigned dhcp++.pc Our erstwhile Debian packager has suggested that having dhcp.pc would help out. We already have dns.pc, so I suppose this is not impossible. :)
2779 task 1361286748471177 1362577988048780 documentation medium jreed new distclean and removal of docs from release tarball We ship the generated docs (guide, messages manual, manpages) in the tarball because we don’t want to require more build dependencies (such as xsltproc, docbook stylesheets, html-to-text renderer, etc).

Currently DISTCLEANFILES is used for the generated docs. A “distclean” causes them to be lost so then a new make will (by default) will generate dummy docs.

My initial suggestion is to use MAINTAINERCLEANFILES so they are only removed on “make maintainer-clean”.

But later need to discuss better idea for generating these. Some ideas:

- include the generated files back in the GIT repo; and require they are built/committed using a consistent setup.

- require many new dependencies and don’t build dummy docs.

- use some more common format, like use some ROFF instead of docbook for guide and messages manual since the toolchain for this is generally already installed on all systems. Or some other simple plain-text markup language and provide simple python-tool in the repo to generate docs using it.
2783 defect 1361365300772915 1361365300772915 perfdhcp medium tmark DHCP Outstanding Tasks new Using -n to speifcy number of exhanges always yields x-1 exchanges, with 1 drop The n command line argument determines how many exchanges perfdhcp should execute. What one gets is always x-1 exchanges, and 1 drop. The following excerpt from stdout:

Running: perfdhcp
6 l eth1R 105 n 105r 1 x aeistT fe80::20c:29ff:fea5:954a
IPv6
rate[1/s]=1
clients=105
num-request[0]=105
drop-time[0]=1
drop-time[1]=1
aggressivity=1
:
:
Statistics for: SOLICIT-ADVERTISE
sent packets: 105
received packets: 104
drops: 1
orphans: 0

It seems as though it is not waiting for the last exchange to complete. Behavior is very consistent, happens for 2-packet or 4-packet,
4 or –6, for any value of .
2791 task 1361435442005700 1373459167483693 Inter-module communication medium vorner new Try to work around the multi-CC hacks in XfrIn and CmdCtl with regards to rpc_call The said modules have threads and have a inelegant hack because of them. They have one `ModuleCCSession` to listen for commands coming to them. But as this is blocking in one thread, the other threads use separate `CCSession` to send commands out (without any locking on it, which is dangerous, but a different issue).

However, the `rpc_call` method that should be used instead of low-level JSON handling and `group_sendmsg` + `group_recvmsg` pair, is available on `ModuleCCSession` only, so it can’t be used now.

Try to work around this by creating a `ModuleCCSession` instead of the second `CCSession` with `None` as the command handlers, etc. Do not start it. It might or might not work, see if there are any strange side effects. If it works, replace the low-level calls with the `rpc_call` method.
2792 enhancement 1361443256263826 1373459301487132 b10-auth medium y-aharen StatsRedesign new Implement per-RRtype statistics items Implement per-RRtype statistics items (were dropped from #2157). It may require to break-down into some tasks.
2793 enhancement 1361443259078792 1373459385877496 b10-auth medium y-aharen StatsRedesign new Add a capability to hold per-class basis statistics counters Support per-class basis statistics counters. It may require to break-down into some tasks.
2794 enhancement 1361443261745497 1373459391100518 b10-auth medium y-aharen StatsRedesign new Reconsider keyword SERVER for whole server statistics Reconsider keyword SERVER for whole server statistics. Maybe it needs some structure change of statistics not to use a magic keyword. It was suggested in the review of #2157.
2795 enhancement 1361443264320480 1373459396797896 b10-auth medium y-aharen StatsRedesign new Redefine compound query counters Redefine query counters (such as qrysuccess, qryauthans, authqryrej, etc.) to match the number of incoming queries. It was suggested in the review of #2157.
2798 enhancement 1361443271894500 1379394084112873 statistics medium UnAssigned y-aharen Next-Sprint-Proposed reviewing Add a log message that statistics is updated Put a debug log message when statistics is updated. It’s to ensure the statistics are updated at b10-stats in lettuce tests. It was suggested in the review of #2157.
2799 defect 1361455486932938 1363338169097575 statistics medium jreed StatsRedesign new stats lost Auth stats after removing some b10-auth components I did a Stats show on a very busy 1.0.0-rc auth server (with four b10-auth processes) and it had no Auth results and logs had:


2013-02-21 13:49:57.063 ERROR [b10-cmdctl.cmdctl/91214] CMDCTL_COMMAND_ERROR error in command show to module Stats: specified arguments are incorrect: owner: Auth, name: None


Older logs showed:


2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth
2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth
2013-02-15 14:45:33.884 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth
2013-02-15 14:45:33.885 WARN [b10-stats.stats/91217] STATS_RECEIVED_INVALID_STATISTICS_DATA received invalid statistics data from Auth


This happened less than a minute after I removed some b10-auth components. I had started with eight and removed four. I assume this caused the problem.

I restarted the server and now have Auth stats again.
2800 defect 1361456031421324 1362578403337402 logging medium jreed new Unable to lock logger lockfile The as112 server has too many ERRORs of Unable to lock logger lockfile 21:06:32.312 ERROR [b10-auth.auth/94095] Unable to lock logger lockfile
2012-12-19 21:41:23.189 ERROR [b10-auth.auth/95422] Unable to lock logger lockfile
2012-12-19 21:41:23.266 ERROR [b10-auth.auth/95428] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.cc/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.490 ERROR [b10-auth.server_common/63076] Unable to lock logger lockfile
2013-02-13 23:07:16.504 ERROR [b10-auth.auth/63078] Unable to lock logger lockfile
2013-02-13 23:07:16.504 ERROR [b10-auth.auth/63079] Unable to lock logger lockfile
2013-02-13 23:07:16.505 ERROR [b10-auth.auth/63075] Unable to lock logger lockfile
2013-02-14 21:48:20.046 ERROR [b10-auth.auth/55135] Unable to lock logger lockfile
2013-02-15 14:36:33.432 ERROR [b10-auth.auth/91220] Unable to lock logger lockfile
2013-02-21 13:50:33.346 ERROR [b10-auth.auth/39545] Unable to lock logger lockfile


This happens during startup. The server has multiple b10-auth components.

Notice it does not have a corresponding message ID so I can’t quickly read explanation.

Does it give up too soon?

Does this message mean I lost another log message?

How can it log this message if it can’t lock the file?
2801 defect 1361461919938740 1362578627327869 DDNS medium jreed new [b10-ddns] Warning: -v verbose option is ignored at this point. I enabled b10-ddns component and now get this:

[b10-ddns] Warning: -v verbose option is ignored at this point.

frequently. My ddns component keeps restarting, that is another ticket.

This ticket is simply about this log message is not going to configured logger.
2802 defect 1361468647905056 1362578675673042 documentation very low jreed new b10-certgen manual synopsis missing I didn’t explore yet.

SYNOPSIS
b10-certgen [[-]]

2803 defect 1361468892885221 1362578731288661 logging medium jreed new cfgmgr output not sent to defined log file bind10 1.0.0-rc was running and I sent Init shutdown to it. The following didn’t go to the defined log file:

2013-02-21 13:50:18.255 INFO [b10-cfgmgr.cfgmgr/91211] CFGMGR_STOPPED_BY_COMMAND received shutdown command, shutting down
2804 task 1361529402843576 1364307034136724 Inter-module communication medium vorner new Make sure the ModuleCCSession::groupRecvMsg in blocking mode works even when already started. When the session is started, an asynchronous read of size 0 is scheduled, to notify when some data come. After that, it checks for incoming command.

However, if groupRecvMsg is called after this, it also schedules an asynchronous read (and starts waiting for the read to finish). The two reads then get intermingled and confuse things, losing messages or crashing. We need to solve this, because the session is unusable for rpcCall (see #2768). Currently, auth keeps a second (plain) session, but that is ugly and the plain session doesn’t have the rpcCall.

I tried registering an asynchronous read (by groupRecvMsgAsync) and waiting for it to finish in the blocking method, but it didn’t work. I’d propose another solution. Cancel the asynchronous read of size 0 at the start of groupRecvMsg (if it was already started) and return it back after the groupRecvMsg ends.

After that, the rpcCall should be usable by auth, so the attached patch could be applied.
2805 enhancement 1361549656739085 1373459663781560 bind-ctl medium cas new separate “output-options” from the “logger” A request from the Feb 2013 Amsterdam BIND 10 training:

In the current Logging system (1.0.0) is is possible to have multiple loggers write to the same file. However, each logger requites its own “output-options”, with “maxsize” and “maxvar” that can be different.

BIND 9 solves this function better, by having the “channel” definition that is then connected to a “category”. The current “logger” configurations are like the BIND 9 categories, with “hardwired” channels.

It would be better to have the “output_options” separate from the loggers, and specify the output_option (maybe even named “channel”) with name in the Logger
2806 enhancement 1361549938475114 1373459920353970 logging medium cas new database “logger” a request from the Feb 2013 BIND 10 training in Amsterdam:

it would be nice to be able to write log information into a (SQL) database.

logging to an SQL database would make searching for certain messages easy, and it would ease the task of creating a management interface (web or gui)
2808 defect 1361552054035950 1362578871390089 logging medium jreed new duplicate IDs in bind10-messages.xml tools/system_messages.py function processAllFiles looks for all .mes files under the directory passed to it on the command-line. So it will include other .mes files that may be in same location.

This resulted in having duplicate IDs in the documentation for every ID for my build. This accident was shipped with the 1.0.0 release. While I should have had a more clean build tree. (I aborted a distcheck which left the duplicate source directory, generated the bind10-messages.xml and html, and ran a new distcheck which removed the old directory first.) This problem could happen to others different ways.

My suggestions:

1) The script says “However, this is an error - each ID should be unique in BIND-10.” So make the script error instead of appending the duplicates (n) like it does now.

or:

2) list all the know .mes files and only use them. This would be useful also so we can use make rules to regenerate the document if and only if one of them changed. The problem with this is we may forget to maintain the list. Currently there are around 35 message files.

or:

3) make the document generation per component. This would be useful especially since in the long run we would want the documents per different release tarballs (for example dhcp-libraries shouldn’t ship docs for b10-auth log messages). But for an all-in-one release like we have now, we can include them all into one huge document again, but would need the list of each again (as above).

It would be nice if these docs were available via a tool (like bindctl) by the way.
2809 task 1361561800863086 1368546000005335 cmd-ctl medium UnAssigned jreed assigned document the cmdctl REST interface This task is to document the cmdctl RESTful interface to explain basic interface, and maybe provide some examples.

I see:

/login

and

/module_name/command_name

And parameters to that are encoded in JSON as a map.

(I received a request for this at community meeting at Amsterdam over a year ago and via email this week.)
2810 enhancement 1361567125262481 1365512030850095 build system medium UnAssigned idl0r new Fix parallel build Hi there,

now, with that many changes and new features in BIND 10 I’d really like to see a proper build system that properly supports multiple build jobs.
The current build system (BIND 10, 9, …) doesn’t handle parallel builds well.

I think it’s nowadays very important as there are more and more multi-core/thread systems, not just on the x86 architecture.
Building BIND with a single job was and is still slow.

Either you should try to somehow fix the dependencies with autotools (I am not sure if that is properly possible at all) or you should consider switching to a different build system (cmake, please don’t consider any other :P).
I actually would prefer autotools above cmake but it might fit better for BIND.
2812 defect 1361721167631674 1364305880134960 build system medium UnAssigned cas new missing module “_ctypes” in Python3.1 from OpenCSW on Solaris 10 SPARC I’ve managed to compile BIND 10 without errors on Solaris 10 SPARC, but when I try to start “bind10” it stops with


bash-3.00# bind10
Traceback (most recent call last):
File “/usr/local/libexec/bind10/b10-init”, line 71, in
import isc.cc
File “/usr/local/lib/python3.1/site-packages/isc/init.py”, line 7, in
import isc.datasrc
File “/usr/local/lib/python3.1/site-packages/isc/datasrc/init.py”, line 10, in
import ctypes
File “/opt/csw/lib/python3.1/ctypes/init.py”, line 7, in
from ctypes import Union, Structure, Array
ImportError: No module named
ctypes


testing the import on the Python3 command line:

Python 3.1.2 (r312:79147, Sep 10 2011, 18:52:31) [C] on sunos5
Type “help”, “copyright”, “credits” or “license” for more information.
dlopen(“/opt/csw/lib/python3.1/lib-dynload/readline.so”, 2);
import readline # dynamically loaded from /opt/csw/lib/python3.1/lib-dynload/readline.so
>>> import ctypes
import ctypes # directory /opt/csw/lib/python3.1/ctypes
# /opt/csw/lib/python3.1/ctypes/init.pyc matches /opt/csw/lib/python3.1/ctypes/init.py
import ctypes # precompiled from /opt/csw/lib/python3.1/ctypes/init.pyc
Traceback (most recent call last):
File “”, line 1, in
File “/opt/csw/lib/python3.1/ctypes/init.py”, line 7, in
from ctypes import Union, Structure, Array
ImportError: No module named
ctypes


Maybe the configure script can test for all the Python modules imported, so that missing modules in Python can be detected early in the build process
2813 enhancement 1361781079211327 1373460088636525 bind-ctl medium cas new new command “config grep BIND 10 configurations can become large, larger than one screen. When working with “bindctl”, the output often scrolls out of the screen and the user must use the scroll back function of the terminal (if available).

This enhancement proposal is for a new bindctl command “config grep”. “config grep” will filter the output based on a simple or regex pattern.

Proposed format:

config grep <path
all> simple-pattern

a simple pattern is just a search term that will be matched

config grep <path
all> (regex-patterm)

if the search pattern is enclosed inside parentheses, the search-term is treated as a (Python) regular expression.

This might be a “low hanging fruit” enhancement for the existing bindctl
2814 enhancement 1361782787491108 1377858380721517 bind-ctl medium cas new new bindctl command “config clone the new command “config clone ” will make a deep copy of a branch of the configuration and will create a new configuration object at the same level. It can be used to clone loggers, datasources, subnets …

the command should not commit the config created.

the command should print out the full path of the configuration object created

Cloning an existing config part reduces the amount of manual typing required for new configurations.
2815 enhancement 1361782953062577 1373460419977639 bind-ctl medium cas new “config add” should print the object created after creating a new configuration object with “config add”, the user will need to fill this configuration. For this, the user must know the full identifier for the configuration object created.

the “config add” command should print out the full path of the configuration object created. That saves the user to execute an extra “config show” to get the information.
2816 defect 1361791891804815 1362579300622771 bind-ctl medium cas new applying “config add” on a non existing index crashes bindctl Happen twice in the Amsterdam class in Feb 2013:

Example:


> config add data_sources/classes/IN[2]
Traceback (most recent call last):
File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 214, in onecmd
func = getattr(self, ’do‘+ cmd)
AttributeError: ’BindCmdInterpreter’ object has no attribute ‘do_config’

During handling of the above exception, another exception occurred:

Traceback :
File “/opt/bind10/bin/bindctl”, line 162, in
result = tool.run
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 158, in run
self.cmdloop
File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 138, in cmdloop
stop = self.onecmd
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 513, in onecmd
Cmd.onecmd
File “/usr/local/Cellar/python3/3.3.0/Frameworks/Python.framework/Versions/3.3/lib/python3.3/cmd.py”, line 216, in onecmd
return self.default
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 478, in default
self.
parse_cmd(line)
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 676, in parse_cmd
self.
handle_cmd(cmd)
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 462, in handle_cmd
self.apply_config_cmd
File “/opt/bind10/lib/python3.3/site-packages/bindctl/bindcmd.py”, line 796, in apply_config_cmd
cmd.params.get)
File “/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 577, in add_value
cur_value,
= self.get_value(identifier)
File “/opt/bind10/lib/python3.3/site-packages/isc/config/config_data.py”, line 603, in get_value
value = self.get_default_value(identifier)
File “/opt/bind10/lib/python3.3/site-packages/isc/config/config_data.py”, line 522, in get_default_value
result = result[list_indices.pop(0)]
IndexError: list index out of range
2819 enhancement 1361808345179870 1373460786097123 bind-ctl medium cas Next-Sprint-Proposed new configuration file path relative to a BIND 10 “home directory” BIND 9 has this nice feature to be able to reference every path relative to an “home directory”. The home directory is set in “named.conf” in the options block:


options {
directory “/var/named”;
};


This feature really helps to keep a configuration system-independent, so that it can be moved from one system to another (even to a different platform with a different file system layout).

All BIND 10 configuration seems to be absolute when it comes to path- and file-names.

It would be good to have a similar way in BIND 10 to specify a “home directory” and to specify all path- and file-names relative to that home directory.
2820 enhancement 1361808705813708 1373461135273265 bind-ctl medium cas new system/platform independent BIND 10 configuration It would be a good feature if a BIND 10 configuration would be portable between platform and architectures, so that operators can copy or move a BIND 10 instance from Solaris to Linux or FreeBSD to MacOS X etc.

To make this possible care should be taken to not use more system specific information in the configuration as absolute necessary (like interface names etc).

It might not be possible to prevent platform specific information inside a configuration, but then it might be good if all platform dependent information is stored together (same configuration path) so that it can be found and changed quickly.
2822 enhancement 1361820189448805 1373461210868983 build system medium UnAssigned cas new remove dependecies to OpenSSL, use Botan instead Version 1.0.0 has an indirect dependency on OpenSSL through the use of “_ssl” in Python.

Having to install and maintain 2 different crypto libraries is not ideal for operators.

Maybe OpenSSL can be replaced by a Python binding to Botan. Botan seem to already have the seed for Python bindings.
2824 enhancement 1361868436275461 1373637618598593 data source medium cas new remove dependency for SQLite3 in core system the current system seem to have a dependency on SQLite3. It is not possible to use the DNS part with master zone files only, or the DHCP parts, on a system that does not have SQLite3 installed.

best would be if SQLite3 is only required if it is used for storage based on the configuration.

2828 task 1361999395012536 1373461610441407 build system medium UnAssigned jinmei Next-Sprint-Proposed new include examples in releases Currently only the m4 macros are included in the tar ball.

Since the expected users include possible external developer that uses
BIND 10 libraries, it’s better to include it.
2829 task 1362042090496848 1363166254383392 Inter-module communication medium vorner new Asynchronous read in python isc.cc or isc.config We may want to have some kind of read on the session with callback. It would be given some criteria on which messages are interesting and the call would be called when such message arrives.

See the groupRecvMsgAsync in C++ isc::config::ModuleCCSession.

This will be needed for proper notifications.
2830 task 1362121801914222 1372380544506458 Unclassified medium jinmei new meta: tickets for shared memory data source - memory segment extension: #2831
- backend extension/refactoring to data source clients: #2832, #2833, #2834, #2835, #2850, #2851, #2852, #2853, #2859, #2906, #2907, #2908, #2943, #2993, #3002
- (not directly in scope, but related) extensions to support applying
diffs in memory: #2750, #2751, #2752, #2912, #2913, #2914, #2915
- updates inside in-memory data source: #2836
- the memory manager (note: many of them need msgq updates): #2854 #2855, #2856, #2857, #2858, #2860
- b10-auth updates: #2861, #2862, #2863, #2916
- msgq and CC API updates: #2922, #2930, #2931, (#2932?)
- xfrin/ddns updates: #2864
- Others: #2865, #2867
- Handle memmgr restart: #3017, #3018, #3019
- Full reconfiguration: (#2866) #2918, #2919, #2920

Tentative milestones (a 6-sprint plan to complete):

- 1st sprint: 1st preparation work. this is mostly invisible to users,
but with #2851 we should be able to fix one known issue as a side
effect: being able to load zone from a file after a failure due to
load error (syntax error in zone file, etc): #2851, #2852, #2853 #2836, #2916, #2922, #2930
- 2nd sprint: 2nd preparation work. no user visible result: #2906, #2907, #2908, #2923, #2854, #2931 (#2943 should be here too)
- 3rd sprint: complete basic feature for b10-auth. still not fully
workable without memmgr, but at this point we should be able to play
with the feature using some quick hack script mocking the mgr
behavior: #2861, #2855, #2856, #2862, #2863, #2918
- 4th sprint: complete the shared memory support with data source reconfig: #2857, #2858, #2864 (depends on #3002, not in the milestones), #2919, #2920
- 5th sprint: make faster startup possible: #2912, #2913, #2914, #2915, #2750,
- 6th sprint: complete diff support and cleanup: #2751, #2752, #2867

See https://lists.isc.org/pipermail/bind10-dev/2013-April/004579.html
for more details of the milestones.
2838 enhancement 1362244242981591 1362251637730532 data source medium muks new Use AVL tree instead of red-black tree in DomainTree Aside from the better lookup performance that AVL trees have over red-black trees (at the expense of slower insert time), an implementation to delete nodes from the `DomainTree` when it is a red-black tree is going to be hairy because we no longer have a `NULL_NODE` and use NULL values instead.

There are many color combination cases that we will need to handle when deleting from a red-black tree. Each of these will require NULL testing before color testing and it will make our developers lose hair each time they have to look at this code.

So I propose we use an AVL tree instead of a red-black tree as the core data structure of the `DomainTree`. AVL trees are easier to understand, maintain code for, and also provide better lookup performance.

This bug is to test performance also, when switching from red-black to AVL trees.

We should implement this before #2750.
2839 enhancement 1362340748716861 1373461728194384 Unclassified medium cas new add dtrace probe hooks into BIND 10 (in the performance critical path) dtrace is a dynamic tracing tool pioneered at SUN and now available on Solaris, MacOS X and FreeBSD. There are also ports to Linux.

See http://dtrace.org

dtrace is a very good tool to find bottlenecks and the cause of performance issues in production deployments. dtrace probes in BIND 10 would minimize the (performance) impact of doing a dtrace session on BIND 10.

2840 enhancement 1362407115324920 1392917689044366 b10-auth medium UnAssigned cas DNS Outstanding Tasks reviewing RRL: implement a mitigation function against DNS amplifications attacks DNS amplification attacks are a real pain for DNS server operators. The amount of these attacks has increased in the last months

BIND 9, NSD and Knots are now implementing DNS response rate limiting.

(I know some ) DNS operators would consider deploying BIND 10 on production systems, but are held back by the lack of a mitigation function against DNS amplification attacks.

BIND 9 Response Rate Limiting Patch by Paul Vixie and Vernon Schryver:
http://www.redbarn.org/dns/ratelimits

NLnetLabs and Univ of Amsterdam:
“Defending against DNS reflection amplification attacks”
http://www.nlnetlabs.nl/downloads/publications/report-rrl-dekoning-rozekrans.pdf

Lutz Donnerhacke - DNS dampening:
http://lutz.donnerhacke.de/eng/Blog/DNS-Dampening
rrl
2841 defect 1362518677768833 1363107485345839 build system medium UnAssigned jinmei new deal with inet_pton that doesn’t recognize AF_INET6 I’ve received a feedback from a user who tried to build and used BIND 10.
The OS is CentOS6 (reportedly), disables IPv6 in the kernel, and
apparently its inet_pton doesn’t recognize AF_INET6 (not sure it’s
related to the kernel support of IPv6; API-wise it should be
independent).

This caused at least two known issues:

- some test data (generated by src/lib/util/python/gen_wiredata.py)
can’t be generated because the genetator script fails to create AAAA
rdata.
- b10-resolver (and I suspect b10-auth also) failed to start up
because its default config has ::1/53 for listen_on, which is
considered a syntax error.

I’m not sure whether we want to help such environment; it seems to me
inet_pton that doesn’t recognize AF_INET6 is so broken and wouldn’t
be worth introducing another layer of complexity in our code. But if
such a deployment is actually not so uncommon, we may have to do
something in our side.

Based on discussions at the Mar12 2013 team call, specific suggestion
is:
- Do #2842 (this will “hide” the first problem for most ordinary users)
- Document the second issue with workaround somewhere

Regarding the second (the main task of this ticket), my suggestion is
to update the description of SRVCOMM_EXCEPTION_ALLOC log message which
currently reads:

The process tried to allocate a socket using the socket creator, but an error
occurred. But it is not one of the errors we are sure are “safe”. In this case
it is unclear if the unsuccessful communication left the process and the bind10
process in inconsistent state, so the process is going to abort to prevent
further problems in that area.

This is probably a bug in the code, but it could be caused by other unusual
conditions (like insufficient memory, deleted socket file used for
communication).

so it will mention the issue. As a workaround we should be able to
avoid it by editting the installed resolver/auth.spec excluding IPv6
addresses from listen_on. We document it there, too. And provide
some text in ChangeLog.
2842 enhancement 1362518960954718 1364779628194735 build system medium UnAssigned jinmei new build option to disable any test related things See #2841. Aside from its own problem of inet_pton, it occurred to me
that it may make sense to allow users to skip building anything
related to tests. Most end users don’t care to run these tests, so
skipping these tests will help reduce build time further, and it will
also help avoid portability or other build time issues that only
happen for test only things.

Specifically, we’d add a new ./configure option, e.g.,
`—without-tests`. If it’s specified we don’t build anything under
“tests” directories (so, gtests are built only when both
`—with-gtest(-source)` and `—with-tests` are specified).

`—without-tests` shouldn’t be specified by default for development
branches and git master, but we’ll specify it by default for releases.
2844 defect 1362748480154830 1380120395304149 bind-ctl medium wlodekwencel DHCP-QA Defects new execute file fails with subnet options I have config file:

config add Dhcp6/subnet6
config set Dhcp6/subnet6[0]/subnet “3000::/64”
config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ]
config commit

config add Dhcp6/subnet6[0]/option-data
config set Dhcp6/subnet6[0]/option-data[0]/name “preference”
config set Dhcp6/subnet6[0]/option-data[0]/code 7
config set Dhcp6/subnet6[0]/option-data[0]/space “dhcp6”
config set Dhcp6/subnet6[0]/option-data[0]/csv-format true
config set Dhcp6/subnet6[0]/option-data[0]/data “123”
config commit


Entered directly works properly, but execute file fails with error:

Error: No item 0 in subnet6[0]

Depending on the contents of the script, and which
commands it has called, there can be committed and
local changes. It is advised to check your settings
, and revert local changes with “config revert”.


but when config is divided to two different files:
first:

config add Dhcp6/subnet6
config set Dhcp6/subnet6[0]/subnet “3000::/64”
config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ]
config commit

second:

config add Dhcp6/subnet6[0]/option-data
config set Dhcp6/subnet6[0]/option-data[0]/name “preference”
config set Dhcp6/subnet6[0]/option-data[0]/code 7
config set Dhcp6/subnet6[0]/option-data[0]/space “dhcp6”
config set Dhcp6/subnet6[0]/option-data[0]/csv-format true
config set Dhcp6/subnet6[0]/option-data[0]/data “123”
config commit

then execute file works.

There is no error with:
config add Dhcp6/option-data (even with couple ‘config commit’ in it)
only when applying option to specific subnet:
config add Dhcp6/subnet6[0]/option-data
bindctl, execute file, subnet option
2845 defect 1362755665709614 1394117227665666 b10-auth medium shane DNS Outstanding Tasks new CC_TIMEOUT perhaps related to unauthorized NOTIFY? I got some ERROR messages on my slave server, during normal operations.


2013-03-08 16:02:14.356 INFO [b10-xfrin.xfrin/23059] XFRIN_NOTIFY_UNKNOWN_MASTER got notification to retransfer zone time-travellers.nl.eu.org/IN from 192.16.192.99:53, expected [2001:610:719:1::5]:53
2013-03-08 16:02:14.536 INFO [b10-xfrin.xfrin/23059] XFRIN_XFR_TRANSFER_STARTED IXFR transfer of zone time-travellers.nl.eu.org/IN started
2013-03-08 16:02:14.625 INFO [b10-xfrin.xfrin/23059] XFRIN_IXFR_TRANSFER_SUCCESS incremental IXFR transfer of zone time-travellers.nl.eu.org/IN succeeded (messages: 1, changesets: 2, deletions: 11, additions: 21, bytes: 3164, run time: 0.262 seconds, 12081 bytes/second)
2013-03-08 16:02:18.370 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel
2013-03-08 16:02:18.372 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-03-08 16:02:18.372 ERROR [b10-auth.cc/23060] CC_LENGTH_NOT_READY length not ready
2013-03-08 16:02:18.372 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready
2013-03-08 16:02:33.367 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel
2013-03-08 16:02:33.367 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-03-08 16:02:33.367 ERROR [b10-auth.cc/23060] CC_LENGTH_NOT_READY length not ready
2013-03-08 16:02:33.368 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: ASIO read: data length is not ready


I’m not sure, but it looks like perhaps the fact that the host is dual-homed (IPv4 and IPv6) but only has the master configured on one address (IPv6) is causing problems.

The zonemgr ‘’’‘’IS’‘’’’ running, and everything is working normally… except for those errors.
2846 defect 1362969503993037 1364306342165076 tests low muks new UniformRandomIntegerGeneratorTest.IntegerRange failure on Debian `UniformRandomIntegerGeneratorTest.IntegerRange` failed on Debian:

[ RUN ] UniformRandomIntegerGeneratorTest.IntegerRange
../../../../../src/lib/util/tests/random_number_generator_unittest.cc:85: Failure
Value of: max() - min() + 1
Actual: 10
Expected: it - numbers.begin()
Which is: 9
[ FAILED ] UniformRandomIntegerGeneratorTest.IntegerRange (0 ms)


Though this is not easily reproduced, because this is a uniform random number generator and the test expects a uniform distribution, this points to a bug in code.

Report: http://git.bind10.isc.org/~tester/builder/BIND10-distcheck/20130311012502-DebianLinux-x86_64/logs/distcheck.out
2847 task 1363035292202704 1364779698043494 data source medium jinmei new mutable version of DomainTree::find() To support deleting RRsets from in-memory data source we need to be
able to find the corresponding `DomainTree` node, and for that
we need a mutable version of the find() method.

In the expected scenario we don’t need tricky features like partial
match, wildcard or zone cut handling, so we could either share the
code with insert() or write a dedicated method (which would
essentially be a small subset of insert() and should be quite simple).
2848 defect 1363160643204076 1394442225040780 cmd-ctl medium champion_xie new b10-cmdctl-usermgr unhelpful output if command missing #./b10-cmdctl-usermgr
Error: no command specified

when i copy the file what build done to the directory $PREFIX/etc/bind10
so the commmand cant not excute

i hope that give me help

Best Regards
champion_xie
2858 task 1363331959117730 1392811334537890 shmem manager medium UnAssigned jinmei DNS Outstanding Tasks assigned memory manager update processing (Revised, based on more details of resulting #2854, although the
details may even change more after review, especially about how we
handle full data source reconfiguration).

Subtask of #2830. Depend on #2857 and #2931.

In this (revised) task, we implement membership management for the
`MemoryReaders` group and exchanges between the memmgr and readers
(whether it’s initial phase or subsequent updates doesn’t matter).

As described in http://bind10.isc.org/wiki/SharedMemoryIPC, we’ll use
“segment_info_update” and “segment_info_update_ack” messages
(commands). Commonly used parameters of these messages are:
- generation-id (int): the generation ID of the corresponding
configuration. for now (until we support whole datasource
reconfiguration), it’s just a placeholder, would always be set to 0
by the sender and ignored by receivers.
- data-source-name (str): the data source name
- data-source-class (str): textual representation of the RR class of
the data source, e.g, ‘IN’

In addition, the “segment_info_update_ack” message has an additional
parameter:
- segment-params (dict): segment-type specific parameters. only
memmgr and `ZoneTableSegment` implementations know its meaning;
readers will handle it as opaque data.

The ‘loadzone’ command from other modules such as xfrin would take the
following parameter:
- generation-id (int): same as that for segment_info_update for now.
- data-source-name (str): the data source that stores the updated zone
- class (str): the RR class of the zone to be loaded (should be
consistent with the data source)
- origin (str): the origin name of the zone to be loaded

Then update `Memmgr` class as follows:
- update `_setup_module()` to register notification for the `MemoryReaders`
group (this needs #2931), and then add pre-existing readers to all
`SegmentInfo` objects (this should be done after add_remote_config).
- complete the `handle_builder_result` method:
}}
- introduce `_mod_command_handler` for the ‘loadzone’ command from
other modules, and ‘segment_info_update_ack’ message
from readers. the former case would look like:
}}
and the latter would look like:
}}
- add `
handle_update_ack()` method. this would be called from
`_mod_command_handler()` to handle ‘segment_info_update_ack’:
#!python
def handle_update_ack:
# identify the SegmentInfo, then move the reader to the ‘current’ set
cmd = sgmt_info.sync_raeder # it will update state
if cmd is not None:
# send it to the builder

- add `
handle_reader_notify()` method: this is the callback for
group membership notifications (see above):
#!python
def _handle_reader_notify:
if params[0] 'subscribed':<br> reader_id = params[1]['client']<br> for sgmt_info in \<br> self._datasrc_info_list[0].segment_info_map.values():<br> sgmt_info.add_reader(reader_id)<br> param = sgmt_info.get_reset_param(READER)<br> if param is not None: # this can be None in init stage<br> # send segment_info_update command to the reader<br> # with 'param' (and data source name, etc)<br> elif params[0] ‘unsubscribed’:
reader_id = params[1]
for sgmt_info in br> self.
datasrc_info_list[0].segment_info_map.values():
cmd = sgmt_info.remove_reader(reader_id)
if cmd is not None: # this triggers SYNCHRONIZING=>COPYING
# send it to the builder

2860 task 1363332198769446 1394117471904974 shmem manager medium jinmei DNS Outstanding Tasks new optimize initial load: update memmgr Subtask of #2830. Continuation of #2859. Also depend on #2856.

Using the #2859 extension, we complete the optimization. Revise the
memmgr initialization so it first checks the existence of the mapped
file, and if it does, open (reset) it in the READ_WRITE mode instead
of CREATE. If the existing file contains the latest version of the
zone, reset_memory_segment() says so and it doesn’t have to actually
(re)load it.
2863 task 1363332423403147 1394117241160218 b10-auth medium jinmei DNS Outstanding Tasks new handle “segment_info_update” message in b10-auth Subtask of #2830. Depend on #2862.

In this task, we’ll implement the b10-auth side of message exchanges
with memmgr as described in
http://bind10.isc.org/wiki/SharedMemoryIPC

The work at b10-auth is quite simple: for each specified name of
data source, call `ConfigurableClientList::resetMemorySegment`
in the READ_ONLY mode.

If this is during the initial setup, check if all segments are INUSE,
and (if holding off until this point), start listening to queries.
2864 task 1363332526476562 1396529433211114 xfrin medium jinmei DNS Outstanding Tasks new xfrin and ddns update Subtask of #2830. Depends on #3002.

Update these modules so they send the loadzone command to memmgr in
addition to auth.

Also make sure b10-auth effectively ignores the command for mapped
segments, and memmgr ignores it for local segments.
2865 task 1363332569983397 1373462270928476 tests medium jinmei new Lettuce tests with memmgr Subtask of #2830.

Write at least some basic cases: initialization and update.
2867 task 1363332744517096 1373462299621715 Unclassified medium jinmei new Other cleanups for shared memory support Subtask of #2830

This is a placeholder for any cleanups, deferred tasks,
clarifications, etc.

Maybe give some high number as a placeholder.
2868 task 1363334304781216 1363334304781216 configuration medium jinmei new design for realistic config-ng We’ll need to do some amount of improvements in this area
now that we are having complaints from users. Realistically
we won’t have enough time for total redesign and reimplementation,
but it would also not effective to try each specific issue
case by case basis. So we’ll need some middleground approach.

This ticket intends to have a concrete proposed plan for this
work.
2876 task 1363594763812978 1392917586979419 resolver medium vorner DNS Outstanding Tasks new Consolidate the resolver multi-core research Once the #2873, #2874 and #2875 are done, review them to see they measure the same load (eg. that one is not doing less work than the others because some part of the fake resolution is forgotten). Then run them with reasonable number of threads on multi-core machine (do we have a machine with very high number of cores?) and see what scales how, what is how complex to code for, etc.
2880 defect 1363793349749761 1373462516899440 Unclassified medium shane shane assigned b10-stats timeout on cc session I just checked the log on my server and see the following:


2013-03-17 20:56:27.858 INFO [b10-xfrin.xfrin/25980] XFRIN_NOTIFY_UNKNOWN_MASTER got notification to retransfer zone time-travellers.nl.eu.org/IN from 192.16.192.99:53, expected [2001:610:719:1::5]:53
2013-03-17 20:56:29.030 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel
2013-03-17 20:56:29.101 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
2013-03-17 20:56:29.113 ERROR [b10-auth.cc/23060] CC_TIMEOUT timeout reading data from command channel
2013-03-17 20:56:29.149 ERROR [b10-auth.auth/23060] AUTH_ZONEMGR_COMMS error communicating with zone manager: Timeout while reading data from cc session
Traceback (most recent call last):
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 218, in receive_full_buffer
self.
receive_len_data()
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 178, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 164, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/opt/bind10/libexec/bind10/b10-stats”, line 707, in
stats.start
File “/opt/bind10/libexec/bind10/b10-stats”, line 401, in start
self.do_polling
File “/opt/bind10/libexec/bind10/b10-stats”, line 271, in do_polling
value = self.mccs.rpc_call
File “/opt/bind10/lib/python3.1/site-packages/isc/config/ccsession.py”, line 533, in rpc_call
reply, rheaders = self.
session.group_recvmsg(nonblock=False, seq=seq)
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 301, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 136, in recvmsg
data = self.receive_full_buffer
File “/opt/bind10/lib/python3.1/site-packages/isc/cc/session.py”, line 233, in
receive_full_buffer
raise SessionTimeout(“recv() on cc session timed out”)
isc.cc.session.SessionTimeout: recv() on cc session timed out
2013-03-17 20:56:49.245 INFO [b10-init.init/22470] BIND10_PROCESS_ENDED process 14657 of b10-stats ended with status 256
2013-03-17 20:56:49.282 ERROR [b10-init.init/22470] BIND10_COMPONENT_FAILED component b10-stats (pid 14657) failed: process exited normally with exit status 256
2013-03-17 20:56:49.297 INFO [b10-init.init/22470] BIND10_COMPONENT_START component b10-stats is starting
2013-03-17 20:56:49.301 INFO [b10-init.init/22470] BIND10_STARTING_PROCESS starting process b10-stats
2013-03-17 20:56:50.712 INFO [b10-stats.stats/31674] STATS_STARTING starting


This same error also happened a few days earlier (2013-03-14 19:41:39.126).
2885 defect 1364202046832240 1364316973099609 data source medium shane new DATASRC_MEMORY_CHECK_WARNING on chaos zone With the latest Git version, I get a clean startup, except for the following warning message:


2013-03-25 08:10:45.996 WARN [b10-auth.datasrc_memory/8734] DATASRC_MEMORY_CHECK_WARNING BIND./CH: zone BIND/CH: NS has no address records (A or AAAA)


We need a way to disable this.
2886 defect 1364297391101974 1364312892548505 dhcp6 low wlodekwencel DHCP Outstanding Tasks new dhcpv6 confirm - reply When I implemented some new tests for dhcpv6, I found that kea6 respond with invalid REPLY message after receiving invalid CONFIRM.

Attached file is wireshark session with exchange of messages.
confirm, reply dhcpv6
2889 task 1364383699485440 1364383699485440 dhcp4 medium tmark DHCP Outstanding Tasks new Derive requirements from RFC2131, Section 4.3 During creation of the v4 robustness tests (Trac #2600), it became apparent that there is a lack of clear requirements for proper behavior. Expand section 4.3 of RFC 2131 into a set of simple requirements, then create a ticket to check the code and tests against those requirements.
2890 task 1364385826674349 1364386224645060 dhcp4 medium tmark DHCP Outstanding Tasks new Resolve disparaties between ISC_DHCP and b10-dhcp4 in packet handling During v4.robustness test creation (Trac# 2600) disparities between how ISC_DHCP and b10-dhcp4 respond to certain packet content came to light. For example:

1. In response to a DHCPREQUEST, sent to a server at 172.16.1.1, with giaddr=172.16.1.4, no ciaddr, and request address of 186.16.1.18 ISC_DHCP sends a NAK, while b10-dhcp4 sends an OFFER.

2. In response to a DHCPREQUEST, sent to a server at 172.16.1.1, with no giaddr of 172.16.1.4, no ciaddr, and no request address, ISC_DHCP finds no matching lease and does not respond, b10-dhcp4 responds with an OFFER.

3. In response to a DHCPDISCOVER with relay agent option set o “blah blah blah”, ISC_DHCP detects invalid packet via parsing error, while b10-dhcp4 extends an offer.


Trac# 2889 was created to codify requirements for RFC2131, Section 4.3. In conjunction with that effort identification reconciliation of differing behavior between of ISC_DHCP and b10-dhcp4 to various packet content should be conducted.

This should include codification of what is and is not a valid inbound packet.
2893 enhancement 1364549540546197 1397640730796484 dhcp4 low marcin DHCP Outstanding Tasks new Direct DHCPv4 traffic on BSD Implement server capability to respond directly to the DHCPv4 client which doesn’t have address yet. This task is purly focused on enabling this functionality on BSD systems.
2894 enhancement 1364549596409333 1364549596409333 dhcp4 medium marcin DHCP Outstanding Tasks new Direct DHCPv4 traffic on Solaris Implement server capability to respond directly to the DHCPv4 client which doesn’t have address yet. This task is purly focused on enabling this functionality on Solaris.
2895 defect 1364833554382033 1364833554382033 data source medium jinmei new delete record from DB datasrc should use actual column values for rdata In `DatabaseUpdater::deleteRRset()`, we pass the underlying datasrc
accessor textual form of each RDATA to be deleted. The textual RDATA
is converted from the `RRset` object passed to `deleteRRset()`.

I’m afraid this is fragile, because some RDATA can be case insensitive
in their textual representation while some others cannot, and so the
text would be compared in case-sensitive manner at the DB layer (which
is the case of our SQLite3 schema and implementation). So, for
example, if an NS RDATA is stored in the DB as “NS.EXAMPLE.COM.” and
we try to delete it via `deleteRRset()` specifying it as
“ns.example.com.”, this wouldn’t work (and it actually doesn’t for our
SQLite3 data source).

(Note: theoretically, it could happen for other columns (e.g. a single
domain name can have several different representations), but I suspect
it’s much less likely to happen in practice for other fields.)

So I propose revising `deleteRRset()` as follows:

- For each RDATA to be deleted, it first gets the underlying textual
representation in the DB using `DatabaseAccessor::getRecords()`
- Then call `DatabaseAccessor::deleteRecordInZone()` with the string
retrieved in the first step
- We should probably report it as an exception if not all specified
RDATA are found in the DB in the first step.
2896 defect 1364868353569608 1366910315401581 Boss of BIND low jreed jreed reviewing change some bind10 process logging from info to debug By default, logging for shutting down or stopping processes is too verbose. For example:

2013-03-27 22:13:53.397 INFO [b10-init.init/11860] BIND10_COMPONENT_STOP component b10-cmdctl is being stopped
2013-03-27 22:13:53.405 INFO [b10-cmdctl.cmdctl/11867] CMDCTL_EXITING exiting
2013-03-27 22:13:54.409 INFO [b10-init.init/11860] BIND10_PROCESS_ENDED process 11867 of b10-cmdctl ended with status 0


jinmei and I discussed this and we think that BIND10_COMPONENT_STOP and BIND10_PROCESS_ENDED can be debug.

Here is a patch:

diff —git a/src/bin/bind10/init.py.in b/src/bin/bind10/init.py.in
index e57971a..4ad33c5 100755
— a/src/bin/bind10/init.py.in
+ b/src/bin/bind10/init.py.in
@ -821,8 +821,8 @ class Init:
if pid in self.components:
# One of the components we know about. Get information on it.
component = self.components.pop
- logger.info, pid,
- exit_status)
logger.debug, pid, exit_status)
if component.is_running and self.runnable:
# Tell it it failed. But only if it matters . It is either a core
@ -132,9 +133,10 @ descriptor. The error is mentioned, most common reason is that the request
is invalid and may not come from bind10 process at all.

BIND10_PROCESS_ENDED process 2 of 1 ended with status 3
This indicates a process started previously terminated. The process id
and component owning the process are indicated, as well as the exit code.
-This doesn’t distinguish if the process was supposed to terminate or not.
This debug message indicates a process started previously terminated.
The process id and component owning the process are indicated, as
well as the exit code. This doesn’t distinguish if the process
was supposed to terminate or not.

% BIND10_READING_INIT_CONFIGURATION reading b10-init configuration
The b10-init process is starting up, and will now process the initial
diff —git a/src/lib/python/isc/bind10/component.py b/src/lib/python/isc/bind10/component.py
index 2efb376..d758daf 100644
— a/src/lib/python/isc/bind10/component.py
+ b/src/lib/python/isc/bind10/component.py
@ -198,7 +198,7 @ class BaseComponent:
# of scope of unittests.
if not self.is_running:
raise ValueError
- logger.info)
logger.debug(DBG_TRACE_DATA, BIND10_COMPONENT_STOP, self.name())
self._state = STATE_STOPPED
self.
stop_internal()


Maybe an additional logging for warning could be added if the exit value is not 0.
Also I didn’t think much about the debug level.

Is this okay?

A Changelog entry could be: [func]*
b10-init logging identifiers BIND10_COMPONENT_STOP and BIND10_PROCESS_ENDED changed from INFO category to DEBUG so shutdown logging by default will be less noisy.
2897 enhancement 1364987043718973 1373637670650345 Unclassified medium shane new BIND should log zone serials along with zone name for xfer-in, xfer-out and notify Joe Abley suggested this for BIND 9, and it makes sense for BIND 10 too:


Hi,

Feature request: please make BIND9 include the zone serial number for:

- log messages concerning NOTIFY messages received
- log messages concerning NOTIFY messages sent
- log messages concerning AXFR responses sent (xfer-out)
- log messages concerning AXFR responses received (xfer-in)

Thanks,


Joe


While we don’t get the zone serial in a NOTIFY as far as I know, we could log the serial that the slave has when it gets the NOTIFY (although we need to be careful that the log message is clear about ‘’which’’ serial we are logging).

We have nice information with zone transfers, it seems weird that we didn’t think to include such basic information. :)
2900 defect 1365088176786513 1392667618961264 logging medium muks new Investigate and fix mixed and missing log messages This is a ticket created after #2198 has been merged.

Even with a mutex lock to mutually synchronize threads, we still see the mixed and missing log messages. The latest observation is that writes between lock…unlock seem to be buffered and happen later after the unlocks happen.

This especially seems to be triggered by the lettuce tests, where BIND 10 output is redirected using `subprocess.Popen`.

This is a ticket to investigate this behaviour, and fix the problem.

Consider this as a meta ticket, keeping track of the issue until the
final resolution.

The currently suggested development subtask is #3000
2910 defect 1365685367214391 1392917482609524 resolver medium jreed DNS Outstanding Tasks new RESOLVER_QUERY_DROPPED and RESOLVER_QUERY_REJECTED should not be INFO By default, RESOLVER_QUERY_DROPPED and RESOLVER_QUERY_REJECTED are INFO level. This can be very noisy. For example, on one abused system, I am getting multiple each second using the same IP and port.

Let’s move this from INFO to some DEBUG level.

As part of this ticket, please also document how to log just these specific details when desired. (If that is not possible, please open a new ticket.)
2912 task 1365715105049245 1366652046884911 data source medium jinmei new make in-memory zone data loader a class This is a first step to make it possible to apply a set of diffs
of a zone from a `ZoneJournalReader` into in-memory zone data
(so we can reflect IXFR/DDNS changes more quickly, and also eventually
use it at start up time with mapped memory segment).

Specifically, we’ll make the `ZoneDataLoader` class defined in
memory/zone_data_loader.cc visible publicly (in practice, though, we
still intend to “hide” it inside the “memory” namespace), and replace
`loadZoneData()` with the new class.

The revised `ZoneDataLoader` class should look like:

#!cpp
class ZoneDataLoader {
// Constructor for full load, from a zone file
ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&,
const Name&, const std::string&);

// Constructor for full load, from zone iterator
ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&,
const Name&, ZoneIteratorPtr);

#ifdef notyet
// Constructor for apply diff, from zone journal reader.
// The ZoneData* parameter will point to the current zone data
// to be updated.
ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&,
ZoneJournalReaderPtr, ZoneData);
#endif

// This corresponds to the current loadZoneData.
ZoneData
load();

// Incremental version of load(). works like
// dns::MasterLoader::loadIncremental()
pair loadIncremental(size_t count);

// effectively, for the journal version only. for full load, this is
// no-op.
void commit();
};


`loadIncremental` is not absolutely necessary, but I’ve been feeling
we’ll eventually want to switch to this mode even when we load in
background or in a separate memmgr process so we can react to shutdown
quickly even in the middle of loading a huge zone. I believe it’s not
difficult to convert the current implementation to an incremental one
and make load() a trivial wrapper of it.

Note that until we also convert `CacheConfig` and `ZoneWriter`, we
still need to use the function versions. So, the function version
would instantiate this class object and call its load() in the mean
time.

In some sense this is just a refactoring of existing code. So I
believe this is not really difficult.
2913 task 1365716592814222 1366652064795712 data source medium jinmei new update CacheConfig and ZoneWriter using class version of ZoneDataLoader This is a followup of #2912 and depends on it (also depends on
#2834 but assuming it’s merged by the time we work on this task).

We’ll update the `CacheConfig` class as follows:
#!cpp
class CacheConfig {
public:
// A factory to create zone data loader with the context of cache config.
typedef boost::function const Name&, ZoneData*)
ZoneDataLoaderFactory;

// this will replace getLoadAction. cache_client and options won’t be
// used for now. cache_client will be the corresponding InMemoryClient
// and options are some numeric type that supports operator
(logical or).
// it mostly works like getLoadAction(), but returns a factory functor
// (defined above) depending on the cache configuration.
ZoneDataLoaderFactory createZoneDataLoader(
const RRClass& rrclass, const Name& zname,
DataSourceClientPtr cache_client, Options options);
}


We’ll also update `ZoneWriter` (it’s not a base class after #2850) so
- its constructor takes `ZoneDataLoaderFactory`
- load and install methods will be revised as follows:
#!cpp
void
ZoneWriter::load() {
// loader_ is of scoped_ptr
loader.reset, zclass, zname,
segment
>getHeader.getZoneTable));
loader_
>load();
}

void
ZoneWriter::install() {
loader_>commit; // note that it’s no-op for now
table
>addZone();
}


When this is done, we could remove the function versions of
`loadZoneData()` (but we could keep them if we find it convenient).
We can also remove `CacheConfig::getLoadAction()` and load_action.h.

Also, if the work so far is not big, consider adding
`loadIncrement(count)` to ZoneWriter. That should be basically trivial.
2914 task 1365717376368163 1366652073190204 data source medium jinmei new extend ZoneDataLoader so it can use a journal reader This is a continuation of #2912, depends on it and #2752.

We’ll implement the `notyet` part of #2912.

#!cpp
class ZoneDataLoader {
public:
// Constructor for apply diff, from zone journal reader.
// The ZoneData* parameter will point to the current zone data
// to be updated.
ZoneDataLoader(MemorySegment& mem_sgmt, const RRClass&, const Name&,
ZoneJournalReaderPtr, ZoneData*);

// in the “journal” mode this method performs all the updates passed
// from the journal reader to the zone data given on construction.
// note that we cannot do this in load() because it modifies the current
// working zone data (for memmgr this actually doesn’t matter, but for
// “local” segment it’s critical).
void commit();
}

2915 task 1365718677135207 1366652082988645 data source medium jinmei new update CacheConfig to support diff mode Continuation of #2912, depend on #2913 and #2914.

This task completes the sub feature of “loading diffs”.

We update `CacheConfig::createZoneDataLoader()` further:

- define a few options: at least FORCE_FULL_LOAD and DIFF_OK. The
default is DIFF_OK, not FORCE_FULL_LOAD.
- if the zone is to be loaded from file, it’ll always result in full
load
- otherwise, the logic would look like this:
#!cpp
if (cache_client && (options & (FORCE_FULL_LOAD
DIFF_OK)) DIFF_OK) {<br> // get it from zone SOA in cache_client<br> const dns::Serial cache_serial;<br><br> // get it from zone SOA in datasrc_client<br> const dns::Serial latest_serial;<br> if (cache_serial latest_serial) {
return (/* return a factory that would create a special no-op
loader, see below */);
} else if (cache_serial < latest_serial) {
jnl_reader = datasrc_client.getJournalReader(cache_serial,
latest_serial);
return (/* factory using the journal reader */);
} else {
// maybe throw as it shouldn’t happen, or maybe fall back to
// full load
}
}
return (/* factory for full load from iterator */);


For the special no-op loader mentioned above, we’ll make a slight
update to `ZoneDataLoader`:
#!cpp
class ZoneDataLoader {
public:
// A special no-op mode. load() variants return given ZoneData intact,
// commit() is no-op.
ZoneDataLoader(ZoneData*);


`ZoneWriter` won’t need to be updated.
2918 task 1365784751964295 1373637932449356 configuration medium jinmei new support config generation ID For some types of configuration we’ll need to be able to distinguish
different versions (“generations”) so we can gracefully migrate one
to another. We’ll specifically need this concept for data sources,
for which the user modules need to keep an old version while a new one
is being prepared, and multiple modules may need to exchange
information on old or new versions of the config.

So, in this task, we’ll introduce the concept of config “generation
ID”, implement it in cfgmgr and data_sources config spec.

A configuration item for a module will have following items at its top
level:

- “generation-id-mode” (string): “none” or “auto”, default is “none”
- “generation-id” ((unsigned) int): monotonically increasing ID of the
configurations of that module. The latest ID is saved in
b10-config.db and will be used on restart.

When cfgmgr gets config update, it examines the top level of each
module config to see if it contains “generation-id-mode” and it’s set
to “auto”. If both are the case, it checks a “generation-id” item (if
not yet defined assume it to be 0“, increment it by one, and
distribute the config to user modules and save it with the updated
generation ID.

Revised data_sources config would look like:


”data_sources“: {
”generation-id-mode“:”auto“,
”generation-id“: 42,
”classes“: {
”IN“: [{
”type“:”sqlite3“,
”params“: {”database_file“:”zone.sqlite3" }
}]
}
}

2919 task 1365785025855147 1394117481043626 shmem manager medium jinmei DNS Outstanding Tasks new handle full data source reconfig in memmgr subtask of #2830, depend on #2918 (and other memmgr tasks).

In this task we’ll implement this:
http://bind10.isc.org/wiki/SharedMemoryIPC#a6.2.MemoryManagerBehavior
(we might still have to further break down this task into a few
subtasks, but at the moment we define it as a single task).

Be careful about merge timing: we may not be able to merge it
without making corresponding changes to the user modules (at least
auth).
2920 task 1365785282056001 1394117253170375 b10-auth medium jinmei DNS Outstanding Tasks new handle full data source reconfig with shmem support in b10-auth subtask of #2830, depend on #2918 (and other updates to auth for shmem
support).

In this task we implement this:
http://bind10.isc.org/wiki/SharedMemoryIPC#a6.3.ReaderBehavior
(we might still have to further break down this task into a few
subtasks, but at the moment we define it as a single task).

Be careful about merge timing: we may not be able to merge it
without #2919 (but possibly we can, depending on we can include
the generation-id in existing segment_info_update message).
2921 task 1365785787275480 1373637987951671 data source medium jinmei new update ConfigurableClientList to support generation ID subtask of #2830, depend on #2918.

We’ll extend the `datasrc::ConfigurableClientList` class so that:
- it understands the new “generation-id” config item and remembers it
internally
- it has a new method `getGenerationID()` that returns the numberic ID
of that configuration.

We’ll also update the Python wrapper so it supports `getGenerationID()`.
2924 defect 1366666973923993 1373638016126949 xfrout medium jinmei new source address of notify response should be checked `isc.notify.notify_out._get_notify_reply()` doesn’t check if the
source address of the message is identical to the expected one.
As far as I can see this is not a connected socket, so it’s possible
to receive data from an unintended source. It should check the
address, and if it’s different it should keep waiting (not resending a
new one).
2926 defect 1366899391171367 1373638122869188 bind-ctl medium vorner new Delete followed by add in a list should restore defaults If I delete the last item of a list and then immediately add it again, I’d expect it to be a fresh new instance of the item, full of juicy new values, not the old crap I deleted before:


> config show Xfrout/also_notify
Xfrout/also_notify[0]/address “46.255.230.98” string
Xfrout/also_notify[0]/port 53 integer
Xfrout/also_notify[1]/address “1.2.3.4” string
Xfrout/also_notify[1]/port 1234 integer
> config remove Xfrout/also_notify[1]
> config show Xfrout/also_notify
Xfrout/also_notify[0]/address “46.255.230.98” string (modified)
Xfrout/also_notify[0]/port 53 integer (modified)
> config add Xfrout/also_notify
> config show Xfrout/also_notify
Xfrout/also_notify[0]/address “46.255.230.98” string (modified)
Xfrout/also_notify[0]/port 53 integer (modified)
Xfrout/also_notify[1]/address “1.2.3.4” string
Xfrout/also_notify[1]/port 1234 integer
2927 defect 1366910627175412 1366913251407166 data source low jreed new AUTH_DATASRC_CLIENTS_BUILDER_STARTED should be DEBUG Instead of INFO, AUTH_DATASRC_CLIENTS_BUILDER_STARTED should be DEBUG. As it is now, it is just noise and is not useful for a DNS operator. (Who cares if “data source builder thread started”?)
2928 enhancement 1366959449207886 1373638177062172 logging medium muks new Include the debug log level in log messages Include the log level in log messages, so that an admin will know what log level to set when updating config.

This is an action item from [[April2013MeetingDNSWednesday20130417]].
2929 enhancement 1366959612492890 1373638241999995 tests medium muks new Add a lettuce test where multiple sqlite3 datasources are in use Add a lettuce test where multiple sqlite3 datasources are used.

This is an action item from [[April2013MeetingDNSFriday20130419]].
2933 enhancement 1367203593009797 1373638286959650 bind-ctl medium muks new Implement GUI bindctl tool This is a ticket to implement a GUI bindctl tool.

Don’t include this ticket in any sprints yet. It’s just a placeholder so I can push some local work to a branch.
2936 defect 1367326096860214 1367326096860214 dhcp medium stephen DHCP Outstanding Tasks new IfaceMgr::getIface() update should return a shared_ptr instead of a raw pointer This was noticed in the review of #2467, and is part of a programme to remove “raw” pointers from the DHCP code.
2941 defect 1367581777743715 1373638547377770 logging medium jreed new logging configuration is too late My logging is DEBUG debuglevel 1 but I received lots of
AUTH_PACKET_RECEIVED and AUTH_SEND_ERROR_RESPONSE
Now I see that happened in the same second before:


2013-05-03 11:27:40.980 DEBUG [b10-auth.config/59538] CONFIG_LOG_WILD_MATCH will use logging configuration for wildcard logger *


Then that high debugging goes away.

This problem doesn’t happen if set to INFO. So it appears it knows it is DEBUG, but doesn’t know its level.
2948 enhancement 1368108248904407 1397640730796484 dhcp6 low marcin DHCP Outstanding Tasks new DHCPv6: implement Decline message support. Currently, Kea has a stub implementation for Decline messages. It creates ‘’empty’’ Reply messages (with no options). The logic to process Decline messages should be added.
2949 enhancement 1368108325471382 1397640730796484 dhcp6 low marcin DHCP Outstanding Tasks new DHCPv6: implement InformationRequest message support. Currently, Kea has a stub implementation for INORMATION_REQUEST messages. It creates ‘’empty’’ Reply messages (with no options). The logic to process InformationRequest messages should be added.
2950 defect 1368119759340360 1369731768309509 build system medium UnAssigned jinmei new suppress tautological-constant-out-of-range-compare warning of clang++ Build of BIND 10 fails with a recent version of clang++ if with
`-Werror` due to the following warning:


message.cc:498:17: warning: comparison of constant 4 with expression of type ‘const isc::dns::Message::Section’ is always false [-Wtautological-constant-out-of-range-compare]
if (section >= MessageImpl::NUM_SECTIONS) {


We cannot skip such checks if we want to protect our code from buggy
application (either developed by ourselves or others). So I propose
just suppressing this warning globally in configure.ac.
2952 defect 1368125174265248 1373638825051585 data source medium jinmei new cfgmgr produces confusing/misleading warning log about MasterFiles datasrc It complains about like this:

2013-05-09 17:28:12.399 WARN [b10-cfgmgr.datasrc/18193] DATASRC_LIST_NOT_CACHED zones in data source MasterFiles for class CH not cached, cache disabled globally. Will not be available.
2013-05-09 17:28:12.399 WARN [b10-cfgmgr.datasrc/18193] DATASRC_LIST_NOT_CACHED zones in data source MasterFiles for class IN not cached, cache disabled globally. Will not be available.

which is confusing as there’s actually nothing wrong in the
configuration. We should probably lower the log level and reword the
log message.
2953 defect 1368189674447159 1373638876436511 statistics medium jreed StatsRedesign new document for bindctl how to query individual Auth stats How can I query individual Auth stats with bindctl?

I recall I used to be able to retrieve a single stat.

I have tried many ways, like:


> Stats show owner=Auth name=zones.SERVER
{
error “specified arguments are incorrect: owner: Auth, name: zones.SERVER
}
> Stats show owner=Auth name=zones.authqryrej
{
error “specified arguments are incorrect: owner: Auth, name: zones.authqryrej”
}
> Stats show owner=Auth name=zones.SERVER.request.v6
{
error “specified arguments are incorrect: owner: Auth, name: zones.SERVER.request.v6”
}


Let’s document this better in the manpage and guide. (Also the guide example of Stats show has old Auth style example, but maybe that is okay.)
2958 enhancement 1368442088242459 1368624457667204 dhcp medium stephen DHCP Outstanding Tasks new DHCP-DDNS: DHCP4 configuration parameters Extend the DHCP4 server to add configuration parameters controlling the DDNS operation of the DHCP4 server.
2959 enhancement 1368442121690891 1368624484706872 dhcp medium stephen DHCP Outstanding Tasks new DHCP-DDNS: DHCP6 configuration parameters Extend the DHCP6 server to add configuration parameters controlling the DDNS operation of the DHCP4 server.
2961 enhancement 1368612787408179 1373892105514946 Boss of BIND medium cas Next-Sprint-Proposed new Updating the python version can break BIND 10 I had BIND 10 1.0.0 installed on Debian 6. I had then updated Debian to Version 7.

After the update, BIND 10 was not working anymore. The error message was:

root@m3:~# bind10
/usr/local/sbin/bind10: 8: exec: /usr/local/libexec/bind10/b10-init: not found

The problem was the shebang line:
#!/usr/bin/python3.1

while I could solve this issue by re-compiling BIND 10, it might be a stubling block for DNS admins.

Proposal:

make the “bind10” start script intelligent to check the python3 version and

a) if no suitable python version found, give a good error message

b) if an version is found that could lead to issues, log a warning

c) update the BIND 10 python modules (maybe via a wrapper or setting a environment variable) and start BIND 10
2963 defect 1368824667610671 1394117263853135 b10-auth medium jinmei DNS Outstanding Tasks new XfroutClient::disconnect must not throw I’ve noticed b10-auth sometimes crashed at the end of its shutdown
process. On a closer look it’s because `XfroutClient::disconnect()`
throws:
#!cpp
asio::error_code err;
impl->socket.close(err);
if (err) {
isc_throw(XfroutError, “close socket failed:” << err.message());
}

and its caller, the destructor of `AuthSrvImpl` didn’t catch it.

I’ve not fully figured out why close() fails; it somehow seems to be
related to the xfrout’s behavior.

There can be several ways to fix it, but since `XfroutClient` itself
is quite broken like other xfr stuff and should be replaced with
the generic `SocketSessionForwarder` in future (maybe part of the xfr
rewrite work), I propose one quick fix: just not throw here.

Hiding an error is not really good, but in practice this only happens
while shutting down b10-auth, so there’s not much we can do from this
situation anyway. And, again, we should get rid of the `XfroutClient`
stuff in a bit longer term.
2965 defect 1368825047684943 1392917648348322 xfrout medium jinmei DNS Outstanding Tasks new xfrout should use general datasource configuration, not Auth/database_file subject should say all. we’ll need this by the time
we support non-SQLite3 based data source, so it’s probably
the time to schedule it.

More specifics based on #2964:

- import ‘data_sources’ module instead of ‘Auth’ as a remote module.
See `Xfrin` constructor.
- maintain `isc.server_common.DataSrcClientsMgr` object and call its
reconfigure() from the remote config update callback for the
data_sources module. See `Xfrin.datasrc_config_handler`.
- when a data source is necessary, get it from the `DataSrcClientsMgr`
using its `get_client_list`. See xfrin_start.
- then remove any reference to auth module, “db_file”, sqlite3
specifics, etc.

In the case of xfrout, there’s one tricky point: `XfroutSession.
get_zone_soa()`
needs to use `ZoneFinder`s. This cannot be done by multiple threads
(on the same shared data source client) at the same time, so this call
should use some synchronization.

Changes to notify_out module will also non trivial, so I suggest
moving that part into a different ticket. Until it’s done, xfrout
will still keep the old `Auth/database_file`, db_file, etc.
2966 defect 1368825131307527 1370931629116835 DDNS medium jinmei new ddns should use general datasource configuration, not Auth/database_file subject should say all. we’ll need this by the time
we support non-SQLite3 based data source, so it’s probably
the time to schedule it.

More specifics based on #2964:

- import ‘data_sources’ module instead of ‘Auth’ as a remote module.
See `Xfrin` constructor.
- maintain `isc.server_common.DataSrcClientsMgr` object and call its
reconfigure() from the remote config update callback for the
data_sources module. See `Xfrin._datasrc_config_handler`.
- when a data source is necessary, get it from the `DataSrcClientsMgr`
using its `get_client_list()`. See xfrin_start().
- then remove any reference to auth module, “db_file”, sqlite3
specifics, etc.

In the case of DDNS, I think we’ll update the helper
`isc.ddns.ZoneConfig` so that:
- it will internally maintain `DataSrcClientsMgr`, instead of taking
a specific datasrc_client in the constructor.
- it will have a new “reconfigure_datasrc()” method, which calls
`DataSrcClientsMgr.reconfigure()`
- its find_zone() will first identify the corresponding data source
client list for the class, and then call find() to get the data
source client to use.

The main DDNS module will call `ZoneConfig.reconfigure_datasrc()`
from the remote config update callback for the data_sources module.

DDNS is not threaded, so we don’t have to worry about inter-thread
implications.
2970 defect 1369308456862408 1369308456862408 dhcpdb medium stephen DHCP Outstanding Tasks new MySqlLeaseMgr uses wrong function to retrieve error text mysql_lease_mgr.cc: in some places the wrong function is used to retrieve error text if a MySQL function fails.

Currently mysql_error() is used in all cases. This is wrong: the code should use mysql_stmt_error() if a mysql_stmt_xxx() statement fails and mysql_error() elsewhere.
2971 defect 1369319124131917 1369319124131917 dhcp medium marcin DHCP Outstanding Tasks new Create config-based workaround for FreeBSD 8.1 issue kern/155606 The IfaceMgrTest::sendReceive4 unit test fails on FreeBSD 8.1-RELEASE when trying to receive packet over closed socket. Test expects exception to be thrown, while nothing is thrown. This has been tracked down as an issue in FreeBSD and the corresponding bug has been found:

http://www.freebsd.org/cgi/query-pr.cgi?pr=155606

As a quick solution, the relevant part of the test has been disabled on BSD systems. We need to have a config based solution for it.
2985 defect 1369927252002214 1373893073032177 dhcp4 low jankowsr DHCP Outstanding Tasks new rfc 2131 vs monitoring network interfaces As of now kea does not monitor the state of network interfaces. It does not utilize network interfaces started after b10-dhcp4 module initialization. This means it’s not quite compliant with the following part of RFC 2131:

“The ‘server identifier’ field is used both to identify a DHCP server
in a DHCP message and as a destination address from clients to
servers. A server with multiple network addresses MUST be prepared
to to accept any of its network addresses as identifying that server
in a DHCP message.”

How to reproduce:
config add Init/components b10-dhcp4
config set Init/components/b10-dhcp4/kind dispensable
config commit

start new network interface
send DHCP discover to this new interface

Expected Result:
server should respond to DHCPDISCOVER

Actual Result:
server will discard DHCPDISCOVER
dhcpv4
2988 defect 1370367751269469 1394114709816606 logging medium jreed jinmei Common Outstanding Tasks assigned check and report log4cplus rotation issues see http://bind10.isc.org/ticket/1622#comment:34

There’s still an issue of log4cplus in log file rotation (some log
messages can go to an already rolled file). Check if latest versions
of log4cplus (1.1.1 and 1.1.2rcX) still have this issue (from a quick
look at changelogs they still seem to have the problem), and if they
do, report it to the log4cplus developer.
2989 defect 1370386258827113 1392810712428266 xfrout medium UnAssigned jinmei DNS Outstanding Tasks reviewing Python notify_out module should use general datasource configuration, not Auth/database_file This is a subtask of #2965.

We’ll update the isc.notify.notify_out module to get rid of the
reference to the `Auth/database_file` config, etc.

More specifics based on #2964:

- import ‘data_sources’ module instead of ‘Auth’ as a remote module.
See `Xfrin` constructor.
- maintain `isc.server_common.DataSrcClientsMgr` object and call its
reconfigure() from the remote config update callback for the
data_sources module. See `Xfrin._datasrc_config_handler`.
- when a data source is necessary, get it from the `DataSrcClientsMgr`
using its `get_client_list()`. See xfrin_start().
- then remove any reference to auth module, “db_file”, sqlite3
specifics, etc.

A tricky point of notify_out is that it’s also run on a different
thread, and uses `ZoneFinder` in various places. We could share it
with the main xfrout threads with careful synchronization, but that
will make the already messy implementation (wrt the naive use of
threads) even messier.

So my suggestion is to create and use a separate `DataSrcClientsMgr`
in the notify_out module. In the main xfrout module, when a config
update for the data_sources module is delivered, it will reconfigure
the main and notify’s `DataSrcClientsMgr`. It’s a bit redundant, but
resource-wise it shouldn’t be that heavy in practice as we’ll simply
maintain two separate SQLite3 connections (so the cost is independent
from the size or number of zones, for example).

When we re-design and implement xfr’s we can handle it in a cleaner way.

On completion of this task, we can fully get rid of the old stuff from
xfrout. We should also be able to remove Auth/database_file from
lettuce tests on xfrout.
2990 defect 1370411524478705 1374494096451233 data source medium jinmei new cleanup: remove Auth/database_file and datasrc.sqlite3_ds Once #2964, #2965, #2966, #2967, #2989 are completed, we should be
able to remove the Auth/database_file config item from its spec.
We should also be (basically) able to remove the
isc.datasrc.sqlite3_ds module.

This ticket will do these cleanups.

Removing sqlite3_ds will require some non trivial task, as some tests
are still using it. We’ll need to replace it using new API classes
(or simply remove it if we can).
2991 defect 1370428614067532 1370931679929527 data source medium muks new Fix ListTest.reloadNotAllowed testcase Now that we have `getCachedZoneWriter()`, the `ListTest`s use that in #2853 to fetch a `ZoneWriter`. This approach does not work for getting at a `ZoneWriter` when the cache is disabled. Hence `ListTest.reloadNotAllowed` testcase is broken as it tries to call `prepareCache()` with `enabled=true` when the cache is actually disabled.

While it’s straightforward to update it, I don’t know what the purpose of this test is, and whether it should be kept still. So this ticket is created.
2996 defect 1370629381515886 1373893258752481 configuration very low jreed new check —with-boost-include and —with-pythonpath configure options Have configure check if the —with-boost-include and —with-pythonpath configure options have the corresponding arguments.

One report showed errors like:


checking for in-TU anonymous namespace breakage… no
yes: invalid option — ‘c’
Try `yes —help’ for more information.
(standard_in) 1: syntax error
./configure: line 15222: test: !=: unary operator expected
yes: invalid option — ‘c’
Try `yes —help’ for more information.


On my system it just hangs.

This is low priority since a workaround is trivial.
3002 task 1371069224275362 1373890663973651 data source medium jinmei new extend datasrc::(Configurable)ClientList::find to return data source name This will be needed for the shared memory support, so it’s a subtask
of #2830.

For xfrin and ddns to tell memmgr to reload the updated zone,
they need to specify the corresponding data source name.
We currently don’t have an interface to make it possible and need to
extend the API.

My suggestion is to revise `ConfigurableClientList::find()` so it can
optionally return the data source name:
#!cpp
virtual FindResult find(const dns::Name& zone,
bool want_exact_match = false,
bool want_finder = true,
bool want_datasrc_name = false) const;


And also revise the `FindResult` structure in the obvious way.
If `want_datasrc_name` is true, the find() method will copy
the data source name to `FindResult`; if it’s false it will probably
be an empty string.

We also need a Python wrapper (actually we’ll only need the Python
wrapper for the feature).

And, as usual, there’ll be a confusion of whether this should be a
virtual method and be implemented in the base `ClientList` class.
Technically, the answer is yes because C++ applications are expected
to use the `ClientList` interface only.
3004 defect 1371468693612286 1391014987139035 Unclassified medium vorner DHCP Outstanding Tasks new Cppcheck 1.60.1 and out of bounds access The cppcheck 1.60.1 produces several warnings in form:

#!c++
src/lib/dhcpsrv/tests/mysql_lease_mgr_unittest.cc:748: check_fail: Array ‘leases[2]’ accessed at index 2, which is out of bounds. (error,arrayIndexOutOfBounds)


They are all from dhcp code and look like serious programmer error (though they are in the tests).
3005 defect 1371469149326380 1373891021200955 Unclassified medium vorner new New reports from cppcheck 1.60.1 As always, there are new reports with new version.

There are three groups.

* Reports about array bounds in DHCP code. A separate ticket #3004 was created for them.
* Complains about assert, like:


src/lib/util/random/random_number_generator.h:113: check_fail: Assert statement calls a function which may have desired side effects: ‘areProbabilitiesValid’. (warning,assertWithSideEffect)


I believe these are false positives, because these methods both don’t have side effects and we want not to call them in case someone uses `NDEBUG`, as these are the checks he wanted to turn off by that.

* Bunch of unmatched suppressions. I don’t know what to do with them, as they are needed for older cppchecks, but are noisy on the new ones. Possibly suppress the warning about bad suppressions.
3009 defect 1371767659722142 1380799057850114 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6 relay-forward bug Tests performed on GIT version of Bind downloaded 9.06.2013

DHCPv6 server accept as a valid message Relay-forward message with included not permitted options for Relay-Forward as:
clientID
serverID
rapidcommit
preference

To reproduce this bug plz use Forge project and use test with “realy_invalid” tag or build Relay Forward msg with Scapy
e.g.
IPv6(dst = address)/UDP(sport=546, dport=547)/DHCP6_RelayForward(linkaddr=“3000::ffff”, peeraddr=SRV_IPV6_ADDR, hopcount = level)/DHCP6OptIfaceId(ifaceid = “15”)/DHCP6OptClientId()/DHCP6OptRelayMsg()/DHCP6_Solicit()

attached wireshark capture.
relay-forward
3012 defect 1372181858853448 1373904872302872 build system medium UnAssigned jinmei new man_MANS rule in Makefile needs some cleanup many of `Makefile.am` files have the following rule:

$(man_MANS):
echo Man generation disabled. Creating dummy $. Configure with —enable-generate-docs to enable it.
echo Man generation disabled. Remove this file, configure with --enable-generate-docs, and rebuild BIND 10 > $


The echoed message doesn’t seem to make perfect sense. At least it’s
redundant in that it repeats the same configure switch twice. We
should need some cleanup here, and make the cleanup throughout the
source tree.

I suspect this rule was introduced by Jeremy and he’d be the best
person to handle this issue.
3013 task 1372182709182412 1394117489645150 shmem manager medium jinmei DNS Outstanding Tasks new possibly avoid loading “local” segments to memmgr As of #2854 the memmgr module uses the common `DataSrcClientsMgr`
class (defined in the isc.server_common.datasrc_clients_mgr module) to
manage data source configuration. This means memmgr loads all “local”
type memory segments even if it doesn’t need them at all.
Technically, it’s a waste of memory and CPU cycles.

We first need to decide whether we want to avoid this “waste” as it
may not matter much in practice. If the waste is big enough, we’d
actually rather want to share it; if it’s not that big, it would be
negligible in practice.

So my specific suggestion is to just wait until we know this is really
a problem to solve in practice. In that sense this is a kind of meta
ticket and cannot be estimated right now.
3017 task 1372295676412445 1373891238655673 data source medium jinmei new add isDirty() to ZoneTableSegment This task implements the `ZoneTableHeader` extension as described in
https://lists.isc.org/pipermail/bind10-dev/2013-June/004691.html

Specifically, we add a new virtual method to `ZoneTableSegment`:
#!cpp
class ZoneTableSegment {
public:
virtual bool isDirty() const = 0;

};


and implement it for both `ZoneTableSegmentLocal` and
`ZoneTableSegmentMapped`. For the former, it’s effectively unused for
our shared memory support (and can return anything), but considering
it’s always writable, its `isDirty()` would always return true.

For `ZoneTableSegmentMapped`, A possible implementation would be as
follows:

- introduce a new named address (tentatively named “zone_table_dirty”
for a bool value) in the underlying (mapped) memory segment. make
sure it’s always set for a valid `ZoneTableSegmentMapped` (so we’ll
first set it to true on creation and keep the address since then).
- Extend the “not create” case of
`ZoneTableSegmentMapped::processChecksum()` so that it first checks
the existence of “zone_table_dirty”, sets it to true and then
check the checksum.
- Extend `ZoneTableSegmentMapped::sync()` in case the segment is
writable so that:
- If it’s called from methods other than the destructor, then after
calculating and setting the checksum, set the value of
“zone_table_dirty” to false.
- If it’s called from the destructor, leave the value of
“zone_table_dirty”.

This trick is to ensure that if the zone table segment is unexpectedly
closed in the middle of updates (probably due to an exception and
automatic call to the destructor), we’ll consider the segment still
dirty. The (builder thread of) memmgr will explicitly reset it after
successfully making updates (see the end of bind10.isc.org/ticket/2856
description), thereby clearing the “dirty” mark.

The `isDirty()` method itself should be straightforward:

#!cpp
bool
ZoneTableSegmentMapped::isDirty() const {
return (isWritable()

(mem_sgmt_ && *mem_sgmt_->getNamedAddress(“zone_table_dirty”)));
}

3018 task 1372296018803862 1373891249465127 data source medium jinmei new extend ConfigurableClientList::getStatus() to indicate if zone table segment is dirty It’s continuation of #3017 and depends on it (actually mostly
independent from details of #3017, but probably easier to test with
a complete implementation of #3017).

Specifically we extend `DataSourceStatus` to have `isSegmentDirty()`
method (returning bool). `getStatus()` ensures that `isSegmentDirty()`
will return true iff the zone table segment exists and its `isDirty()`
returns true.

Also update the Python wrapper accordingly.
3019 task 1372297210441515 1394117503781102 shmem manager medium jinmei DNS Outstanding Tasks new update memmgr to handle restart cases correctly This task implements the proposed idea at the memmgr described in
https://lists.isc.org/pipermail/bind10-dev/2013-June/004691.html
It depends on #3018 (with a mock we may be able to work on this task
in parallel with #3018).

Specifically, we update the constructor of
`isc.memmgr.datasrc_info.MappedSegmentInfo`. Instead of always
assuming `reader_ver` is None and `writer_ver` is 0, it should
check if the “.0” and “.1” files exist. If the file exists, it tries
to reset the segment in the read only mode and sees if it’s dirty
(it’ll need to call get_status() again).

- If “.0” is (existent and) non-dirty while “.1” isn’t, `reader_ver`
should be “.0” and `
writer_ver` should be “.1”
- If “.1” is (existent and) non-dirty while “.0” isn’t, `reader_ver`
should be “.1” and `
writer_ver` should be “.0”
- If both “.0” and “.1” are (existent and) non-dirty, `reader_ver`
should be the newer one and
`
writer_ver` should be the other.
- If neither “.0” nor “.1” is non-dirty, `reader_ver` should be None
and `
writer_ver` should be “.1” (just like the current default).

Also, if the initial `reader_ver` is not None, set the state to
“UPDATING”.

We’ll also need to update the `Memmgr` class so that if the reader
version of a segment is initially available it starts as if “UPDATING”
phase has just completed
before telling the builder thread to start loading. One way of doing
this is would be:

- add existing readers in `Memmgr.
init_segment()` instead of
(as #2858 said) `Memmgr.setup_modeul`.
- In `
_init_segment()`, if the reader version is already available,
initiate the initial transition from UPDATING to SYNCHRONIZING,
and send ‘segment_info_update’ command to the pre-existing readers.

#!python
def init_segments:
for key, sgmt_info in datasrc_info.segment_info_map.items:
# Assume we have
get_all_readers(), which returns all
# pre-existing readers
for reader in self.get_all_readers:
sgmt_info.add_reader

rrclass, dsrc_name = key
clist = self.
datasrc_clients_mgr.get_client_list
cmd =
sgmt_info.add_event

reader_param = sgmt_info.get_reset_param
if reader_param is not None:
init_cmd = sgmt_info.complete_update
else:
init_cmd = sgmt_info.start_update
#assert cmd ret_cmd and sgmt_info.state UPDATING
if init_cmd is not None:
with self.
cv_commands:
self.
command_queue.append
self.
_cv_command.notify()
elif len(sgmt_info.old_readers) > 0:
# send ‘segment_info_update’ command to old readers

3021 defect 1372687128166398 1373891622387684 Unclassified medium jreed new bad configuration caused cc timeout and tracebacks I had a typo in a configuration and it resulted in the following:


DEBUG [b10-cfgmgr.pycc]: PYCC_LNAME_RECEIVED received local name: 51d186bf_2@bind10-testing1.lab.isc.org
INFO [b10-cfgmgr.cfgmgr]: CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/var/bind10/b10-config.db
FATAL [b10-cfgmgr.cfgmgr]: CFGMGR_DATA_READ_ERROR error reading configuration database from disk: Configuration file out of date or corrupt, please update or remove /home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/var/bind10/b10-config.db
Traceback (most recent call last):
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer
self.
receive_len_data()
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 183, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 169, in
receive_bytes
data = self.socket.recv
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback :
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 371, in
add_remote_config_internal
answer, _ = self.session.group_recvmsg
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 306, in group_recvmsg
env, msg = self.recvmsg
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 139, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/cc/session.py”, line 238, in receive_full_buffer
raise SessionTimeout on cc session timed out“)
isc.cc.session.SessionTimeout: recv() on cc session timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/libexec/bind10/b10-msgq“, line 863, in
msgq.socket_file)
File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py“, line 225, in init
default_logconfig_handler)
File”/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py", line 447, in add_remote_config
self.
add_remote_config_internal(module_spec, config_update_callback)
File “/home/jreed/dnsbench/work/bind10-bind10-1.1.0-release/20130701102040/install/lib/python3.1/site-packages/isc/config/ccsession.py”, line 375, in _add_remote_config_internal
module_name)
isc.config.ccsession.ModuleCCSessionError: No answer from ConfigManager when asking about Remote module Logging
INFO [b10-init.init]: BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 1.1.0)
DEBUG [b10-init.init]: BIND10_CHECK_MSGQ_ALREADY_RUNNING checking if msgq is already running
INFO [b10-init.init]: BIND10_CONFIGURATOR_START bind10 component configurator is starting up
DEBUG [b10-init.init]: BIND10_CONFIGURATOR_BUILD building plan ‘{}’ -> ‘{’sockcreator’: {’priority’: 200, ‘kind’: ‘core’, ‘special’: ‘sockcreator’}, ‘msgq’: {’priority’: 199, ‘kind’: ‘core’, ‘special’: ‘msgq’}, ‘cfgmgr’: {’priority’: 198, ‘kind’: ‘core’, ‘special’: ‘cfgmgr’}}’
DEBUG [b10-init.init]: BIND10_CONFIGURATOR_RUN running plan of 3 tasks
DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on Socket creator
INFO [b10-init.init]: BIND10_COMPONENT_START component Socket creator is starting
INFO [b10-init.init]: BIND10_SOCKCREATOR_INIT initializing socket creator parser
DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-sockcreator (PID 31516)
DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on msgq
INFO [b10-init.init]: BIND10_COMPONENT_START component msgq is starting
INFO [b10-init.init]: BIND10_STARTING_PROCESS starting process b10-msgq
DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-msgq (PID 31517)
DEBUG [b10-init.pycc]: PYCC_LNAME_RECEIVED received local name: 51d186bf_1@bind10-testing1.lab.isc.org
DEBUG [b10-init.init]: BIND10_CONFIGURATOR_TASK performing task start on cfgmgr
INFO [b10-init.init]: BIND10_COMPONENT_START component cfgmgr is starting
INFO [b10-init.init]: BIND10_STARTING_PROCESS starting process b10-cfgmgr
DEBUG [b10-init.init]: BIND10_STARTED_PROCESS_PID started b10-cfgmgr (PID 31519)
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
DEBUG [b10-init.init]: BIND10_WAIT_CFGMGR waiting for configuration manager process to initialize
ERROR [b10-init.init]: BIND10_COMPONENT_START_EXCEPTION component cfgmgr failed to start: Read of 0 bytes: connection closed
ERROR [b10-init.init]: BIND10_COMPONENT_FAILED component cfgmgr (pid None) failed: unknown condition
FATAL [b10-init.init]: BIND10_COMPONENT_UNSATISFIED component cfgmgr is required to run and failed
ERROR [b10-init.init]: BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 3 done
INFO [b10-init.init]: BIND10_KILLING_ALL_PROCESSES killing all started processes
INFO [b10-init.init]: BIND10_SEND_SIGKILL sending SIGKILL to Socket creator (PID 31516)
WARN [b10-init.init]: BIND10_SOCKCREATOR_KILL killing the socket creator
INFO [b10-init.init]: BIND10_SEND_SIGKILL sending SIGKILL to msgq (PID 31517)
FATAL [b10-init.init]: BIND10_STARTUP_ERROR error during startup: Unable to start b10-cfgmgr: Read of 0 bytes: connection closed

3026 defect 1372864315431113 1373891697767251 Unclassified medium bconry new config go - conflict between behavior and help text
> config go
Error! Parameter ‘identifier’ is missed for command ‘go’ of module ‘config’
Command go (Go to a specific configuration part.)
help (Get help for command)
Parameters:
identifier (string, mandatory)
The identifier specifies the config item. Child elements are
separated with the ‘/’ character. List indices can be
specified with ‘[i]’, where i is an integer specifying the
index, starting with 0. Examples: ‘Init/start_auth’,
‘Auth/listen_on[0]/address’. If no identifier is given, shows
the item at the current location.


The help documentation states that if no identifier is given then it is supposed to show the item at the current location. What I get is an error and the help text.
3027 defect 1372865634862950 1373891718104854 Unclassified medium bconry new the existance of child configuration elements doesn’t imply the existance of the parents
> config show_json /
{}
> config add /Init/components b10-cmdctl
Error: b10-cmdctl already in /Init/components
> config show_json /
{}
> config show_json /Init
null
> config show_json /Init/components
{b10-stats {kind “dispensable”, address “Stats”}, b10-cmdctl {kind “needed”, special “cmdctl”}}
> config go /Init
Error: /Init not found
> config go /Init/components
>


Configuration elements that exist aren’t shown by “config show_json”, despite it being documented as “Show ‘’full’’ configuration in JSON format.” [emphasis added].

It’s also counter-intuitive that child elements can exist and be navigable without their parent elements existing and being navigable.
3029 defect 1372866804472168 1373891762124251 Unclassified medium bconry new inconsistent behavior with “config remove /Init/components b10-cmdctl” Sometimes I get:

> config remove /Init/components b10-cmdctl
> config commit
>
Failed to send request, the connection is closed

(meaning that it succeeded and left me with a broken configuration)

Sometimes I get:

> config remove /Init/components b10-cmdctl
> config commit
Error: [Errno 32] Broken pipe
Configuration not committed
>

(meaning that it failed and left me with a working configuration)

I’m not sure that this should be allowed at all, or if so what the “correct” behavior ought to be, but it definitely needs to be consistent and documented behavior.
3032 defect 1372889234723499 1373891895472373 Unclassified medium bconry new config unset silently fails with ‘kind’
> config add /Init/components b10-auth
> config show /Init/components/b10-auth
Init/components/b10-auth/special null string
Init/components/b10-auth/process null string
Init/components/b10-auth/kind “dispensable” string (default)
Init/components/b10-auth/address null string
Init/components/b10-auth/params/ list
Init/components/b10-auth/priority null integer
> config show /Init/components/b10-auth/kind
Init/components/b10-auth/kind “dispensable” string (default)
> config set /Init/components/b10-auth/kind dispensable
> config commit
> config show /Init/components/b10-auth/kind
Init/components/b10-auth/kind “dispensable” string
> config unset /Init/components/b10-auth/kind
> config show /Init/components/b10-auth/kind
Init/components/b10-auth/kind “dispensable” string
> config diff
{}
> config unset help
Command unset (Unset a configuration value (i.e. revert to the default, if any).)
help (Get help for command)
Parameters:
identifier (string, mandatory)
The identifier specifies the config item. Child elements are
separated with the ‘/’ character. List indices can be
specified with ‘[i]’, where i is an integer specifying the
index, starting with 0. Examples: ‘Init/start_auth’,
‘Auth/listen_on[0]/address’. If no identifier is given, shows
the item at the current location.
>


Given #3031 it currently isn’t very useful to unset ‘kind’, but it shouldn’t fail silently.
3037 enhancement 1373023913197887 1386254483961111 hooks medium UnAssigned tomek DHCP Outstanding Tasks new Hook API and code improvements This is a catch-all ticket for various suggested Hooks related improvements.
It contains a list of usability improvements that are not critical.

Work on this ticket should not start until we have some hooks implemented and broader review (preferably external) is completed.

Proposals:
1. registerStandardCallouts() should count number of registered callouts and complain if there were none and there is no load() function. Also make sure that the logging is capable of showing what was registered (to ease debugging).
3042 defect 1373311945131080 1374593045534166 cmd-ctl medium jwright Next-Sprint-Proposed new “Init Shutdown” resulted in error messages in BIND10 logfile When I initiated “Init shutdown” to bindctl, I got the following logfile entry:

2013-07-08 17:25:51.747 ERROR [b10-init.init/7940] BIND10_CONFIGURATOR_PLAN_INTERRUPTED configurator plan interrupted, only 2 of 5 done

This is possibly related to #3041 (http://bind10.isc.org/ticket/3041), because the error message was seen at the point when I sent command “init shutdown”.
3043 enhancement 1373360020357145 1374592996458180 Unclassified medium shane miles@brennan.id.au new User-submitted upstart script (for CentOS 6.4) A user submitted an upstart script with the following mail.


From: “Miles Brennan”
To:
Subject: BIND10 Upstart Script
Date: Tue, 9 Jul 2013 18:05:06 +1000

Hey All.



New list user here.. Miles from Brisbane.AU, currently tinkering with BIND10
just to see what it’s like and evaluate stability for potential use in a
startup.



Background: A Geek!, I authored the Linux Home Server HOWTO
(www.brennan.id.au ) a few years back to make it
easier for users to build their own home environment.



I looked long and hard for a good init / upstart script for BIND10, but
ended up writing my own to suit my CentOS 6.4 environment.



I thought you might like it for your WIKI so others can start playing with
BIND10 a little more.



Usage.

- initctl start bind10

- initctl restart bind10

- initctl stop bind10



Cheers,

Miles







vi /etc/init/bind10.conf





description “BIND10 is a DNS server with DHCPv4 and DHCPv6 server support”



env
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:
/usr/local/libexec/bind10

export PATH



start on runlevel [345]

stop on runlevel [0126]



pre-start script



exec logger p user.warningt upstart-bind10 “BIND10 daemon
starting”



end script



exec b10-init —user bind —config-file /usr/local/var/bind10/b10-config.db
br>
—pid-file /usr/local/var/bind10/bind10.pid br>
—msgq-socket-file /usr/local/var/bind10/msgq_socket br>
—data-path /usr/local/var/bind10 —cmdctl-port 8080



#pre-stop



post-stop exec logger p user.warningt upstart-bind10 “BIND10 daemon
stopped”



respawn

kill timeout 30

console none
3047 defect 1373378905656631 1397640730796484 dhcpdb low jwright DHCP Outstanding Tasks new Use of Kea memfile lease database causes SigAbrt exception Please see following Jabber chat log:


1:38:20 PM jeff: Have you guys seen this in the BIND10 logfile?



2013-07-03 18:54:10.109 ERROR [b10-init.init/5090] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 5677) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT)



It seems to occur every once in a while.
1:52:10 PM jeff: I think debian 6 is dead.
1:52:11 PM jeff: 149.20.57.86
1:52:33 PM jeff: No answer to pings from inside lab; and all established SSH sessions are unresponsive.
1:55:46 PM TomM: Time to pull back and nuke the planet.
1:59:46 PM jeff: I have to way to remote-boot that puppy. I think TomM’s latest Kea checkin caused a kernel panic.
2:00:23 PM TomM: let’s see, I know I have the GPS coords for Jeff’s new place…. where did I write those down….
2:01:40 PM TomM: Jeff, if you hear a high pitched whine soon, please ignore it… it’s nothing
2:02:48 PM jeff: Actually, I DID have a way to reboot it and I did so. Thanks, Remote Desktop Client for Mac!
2:24:23 PM tomek: Kea doing SIGABRT may be a problem.
2:24:32 PM tomek: I have never seen this before.
2:44:43 PM jeff: I think I would like to file a bug ticket against this issue if it reoccurs.
2:45:09 PM jeff: Yes, it continues:
2:45:10 PM jeff: >::reference boost::shared_ptr< >::operator*() const [with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed.

2013-07-03 20:08:11.872 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2007) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT)

with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed.

2013-07-03 20:13:27.035 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2143) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT)

with T = isc::dhcp::ClientId]: Assertion `px != 0’ failed.

2013-07-03 20:20:06.906 ERROR [b10-init.init/2000] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 2146) failed: process terminated with exit status 6 (killed by signal 6: SIGABRT)




2:53:43 PM TomM: looks like there’s still a condition that allows a null client id
2:54:26 PM TomM: tomek you are fibbing when you say you have never seen this before ;)
2:55:45 PM jeff: Twice now the debian6 server has hung
2:55:59 PM jeff: I think this might be my first “real” bug find. :)
2:56:18 PM jeff: What kind of info should I be gathering now to help us diagnose this?
2:58:42 PM tomek: The configuration used and traffic capture of a packet that cause this.
3:00:34 PM marcin: I recall that the issues with NULL client id are still present when using Memfile backend.
3:00:50 PM marcin: When using MySQL it shouldn’t be the case.
3:01:46 PM marcin: Do you actually use MySQL? when hitting assertion failure?
3:09:11 PM jeff: I do have the build configuired for mySQL backend
3:09:35 PM jeff: I am not even sending DHCP traffic so it’s not ANVL packets…although it might be other random packet traffic.
3:10:06 PM jeff: How do you want me to capture the config? Show bindctl commands? Dump bind10-cfg.db?
3:10:27 PM jeff: Would any syslogs be helpful?
3:10:31 PM TomM: if I recall, Jeff, there are Windows machines that periodically make IPv4 requests on on the DHCP lab setup
3:10:56 PM jeff: Those Windows clients are disabled
3:11:20 PM TomM: curious
3:11:51 PM jeff: Well, I THINK those are disabled. Let me show you a screenie.
3:12:16 PM TomM: hey I don’t want to see you screenie! put that thing away! RUN AWAY!
3:12:37 PM jeff:
3:13:15 PM jeff: If there is an alternative place to xfer files let me know
tomek left the room.
3:14:27 PM TomM: just sez I have one event….
3:14:36 PM TomM: I use Psi for client
3:14:59 PM TomM: nevermind, I got it
3:15:39 PM TomM: no I didn’t
3:15:45 PM TomM: error’d out
3:19:37 PM jeff: Yeah it erroed out.
3:19:39 PM jeff: Let me try again
3:21:11 PM jeff: OK well that’s a big waste of time
3:21:15 PM jeff: I’ll email it to you
3:21:19 PM TomM: yep
3:21:46 PM TomM: what would be better would the the bind10 log output
3:21:55 PM jeff: What else?
3:22:05 PM jeff: Here is how I confogured everything:
3:22:28 PM TomM: you could include the config db
3:22:32 PM jeff: https://confluence-int.isc.org/display/QUAL/DHCP+Testing
3:22:49 PM jeff: I’m going to enter a bug ticket and include the logfiles from dhcpsrv and dhcp4
3:22:57 PM jeff: as well as the bind10 config db
3:23:34 PM marcin: Which machine is it?
3:23:40 PM marcin: debian6?
3:25:39 PM jeff: debian6-64-1-dhcp
3:25:52 PM jeff:
3:25:54 PM marcin: Where is the bind installed?
3:26:10 PM jeff: /home/test/var/test-anvl
3:26:27 PM jeff: I just had to reboot the VM because it was not responding to ICMP Requests
3:26:28 PM marcin: ok, let me login and have a quick look on the configuration.
3:26:54 PM jeff: BIND10 is not running after reboot.
3:27:09 PM marcin: I will kick it of
3:27:54 PM jeff: cmd line:
3:28:12 PM jeff: sudo /home/test/var/test-anvl/sbin/bind10 &> /home/test/var/test-anvl/bind10.log
3:30:43 PM marcin: MySQL is not configured
3:31:00 PM jeff: Not true. I built as follows:
3:31:12 PM marcin: It is true according to bindctl
3:31:21 PM marcin: Building is one thing
3:31:26 PM jeff: sudo /home/test/var/test-anvl/sbin/bind10 &> /home/test/var/test-anvl/bind10.log
3:31:32 PM marcin: configuration is another thing
3:31:59 PM TomM: if someone could review 3030, it correct the build issue
3:32:02 PM marcin: Dhcp4/lease-database/type “” string
3:32:05 PM TomM: its quite small
3:32:16 PM TomM: good catch, marcin
3:32:47 PM marcin: other things are name, user, password, host
3:33:10 PM marcin: they also have to be set to credentials you have added to MySQL
3:33:30 PM TomM: rtfm
3:33:40 PM TomM: ;)
3:34:16 PM marcin: I could add it now, but it will be better for you to do it to keep an eye on what is going on in your config
3:34:50 PM marcin: I now stopped bind and logged off
3:35:58 PM marcin: Tom, in the course of #2977 I found a little issue with d_controller_unittests
3:36:27 PM TomM: is this the logger init thing?
3:36:32 PM marcin: yes
3:37:05 PM TomM: what precisely is the issue?
3:37:27 PM TomM: you know I stole that line from DHCP4/DHCP6….
3:37:39 PM marcin: yes and now
3:37:47 PM marcin: DHCP4 doesn’t test main
3:37:52 PM TomM: ah
3:38:08 PM marcin: D2 tests launch function which does initLogger
3:38:14 PM TomM: right
3:38:15 PM marcin: This should not happen
3:38:25 PM TomM: what should not happen?
3:38:44 PM TomM: initLogger should not be called?
3:38:51 PM marcin: initLogger should not be called when running unit tests
3:39:04 PM marcin: it shouldn’t be called in launch
3:39:14 PM marcin: because it is already called in main of unit tests
3:39:23 PM TomM: OH
3:39:26 PM marcin: in a way that it should be run for unit tests
3:39:32 PM marcin:
3:40:01 PM marcin: But, if I remove initLogger in launch I hit worse problem
3:40:10 PM TomM: then I will need to add a command line argument that skips it
3:40:11 PM marcin: crash in commandHandler
3:41:06 PM marcin: commandHandler has this second argument called “args”
3:41:15 PM TomM: right
3:41:17 PM marcin: which seems to be NULL
3:41:32 PM TomM: let me look at the code
3:42:23 PM marcin: The rest is a speculation so far…
3:42:37 PM TomM: let me catch up
3:42:41 PM marcin: genShutdownCommand in unit tests is responsible for this
3:42:59 PM jeff: Hold on guys
talking with my attorney - brb
3:43:01 PM marcin: sorry, genShutdownCallback
3:43:19 PM TomM: oh, because args isn’t being checked before being handed to the log statement
3:43:37 PM marcin: well, getShutdownCallback passes empty argyment
3:43:45 PM marcin: NULL argument I should say
3:43:50 PM marcin: arg_set
3:43:55 PM TomM: if it passed in an empty ELementPtr it would run fine
3:44:22 PM marcin: isc::data::ElementPtr arg_set;
3:44:27 PM marcin: makes arg_set NULL
3:44:47 PM marcin: and in the handler you do arg_set>str
3:44:55 PM TomM: right
3:44:57 PM marcin: the
> operator causes assertion
3:45:11 PM TomM: yes, the log statement should test it
3:45:18 PM TomM: and adjust accordingly
3:45:42 PM marcin: I am wondering what will be the most elegant solution
3:45:42 PM TomM: (arg_set ? arg_set>str : “no args”)
3:46:02 PM marcin: yes, maybe that should be done
3:46:06 PM TomM: yes
3:46:10 PM TomM: it should be
3:46:16 PM marcin: and maybe we need to identify some more places like this
3:46:23 PM TomM: perhaps
3:46:34 PM marcin: I can do it together with 27977
3:46:37 PM TomM: tyring to figure out why I haven’t hit this before
3:46:38 PM marcin: sorry 2977
3:47:06 PM marcin: Well, initialization of the logger has something to do with it, but I don’t know why
3:47:19 PM marcin: and I don’t know if I will find today :
)
3:47:38 PM marcin: s/find/find out
stephen left the room. (3:47:57 PM)
3:48:00 PM TomM: launch calls the init logger but launch is the first place the command line arguments are examined…
3:48:08 PM TomM: which is as it should be
3:48:19 PM TomM: s/but/because/
3:48:42 PM TomM: I did not want app specific things to be in main()
3:48:47 PM marcin: it would be ok if we added an extra argument to launch
3:48:59 PM TomM: yes
3:48:59 PM marcin: this argument would indicate that you’re running in the test mode
3:49:12 PM marcin: and it would be used by unit tests only
3:49:15 PM TomM: yes
3:49:21 PM marcin: it could have a default value = false
3:49:25 PM TomM: it could default to false
3:49:27 PM TomM: lol
3:49:29 PM marcin: but it doesn’t have to
3:49:48 PM TomM: in this case I would say it should because it is a test time only thing
3:50:12 PM TomM: might be handy for other things too…
3:50:15 PM marcin: yes, I agree but I don’t know if you like defaults :P
3:50:24 PM TomM: case by case basis
3:50:42 PM marcin: in this case, let me fix it
3:50:54 PM marcin: as we just discussed it
3:51:11 PM TomM: ok
3:51:24 PM marcin: It will be added together with #2977
3:51:25 PM jeff: SO (and sorry for being absent) - this is a known issue?
3:51:33 PM marcin: which one?
3:51:35 PM jeff: I have not yet entered a new ticket
3:51:40 PM jeff: My shutdown
3:51:50 PM marcin: your shutdown is a known issue for me
3:51:53 PM jeff: The error message in BIND10 log
3:52:01 PM marcin: I am not sure if there is any ticket yet
3:52:19 PM jeff: I would be happy to put one in, or if you prefer, you can do it
3:52:30 PM TomM: the null client id “crash” is known and we had a ticket but as marcin pointed out it addressed MySQL only
3:52:37 PM jeff: BTW I love talking to attorneys on the phone for $380.00 per hour.
3:53:12 PM jeff: SO clue me in - even though I specified —mysql in the config, and I created the SQL “qa” database to use…
3:53:14 PM TomM: look if you have nothing better to do with your time and money, I’ll talk to you and I only charge you $300 an hour
3:53:17 PM jeff: I’m not using SQL?
3:53:37 PM TomM: you have to set the database type
3:53:43 PM marcin: you’re not using SQL and you should
3:53:56 PM TomM: in the bind10 config
3:53:56 PM marcin: otherwise you will loose your leases when server is off
3:53:58 PM marcin: :P
3:54:02 PM jeff: COuld you point me to the part of the user guide that says how to do that please
3:54:03 PM TomM: its right there in the manual
3:54:08 PM jeff: What section
3:54:13 PM TomM: 1 sec
3:54:30 PM jeff: I read it last night at 1130pm and I do admit it was very interesting.
3:54:31 PM jeff: Not.
3:55:10 PM TomM: 17.2.1 Database Configuration
3:55:15 PM marcin: http://bind10.isc.org/docs/bind10-guide.html#idm66502448
3:55:18 PM marcin: enjoy!
3:55:46 PM jeff: I found it
3:55:52 PM jeff: > config set Dhcp4/lease-database/type “mysql”
3:55:56 PM jeff: From Section 17
3:56:03 PM TomM: that’ll $450.00 … I’ll send you a bill
3:56:31 PM jeff: Bill it to “Kea QA”
3:56:32 PM marcin: apart from setting a type of the database, you will have to setup user, password, host
3:56:46 PM jeff: Sorry I missed that part
3:56:55 PM jeff: Let me make absolutely certain:
3:57:11 PM TomM: were you reading it or just looking at the pretty pictures?
3:57:13 PM jeff: I am NOT going to enter a ticket, either for the error message in the log, or for the assert (debian reboot)
3:57:15 PM jeff: OK??
3:57:45 PM jeff: At 1130pm I think I read “SQL” and said to myself “I already did that, man.”
3:57:45 PM marcin: IMHO, you shouldn’t
3:58:05 PM jeff: OK then I will add the SQL config to my instructions on the COnfluence page, and retry.
3:58:16 PM jeff: THanks you for your time, gentlemen.
3:58:21 PM jeff: Oh, and TomM too.
3:58:48 PM marcin: nop
3:58:59 PM TomM: you betcha
4:20:55 PM TomM: and you need to make sure you get rest too
4:20:59 PM marcin: Yes, me too, otherwise I will get crazy
4:21:10 PM TomM: crazIER
4:21:14 PM marcin: Working and taking care of kids and shopping
4:21:20 PM TomM: yep
4:21:20 PM marcin: in the same time
4:21:27 PM TomM: that will make you nuts
4:21:56 PM marcin: that’s also pretty much why I stay so late working
4:22:03 PM marcin: I can finally focus
4:22:06 PM marcin: :P
4:22:10 PM TomM: ah
4:22:34 PM marcin: but it has pitfalls too
4:22:52 PM marcin: If I go to sleep at 1AM I will be woken up by kids at 6AM anyway
4:23:04 PM TomM: lovely, isn’t it?
4:23:05 PM marcin: that’s what happend yesterday
4:23:15 PM marcin: :-)
4:23:32 PM marcin: anyways, good night gentlemen
4:23:39 PM TomM: good night!
3051 defect 1373557622371711 1374251172119215 Unclassified medium jwright DHCP Outstanding Tasks new DHCP4 logfiles output from Kea display parameter mismatch errors BIND10 version: (BIND 10 20130529).

When running ANVL tests for Section 2: “Introduction, Design Goals and Protocol Summary,” I get the following messages in the dhcp4 component logfile:

2013-07-10 16:56:46.280 DEBUG [b10-dhcp4.dhcp4/10666] DHCP4_QUERY_DATA received packet type localAddr=255.255.255.255:67 remoteAddr=0.0.0.0:68, msgtype=1, transid=0x563db4e6
type=53, len=1:
, data is <2> @@Excess logger placeholders still exist@@<br><br>(several times) and ...<br><br>2013-07-10 16:56:46.285 DEBUG [b10-dhcp4.dhcp4/10666] DHCP4_RELEASE_FAIL_NO_LEASE client (client-id hwtype=1 02:02:00:00:00:06) tried to release address 0.0.0.0, but there is no lease for such address. @@Missing placeholder 3 for ‘(no client-id)’@@


Stephen had a quick look at the code and said the problem is that the number of placeholders in the message definitions do not match the number of arguments provided in the relevant LOG_XXX statement. Both messages are logged in src/bin/dhcp4/dhcp4_srv.cc
3053 enhancement 1373630335980609 1373630335980609 dhcp medium tomek DHCP Outstanding Tasks new Write documentation for Pkt4 and Pkt6 classes I’m not sure how that did slip through, but isc::dhcp::Pkt4 and isc::dhcp::Pkt6 do not have class documentation.

Pkt4Ptr and Pkt6Ptr should also be documented.
3055 defect 1373893121014446 1374575863870443 documentation medium muks Next-Sprint-Proposed new Add Makefile target to create PDF manual for BIND 10 Add a Makefile target to create PDF manual for BIND 10, so that if the corresponding tools exist, it’s possible to simply `make` the target and generate the PDF manual.

Some admins still print paper manuals, so we should continue to have a PDF manual on the website.
3057 defect 1373982387178144 1373982387178144 dhcp4 medium tomek DHCP Outstanding Tasks new Dhcp4Srv::selectSubnet() must be improved and thoroughly tested For some reason the v4 version of selectSubnet() is very simple and there are no tests for it. See appropriate comment in dhcpv4_srv_unittest.cc:

/// @todo Implement tests for subnetSelect See tests in dhcp6_srv_unittest.cc:
/// selectSubnetAddr, selectSubnetIface, selectSubnetRelayLinkaddr,
/// selectSubnetRelayInterfaceId. Note that the concept of interface-id is not
/// present in the DHCPv4, so not everything is applicable directly.

Subnet selection based on interface name should be implemented.
3058 defect 1374072358568511 1392911799567724 resolver low thozza DNS Outstanding Tasks new BIND10-1.1.0 Resolver fails to answer some Queries Hi.

When running latest bind10-1.1.0 recursive resolver with default configuration it fails
to answer some Queries. It returns SERVFAIL. The host that I’m running the resolver on
has only link local IPv6 address. The problem seems to be that resolver fails to send
DNS Query to IPv6 address.

Here is an output from system log when running ’dig 127.0.0.1 nic.cz' when BIND10 resolver<br>is running on localhost:<br><br>-- Logs begin at Mon 2013-07-08 09:57:45 CEST, end at Wed 2013-07-17 16:25:07 CEST. --<br>Jul 17 16:25:07 localhost.localdomain bind10[3576]: 2013-07-17 16:25:07.482 ERROR [b10-resolver.asiodns/3582] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:628:453:420::48(53)<br>Jul 17 16:25:05 localhost.localdomain bind10[3576]: 2013-07-17 16:25:05.481 ERROR [b10-resolver.asiodns/3582] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:678:f::1(53)<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.353 INFO [b10-stats.stats/3583] STATS_STARTING starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.234 INFO [b10-resolver.resolver/3582] RESOLVER_STARTED resolver started<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.232 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 24<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.231 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [127.0.0.1]:53 of type UDP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.228 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 23<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.228 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [127.0.0.1]:53 of type TCP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.226 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 22<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.224 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [::1]:53 of type UDP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.222 INFO [b10-init.init/3576] BIND10_SOCKET_CREATED successfully created socket 20<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.221 INFO [b10-init.init/3576] BIND10_SOCKET_GET requesting socket [::1]:53 of type TCP from the creator<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 INFO [b10-resolver.resolver/3582] RESOLVER_SET_QUERY_ACL query ACL is configured<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 WARN [b10-resolver.resolver/3582] RESOLVER_NO_ROOT_ADDRESS no root addresses available<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.206 INFO [b10-resolver.resolver/3582] RESOLVER_RECURSIVE running in recursive mode<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.204 INFO [b10-resolver.resolver/3582] RESOLVER_STARTING starting resolver with command line 'b10-resolver'<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.183 INFO [b10-init.init/3576] BIND10_STARTUP_COMPLETE BIND 10 started<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.178 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-cmdctl<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.177 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-cmdctl is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.170 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-stats<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.169 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-stats is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.167 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-resolver<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.166 INFO [b10-init.init/3576] BIND10_COMPONENT_START component b10-resolver is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.166 INFO [b10-init.init/3576] BIND10_CONFIGURATOR_RECONFIGURE reconfiguring running components<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.165 INFO [b10-init.init/3576] BIND10_READING_INIT_CONFIGURATION reading b10-init configuration<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_CC starting configuration/command session<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-cfgmgr<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_COMPONENT_START component cfgmgr is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_STARTING_PROCESS starting process b10-msgq<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.156 INFO [b10-init.init/3576] BIND10_COMPONENT_START component msgq is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.155 INFO [b10-init/3576] BIND10_SETUID setting UID to 25<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.155 INFO [b10-init.init/3576] BIND10_SETGID setting GID to 25<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.154 INFO [b10-init.init/3576] BIND10_SOCKCREATOR_INIT initializing socket creator parser<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.154 INFO [b10-init.init/3576] BIND10_COMPONENT_START component Socket creator is starting<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.153 INFO [b10-init.init/3576] BIND10_CONFIGURATOR_START bind10 component configurator is starting up<br>Jul 17 16:25:00 localhost.localdomain bind10[3576]: 2013-07-17 16:25:00.152 INFO [b10-init.init/3576] BIND10_STARTING starting BIND10: bind10 20110223 (BIND 10 1.1.0)<br>Jul 17 16:24:59 localhost.localdomain bind10[3576]: 2013-07-17 16:24:59.199 INFO [b10-cfgmgr.cfgmgr/3580] CFGMGR_CONFIG_FILE Configuration manager starting with configuration file: /var/bind10/b10-config.db<br><br><br># dig 127.0.0.1 nic.cz

; <<>> DiG 9.9.3-rl.156.01-P1-RedHat-9.9.3-3.P1.fc19 <<>> 127.0.0.1 nic.cz<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39672<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1<br><br>;; OPT PSEUDOSECTION:<br>; EDNS: version: 0, flags:; udp: 4096<br>;; QUESTION SECTION:<br>;nic.cz. IN A<br><br>;; Query time: 4000 msec<br>;; SERVER: 127.0.0.1#53(127.0.0.1)<br>;; WHEN: Wed Jul 17 16:37:25 CEST 2013<br>;; MSG SIZE rcvd: 35<br><br><br>What is strange, that subsequent calls to dig return DNS Response successfully:<br><br># dig 127.0.0.1 nic.cz

; <<>> DiG 9.9.3-rl.156.01-P1-RedHat-9.9.3-3.P1.fc19 <<>> @127.0.0.1 nic.cz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 46683
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 7

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;nic.cz. IN A

;; ANSWER SECTION:
nic.cz. 1781 IN A 217.31.205.50

;; AUTHORITY SECTION:
nic.cz. 1781 IN NS a.ns.nic.cz.
nic.cz. 1781 IN NS b.ns.nic.cz.
nic.cz. 1781 IN NS d.ns.nic.cz.

;; ADDITIONAL SECTION:
a.ns.nic.cz. 1781 IN A 194.0.12.1
b.ns.nic.cz. 1781 IN A 194.0.13.1
d.ns.nic.cz. 1781 IN A 193.29.206.1
a.ns.nic.cz. 1781 IN AAAA 2001:678:f::1
b.ns.nic.cz. 1781 IN AAAA 2001:678:10::1
d.ns.nic.cz. 1781 IN AAAA 2001:678:1::1

;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jul 17 16:37:44 CEST 2013
;; MSG SIZE rcvd: 234
3060 enhancement 1374143150623397 1397640730796484 dhcp-ddns medium tmark DHCP Outstanding Tasks new Add support for TCP traffic to NameChangeListener/Sender for DHCP-DDNS The initial implementation (trac3008) provided the abstract layer (ncr_io.*) and a UPD derivation (ncr_upd.*). This should be sufficient to get the basic intergration testing done and may suffice for initial release. In order to make things more reliable a derivation that supports TCP traffic needs to be created.

This would leverage the send queue mechanism provided by the abstract sender (!NameChangeSender) to avoid loss of requests if there is a lag during start up or DHCP-DDNS restarts etc.
3061 enhancement 1374238255106268 1392917310545139 resolver medium shane DNS Outstanding Tasks new RFC 6975 (Signaling Cryptographic Algorithm Understanding in DNSSEC) support We should support RFC 6975 (note this is only meaningful for the resolver, really, so nothing for us to do now)
3066 enhancement 1374677719336949 1374677719336949 dhcp medium tomek DHCP Outstanding Tasks new Implement lease4_expire, lease6_expire hooks We need to have lease4_expire and lease6_expire callouts. It can be done once ticket #2345 is implemented.
3070 enhancement 1374768434714669 1374768434714669 dhcp6 medium tomek DHCP Outstanding Tasks new Kea should support rapid-commit option for DHCPv6 See RFC3315, section 22.14.

The option format is easy. The tricky part is to respond to SOLICIT with REPLY, not with ADVERTISE.
3071 defect 1375223145199750 1380799220951059 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6: solicit with invalid options is accepted Solicit message tested with not allowed options in message:
server should discarded message with:
wrong client ID

and discard or reply with status code option with code UnSpecFail for message that includes:
relay message
preference
server-unicast
status-code
interface-id
reconfigure

server answers with Advertise in every case.

Reference to:
RFC 3315, table A “Appearance of Options in Message Types”
RFC 3315 section 15.2

It looks like Kea6 doesn’t checking messages for not allowed options.

To repeat all those cases plz use Forge project and run all test tagged with ‘solicit_invalid’, also attached wireshark capture for all those tests and html report.
solicit
3072 enhancement 1375227098056417 1375801436232689 data source low jreed new rename static.zone Let’s rename static.zone. Many zones may be static. Maybe rename to builtin-chaos-zone or something like that.

From ticket #3020:

> I assume later could be used for other builtin CH. So I even think
> the name “static.zone” is wrong.

We can rename this file if necessary.
3076 defect 1375310038147665 1380119767902127 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6 replay messages send with unicast address Acording to RFC 3315, section 15, messages:
Solicit, Confirm, Rebind and Info-Request
should be discarded when server receives it with unicast destination address.

Kea6 doesn’t discard, it send Reply message.

To check this bug use Forge project and run tests tagged with ‘unicast’.

Included wireshark capture.
unicast
3077 defect 1375311836480302 1380119740642255 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6 invalid reply for request/renew send via unicast address RFC 3315 section 18.2.1.
> When the server receives a Request message via unicast from a client
> to which the server has not sent a unicast option, the server
> discards the Request message and responds with a Reply message
> containing a Status Code option with the value UseMulticast
and section 18.2.3.
> When the server receives a Renew message via unicast from a client to
> which the server has not sent a unicast option, the server discards
> the Renew message and responds with a Reply message containing a
> Status Code option with the value UseMulticast

In both cases Kea6 failing. No option Status Code included.

Wireshark captures included.
unicast
3078 defect 1375355319557294 1375801580836064 Unclassified medium shivathapa new configured only as Recursive DNS Server Hi, I am trying configuring Recursive DNS using bind10. everything working fine except not able to dig/resolve international sites like yahoo,google but am able to dig/resolve local sites.


2013-08-01 22:34:13.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:15.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:15.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:17.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:17.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:19.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:34:21.923 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:33.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:33.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:35.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:35.043 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:37.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:37.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:39.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
2013-08-01 22:37:39.044 ERROR [b10-resolver.asiodns/13789] ASIODNS_SEND_DATA error 101 sending data using UDP to 2001:500:3::42(53)
3081 enhancement 1375679546199591 1375679546199591 statistics low y-aharen new provide computed values as statistics data > As an improvement for future (not in this ticket), it would be nice if the statistics daemon could provide computed values, so it could show the sum, not require the user to take a calculator and sum them manually.

Opening this ticket just to record this idea in the review of #2797.
3085 enhancement 1375882806911169 1375882806911169 dhcp6 medium tomek DHCP Outstanding Tasks new src/bin/dhcp6/tests/dhcp6_test_utils.h refactoring src/bin/dhcp6/tests/dhcp6_test_utils.h header file contains quite significant amount of code.
It should be refactored into cc + h. Also, some common code between v4 and v6 should be investigated. Also see #2984:comment:5
3090 defect 1375957660903933 1380120426102381 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6 assign malformed address. Kea6 assigned address: 2001:db8:1::
which is of course malformed.

Kea sends this address when configured with:
subnet: 2001:db8:1::/64
pool: 2001:db8:1::0-2001:db8:1::ff

There should be some subnet/pool testing while configuration process (2001:db8:1::0 isn’t proper host address)

wireshark capture attached.
address
3091 defect 1375958118721831 1390648869680489 dhcp6 medium wlodekwencel DHCP-QA Defects new kea6 assign reserved address. Kea6 assigned addresses:
ff02::1
::1

According to RFC 3315, Section 11:
> A server MUST NOT assign an address that is otherwise reserved for
> some other purpose.


address ff02::1 assigned when Kea configured with:
subnet: ff02::/64
pool: ff02::1-ff02::ff


address ::1 assigned when Kea configured with:
subnet: ::/64
pool: ::1-::ff

There should be some subnet/pool testing while configuration process to eliminate reserved addresses.

wireshark capture attached.
address kea
3093 defect 1376303087931390 1377098712613463 bind-ctl medium wlodekwencel Next-Sprint-Proposed new ‘execute file’ fails with multiple option-data I’m using config file:

config add Dhcp6/subnet6
config set Dhcp6/subnet6[0]/subnet “3000::/64”
config set Dhcp6/subnet6[0]/pool [ “3000::1-3000::ff” ]
config commit
config add Dhcp6/option-data
config set Dhcp6/option-data[0]/name “preference”
config set Dhcp6/option-data[0]/code 7
config set Dhcp6/option-data[0]/space “dhcp6”
config set Dhcp6/option-data[0]/csv-format true
config set Dhcp6/option-data[0]/data “123”
config commit
config add Dhcp6/option-data
config set Dhcp6/option-data[1]/name “sip-server-dns”
config set Dhcp6/option-data[1]/code 21
config set Dhcp6/option-data[1]/space “dhcp6”
config set Dhcp6/option-data[1]/csv-format true
config set Dhcp6/option-data[1]/data “srv1.example.com,srv2.isc.org”
config commit
config add Dhcp6/option-data
config set Dhcp6/option-data[2]/name “dns-servers”
config set Dhcp6/option-data[2]/code 23
config set Dhcp6/option-data[2]/space “dhcp6”
config set Dhcp6/option-data[2]/csv-format true
config set Dhcp6/option-data[2]/data “2001:db8::1,2001:db8::2”
config commit
config add Dhcp6/option-data
config set Dhcp6/option-data[3]/name “domain-search”
config set Dhcp6/option-data[3]/code 24
config set Dhcp6/option-data[3]/space “dhcp6”
config set Dhcp6/option-data[3]/csv-format true
config set Dhcp6/option-data[3]/data “domain1.example.com,domain2.isc.org”
config commit


when config file is copy-plasted to bindctl command line, everything is ok. When I’m trying to use it by ‘execute file’ it fails with error:


Error: No item 1 in option-data[1]

Depending on the contents of the script, and which
commands it has called, there can be committed and
local changes. It is advised to check your settings
, and revert local changes with “config revert”.


bindctl, execute file
3094 defect 1376400177847791 1377051462064868 statistics medium muks Next-Sprint-Proposed new AssertionError: Statistics item .Xfrout.zones.IN.SERVER.xfrrej has unexpected value 14 (expect 3 or less than) Got this error today when reviewing a ticket (#2690) which should not influence it:

Scenario: Handle incoming notify (XFR request rejected in IPv4) # features/xfrin_notify_handling.feature:325
Given I have bind10 running with configuration xfrin/retransfer_master_v4.conf with cmdctl port 47804 as master # features/terrain/bind10_control.py:10 Given I have bind10 running with configuration xfrin/retransfer_master_v4.conf with cmdctl port 47804 as master # features/terrain/bind10_control.py:107
And wait for master stderr message BIND10_STARTED_CC And wait for master stderr message BIND10_STARTED_CC # features/terrain/steps.py:34
And wait for master stderr message CMDCTL_STARTED And wait for master stderr message CMDCTL_STARTED # features/terrain/steps.py:34
And wait for master stderr message AUTH_SERVER_STARTED And wait for master stderr message AUTH_SERVER_STARTED # features/terrain/steps.py:34
And wait for master stderr message XFROUT_STARTED And wait for master stderr message XFROUT_STARTED # features/terrain/steps.py:34
And wait for master stderr message ZONEMGR_STARTED And wait for master stderr message ZONEMGR_STARTED # features/terrain/steps.py:34
And wait for master stderr message STATS_STARTING And wait for master stderr message STATS_STARTING # features/terrain/steps.py:34
And I have bind10 running with configuration xfrin/retransfer_slave_notify_v4.conf # features/terrain/bind10_control.py:10 And I have bind10 running with configuration xfrin/retransfer_slave_notify_v4.conf # features/terrain/bind10_control.py:107
And wait for bind10 stderr message BIND10_STARTED_CC And wait for bind10 stderr message BIND10_STARTED_CC # features/terrain/steps.py:34
And wait for bind10 stderr message CMDCTL_STARTED And wait for bind10 stderr message CMDCTL_STARTED # features/terrain/steps.py:34
And wait for bind10 stderr message AUTH_SERVER_STARTED And wait for bind10 stderr message AUTH_SERVER_STARTED # features/terrain/steps.py:34
And wait for bind10 stderr message XFRIN_STARTED And wait for bind10 stderr message XFRIN_STARTED # features/terrain/steps.py:34
And wait for bind10 stderr message ZONEMGR_STARTED And wait for bind10 stderr message ZONEMGR_STARTED # features/terrain/steps.py:34
A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN # features/terrain/querying.py:204
check initial statistics not containing example.org for Xfrout with cmdctl port 47804 except for the following items # features/terrain/bind10_control.py:45 check initial statistics not containing example.org for Xfrout with cmdctl port 47804 except for the following items # features/terrain/bind10_control.py:452
socket.unixdomain.open 1 0
item_name item_max item_min
socket.unixdomain.open 1 0
check initial statistics not containing example.org for Xfrin # features/terrain/bind10_control.py:45 check initial statistics not containing example.org for Xfrin # features/terrain/bind10_control.py:452
When I send bind10 the following commands with cmdctl port 47804 # features/terrain/bind10_control.py:280
“”"
config set Xfrout/zone_config[0]/transfer_acl [{action “REJECT”, "fr When I send bind10 the following commands with cmdctl port 47804 # features/terrain/bind10_control.py:280
“”"
config set Xfrout/zone_config[0]/transfer_acl [{action “REJECT”, from “127.0.0.1”}]
config commit
“”"
last bindctl output should not contain Error # features/terrain/bind10_control.py:15 last bindctl output should not contain Error # features/terrain/bind10_control.py:156
When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:31 When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:314
Then wait for new master stderr message XFROUT_NOTIFY_COMMAND Then wait for new master stderr message XFROUT_NOTIFY_COMMAND # features/terrain/steps.py:34
Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY # features/terrain/steps.py:34
Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY # features/terrain/steps.py:34
Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED # features/terrain/steps.py:34
Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION no Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION not XFRIN_TRANSFER_SUCCESS # features/terrain/steps.py:34
Then wait for bind10 stderr message ZONEMGR_RECEIVE_XFRIN_FAILED not ZONEMGR Then wait for bind10 stderr message ZONEMGR_RECEIVE_XFRIN_FAILED not ZONEMGR_RECEIVE_XFRIN_SUCCESS # features/terrain/steps.py:34
Then wait for master stderr message NOTIFY_OUT_REPLY_RECEIVED Then wait for master stderr message NOTIFY_OUT_REPLY_RECEIVED # features/terrain/steps.py:34
A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN A query for www.example.org to 127.0.0.1:47806 should have rcode NXDOMAIN # features/terrain/querying.py:204
When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:37 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:377
wait for new master stderr message XFROUT_RECEIVED_GETSTATS_COMMAND wait for new master stderr message XFROUT_RECEIVED_GETSTATS_COMMAND # features/terrain/steps.py:34
last bindctl output should not contain “error” # features/terrain/bind10_control.py:15 last bindctl output should not contain “error” # features/terrain/bind10_control.py:156
When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:37 When I query statistics zones of bind10 module Xfrout with cmdctl port 47804 # features/terrain/bind10_control.py:377
The statistics counters are 0 in category .Xfrout.zones.IN except for the following items # features/terrain/bind10_control.py:39 The statistics counters are 0 in category .Xfrout.zones.IN except for the following items # features/terrain/bind10_control.py:393
SERVER.notifyoutv4 1
item_name item_value min_value max_value
SERVER.notifyoutv4 1
SERVER.xfrrej 1 3
example.org..notifyoutv4 1
example.org..xfrrej 1 3
Traceback (most recent call last):
File “/home/muks/local/lettuce/lettuce/core.py”, line 117, in call
ret = self.function(self.step, args,*kw)
File “/home/muks/bind10/tests/lettuce/features/terrain/bind10_control.py”, line 444, in check_statistics_items
(name, found, value)
AssertionError: Statistics item .Xfrout.zones.IN.SERVER.xfrrej has unexpected value 14 (expect 3 or less than)

3096 enhancement 1376469826683288 1376469826683288 dhcp medium marcin DHCP Outstanding Tasks new Create the setHostname method for the Lease4 and Lease6. Currently the hostname, fwd, rev_ fields of the Lease object are public. We should implement the modifiers for these fileds which would validate that values being set are valid.
3097 defect 1376492213514816 1376492213514816 dhcp low stephen DHCP Outstanding Tasks new Investigate parser rollback behaviour for DHCP When parsing a DHCP configuration, each element is parsed by a separate parser. After checking, the changes indicated by the configuration are committed. The commit operations are sequential and, if one fails, the system should roll back to the pre-configuration-change state.

For most elements in the configuration this is trivial; the original data is stored, changes applied to the active version of the data and, if there is a problem, the active data is replaced by the copy. However, two elements of the DHCP configuration - the database configuration and the hooks libraries configuration - do not follow this model. In the former, committing the change means closing the connection to the existing database and opening a connection to the new one. In the latter, the commit means unloading the old hooks libraries and loading the new ones. For both cases, rollback cannot be achieved by merely retrieving a stored copy of the data; the operation (open database, load libraries) has to be performed again.

The current situation is that the committal of the hooks libraries change is the last item done. However if it fails and the configuration change included a change to the database information, the database change will not be rolled back; ideally it should.

This ticket is for the investigation of the problem and the recommendation of a solution.
3098 task 1376492746448990 1394117562538091 tests low stephen Common Outstanding Tasks new Ensure test names follow the same standard Within BIND 10, some test names are in !CamelCase whereas others follow the same pattern but start with a lowercase letter (e.g. camelCase).

The BIND 10 standard should be updated to define the format of test names, and the changes applied to all BIND 10 tests.
3100 task 1376595771046801 1386255398492674 Unclassified medium stephen New Tasks new Copy message compiler to BIND 10 installation directory To allow the authors of hooks libraries to interact with the BIND 10 logging system, they need to be able to compile message files. This ticket modifies the BIND 10 build system to copy the suitably-renamed message compiler (e.g. a name like b10-message) to the “bin” directory.

(Before doing this, we should check that a logger defined in dynamically-loaded libraries will connect with the main logging system. It should, but we need confirmation.)

The ticket also encompasses creation of a “man” page for the compiler and extension of the hooks developer guide to point to the logging manual. Ticket #2566 concerns the creation of a user guide for logging in the BIND 10 developers guide. This needs to be completed before that step is done.
3101 enhancement 1376658729501499 1376658729501499 dhcp6 low marcin DHCP Outstanding Tasks new Move FqdnDhcpv6SrvTest to another file. It was pointed out during a review of #3036, that the new FQDN tests should be moved to another file to keep the dhcp6_srv_unittest.cc file reasonably short.
3102 enhancement 1376675941829037 1376675941829037 tests medium stephen New Tasks new Add building of hooks library example to test suite See suggestion in [ticket:3092#comment:10 comment 10 of #3092]
3103 defect 1376684061289055 1397640730796484 dhcp4 low jwright DHCP Outstanding Tasks new Kea IPv4 fails ANVL test 2.4 (“A DHCP server always returns its own address in the ‘server identifier’ option”) ANVL test 2.4 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4).

ANVL execution log shows:

! Message Option in received DHCPOFFER Message is incorrectly set.
! Expected Value = Server Identifier (54) Length : 4 Value : 172.16.1.1
! Received Value = Server Identifier (54) Length : 4 Value : 149.20.57.86

Please see relevant files at https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15.
3104 defect 1376708204797928 1396529441757068 xfrin medium muks DNS Outstanding Tasks new Lettuce failure: XFRIN_TRANSFER_SUCCESS instead of XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION There’s a lettuce failure in Handle incoming notify (XFR request rejected in IPv4) When I send bind10 with cmdctl port 47804 the command Xfrout notify example.org IN # features/terrain/bind10_control.py:314
Then wait for new master stderr message XFROUT_NOTIFY_COMMAND # features/terrain/steps.py:34
Then wait for new bind10 stderr message AUTH_RECEIVED_NOTIFY # features/terrain/steps.py:34
Then wait for bind10 stderr message ZONEMGR_RECEIVE_NOTIFY # features/terrain/steps.py:34
Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_STARTED # features/terrain/steps.py:34
Then wait for bind10 stderr message XFRIN_XFR_TRANSFER_PROTOCOL_VIOLATION not XFRIN_TRANSFER_SUCCESS # features/terrain/steps.py:34
Traceback (most recent call last):
File “/Local/Users/jreed/opt/pkg/lib/python2.7/site-packages/lettuce/core.py”, line 117, in call
ret = self.function(self.step, args,*kw)
File “/b/work/BIND10-lettuce/20130817013527-MacOSX10.6-x86_64-GCC/build/tests/lettuce/features/terrain/steps.py”, line 56, in wait_for_stderr_message
assert found != not_message, line
AssertionError: 2013-08-16 19:19:03.437 INFO [b10-xfrin.xfrin/58504] XFRIN_TRANSFER_SUCCESS full AXFR transfer of zone example.org/IN succeeded (messages: 1, records: 12, bytes: 422, run time: 0.046 seconds, 9083 bytes/second)


See: http://git.bind10.isc.org/~tester/builder/BIND10-lettuce/20130817013527-MacOSX10.6-x86_64-GCC/logs/lettuce.out

Not sure if it’s mixed-log messages related.
3106 defect 1376959457212368 1377111860550965 dhcp4 medium jwright DHCP-QA Defects new Kea IPv4 fails ANVL test 3.1 (Dynamic Allocation of Network Addresses) ANVL test 3.1 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4).

! ‘yiaddr’ field in received DHCPOFFER Message is incorrectly set.
! Expected Value = 172.16.1.101
! Received Value = 172.16.1.103

Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15
3108 defect 1377017454026520 1377017469832239 dhcp6 medium tomek DHCP Outstanding Tasks new Write unit-tests for buffer6_send hook There seem to be no unit-tests for buffer6_send callouts. See src/bin/dhcp6/tests/hooks_unittest.cc. This must have slipped through with #2984.
3110 defect 1377111651318426 1377111651318426 dhcp4 medium jwright DHCP-QA Defects new Kea IPv4 fails ANVL test 5.4 (server SHOULD respond with a dhcpTypeNack message) ANVL test 5.4 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4).

! DHCP Client did not receive expected DHCPNAK Message from

Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15
3111 defect 1377112727109554 1377112727109554 dhcp4 medium jwright DHCP-QA Defects new Kea IPv4 fails ANVL test 5.5 (The server SHOULD mark an address offered to a client in a DHCPOFFER mes- sage as available if the server receives no DHCPREQUEST message from that client ) ANVL test 5.5 fails when executed against BIND 10 20130529 (commit c845a96005b28acde2d62a93ee8c046162da4cb4).

! ‘yiaddr’ field in received DHCPOFFER Message is incorrectly set.
! Expected Value = 172.16.1.101
! Received Value = 172.16.1.102

Please see relevant files at: https://confluence-int.isc.org/display/QUAL/ANVL+Test+Results%3A+Kea+28BIND+10+2013052929%2C+executed+2013-08-15
3115 task 1377246728575960 1392917616132560 Unclassified medium vorner DNS Outstanding Tasks new Migrate loadzone to notification Currently, several our daemons act when new zone data is available (Auth to reload, XfrOut to send notifications, possibly more and we need to add the MemoryManager there too). Each of them currently exposes a loadzone command. Several components produce zone data (XfrIn, DDNS) and each of them explicitly calls the command on each of the consuming components. This is obviously wrong.

So, in this task, we migrate this to MsgQ notifications.

Decide:
* Name of the notification group (suggested: ZoneData)
* Name of the event (suggested: ZoneChanged) and its parameters (probably the same as the parameters of current LoadZone commands ‒ name of data source, origin of zone, zone class).

Move the consumers to subscribe to the notification group and act upon the event (simply call the same code as for the LoadZone command internally). Remove the LoadZone command.

Let the XfrIn and DDNS produce event instead of calling the direct commands.
3116 defect 1377247957977874 1377247970247578 dhcp4 medium tomek DHCP Outstanding Tasks new Improve sanity checks for incoming DHCPv4 packets Dhcpv4Srv::processRequest, processRelease, processDecline, processInform do not call sanityCheck().

They definitely should.
3117 enhancement 1377249125341795 1377249125341795 dhcp very low tomek DHCP Outstanding Tasks new Dhcp{4,6}Srv::run() method is too long Those two methods grown up too large and should be either split or cleaned up.
3118 enhancement 1377323393900034 1378220329782914 bind-ctl medium cas new Feature Request (with patch): bindctl - check on “quit” if pending changes exist Author: Carsten Strotmann
Date: Sat Aug 24 07:43:57 2013 0200

Feature: bindctl - check on “quit” if pending changes exist, if there are pending changes, stop the termination of bindctl, print a warning and the list of pending changes

):
self.conn.close()
+ return True
+ else:
+ self.print
+ self.
print(self.config_data.get_local_changes())
+ line = ‘’

if line == ’h’:
line = ‘help’
3120 enhancement 1377583071997887 1377583071997887 dhcp medium marcin DHCP Outstanding Tasks new Consider sanity-checking lease pointers in lease managers. Currently pointers to leases are not validated by the public functions in Memfile and MySQL backends. Since these functions are in the libraries, and may be used by the external code, we may consider sanity checking the lease objects and throwing appropriate exceptions.
3121 defect 1377602758801282 1397640730796484 dhcp-ddns low tmark DHCP Outstanding Tasks new Move error detection logic from commit()s to builds() in d2_config.cc The DHCP_DDNS parsers in d2_config.cc conduct most of their validation logic in their commit methods when in fact, the configuration paradigm calls for this work to be done in the build methods. The parsing functions correctly as is but it is not structured as intended by the underlying infrastructure.

Since the parses in d2_config currently all follow a consistent pattern of implementation the restructure should likewise be consistent throughout.

See review comments on trac3075 from Marcin regarding TSIGKeyInfo parsing for additional background.
3122 task 1377680851046889 1392811791102140 Unclassified medium vorner DNS Outstanding Tasks new Simplified datasrc info Create a simplified DatasrcInfo. This one will just keep info about all the data sources (and, probably, the client lists as well) that are interesting and set of readers.

It will be able to get all of the readers, add and remove. No need for state machine there. The interface could look like:
#!python
class DatasrcInfo:
def add_reader(id):


def remove_reader(id):


def get_readers(id):


def config_update(new_config):


def get_config():
“”“
The active config, stored from config_update.
”“”


def get_segment_params():
“”“
The parameters for segments to be sent to the clients.
”“”


It may be based (copy-pasted & edited) from the current DatasrcInfo, but we will still need the current one for a short while (before it is replaced by other tickets).
3123 task 1377681316819638 1392812687942652 shmem manager medium vorner DNS Outstanding Tasks new Select wrapper & mutex around ModuleCCSession Implement the usual work-around wrapper with select around check_command for module CC session in the memory manager. Also, include a mutex around the command (there’s one inside, but the other thread will need to hold the module CC session for longer than just one command when synchronizing and it will not want the main thread to interfere).

Something like:

#!python
while True:
if fd in select([fd], [], [])[0]:
with mutex:
module_cc_session.check_command(blocking=False)

3124 task 1377681839506713 1392811947983754 shmem manager medium vorner DNS Outstanding Tasks new Move most work to the work thread Move all the possible logic into the work thread. The main thread will only listen for notifications about need to load zones (#3115), configuration updates and new/removed subscribers. It’ll simply push the notifications and commands to the queue for the work thread (and send ACK for the configuration updates, since they are command, not notification), but it’ll not handle other communication with the readers.

This may simplify the logic in the work thread a bit, but some more will come.

Directly handle whatever is needed instead of sending notification about completed work and letting the main thread handle it.

Depends on #3123.
3125 enhancement 1377681981763574 1392812301690541 shmem manager low vorner DNS Outstanding Tasks new Rip out the notifications from work thread Remove the channel from the work thread to the main thread. After #3124, this direction is no longer needed and this simplifies the code.
3126 task 1377682159325112 1392811971648699 shmem manager medium vorner DNS Outstanding Tasks new Keep just one snapshot of config Get rid of the list of data source infos. Keep just the latest one and put updates into it. Depends on #3122.
3127 task 1377682439703054 1392811816252112 b10-auth medium vorner DNS Outstanding Tasks new Make auth response directly to segment_update command Do the update of segment info in auth synchronous. That means, don’t queue it to the work thread. Just grab the lock of the data source and apply the change in the command handler. Return the ACK/NACK after that.

Do not send the explicit segment_info_update_ack.
3128 task 1377686733661504 1392812038358186 shmem manager medium vorner DNS Outstanding Tasks new Send updates synchronously Send updates to segment infos synchronously, in a similar way as stats collect the statistics. In particular, when the updates should happen (when there are no more updates to the data in the queue or comes some command that is not update to data), do this:

* Lock the mutex (to prevent the main thread interfering)
* Send the commands to all the readers
* Wait for all the answers from the readers (either ACKs or undeliverable notifications).
* Unlock the mutex.

Stop using the state machine and switch to using the simplified version of datasource info from #3122.

It should be done after #3127, to be able to check it against auth.
3129 task 1377687061159715 1392812052797467 shmem manager medium vorner DNS Outstanding Tasks new On update, send info about all the segments Send all the segment info at update. This may turn out to be done automatically by #3128, but it should be checked at the time.

Include the complete config (from config manager) in the update, so the reader may check it is for its version.
3130 task 1377687267726899 1392812068429522 b10-auth medium vorner DNS Outstanding Tasks new Update auth to handle complete update in one message This is the counter-part of #3129. Handle the complete update in auth (probably inside single lock of the data sources, if there’s single mutex).

Should be done after #3127.
3131 task 1377687670873487 1392812085895906 b10-auth medium vorner DNS Outstanding Tasks new Check the version on update and config update When the update of segment info comes to auth, do these:

* Store the update information for later.
* Check the config bundled with the update matches the config in place currently in the auth’s data sources. If yes, do the update, if not, do nothing now.

When an update for configuration comes from the config manager:

* Look for the stored update. If any:
* Check the config bundled matches. If so, apply the stored update.

Depends on #3130.
3132 task 1377687861464873 1392812102771429 shmem manager medium vorner DNS Outstanding Tasks new Delete the old datasource info The not simplified version of data source info would not be needed at this point. Remove it.

This is after #3129.
3133 task 1377687976461409 1392812120090155 shmem manager medium vorner DNS Outstanding Tasks new Handle config updates in the manager When an update comes:

* Push the update to the data source manager, to have a new version of client lists.
* Flush the queue of all data updates. Only add/remove relevant readers.
* Queue updates of all the data sources (as at startup).
3134 task 1377697309376109 1389107740575785 Unclassified medium shane Next-Sprint-Proposed new Investigate removing external visibility of asio headers Right now we expose some of the asio headers with our IOAddresses class. We tried to avoid this but for some reason that has sneaked in.

We need to figure out why we’ve done this, and see if we can change it back so that we don’t expose these headers any more.

Some discussion here:

[wiki:WeeklyMinutes20130828]
3135 task 1377698750878585 1378222724691813 Unclassified medium jreed shane assigned Build BIND 10 with system-provided ASIO package We want to see if we can build & run BIND 10 using Boost.ASIO instead of asio.

The drawback of this is that it requires linking against Boost.System, and we’d rather not add extra dependencies. However perhaps it is worth it to just run with Boost.

The goal of this ticket is just to build and test, to see if this is an option.
3136 enhancement 1377858713492825 1378220771790795 cmd-ctl medium cas new Version number for BIND 10 config database content Feature request from BIND 10 training in Amsterdam, August 2013:

a version number (and date) field for the global BIND 10 config

this could be used:
* by admins to check for a specific change
* by a change management system (future module)
* by bindctl or other management tools to check if the service side config has been changed (to prevent race conditions when doing concurrent changes from different bindctls)
3137 enhancement 1377859038301883 1378446455757799 Boss of BIND medium UnAssigned cas reviewing function to temporary disable a BIND 10 module/component Feature request from BIND 10 training in Amsterdam, August 2013:

a way to temporary disable a module/component (b10-xferin, b10-resolver …), without the need to delete all the config
3138 enhancement 1377859537494484 1378220992025025 bind-ctl medium cas new IDN (International Domain Names) support in bindctl / b10-loadzone Feature request from BIND 10 training in Amsterdam, August 2013:

check for Unicode chars in domain names in bindctl and b10-loadzone. If found, convert the domain name to puny-code.
3139 enhancement 1377859736130004 1378222435690510 Unclassified medium cas new config file for b10-loadzone to set a default database location Feature request from BIND 10 training in Amsterdam, August 2013:

support a local configuration file for b10-loadzone to store the path/location of the BIND 10 sqlite3 database file

Alternatively b10-loadzone could query this information from BIND 10 (bind-ctl?)
3140 task 1377864379496453 1380820215728789 dhcp4 low UnAssigned jreed DHCP Outstanding Tasks reviewing lettuce test for dhcp This ticket is for adding simple lettuce test for starting and stopping and basic configuring of b10-dhcp4.

I understand that there are already lettuce tests for kea
http://bind10.isc.org/wiki/DhcpTesting but these are not part of the existing source tree. I needed something to verify b10-dhcp4 still somewhat worked after various changes. I also saw #1642 but I am unclear what has been done there.
3141 enhancement 1377867605736332 1379430086316107 cmd-ctl medium cas new auto-detect if bindctl running on a terminal - command line switch for batch run * have a global state (variable) in bindctl that reflects the mode (batch or interactive on terminal)

* have a command line switch where the state can be explicitly set by the user (b / —batch orq / —quiet)

* if the state has not been set by the user, test and set the state on OS systems where it is possible to detect if the command runs on a terminal

can be used for function to detect if bindctl runs on a terminal. If not, interactive features (such as prompts) can be disabled.
3142 task 1377875229675878 1394209432744351 build system low UnAssigned jreed Common Outstanding Tasks assigned try using boost’s asio Also see ticket #3135.

The task for this ticket is to try using boost’s asio without depending on boost libraries.

Maybe need to define BOOST_ASIO_HEADER_ONLY and undefine BOOST_ASIO_DYN_LINK and undefine BOOST_ASIO_SEPARATE_COMPILATION.

I didn’t test using my trac3135 branch because asio/error_code.hpp and asio/system_error.hpp do not exist in boost/asio but are referenced by our source code.
3144 enhancement 1378131967213151 1378131967213151 dhcpdb medium tomek DHCP Outstanding Tasks new All backends should support getLease4(clientid, hwaddr, subnetid) It seems that our current LeaseMgr API does not support such an API. It should.

See related discussion in ticket:2592#comment:14.

Also see AllocEngine::allocateAddress4 in src/lib/dhcpsrv/alloc_engine.cc.
3148 enhancement 1378132656317504 1397640730796484 dhcpdb low UnAssigned tomek DHCP Outstanding Tasks assigned PD: memfile LeaseMgr support for Lease6 type PD memfile backend must be able to handle Lease6 type PD.

3155 enhancement 1378133284730844 1397640730796484 dhcp6 low tomek DHCP Outstanding Tasks new PD: Prefix expiration Once #3152 is implement, we need to implement prefix expiration. This requires also house-keep routines to be implemented.
3157 defect 1378312450895339 1378312450895339 dhcp medium marcin DHCP Outstanding Tasks new The dhcp_srv_unittests fail when no network interface is configured There are certain DHCP Srv unit tests that require at least one network interface to be configured with an address. Otherwise they fail because they can’t find an appropriate interface to use for unit tests:


[ RUN ] Dhcpv4SrvTest.processDiscover
2013-09-04 18:32:18.837 DEBUG [bind10.dhcpsrv/31019] DHCPSRV_CFGMGR_DELETE_SUBNET4 deleting all IPv4 subnets
2013-09-04 18:32:18.837 DEBUG [bind10.dhcpsrv/31019] DHCPSRV_CFGMGR_ADD_SUBNET4 adding subnet 192.0.2.0/24
2013-09-04 18:32:18.837 DEBUG [bind10.dhcp4/31019] DHCP4_OPEN_SOCKET opening sockets on port 0
2013-09-04 18:32:18.837 ERROR [bind10.dhcp4/31019] DHCP4_SRV_CONSTRUCT_ERROR error creating Dhcpv4Srv object, reason: No suitable interfaces for server-identifier found
lt-dhcp4_unittests: /usr/include/boost/smart_ptr/shared_ptr.hpp:424: T* boost::shared_ptr::operator->() const [with T = isc::dhcp::Option]: Assertion `px != 0’ failed.
/bin/sh: line 5: 31019 Aborted (core dumped) /bin/sh ../../../../libtool —mode=execute ${dir}$tst
FAIL: dhcp4_unittests
=<br>1 of 1 test failed<br>Please report to bind10-dev@isc.org<br>=



One ofthe possible solutions proposed is to use the loopback interface for unit testing. Perhaps, it could be useful to update existing documentation with the information that the unit tests require at least one interface being configured to work properly.
3158 enhancement 1378403332432230 1397640730796484 dhcp-ddns low tmark DHCP Outstanding Tasks new Create d2.dox file, which includes D2 UML diagrams Tomek has requested that a d2.dox file be created that includes the UML diagrams. His comments from review of 3086:

“I like those diagrams. Please create src/bin/d2/d2.dox page and
add the diagrams there. Please update doc/devel/mainpage.dox to pointout to it. This new page doesn’t have to be big. Couple sentences will be sufficient. Please try to explain the big picture, rather than the details. This doc should grow over time an the diagrams you made will fit in there nicely.”
3159 defect 1378872952057175 1394114753368758 shmem manager medium muks Common Outstanding Tasks new Shared memory support not working on Solaris Shared memory check in `configure.ac` now completely fails on Solaris SPARC with any compiler. It used to work with GCC before, but with the requirement for a newer Boost version, even GCC fails.

This ticket is to re-check Solaris platforms, and clearly explain what’s the cause of failure somewhere in documentation, either as `configure` output or somewhere else.

See the failures here:
http://git.bind10.isc.org/~tester/builder/BIND10/20130910073342-Solaris10-sparc-GCC/logs/configure.out
http://git.bind10.isc.org/~tester/builder/BIND10/20130910073342-Solaris10-sparc-GCC/logs/files/config.log <—
(see configure:16907: checking Boost managed_mapped_file compiles )

3160 defect 1378873193058384 1394114723724326 logging medium UnAssigned muks Common Outstanding Tasks assigned boost::lexical_cast failure on Solaris with SunStudio We now require a newer version of Boost. This has caused various build failures on different platforms. This is one of them:

`boost::lexical_cast` fails compile on Solaris with SunStudio:


libtool: compile: /usr/bin/CC DHAVE_CONFIG_HI. I../../../..I../../../../src/lib I../../../../src/libI../../../../src/lib/dns I../../../../src/lib/dnsI/udir/jreed/pkg/include D_XPG4_2DEXTENSIONS DOS_SUNDBOOST_DISABLE_THREADS=1 I../../../../ext/asioI../../../../ext/coroutine DASIO_DISABLE_THREADS=1g library=stlport4features=tmplife features=tmplrefstaticc zone_finder.cc KPICDPIC -o .libs/zone_finder.o
“../../../../src/lib/log/log_formatter.h”, line 198: Error: isc::dns::AbstractRRset::AbstractRRset(const isc::dns::AbstractRRset&) is not accessible from isc::log::Formatter::arg(const isc::dns::AbstractRRset&).
“../../../../src/lib/log/log_formatter.h”, line 198: Error: Formal argument arg of type isc::dns::AbstractRRset in call to boost::lexical_cast(isc::dns::AbstractRRset) has an inaccessible copy constructor.


See full compile log:
http://git.bind10.isc.org/~tester/builder/BIND10/20130910064517-Solaris10-sparc-Sunstudio/logs/build.out

Brief analysis:

The copy constructor is indeed private, but I don’t see why it would be
used in this case. Is it trying to make a new non-const instance out of
the const reference during lexical_castisc::dns::AbstractRRset> due to the guessed template argument being
non-const?
3161 defect 1378873442339094 1379398538566579 Unclassified medium muks Next-Sprint-Proposed new Fix clang-analyzer failures In yesterday’s team meeting, we decided to create this ticket about `clang-analyzer` static analysis failures and fix them so that we can use future reports.

This ticket should get rid of all failures and cause a clean report to be generated without defects. If there are false positives, or if we don’t want to fix code according to the report, please add appropriate annotations to inhibit these reports from being generated.
3162 defect 1378908813140194 1379430210469587 build system medium UnAssigned stephen new subdir-objects automake option has not been enabled OS/X 10.8.4

After upgrading !MacPorts to new versions of autotools:

Mac:bind10(master):519 port list autoconf automake libtool<br>autoconf @2.69 devel/autoconf<br>automake @1.14 devel/automake<br>libtool @2.4.2 devel/libtool<br>
<br>... running "autoreconf -if" failed with messages about subdir-objects not being enabled:<br><br>Mac:bind10(master):520 autoreconf -if
glibtoolize: putting auxiliary files in `.‘.
glibtoolize: copying file `./ltmain.sh’
glibtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4macros’.
glibtoolize: copying file `m4macros/libtool.m4’
glibtoolize: copying file `m4macros/ltoptions.m4’
glibtoolize: copying file `m4macros/ltsugar.m4’
glibtoolize: copying file `m4macros/ltversion.m4’
glibtoolize: copying file `m4macros/lt~obsolete.m4’
configure.ac:58: installing ‘./compile’
configure.ac:58: installing ‘./config.guess’
configure.ac:58: installing ‘./config.sub’
configure.ac:10: installing ‘./install-sh’
configure.ac:10: installing ‘./missing’
Makefile.am:445: warning: source file ‘$(GTEST_SOURCE)/src/gtest-all.cc’ is in a subdirectory,
Makefile.am:445: but option ‘subdir-objects’ is disabled
automake: warning: possible forward-incompatibility.
automake: At least a source file is in a subdirectory, but the ‘subdir-objects’
automake: automake option hasn’t been enabled. For now, the corresponding output
automake: object file(s) will be placed in the top-level directory. However,
automake: this behaviour will change in future Automake versions: they will
automake: unconditionally cause object files to be placed in the same subdirectory
automake: of the corresponding sources.
automake: You are advised to start using ‘subdir-objects’ option throughout your
automake: project, to avoid future incompatibilities.
Makefile.am: installing ‘./depcomp’
src/bin/auth/benchmarks/Makefile.am:14: warning: source file ‘../query.cc’ is in a subdirectory,
src/bin/auth/benchmarks/Makefile.am:14: but option ‘subdir-objects’ is disabled
src/bin/auth/benchmarks/Makefile.am:14: warning: source file ‘../auth_srv.cc’ is in a subdirectory,
:
3163 enhancement 1378911558291145 1378911558291145 dhcpdb very low tomek DHCP Outstanding Tasks new LeaseMgr: rename getLease4() => getLeases4() Some methods return a collection of leases, rather than a single lease. Their names should be plural (getLeases4 rather than getLease4).
3164 defect 1378928361574223 1397640730796484 dhcpdb low tmark DHCP Outstanding Tasks new MySQL connection timeout for invalid hosts is can be large Dhcpsrc unit test, MySqlOpenTest.OpenDatabase, was taking two minutes to complete on a fresh install of Fedora 19 with the community version of MySQL. This exposes a minor issue with the connection timeout value not defaulting to reaonsably small values. Since the server is presumed to be local to the DHCP servers, setting the connection timeout to a reasonable if not configurable value would be prudent. The following patch would
set the value at 5 seconds:


diff —git a/src/lib/dhcpsrv/mysql_lease_mgr.cc b/src/lib/dhcpsrv/mysql_lease_mgr.cc
index 9828085..12d5c39 100644
— a/src/lib/dhcpsrv/mysql_lease_mgr.cc
+ b/src/lib/dhcpsrv/mysql_lease_mgr.cc
@ -1106,6 +1106,13 @ MySqlLeaseMgr::openDatabase

int connect_timeout = 5;
result = mysql_options(mysql_, MYSQL_OPT_CONNECT_TIMEOUT, &connect_timeout);
+ if (result != 0) {
+ isc_throw(DbOpenError, “unable to set connect timeout option:” <<
+ mysql_error(mysql_));
+ }
+
// Set SQL mode options for the connection: SQL mode governs how what
// constitutes insertable data for a given column, and how to handle
// invalid data. We want to ensure we get the strictest behavior and
3165 defect 1378933042715711 1379431212164572 build system low UnAssigned tmark new Running “make check” without first running “make” on OS-X fails in datasrc_test.py I pulled master (0e4c259dde279eafa1e3677a161ac9b67095c3d7), and ran the usual autoreconf/configure that I normally do. However, unlike my normal steps, I ran “make check” wihthout first running make and I got the following error:


libtool: link: ( cd “.libs” && rm f “datasrc.la” && lns “../datasrc.la” “datasrc.la” )
Making check in tests
Making check in testdata
make[7]: Nothing to be done for `check’.
make check-local
for pytest in datasrc_test.py sqlite3_ds_test.py clientlist_test.py zone_loader_test.py ; do br> echo Running test: $pytest ; br> DYLD_LIBRARY_PATH=/Users/tmark/build/tip/bind10/src/lib/datasrc/.libs: DYLD_LIBRARY_PATH=/Users/tmark/build/tip/bind10/src/lib/cryptolink/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs:/Users/tmark/build/tip/bind10/src/lib/cc/.libs:/Users/tmark/build/tip/bind10/src/lib/config/.libs:/Users/tmark/build/tip/bind10/src/lib/log/.libs:/Users/tmark/build/tip/bind10/src/lib/util/.libs:/Users/tmark/build/tip/bind10/src/lib/util/threads/.libs:/Users/tmark/build/tip/bind10/src/lib/exceptions/.libs:/Users/tmark/build/tip/bind10/src/lib/datasrc/.libs:$DYLD_LIBRARY_PATH br> PYTHONPATH=:/Users/tmark/build/tip/bind10/src/lib/python/isc/log_messages:/Users/tmark/build/tip/bind10/src/lib/python/isc/cc:/Users/tmark/build/tip/bind10/src/lib/python:/Users/tmark/build/tip/bind10/src/lib/python:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs:/Users/tmark/build/tip/bind10/src/lib/python/isc/log:/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/.libs:/Users/tmark/build/tip/bind10/src/lib/dns/python/.libs br> TESTDATA_PATH=/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/testdata br> TESTDATA_WRITE_PATH=/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests br> HAVE_SHARED_MEMORY=yes br> B10_FROM_BUILD=/Users/tmark/build/tip/bind10 br> /opt/local/bin/python3.1 /Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/$pytest
exit ; br> done
Running test: datasrc_test.py
Traceback (most recent call last):
File “/Users/tmark/build/tip/bind10/src/lib/python/isc/datasrc/tests/datasrc_test.py”, line 16, in
import isc.log
File “/Users/tmark/build/tip/bind10/src/lib/python/isc/log/init.py”, line 33, in
from log import
ImportError: No module named log
make[8]:
** [check-local] Error 1


If I run “make” and then “make check” everything is fine.

I have attached config.log and .report
3166 defect 1379073173108997 1380614157078226 Unclassified medium muks Next-Sprint-Proposed new SunStudio warnings to check when compiling the BIND 10 tree SunStudio on Solaris outputs several warnings when compiling the BIND 10 tree. Some of these may be legitimate and would require testing. This ticket is to make a list of all the warnings from a SunStudio compile of BIND 10 and fix what should be fixed. If you are unsure about a particular warning, please discuss it on the bind10-dev@ list.

Examples of warnings include:
* Shadowing variables
* Passing a start function compiled with C++ linkage to `pthread_create()`
etc.
3168 enhancement 1379419105615864 1379419174253100 dhcpconf low tomek DHCP Outstanding Tasks new Refactor different pools handling in Subnet6 Existing code in CfgMgr (isc::dhcp::Subnet6) uses static pool collections, one for each pool type.

Tom proposed to refactor it use a common map+collection. (see ticket:3150#comment:5).
3169 defect 1379438682211239 1379438682211239 dhcpdb very low tmark DHCP Outstanding Tasks new Replace use of char* with void* cast in buffer bindings in dhcspsrv/mysql_lease_mgr.cc While reviewing trac# 3147, Stephen had the following comment:

I note that in all cases, when the MYSQL_BIND “buffer” variable is assigned, the rvalue is cast to “char". I’m not certain why I did that ; looking at the and the definition of MYSQL_BIND in mysql.h, the "buffer" variable is a "void”. There is no need to change, as the variable is automatically cast to the correct type, but maybe create a ticket to correct this in the code?


Investigate if casting to a void* would be the more proper approach.
3174 defect 1379993169755483 1380614181125298 configuration very low jreed New Tasks new PKG_CONFIG not used correctly by configure Setting PKG_CONFIG in environment or on configure command line doesn’t appear to work to set it for configure. This is a low priority task, but should fix this.
3175 enhancement 1380036537034868 1380036537034868 dhcp-ddns low tmark DHCP Outstanding Tasks new Move d2::StateModel class(es) to lib::util Per review comments from #3156, the d2::StateModel class and related pieces should be moved to lib::util. This will make it available for use outside of D2.
3176 defect 1380197333494455 1381302819529304 dhcp medium thozza New Tasks new DHCP server dies because setting SO_BINDTODEVICE option on socket failed. Hi.

Using BIND10 1.1.0 distributed in Fedora, when configuring DHCPv4
server using steps from documentation:
> config add Init/components b10-dhcp4
> config set Init/components/b10-dhcp4/kind dispensable
> config commit

the server fails to start with the following error:

2013-09-26 13:26:45.075 INFO [b10-dhcp4.dhcp4/1629] DHCP4_STARTING server starting
2013-09-26 13:26:45.076 ERROR [b10-dhcp4.dhcp4/1629] DHCP4_SRV_CONSTRUCT_ERROR error creating Dhcpv4Srv object, reason: Failed to set SO_BINDTODEVICE option on socket 4
2013-09-26 13:26:45.077 INFO [b10-dhcp4.dhcpsrv/1629] DHCPSRV_MEMFILE_DB opening memory file lease database: type=memfile
2013-09-26 13:26:45.078 WARN [b10-dhcp4.dhcpsrv/1629] DHCPSRV_MEMFILE_WARNING using early version of memfile lease database - leases will be lost after a restart
2013-09-26 13:26:45.078 INFO [b10-dhcp4.dhcp4/1629] DHCP4_CONFIG_COMPLETE DHCPv4 server has completed configuration:
2013-09-26 13:26:45.079 INFO [b10-dhcp4.dhcp4/1629] DHCP4_SHUTDOWN server shutdown
2013-09-26 13:26:45.083 INFO [b10-init.init/1622] BIND10_PROCESS_ENDED process 1629 of b10-dhcp4 ended with status 0
2013-09-26 13:26:45.083 ERROR [b10-init.init/1622] BIND10_COMPONENT_FAILED component b10-dhcp4 (pid 1629) failed: process exited normally with exit status 0

Also when trying to configure DHCPv6 server, it fails with:

ERROR [b10-dhcp6.dhcp6/8426] DHCP6_SRV_CONSTRUCT_ERROR error creating Dhcpv6Srv object, reason: Failed to bind socket 4 to fe80::20e:7fff:fef3:aee9/port=547


Please note that we do not build BIND10 with “—with-dhcp-mysql”.
3185 enhancement 1381145840033931 1381145958541325 dhcp medium tomek DHCP Outstanding Tasks new Kea: add ability to read pcap files and process them into Pkt4 and Pkt6 We should develop a test that will read all pcap files from specified directory and try to process all DHCP packets in them through Kea. That would be a very flexible and extensible approach. To add a new test case, we’d have to only add new pcap file. The pcap collection could be confidential and stored separately.

This would require to have the ability to read pcap files. We can either use libpcap for that or hack it. We don’t need much functionality, just extracting the packets as raw hex data. I’m slightly concerned with adding extra dependency on another library and dealing with its portability issues.

This could be extended into DNS as well.

See ticket:3177#comment:7 for a brief discussion.
3188 enhancement 1381333401824714 1397640730796484 Unclassified medium shane DHCP Outstanding Tasks new socket creator support for raw sockets The DHCP team needs to have support for raw sockets in the socket creator.

Currently this is done directly in the code (iface_mgr_linux.cc):

#!cpp
fd_ = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
if (fd_ < 0) {
isc_throw(Unexpected, “Failed to create NETLINK socket.”);
}

if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &SNDBUF_SIZE, sizeof) < 0)

if ) < 0)

local
.nl_family = AF_NETLINK;
local_.nl_groups = 0;

if (bind(fd_, convertSockAddr(&local_), sizeof(local_)) < 0) {
isc_throw(Unexpected, “Failed to bind netlink socket.”);
}


Or in pkt_filter_lpf:

#!cpp
int sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
if (sock < 0) {
isc_throw(SocketConfigError, “Failed to create raw LPF socket”);
}

// Create socket filter program. This program will only allow incoming UDP
// traffic which arrives on the specific (DHCP) port). It will also filter
// out all fragmented packets.
struct sock_fprog filter_program;
memset(&filter_program, 0, sizeof(filter_program));

filter_program.filter = dhcp_sock_filter;
filter_program.len = sizeof(dhcp_sock_filter) / sizeof(struct sock_filter);
// Override the default port value.
dhcp_sock_filter[8].k = port;
// Apply the filter.
if (setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter_program,
sizeof(filter_program)) < 0) {
close(sock);
isc_throw(SocketConfigError, “Failed to install packet filtering program”
<< " on the socket " << sock);
}

struct sockaddr_ll sa;
memset(&sa, 0, sizeof(sockaddr_ll));
sa.sll_family = AF_PACKET;
sa.sll_ifindex = iface.getIndex();

// For raw sockets we construct IP headers on our own, so we don’t bind
// socket to IP address but to the interface. We will later use the
// Linux Packet Filtering to filter out these packets that we are
// interested in.
if (bind(sock, reinterpret_cast(&sa),
sizeof(sa)) < 0) {
close(sock);
isc_throw(SocketConfigError, “Failed to bind LPF socket ‘" << sock
<< “‘to interface’” << iface.getName() << "’”);
}

return (sock);


This may be a simple change to the protocol (described in src/bin/socketcreator/README). The current command consists of:

* ‘S’ ’U
T’ ’4 6’ port address: Asks it to create a port.

Probably we want to add something like:

* ‘R’ ’N
L’ ifindex: Asks it to create a raw port for either netlink or LPF (with the specified interface index).
3190 defect 1381429166660885 1383029889796888 build system very low UnAssigned jreed New Tasks new —with-gtest-source versus —with-gtest ./configure probably shouldn’t allow both gtest switches to be used at same time.
For example, —with-gtest=yes —with-gtest-source causes failure if don’t have libgtest installed.


configure:17883: checking for gtest source
configure:17890: result: /usr/src/gtest
configure:17975: checking for gtest-config
configure:18008: result: no
configure:18021: WARNING: Unable to locate Google Test gtest-config.
configure:18047: checking Checking whether gtest tests need pthreads
configure:18068: g++ o conftestg O2DOS_LINUX I/usr/includeL/usr/lib conftest.cpp ldllgtest >&5
/usr/bin/ld: cannot find -lgtest


Workaround is simply setting —with-gtest=no at end of line or removing that switch.
3193 defect 1381763861363478 1381763861363478 dhcp6 medium wlodekwencel DHCP-QA Defects new release process for PD 3 things to report (I think there is no need to create 3 tickets)

1. case is that Kea6 returns “SUCCESS” when received “RELEASE” msq for prefix that was not signed to anyone (release leases that does not exists). Should returns status code “NoBinding”

2. option ‘status code’ is placed in message not as sub-option for IA_PD.
RFC 3633 Section 9:
The status of any operations involving this IA_PD is indicated in a Status Code option in the IA_PD-options field.

3. “status message” (field in Status code option) that refers to IA_PD is:
“Status Message: Summary status for all processed IA_NAs”
There should be different messages for IA_NA and IA_PD.

Attached 3 captures:
1. only PD in message
2. PD and IA in message
3. for comparison proper message with only IA.
3198 defect 1382012464749025 1391517799190822 logging medium tmark DHCP Outstanding Tasks new isc::logging initialization in user_chk hook library cores under Debian6 logging issue on Debian:

MessageIntitializer::loadDictionary() cores when called explicitly from function inside a shared library which defines its own log messages.

The dhcp server opens each hook library once during configuration parsing. This is done to “validate” the library. It is closed immediately without invoking its load function.

This causes the MessageIntializer declared in the generated messages .cc file to be instantiated. This in turn adds an entry to MessageInitializer::logger_values. This entry is never “consumed” as MessageInitializer::loadDictionary is not invoked prior to closing the library.

The dhcp server then opens each configured hooks library again, this time invoking their load functions. When the explicit call to MessageInitializer::loadDictionary() is made within the library’s load function, it contains a ‘stale’ entry from the initial library open. Under some OS’s accessing this entry is a seg fault.
3205 enhancement 1382448305581806 1382448406285562 dhcpconf medium tomek DHCP Outstanding Tasks new Unit-test improvement: need to use .spec defaults See ticket:3191#comment:7 about the details.

Current DHCPv4/6 unit-tests that use config files use them as is. The bindctl interface on the other hand, matches them against .spec files first and applies any default values from .spec. We do not test for that. Some things may work in unit-tests, but with defaults applied they may fail.

Specific example: next-server with defined only global value was overridden on subnet scope by default value of 0.0.0.0.
3206 enhancement 1382464280365066 1382464280365066 dhcp low tomek DHCP Outstanding Tasks new Enable disabled IfaceMgr unit-tests There’s a handful of disabled unit-tests for IfaceMgr. We should enable them one day, probably after we have interface detection working on all systems.
3208 enhancement 1382549477477977 1382549477477977 dhcp medium tomek DHCP Outstanding Tasks new Improve vendor-options definitions and unit-tests docsis3_option_defs.h have only a small subset of DOCSIS3.0 options defined. We need the whole set.

There are also many missing unit-tests. Several ideas are marked with @todo in src/bin/dhcp4/tests/{config_parser,dhcp4_srv}_unittest.cc.

Finally, vendor option unit-tests for v4 and v6 should be moved to a separate file.
3209 enhancement 1382562923895035 1382562923895035 dhcp medium tmark DHCP Outstanding Tasks new Create documentation for DHCP user_chk hook library Per Tomek’s review of trac3186 which created the user_chk library:

“Please add a ticket for writing documentation for this hook lib. Since this is the first one that we’re shipping, it’ll have to double as a real life example, so it needs user documentation. Of course we don’t have time for such things right now, so a new ticket is the way go.”
3212 defect 1382805296990517 1394141771351449 Unclassified low bitdav New Tasks new Cannot build on Windows 1. There is still no documentation / user guide for building Bind 10 on Windows as of this time.

2. The only documentation which contains the keyword “Windows” is just the following statement: “It is planned for BIND 10 to build, install and run on Windows and standard Unix-type platforms.”

3. There is a folder “win32utils” I’ve found in Bind 9 distribution, but not sure why it’s removed in Bind 10.

4. I’ve searched for this on Google, still no related information could be found… it seems that nobody has successfully built Bind 10 on Windows as of this time.

5. Since there’s no Bind 10 binary distributions for Windows, building from source is the only way …

6. All of the “Client” editions of Windows don’t have a DNS server, so Bind 10 is very very important for any Windows users that require a DNS server …
windows build compile install
3214 enhancement 1383161234949169 1392812138295428 Unclassified medium shane DNS Outstanding Tasks new EUI48 and EUI64 RRtype implementations http://www.rfc-editor.org/rfc/rfc7043.txt
3215 defect 1383168381939548 1383168381939548 dhcpconf medium tomek DHCP Outstanding Tasks new Need an ability to provide domain-name for addresses We need a way to provide domain name for options that use addresses.

It should be configurable when that domain name is resolved into address:
a) at configuration/start time
b) before sending response to a client

a) is better from performance perspective
b) allows much better flexibility for admins
3217 defect 1383238581199815 1383242679164293 Unclassified medium jreed New Tasks new multiple start up problems Upgraded one of my systems to today’s master. It was running a bind10 since at least July (running for months!)

The —verbose output:



Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘session’" in > ignored
FATAL : PYTHON_UNHANDLED_EXCEPTION program terminated with exception ProtocolError: Read of 0 bytes: connection closed. More info in /tmp/tmp44v5so
INFO : AUTH_DATASRC_CLIENTS_BUILDER_STARTED data source builder thread started
INFO : AUTH_SERVER_CREATED server created
DEBUG : AUTH_DNS_SERVICES_CREATED DNS services created
DEBUG : AUTH_CONFIG_CHANNEL_CREATED configuration session channel created
DEBUG : SOCKETREQUESTOR_CREATED Socket requestor created for application b10-auth
DEBUG : CC_ESTABLISH trying to establish connection with message queue daemon at /home/reed/opt/bind10/var/bind10/msgq_socket
DEBUG : CC_ESTABLISHED successfully connected to message queue daemon
ERROR : CC_READ_ERROR error reading data from command channel
DEBUG : CC_DISCONNECT disconnecting from message queue daemon
FATAL : AUTH_SERVER_FAILED server failed: Error while reading data from cc session: End of file.
INFO : AUTH_SERVER_EXITING exiting
DEBUG : AUTH_DATASRC_CLIENTS_BUILDER_COMMAND data source builder received command: SHUTDOWN
INFO : AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped
Exception in thread Thread-1:
Traceback :
File “/usr/pkg/lib/python3.3/threading.py”, line 639, in
bootstrap_inner
self.run()
File “/usr/pkg/lib/python3.3/threading.py”, line 596, in run
self.target
File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 678, in run
self.run_select
File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 715, in run_select
self.process_packet
KeyError: 8

Exception in thread Thread-2:
Traceback :
File “/usr/pkg/lib/python3.3/threading.py”, line 639, in
bootstrap_inner
self.run()
File “/usr/pkg/lib/python3.3/threading.py”, line 596, in run
self.target
File “/home/reed/opt/bind10/libexec/bind10/b10-msgq”, line 867, in run_session
session.check_command
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 290, in check_command
msg, env = self.
session.group_recvmsg(nonblock)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 306, in group_recvmsg
env, msg = self.recvmsg(nonblock, seq)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg
data = self.receive_full_buffer
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, in
receive_full_buffer
self.receive_len_data
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, in
receive_len_data
new_data = self.receive_bytes
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, in
receive_bytes
raise ProtocolError(“Read of 0 bytes: connection closed”)
isc.cc.session.ProtocolError: Read of 0 bytes: connection closed

Exception BrokenPipeError: BrokenPipeError(32, ’Broken pipe’) in > ignored
DEBUG [b10-cmdctl.cmdctl]: CMDCTL_STARTED cmdctl is listening for connections on 127.0.0.1:8080
DEBUG [b10-cmdctl.pycc]: PYCC_LNAME_RECEIVED received local name: 52728a5f_7@t1.m.reedmedia.net
DEBUG [b10-cmdctl.pycc]: PYCC_LNAME_RECEIVED received local name: 52728a5f_8@t1.m.reedmedia.net
FATAL [b10-cmdctl.util]: PYTHON_UNHANDLED_EXCEPTION program terminated with exception ProtocolError: Read of 0 bytes: connection closed. More info in /tmp/tmpa1r9w5
Exception AttributeError:”‘ModuleCCSession’ object has no attribute ‘_session’" in > ignored
[b10-ddns] Warning: -v verbose option is ignored at this point.
ERROR [b10-ddns.ddns]: DDNS_CC_SESSION_ERROR error reading from cc channel: [Errno 2] No such file or directory
Exception AttributeError: “‘ModuleCCSession’ object has no attribute ‘_session’” in > ignored
DEBUG [b10-zonemgr.zonemgr]: ZONEMGR_STARTING zone manager starting
ERROR [b10-zonemgr.zonemgr]: ZONEMGR_SESSION_ERROR unable to establish session to command channel daemon
FATAL [b10-zonemgr.util]: PYTHON_UNHANDLED_EXCEPTION program terminated with exception UnboundLocalError: local variable ‘zonemgrd’ referenced before assignment. More info in /tmp/tmp9v1j8t


Some “more info” was mentioned above …

/tmp/tmp44v5so

Traceback (most recent call last):
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler
return main()
File “/home/reed/opt/bind10/libexec/bind10/b10-stats”, line 735, in main
stats = Stats()
File “/home/reed/opt/bind10/libexec/bind10/b10-stats”, line 211, in init
self.command_handler)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 215, in init
self.session = Session
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 61, in
init
env, msg = self.recvmsg
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer
self.
receive_len_data()
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, in
receive_bytes
raise ProtocolError(“Read of 0 bytes: connection closed”)
isc.cc.session.ProtocolError: Read of 0 bytes: connection closed


/tmp/tmpa1r9w5

Traceback (most recent call last):
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler
return main()
File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 688, in main
run(options.addr, options.port, options.idle_timeout, options.verbose)
File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 647, in run
CommandControl, idle_timeout, verbose)
File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 530, in init
self.cmdctl = CommandControlClass(self, verbose)
File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 252, in init
self.setup_session
File “/home/reed/opt/bind10/libexec/bind10/b10-cmdctl”, line 268, in
setup_session
self.command_handler)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 228, in init
default_logconfig_handler)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 469, in add_remote_config
self.add_remote_config_internal
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/config/ccsession.py”, line 393, in
add_remote_config_internal
answer, _ = self.session.group_recvmsg
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 306, in group_recvmsg
env, msg = self.recvmsg
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 139, in recvmsg
data = self.
receive_full_buffer(nonblock)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 223, in receive_full_buffer
self.
receive_len_data()
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 183, in receive_len_data
new_data = self.
receive_bytes(self.recv_len_size)
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/cc/session.py”, line 171, in
receive_bytes
raise ProtocolError(“Read of 0 bytes: connection closed”)
isc.cc.session.ProtocolError: Read of 0 bytes: connection closed


/tmp/tmp9v1j8t

Traceback (most recent call last):
File “/home/reed/opt/bind10/lib/python3.3/site-packages/isc/util/traceback_handler.py”, line 33, in traceback_handler
return main()
File “/home/reed/opt/bind10/libexec/bind10/b10-zonemgr”, line 830, in main
if zonemgrd and zonemgrd.running:
UnboundLocalError: local variable ‘zonemgrd’ referenced before assignment
3229 enhancement 1384350078482558 1397640730796484 libdhcp low tomek DHCP Outstanding Tasks new Need better tests for activating interfaces During dry-run we discovered that activating ipv6 interface was not functional, because we set active4_ field, not active6_. This is fixed already, but it shows that our tests in that area are inadequate.

It is unclear if this can be addressed with unit-tests or system tests would be better.
3230 defect 1384350875656222 1397640730796484 dhcpconf low tomek DHCP Outstanding Tasks new Parser print out confusing error messages when pool is invalid When configuring new pool, Marcin encountered:
2013-10-16 08:56:08.364 ERROR [b10-dhcp6.dhcp6/6778] DHCP6_PARSER_FAIL failed to create or run parser for configuration element valid-lifetime: Pool (3000:cafe:beef::–3000:cafe:beef:0:ffff:ffff:ffff:ffff does not belong in this (2001:558:ffa8::/48) subnet
2013-10-16 08:56:08.365 ERROR [b10-cmdctl.cmdctl/6776] CMDCTL_COMMAND_ERROR error in command set_config to module ConfigManager: Configuration parsing failed: Pool (3000:cafe:beef::–3000:cafe:beef:0:ffff:ffff:ffff:ffff does not belong in this (2001:558:ffa8::/48) subnet
This error message is partially correct. The pools are invalid, but it has nothing to do with valid-lifetime.
3235 enhancement 1384427600243652 1397640730796484 dhcp4 low tomek DHCP Outstanding Tasks new Kea4: We do not support vendor specific info (option 43) We do support vendor-independent vendor-specific option (125), but we do not support vendor specific info option (43).

Luckily, docsis needs option 125 to operate, not 43.
3236 enhancement 1384427757984720 1397640730796484 dhcp4 low tomek DHCP Outstanding Tasks new Kea4: We do not handle option 122 (Cable Client Config) We had seen this option during IETF demo in Vancouver.

I’ll try to find a capture that contains it.
3237 enhancement 1384428247589157 1397640730796484 hooks low UnAssigned tomek DHCP Outstanding Tasks new user_check library must load even user registry missing; doc needed The library should load, even if there’s not /tmp/user_chk_registry.txt file.

From the setup perspective it would be reasonable to just fall back to normal operation if the file is missing. From the security persective, it would probably be good to treat all packets as unregistered users.

I don’t have any preference. Whatever the choice is, it should be well documented.

For now that library will act as a substitute for classification. Once proper classification is done, it will be relieved of doing that function. It is unclear what we’ll do next with it.

In any case, this is our first lib, so it will be used as example. Hence we need easy to read introdution for it. It should probably be part of the hooks documentation.

3238 defect 1384431469434996 1397640730796484 hooks low UnAssigned tomek DHCP Outstanding Tasks new libreload does not work as intended During second dry-run, we set up user_chk library. I tried to load it in dhcp4, but there was no required /tmp/user_chk_registry.txt file. Then I added the file and issued dhcp4 libreload command. the lib was not loaded.

3240 defect 1384439261084445 1384439261084445 dhcp medium marcin DHCP Outstanding Tasks new Lease classes deserve unit tests. Currently the Lease class and classes derived from it are structs. This is probably why the unit tests haven’t been implemented for them. At this point however, they already contain a substantial amount of logic - equality operators and toText functions which should be unit tested.
3244 defect 1384564938015577 1386152284326179 dhcp medium shane New Tasks new Hardcoded UDP port causes test failures I was running the DHCP tests today and they failed. I happened to be on a device that had port 10001 used by some proprietary protocol (on the EdgeMAX EdgeRouter Lite), and the tests failed. It took me quite a while to track down the failure to this root cause.

I’m not sure the best way to fix this in general, if indeed it needs fixing at all. Perhaps simply reporting that the failure was caused by failure to bind(), along with the address/port, might be enough. I would have tried “netstat -apn” if I had known that this might be the problem. :)
3246 defect 1384953356568278 1384953356568278 dhcp6 high tomek New Tasks new Fix problem with PD hints collisions Client’s PD hint will be accepted without any processing (only checked if it is not used and belongs to valid scope), even if the host part of the prefix (e.g. least significant 9 bytes, when sending /56 prefix) has non-zero values. This allows collision of two prefixes that are essentially the same (e.g. 2001:db8::1/64 and 2001:db8::2/64) to be assigned.

This is easy to fix. The server must zero the last 128-prefix_len bits before processing hint.
3248 defect 1385056221804043 1385056221804043 dhcp6 medium marcin DHCP Outstanding Tasks new DHCPv6: Set the lease expiration time for the NameChangeRequests Currently the DHCPv6 server is generating NameChangeRequests using the IAADDR options carried in the server’s response. This precludes setting the lease expiration time for the NameChangeRequests to the expiration time set in the lease because the IAADDR doesn’t carry this information. We may want to consider generating the NameChangeRequests based on the lease data (like in the DHCPv4) which would give more flexibility.
3249 defect 1385552463111112 1385552463111112 message-library medium tmark New Tasks new IOFetch resends request on mis-matched qid If the QID of an inbound DNS response does not match the QID of the DNS request, IOFetch resends the request. See
IOFetch::operator()(asio::error_code ec, size_t length): It may be as simple as starting the main “do” loop start after the call to asyncSend(), not before it.
3256 enhancement 1386250419460810 1397640730796484 build system medium UnAssigned tomek DHCP Outstanding Tasks new Kea should not require sqlite, botan See ticket #3255 for prerequisite work.

Once the modularization is implemented, we need to make sure that sqlite is only needed when DNS (auth, probably) is enabled.

Botan is likely needed for auth, resolver and dhcp-ddns.

Many libraries is src/lib are used in specific modules only. In particular, some of them are not needed for DHCP builds. It would be good if they were not built, unless needed.

3257 task 1386254141914389 1397640730796484 documentation low tomek DHCP Outstanding Tasks new Update Developer’s Guide for PD/Kea 0.9 alpha We need to check if all the recent changes (PD, DDNS, cable modems, other demo stuff) are described appropriately in dev guide.
3259 enhancement 1386257244096727 1397640730796484 hooks low UnAssigned tomek DHCP Outstanding Tasks new Need ability to pass configuration parameters to hook libraries There is currently no way to pass parameters to hook libraries, so libs must use their own configuration routines or hardcode parameters. Both are bad.

It is likely that the hooks configuration will be extended with a collection of generic name=value parameters that will be passed to the hooks load() function.
3261 defect 1386679861896350 1386679861896350 perfdhcp medium marcin DHCP Outstanding Tasks new perfdhcp: orphan messages counting shouldn’t be performed for individual exchanges Currently the number of orphans is not displayed because Reply messages received for Renew and Releases are counted as orphans for the 4-way exchanges, which is wrong. We will need to move the orphans counting out of the Statistics Manager so as orphans counter is increased only if the particular message is not identified as a reponse to any of the messages sent by perfdhcp.
3268 enhancement 1387313911346468 1397640730796484 dhcp-ddns medium tmark DHCP Outstanding Tasks new Make b10-dhcp-ddns default DNS Update timeout configurable, look at other possibles Currently, the timeout for a given DNS exchange is dictated by NameChangeTransaction::DNS_UPDATE_DEFAULT_TIMEOUT which is a constant. It should be configurable, probably at the DnsServerInfo level.

Other candidates to consider:

In d2_cfg_mgr.h:

/// brief Reverse zone suffix added to IPv4 addresses for reverse lookups<br> /// todo This should be configurable.
static const char* IPV4_REV_ZONE_SUFFIX;

/// brief Reverse zone suffix added to IPv6 addresses for reverse lookups<br> /// todo This should be configurable.
static const char* IPV6_REV_ZONE_SUFFIX;


From d2_queue_mgr.cc:


// percent. This is an arbitrary choice. todo this value should<br>// probably be configurable.<br>size_t threshold = (((queue_mgr_->getMaxQueueSize()<br> * QUEUE_RESTART_PERCENT)) / 100);<br><br>and then also this:<br><br>// todo This method assumes only 1 type of listener. This will change
// to support at least a TCP version, possibly some form of RDBMS listener
// as well.
reconf_queue_flag_ = false;


3269 enhancement 1387386271980184 1397640730796484 dhcp6 medium tomek DHCP Outstanding Tasks new Kea6: add support for CONFIRM messages Kea6 does not support CONFIRM, a mandatory message according to RFC3315.
3271 defect 1387802110784466 1387803408960831 dhcp6 medium UnAssigned wlodekwencel DHCP-QA Defects new Kea6 assign IPv6 address which is configured with. server configuration:

config set Dhcp6/renew-timer 1000
config set Dhcp6/rebind-timer 2000
config set Dhcp6/preferred-lifetime 3000
config set Dhcp6/valid-lifetime 4000
config add Dhcp6/subnet6
config set Dhcp6/subnet6[0]/subnet “3000::/64”
config set Dhcp6/subnet6[0]/pool [ “3000::55-3000::55” ]
config set Dhcp6/subnet6[0]/interface “eth2”
config commit


interface configuration:
ip addr show dev eth2

4: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:11:c7:67 brd ff:ff:ff:ff:ff:ff
inet6 3000::55/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe11:c767/64 scope link
valid_lft forever preferred_lft forever

Despite that server is configured with pool 3000::55-3000::55 on interface which has 3000::55 address, Kea is assigning address 3000::55 after client Requesting it (capture included).

Expected: Reply with IA_NA option with suboption Status Code with code 2 - NoAddrsAvail.
3275 enhancement 1388430165982972 1397640730796484 hooks medium UnAssigned tomek DHCP Outstanding Tasks new Kea4/6: extract cable modem specific code to hook lib (classification, part 3) Once #3203 and #3274 are done, there will be some DOCSIS specific processing in the code code. That code should be extracted into an external hook library.
3276 defect 1388436107209772 1394114765378779 build system medium UnAssigned jreed Common Outstanding Tasks new CC: library=Cstd cannot be used withlibrary=stlport4
libtool: link: /opt/SolarisStudio12.3-solaris-sparc-bin/solarisstudio12.3/bin/CC Ghlibb10-exceptions.so.0 o .libs/libb10-exceptions.so.0.0.0 .libs/exceptions.olibrary=stlport4 lrtlsocket lnsllibrary=Cstd library=Crunlc Qoption ldR/udir/jreed/botan-main-sunstudio/lib
CC: library=Cstd cannot be used withlibrary=stlport4


This is using SolarisStudio12.3 on the sol-10 sparc lab system.

The configure.ac adds library=stlport4
but the check in aclocal.m4 which is included in configure for this happens earlier so the
library=Cstd gets added.

The ordering needs to be fixed, or somehow tell autoconf / aclocal not to add in this additional configure code, or stop the libtool script from adding it.
3278 task 1388502350403521 1388502350403521 Unclassified medium jreed New Tasks new requirements into source tree This ticket is for the initial addition of some RFC (and related) requirements or specifications placed into the source tree.

The long term goal is split this out to be a standalone testing framework.

The goal of this ticket is to:

- add a README explaining its syntax and use, based on ISC Engineering Best Practices Board “SwengRequirements” internal document (from ~one year ago).

- add various items found in wiki and done independently, changed too new standard format. For this ticket, this will be some DNS only.

- point out problems identified by independent reviews of some RFCs. (If the review is too much, we can break up into different tickets.)


3280 enhancement 1388770048334814 1389200011636698 dhcpconf low marcin DHCP Outstanding Tasks new DHCPv4 server id override configuration parameter to be added There is a mechanism in ISC-DHCP to override the default server id value. The #3231 introduces dynamic generation of server identifier, depending on which interface is used to send a response. If there is a demand for the override capability in Kea we should implement the new configuration parameter which will override the dynamically generated server id with the custom value, just like it is done in ISC-DHCP.
3284 defect 1389244437575692 1392812336551019 resolver very low muks DNS Outstanding Tasks new Remove `hasRecordInAuthoritySection()` function in src/lib/cache/message_utility.cc See #688. `hasRecordInAuthoritySection()` or its caller has to be fixed, or this function has to be removed and replaced with `Message::hasRRset()`.

This is very low priority and we may not even fix it as it is a part of the experimental resolver that is now obsolete.
3289 enhancement 1389853717873502 1392812204361516 xfrout medium muks DNS Outstanding Tasks new Use the in-memory data source for XfrOut After #2539, the in-memory data source now has a more complete zone iterator.

There are some more updates to be done such as NSEC3 iteration, etc (see #2271), but after these are complete we can use it to transfer data out.
3290 defect 1389854710719517 1389854710719517 libdns++ medium UnAssigned muks New Tasks new Fix and re-enable libdns++ MasterLoad tests This is an offshoot from #2381. `masterLoad` now uses the `MasterLoader` class.

The following testcases have been disabled as they fail because the test data has trailing comments and (eventually) uses the string DNSKEY RDATA constructor which doesn’t support comments:


[ FAILED ] MasterLoadTest.loadRRWithComment
[ FAILED ] MasterLoadTest.loadRRWithCommentNoSpace
[ FAILED ] MasterLoadTest.loadRRWithCommentEmptyComment
[ FAILED ] MasterLoadTest.loadRRWithCommentEmptyCommentNoSpace


These tests should be fixed and re-enabled.
3293 defect 1389927007840041 1389927007840041 tests medium muks New Tasks new Check zone loading failure cases in system tests We should introduce system tests (lettuce) to try and load bad zone data into `b10-auth` and verify that the server does not crash with unhandled exceptions, etc. These conditions should be gracefully handled.

Currently zone load failures are tested at the unittest level, but these are tested to see whether they correctly throw exceptions or not. `b10-auth`’s behavior needs to be tested at the system test level.

A lack of such tests is severe enough to be a defect.
3294 task 1389972932402205 1389972932402205 dhcp-ddns medium tmark DHCP-Kea0.9 new Remove always-include-fqdn configuration parameter from D2ClientConfig DHCP DDNS configuration for Kea includes a parameter, always-include-fqdn. The intent to not include the FQDN option in the response back to a client, unless it was in the request’s PRL.
After some discussion this was deemed to be an unneeded ability.

The current behavior will always include an FQDN option in the response if the request included an FQDN option.
3296 enhancement 1389987743421420 1389987750309181 dhcp medium tomek DHCP Outstanding Tasks new Rethink Pkt4 and Pkt6 class hierarchy There are many similarities between Pkt4 and Pkt6, but they do not have a common base class. Furthermore, some methods in both classes are server-specific (e.g. relay manipulation code) that would be useless on the client side.

We should rethink the class hierarchy here. One possible way forward would be:

BasePkt>Pkt4>SrvPkt4
BasePkt>Pkt6>SrvPkt6
3297 defect 1390213544861065 1390213544861065 dhcpconf medium marcin DHCP Outstanding Tasks new b10-dhcp4/6: Extend config_parser unit tests to cover different data types configuration. Option values may be set in different formats. The csv-format allows to specify values for option fields as a list of comma separated strings. The configuration parser is using libdhcp+ to parse these values and the libdhcp+ functions are now sufficiently unit tested (This ticket makes them sufficiently unit tested as before this ticket it they had lacked tests for boolean values). However, it may be worth to extend configuration parser tests for dhcp6_srv and dhcp4_srv as well, to test setting option values through configuration mechanism.

3302 enhancement 1390649804146530 1390649804146530 Unclassified medium kean New Tasks new Use IPv4 for all feature tests and add IPv6 tests This is a continuation of #2904. On the first branch of that ticket (trac2904) the tests were changed to use IPv4 rather than IPv6, which was originally used as a work-around for that bug. The port number was changed in #2904 (branch trac2904_v3) but the IPv4 / IPv6 changes were not included. This ticket is to track that desired work. We need to make all of the feature tests in lettuce use IPv4, and then add in a suitable number of IPv6 tests to ensure that the IPv6 code-path is tested.
3306 defect 1390908455806245 1397640730796484 dhcpconf low tomek DHCP Outstanding Tasks new Implement subnet overlapping sanity check Currently it is possible to define overlapping subnets (or even multiple copies of the same subnet). Doing so would lead to non-obvious errors (like lease being free, but not being able to use it or lease belonging to the wrong subnet).

See CfgMgr::addSubnet{4,6} in src/lib/dhcpsrv/cfgmgr.cc.
3307 task 1390908816422820 1396979705872480 dhcp high tomek DHCP Outstanding Tasks new Client classification design We need a proper design of the client classification. In particular, it most likely should cover the following topics:

1. New hook definition for client classification
2. Extracting current classification into a separate class.
3. Support for classes on pool level.
4. The ability to send custom options for a given class.
5. Flexible class definition (what does it mean that packet X belongs to class Y?)
6. Support for more than one class (packet can belong to many classes, e.g. cablemodem, premium_service, and bills_not_paid).
3308 defect 1390917698204487 1394114776178705 data source medium muks Common Outstanding Tasks new boost::offset_ptr failure on Solaris 10 with GCC Use of `boost::offset_ptr` fails compile on Solaris 10 with GCC:
http://git.bind10.isc.org/~tester/builder/BIND10/20140128043805-Solaris10-sparc-GCC/logs/build.out

It passes on Solaris 11 i386 with GCC. Here is some version information:

Solaris 10 with GCC (fails):

CXX_VERSION: g++ (GCC) 3.4.3
BOOST_VERSION: 1.54


Solaris 11 with GCC (passes):

CXX_VERSION: g++ (GCC) 4.5.2
BOOST_VERSION: 1.50


Jeremy said he’d check with a newer version of GCC on the Solaris 10 machine.
3311 enhancement 1390993276153393 1392914051643609 libdns++ medium UnAssigned muks DNS Outstanding Tasks new Add specialized Rdata implementations for getLength() Add specialized `Rdata::getLength()` implementations for various RR types. Currently the default implementation renders to a buffer and returns the size of the renderered buffer. The type-specific implementations should return a calculated size instead. This will speed up xfrout performance.
3317 defect 1391143806153510 1392811366829027 xfrin high muks DNS Outstanding Tasks new Zone manager fails to tell xfrin about notify during lettuce test See: http://git.bind10.isc.org/~tester/builder/BIND10-lettuce/20140130075053-MacOSX10.6-x86_64-GCC/logs/lettuce.out

and associated log files. The NOTIFY is sent successfully by the master to the secondary. The secondary `b10-auth` receives it, and passes it to zone manager. It gets dropped there, no zone transfer occurs and the test asserts.

I haven’t checked if zone manager drops it wilfully or in error.
3318 task 1391159593648922 1391159593648922 build system medium jreed shane New Tasks new Add builder that uses -ftrapv flag on g++ We recently updated the code to not depend on behavior of signed integer overflow in ticket #3010.

We do not set the -ftrapv flag which revealed this problem because there is a runtime cost.

However, we should run our tests in an environment to insure that we don’t add any code that violates this constraint. This ticket is to set up such a builder.
3319 enhancement 1391440917249243 1391440917249243 libdhcp medium tomek DHCP Outstanding Tasks new IfaceMgr debuggability improvement receive4() and receive6() methods in IfaceMgr should have the capability to log which sockets over which interface are used to receive data.

Such an information was very useful in debugging various issues in Dibbler, and it will be helpful in Kea as well.

In general, we need a way to log something from libdhcp.

Tom suggested that socket callbacks could be extended with an extra descriptive string that could be logged as well.

Also see changes in #3315 (the socket logging was partially implemented, but there was no way to print it out, so the code was removed).
3320 enhancement 1391449763896463 1397640730796484 dhcp4 medium marcin DHCP Outstanding Tasks new DHCPv4: implement support for requested ip address option 50 The option 50 (requested ip address) allows the client to specify that the particular IP address is assigned. The RFC2131 makes heavy use of this option. Kea should make its allocation decision respecting this option. Currently this option is ignored.
3321 enhancement 1391487743362766 1392812254190470 data source medium muks DNS Outstanding Tasks new Use a lowercase version of calculate() for further speedup in findNSEC3() `findNSEC3()` (in database and memory backends) uses a version of hash calculator that converts the label data to lowercase every time before calculating the hash. Because it does it repeatedly for sub-seqeunces of the same name, it can be optimized by converting the name to lowercase upfront and using a lowercase version of `calculate()` with it.

(This ticket is an offshoot of #1894.)
3323 defect 1391519313296956 1391519313296956 build system low UnAssigned stephen New Tasks new Change location of hooks example code The DHCP example hooks library code is in the source tree at “src/hooks…”. This should be moved into the “examples” directory.
3325 enhancement 1391548471422540 1391548471422540 libdns++ low UnAssigned tmark New Tasks new Add wrapper for asio::io_service::poll and poll_one to asiolink::IOService asio::io_service provides two non-blocking methods, poll and poll_one for executing ready handlers. These methods are not currently visible as there are no wrappers provided in asiolink::IOService.

b10-dhcp-ddns related and related Kea work make use of poll now by accessing the native io_service.
3326 enhancement 1391583686154342 1392812273788676 data source medium muks DNS Outstanding Tasks new Modify ZoneIterator interface to enforce getSOA() requirements `ZoneIterator::getSOA()`’s API doc requires us to cache the SOA RRset during iterator construction. This is so the SOA does not change after iteration starts even if there are changes to the underlying data source. This is currently suggested in API doc and not enforced, and our data sources implement it. We should consider modifying the `ZoneIterator` interface such that `getSOA()` is no longer virtual and the SOA RRset is cached by the parent `ZoneIterator` itself during construction.

The API for this would be a little tricky as `ZoneIterator` is constructed before derived classes, so we may either use a `ZoneIteratorImpl` that `ZoneIterator` wraps around, or get the derived constructor to call a protected `setSOA()` method.
3327 defect 1391589639450868 1392811920094973 Unclassified high muks DNS Outstanding Tasks new DDNS TSIG testing inadequate (missing) In the following code in `ddns.py.in`:

msg = update_session.get_message()
self.__response_renderer.clear()
if tsig_ctx is not None:
msg.to_wire(self.__response_renderer, tsig_ctx)
else:
msg.to_wire(self.__response_renderer)


It doesn’t matter if the false path is taken every time. Unittests still pass. There is inadequate test coverage.
3328 enhancement 1391626808129143 1397640730796484 dhcp-ddns medium tmark DHCP Outstanding Tasks new Add maxiumum queue size to dhcp-ddns configuration, consider sender ip and port The NameChangeSender interface supports a value for the maximum size limit for its internal send queue. The default is in the dhcp_ddns library is 1024. This value should be a configurable value in the dhcp-ddns configuration.

NameChangeSender also supports a “client” IP address and port. These values default to 0.0.0.0 and 0 respectively allowing the
sender to bind as the OS deems suitable. Is there a need or usefulness in being able to configure a specific address and port?
3334 enhancement 1391778416437979 1391778416437979 libdns++ medium UnAssigned muks New Tasks new Use RdataPimplHolder instead of std::auto_ptr in RDATA parsers Various RDATA parsers in `libdns` use `std::auto_ptr` but it is deprecated in C11. We currently do not allow the use C++11 features, but stopping to use `std::auto_ptr` seems wise anyway going forward.

#2185 (TLSA parser) introduces a `RdataPimplHolder` class that is a drop-in replacement for how `std::auto_ptr` is used in the RDATA parsers. This ticket is to do the replacements. Please do it after #2185 has been merged to master.
3336 defect 1392287396580495 1392296860094799 dhcp4 low wlodekwencel DHCP-QA Defects new No renew and rebind times in server respond. Options:
58 - Renewal Time Value RFC 2132 Section 9.11
59 - Rebinding Time Value RFC 2132 Section 9.12
Kea4 does not include in to OFFER/ACK message.

Apparently it’s on ‘TODO’ list:
file: src/bin/dhcp4/dhcp4_srv.cc lines 1046, 1047:

/// todo: send renew timer option (T1, option 58)<br> /// todo: send rebind timer option (T2, option 59)


Also there is unitest for this: Dhcpv4SrvTest::checkAddressParams
file: src/bin/dhcp4/tests/dhcp4_test_utils.cc
line: 241

It testing presence of those options in message created by server and that unitest is passing.
3337 defect 1392311671131503 1392369201791046 perfdhcp medium marcin DHCP Outstanding Tasks new perfdhcp wrong merge MAC to packet template This is a bug report regarding use of template packets in perfdhcp, submitted by Torsten Goehler:


Dear Sirs,
I’m trying to factor template files for perfdhcp for DHCP performance testing.
I factored a template file containing the required options.
I used:
perfdhcp R 1000T discover.hex
to start testing with 1000 simulated different MAC adresses.

according to the bootp standart the Client MAC is directly positioned after the relay IP. The expection was perfdhcp to count up the client MAC, which starts w “00:0c:01:02:03:04” if I dont’t give the “b mac=xx:xx:xx:xx" starting value.

This obviously works only if I dont’t use a hex template file.
In case I use the perfdhcp in conjunction w a template file as mentioned, the altering client MAC address is inserted into the packet w an off set of 2 bytes after the relay IP which is weird. Even if I try to use "
b mac=xx:xx:xx:xx” and template file together the given mac gets inserted w that 2 bytes offset which makes it impossible to control the client mac togehther with defining other options which are nessesary to simulate proper address scope selection.

any ideas?
point to patch the source and re-compile?

Many thanks
Torsten
3338 defect 1392392746132183 1392392746132183 libdns++ medium UnAssigned jreed New Tasks new rename dns/message.h and other dns headers due to bind9 clash dns/message.h is a file provided from BIND9. It is incompatible and different than BIND10’s dns/message.h.

Code with #include
may end up matching wrong version and result in:
error: ‘isc::dns::Message’ has not been declared
(as an example).

Ordering of -I include arguments can work around this, but it would be best not to use same name especially since lots of systems have bind9 headers in default headers path. I propose we change the filename.

This also is about dns/rdataclass.h dns/rdata.h dns/rcode.h dns/opcode.h and dns/name.h

I thought I brought this up before but couldn’t find old ticket.

I think maybe if we don’t rename files, we should rename the subdirectory to dns++/
3342 defect 1392627893429184 1397640730796484 dhcp4 low plu DHCP Outstanding Tasks new bind-10 DHCP4 problem with windows XP SP3 Some problem with getting ip address in Windows XP SP3. Other OS (ubuntu, centOS, windows XP sp2, windows 7, windows 98) are getting IP-address, but Windows XP SP3 doesn’t get IP.
Configuration in bind10 dhcp4 is minimum:
added:
Dhcp4/subnet4[0]/subnet “192.168.122.0/24”
Dhcp4/subnet4[0]/pool [ “192.168.122.1 - 192.168.122.240” ]
I tried to distribute ip-address using isc-dhcp-server, all worked for all systems, including windows xp sp3

dhcp, windows xp, sp3
3345 defect 1392972487378436 1394114786523217 data source medium muks Common Outstanding Tasks new Segfault in zone_loader_test.py on Mac OS macmini is reporting a segfault:
http://git.bind10.isc.org/~tester/builder//BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/logs/unittests.out


Running test: zone_loader_test.py
…………/bin/sh: line 1: 35497 Segmentation fault (core dumped) DYLD_LIBRARY_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/datasrc/.libs: DYLD_LIBRARY_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/cryptolink/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/cc/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/config/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/log/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/util/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/util/threads/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/exceptions/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/datasrc/.libs:$DYLD_LIBRARY_PATH PYTHONPATH=:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/log_messages:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/cc:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/log:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/.libs:/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/dns/python/.libs TESTDATA_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests/testdata TESTDATA_WRITE_PATH=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests HAVE_SHARED_MEMORY=yes B10_FROM_BUILD=/b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build /Local/Users/jreed/opt/pkg/bin/python3.1 /b/work/BIND10/20140219080925-MacOSX10.6-x86_64-Clang-Static/build/src/lib/python/isc/datasrc/tests/$pytest
make[8]: * [check-local] Error 139


I am not able to reproduce it locally (on Fedora 20). On macmini, it is not reproducible with a static build with GCC. It only seems to happen with static builds with clang++.
3346 task 1393001449172503 1393001449172503 logging medium shane new Revisit logging design This ticket documents a proposed synthetic benchmarking for research purposes.


We use log4cplus where each process logs directly. This was chosen for performance reasons, but we have had a lot of problems getting logging to be free of concurrency problems, in spite of our extra-careful locking.

We should benchmark an approach that sends data to a centralized logging task to see what the performance implications are.

Ideally we should check a few different secondary storage approaches:

1. Normal spinning disks
2. Solid-state disks (SSD)
3. RAM disk (for best-case/worst-case measurement)

We should also check with no concurrent logging, mild concurrent logging, and massively concurrent logging.
3348 task 1393247594986355 1393247594986355 perfdhcp medium tgoehler New Tasks new perfdhcp providing first DUID not working providing a starting duid like

perfdhcp 6b duid=‘00030001000d00000000’ r 1R 10 T perfdhcp-data/v6/solicit.hexO17 2000::100:1

does not work.

it is just counting up the DUID gven from the template file.

using the syntax like
duid=00:03:00:01:00:0d:00:00:00:00:00
doesn’t work either.

have you a hint of what format to enter the DUID using the -b switch?

thx
Torsten
3349 enhancement 1393247912718141 1396346133891204 perfdhcp medium tgoehler New Tasks new perfdhcp randomized MAC at multiple offsets we like to simulate cable modems to come up.
A DHCP DISCOVER from a cable modem has the MAC Address at 3 positions.

Client Identifier offset 28
option 61
and
option 82:2

perfdhcp seems to support randomizing the MAC only at one point in the DISCOVER packet.

is there a way of copying this MAC also to option 61 and 82:2 of the packet or just to give additional offsets of where to put this MAC too?

thx
Torsten
3354 enhancement 1393515828940921 1393536730221608 dhcp-ddns medium tmark New Tasks new Add bool configuration parameters to enable/disable forward and reverse updates to D2 Under 3341, udpates in a given direction were made configurable by whether or not there were any DDNS domains defined for that direction. An improvement on top of that would be to add explicit
flags to enable or disable a given direction. This would allow toggling updates on or off, while leaving domain configuration in-tact.

This will require adding values to the appropriate parsers, unit tests etc.
3355 defect 1393528456541634 1393528456541634 configuration medium tmark New Tasks new Add method to recreate dhcp::CfgMgr singleton instance In order to ensure cleaner, more reliable testing it would be extremely helpful to be able to replace CfgMgr singleton instance with a newly created one. With increasing complexity of configuration of the servers that use this class (Kea4,6, and D2), it is increasingly error prone to “reinitialize” CfgMgr to known state for testing.



3356 defect 1393852289277929 1393852289277929 dhcp-ddns medium tmark DHCP-Kea0.9 new DDNS TTL value is does not meet 4702, Section 5 Currently the value used as TTL in DNS RRs is TTL directly from the lease (valid lease lifetime). Per 4702/Section 5 it should be
be:


RR TTL = ((lease TTL / 3) < 10 minutes) ? 10 minutes : (lease TTL / 3)
3357 enhancement 1393941139933884 1397640730796484 dhcp medium tomek DHCP Outstanding Tasks new Merge DHCPv4-over-DHCPv6 into Kea repo Prof. Yong Cui’s team (Qi Sun, Cong Liu) developed DHCPv4-over-DHCPv6 solution that is based on Kea code that was released 9 months ago (bind10-1.1.0). The goal of this ticket is to improve the code, fill in missing gaps and then merge it into Kea master.

Marcin and Tomek will do a detailed review and will put it here.

The code is available here: https://github.com/gnocuil/DHCPv4oDHCPv6

ISC comment: assigning this ticket to 0.9-alpha with medium quality, even though it is not needed for 0.9-alpha release, currently planned for end of March (not needed in a sense that we can still go with the alpha release even if this ticket is still open). It is not possible right now to determine how long it will take to merge the code. If we somehow manage to do it before 0.9-alpha, great. If not, we’ll merge it after and include the code in 0.9-beta.

3361 defect 1394031735348039 1394031735348039 dhcp medium jreed New Tasks new document hooks configuration and libreload for DHCP commands I saw #2981 is for configuring hooks but I don’t see docs.

Please add documentation for administrators for libreload command and hooks-libraries and hooks-library configurations.

These can be briefly added to
./src/bin/dhcp6/b10-dhcp6.xml
and
./src/bin/dhcp4/b10-dhcp4.xml
(see ./src/bin/auth/b10-auth.xml for example documentation)
and with more detail and explanations and examples if needed to
./doc/guide/bind10-guide.xml

3363 defect 1394051566235448 1396966655213886 dhcp-ddns medium tmark tmark DHCP-Kea0.9 accepted D2UpdateMgr should check both DHCID and IP address when scheduling jobs D2UpdateMgr::pickJob currently skips over requests for whose DHCID a transaction is already in progress. It should also check the
request IP address. If Kea sends a CHG_REMOVE followed by a CHG_ADD for the same IP address but for different FQDNS, they might be worked worked concurrently. This can happen if a client changes host names.
3366 defect 1394118806441655 1394118806441655 Unclassified very low jreed New Tasks new include examples/ in the distfiles (in tarball) Use EXTRA_DIST or other to include all the examples/ in the tarball.
3367 defect 1394119686971651 1394119771850561 dhcp4 medium wlodekwencel DHCP-QA Defects new incorrect values of ciaddr According to RFC 2131 (Table 3 page 29) Value of ‘ciaddr’ field in messages: DHCP_OFFER and DHCP_NAK should always be 0.0.0.0

Kea is just simply copying that value from received message.

Forge tests for error reproduction:
v4.message.fields.ciaddr-correct-offer
v4.message.fields.ciaddr-incorrect-offer
v4.message.fields.ciaddr-incorrect-nak
v4.message.fields.ciaddr-correct-nak

attached captures/config files/logs of listed tests.
3368 defect 1394135056814989 1394135056814989 data source medium jreed New Tasks new sqlite nxdomain qps regression from 1.1.0 to 1.2.0beta1 I didn’t have a chance to look into this much, but opening ticket so it is not forgot.

With a server with 100,000 zones of 15 records each loaded into sqlite3 database, queries that result in nxdomain had a qps regression.

This is from 1.1.0 to 1.2.0beta1

largehost-sqlite3-cpus4.nxdomain 12448.86 - 3956.23 qps 68 regression<br><br>largehost-sqlite3-.nxdomain 3199.41 - 1023.14 qps 68 regression
3369 defect 1394135390395296 1394135390395296 b10-auth medium jreed New Tasks new auth asio error messages at shutdown CC_ASYNC_READ_FAILED , AUTH_SERVER_FAILED, CC_WRITE_ERROR I am seeing errors like the following when shutting down when using multiple auth servers.


2014-03-05 13:36:14.734 ERROR [b10-auth.cc/26975] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104)
2014-03-05 13:36:14.735 FATAL [b10-auth.auth/26975] AUTH_SERVER_FAILED server failed: asynchronous read failed
2014-03-05 13:36:14.735 FATAL [b10-auth.cc/26975] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
terminate called after throwing an instance of ‘isc::cc::SessionError’
what(): ASIO write failed: Broken pipe


Here is a longer different example:

2014-03-05 14:05:45.769 INFO [b10-init.init/27845] BIND10_RECEIVED_SIGNAL recei
ved signal SIGTERM
2014-03-05 14:05:45.769 INFO [b10-init.init/27845] BIND10_SHUTDOWN stopping the
server
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_CONFIGURATOR_STOP bin
d10 component configurator is shutting down
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon
ent Socket creator is being stopped
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_SOCKCREATOR_TERMINATE
terminating socket creator
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon
ent msgq is being stopped
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon
ent b10-auth is being stopped
2014-03-05 14:05:45.770 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b
10-auth to shut down
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP compon
ent cfgmgr is being stopped
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking c
fgmgr to shut down
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-3 is being stopped
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-3 to shut down
2014-03-05 14:05:45.771 INFO [b10-auth.auth/27855] AUTH_SERVER_EXITING exiting
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-2 is being stopped
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-2 to shut down
2014-03-05 14:05:45.771 INFO [b10-init.init/27845] BIND10_COMPONENT_STOP component b10-auth-4 is being stopped
2014-03-05 14:05:45.772 INFO [b10-auth.auth/27855] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped
2014-03-05 14:05:45.772 INFO [b10-init.init/27845] BIND10_STOP_PROCESS asking b10-auth-4 to shut down
2014-03-05 14:05:45.772 INFO [b10-cfgmgr.cfgmgr/27853] CFGMGR_STOPPED_BY_COMMAND received shutdown command, shutting down
2014-03-05 14:05:45.772 INFO [b10-auth.auth/27856] AUTH_SERVER_EXITING exiting
2014-03-05 14:05:45.773 INFO [b10-auth.auth/27856] AUTH_DATASRC_CLIENTS_BUILDER_STOPPED data source builder thread stopped
2014-03-05 14:05:45.774 ERROR [b10-auth.cc/27857] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104)
2014-03-05 14:05:45.774 ERROR [b10-auth.cc/27858] CC_ASYNC_READ_FAILED asynchronous read failed (error code = 104)
2014-03-05 14:05:45.775 FATAL [b10-auth.auth/27857] AUTH_SERVER_FAILED server failed: asynchronous read failed
2014-03-05 14:05:45.775 FATAL [b10-auth.auth/27858] AUTH_SERVER_FAILED server failed: asynchronous read failed
2014-03-05 14:05:45.775 FATAL [b10-auth.cc/27857] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
terminate called after isc:: [b10-auth.cc/27858] CC_WRITE_ERROR error writing data to command channel (Broken pipe)
what(): ASIO write failed: Broken pipe
terminate called after throwing an instance of ‘isc::cc::SessionError’
what(): ASIO write failed: Broken pipe
2014-03-05 14:05:46.773 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27850 of Socket creator ended with status 0
2014-03-05 14:05:46.792 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27851 of msgq ended with status 0
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27853 of cfgmgr ended with status 0
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27855 of b10-auth ended with status 0
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27856 of b10-auth-3 ended with status 0
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27857 of b10-auth-2 ended with status 6
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_PROCESS_ENDED process 27858 of b10-auth-4 ended with status 6
2014-03-05 14:05:46.793 INFO [b10-init.init/27845] BIND10_SHUTDOWN_COMPLETE all processes ended, shutdown complete


I saw this with the bind10-1.2.0beta1-release.
3371 defect 1394203989695253 1394203989695253 Unclassified medium jreed New Tasks new update AUTHORS for DHCP/Kea developers Currently the generic AUTHORS file is used to in ./src/lib/datasrc/Makefile.am to create the authors.bind static DNS zone.

For example, see:

dig @n10.isc.org t txtc ch authors.bind

We should update the AUTHORS file.

Should it be used for generating DNS authors.bind even for non-DNS developers?
Maybe we could add some identifying tags to each name and then only generate the authors.bind static zone file for the DNS related?

While here should we prune out any of the entries from authors.bind? So maybe some identifying tag that indicates is a key DNS developer and should be in authors.bind?
3372 defect 1394219352678301 1394219522473218 dhcp-ddns medium tmark DHCP-Kea0.9 new D2ClientMgr should set proper “any” address for listener based on server ip address D2ClientMgr needs to create NameChangeUDPSenders with correct “any” address based upon the configured server address. Currently
it always uses “0.0.0.0”, thus if the dhcp-ddns/server-ip value is set to an IPv6 address, the UDP sends fail. For Ipv6 it should use “::”.
3377 defect 1394835126797622 1394835126797622 dhcpconf medium tomek DHCP Outstanding Tasks new Python-less configuration alternative Currently Kea requires Python framework for configuration.

We should evaluate alternatives that have fewer dependencies and could be used in smaller deployments.
3378 defect 1395830714964717 1395830745538181 build system medium UnAssigned tmark DHCP-Kea0.9 new Apple LLVM compiler 5.1 (clang 5.1) command line option changes break configure script After updating to Xcode 5.1, which includes a compiler update, I was no longer able to run “configure”. The check for the “R" compiler option succeeds even though it is no longer supported. There are two tests for it configure:

1. Checks if
Wl,R is available in the linker. The result of this
test is”no“, which is correct. clang outputs an error stating that R is not supported.

2. Checks if
R is available in the linker. The result of this is”yes" which is not actually correct. clang sets $? to 0 BUT there is a warning to stderr that unused option is being ignored.

This second test causes the R option to be included in compile flags which causes subsequent tests for building with botan to fail.

After manually altering the configure script to suppress the
R, configure completes successfully, however building the project then fails with link errors. Specifically, I believe it was libdhcp’s unit tests which failed to link. So while the -R option
can be suppressed it’s effect is something we need?

The following is an excerpt from Xcode 5.1 release notes:


The Apple LLVM compiler in Xcode 5.1 treats unrecognized command-line options as errors. This issue has been seen when building both Python native extensions and Ruby Gems, where some invalid compiler options are currently specified.

Projects using invalid compiler options will need to be changed to remove those options. To help ease that transition, the compiler will temporarily accept an option to downgrade the error to a warning:

Wno-error=unused-command-line-argument-hard-error-in-future

Note: This option will not be supported in the future.

To workaround this issue, set the ARCHFLAGS environment variable to downgrade the error to a warning. For example, you can install a Python native extension with:

$ ARCHFLAGS=
Wno-error=unused-command-line-argument-hard-error-in-future easy_install ExtensionName

Similarly, you can install a Ruby Gem with:

$ ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future gem install GemName 16214764 updated

3379 defect 1396284193012161 1396285345041141 Unclassified medium jreed New Tasks new NameDhcpv4SrvTest.respectClientDelegation failure
[ RUN ] NameDhcpv4SrvTest.respectClientDelegation
fqdn_unittest.cc:256: Failure
Value of: fqdn->getFlag(Option4ClientFqdn::FLAG_N)
Actual: true
Expected: flag_n
Which is: false
fqdn_unittest.cc:397: Failure
Value of: d2_mgr_.getQueueSize()
Actual: 0
Expected: 1
[ FAILED ] NameDhcpv4SrvTest.respectClientDelegation (2 ms)

See http://git.bind10.isc.org/~tester/builder/BIND10/20140328153740-FreeBSD10-x86/logs/unittests.out
This is master as of commit 70f1f297bfbaa8c2e8ad3decf92383fc550dad78 Date: Fri Mar 28 15:09:03 2014 +0100
3380 defect 1396284453783167 1396347140132105 Unclassified medium jreed New Tasks new option6_ia_unittest.cc Called C++ object pointer is null As seen with clang’s scan-build static analyzer:
http://git.bind10.isc.org/~tester/builder/BIND10-clang-static-analyzer/20140328214701-MacOS/logs/files/scan-build/2014-03-28-1/report-Bf7Us8.html#EndPath

See src/lib/dhcp/tests/option6_ia_unittest.cc line 305:
EXPECT_EQ(D6O_IAADDR, addr->getType());
addr is NULL according to previous line not matching.
3381 defect 1396352035339767 1396352035339767 dhcp6 low tmark DHCP-Kea0.9 new Improve allocation engine IPv6 logging to distinguish between allocation types During review of 3080, marcin made the following comment:


> Not strictly related to this work but… DHCPSRV_ADDRESS6_ALLOC_ERROR - this error message in alloc_engine is wrong because it talks about IPv6 addresses only. If you fail to allocate the prefix (not a 128 address) it is quite misleading. And it was misleading when I spotted it for the first time in the kea log file, when running system tests.
>


This issue is that the log message and its description are specific to address requests, yet it is used for all IPv6 allocation types. There are other log messages to which this also applies.

The logging should indicate the exact nature of the failure. If you
have a server which is allocating both addresses and prefixes the log
message can be misleading.
3382 defect 1396354427945274 1396380388369620 dhcpdb medium tmark DHCP-Kea0.9 new Rework marshaling/unmarshaling logic in PgSqlLeaseManager to use Postgesql bind types The code to populate the bind arrays for marshaling data to and from Postgresql should be restructured. To build bind arrays to send to Postgresql, it first builds a list of PgSqlParams by converting all input parameters to std::strings (except hwaddr, client_id, and duid), and binds them to c_str() values of these strings. This causes each parameter to be converted first by us to a string and then back to binary by Postgresql. Similarly, when retrieving data from the database, it is received as string values and then converted. Heavy use of stringstream is used in both directions.

The code should be structured similar to the MySQL implementation which builds the bind arrays directly and uses the MY_SQL data types. This would eliminate the PgSqlParam layer as well as needless conversions to and from strings.
3385 defect 1396719562313345 1396719666564147 build system medium UnAssigned jinmei jinmei@wide.ad.jp New Tasks new bind10 build failures I’ve noticed bind10 as of 0ba3a23277d023da3d690875f9d95867f5cc0df4 doesn’t compile with this versions of clang++ on MacOS X Mavericks:

Apple LLVM version 5.1 (clang-503.0.38) (based on LLVM 3.4svn)
Target: x86_64-apple-darwin13.1.0
Thread model: posix

The errors are generally trivial. I’m attaching a proposed patch to fix the issue for the above environment. For ‘unused variable’ types of errors you might want to actually use them, rather than removing them.

One possibly non-trivial fix is that for dhcp/option_custom.{h,cc}. Obviously you cannot define a templated function in the .cc unless it’s only used within that file (it’s in fact used in a test). I don’t understand why it works for others, or I’m not sure my simplest fix (just moving the definition to .h) is the best way to fix this, so you may want to address it in a different way.
3387 defect 1396877151073414 1396877352872505 Unclassified medium jreed New Tasks new IOFetchTest.TcpSendReceive65535 failure
[ RUN ] IOFetchTest.TcpSendReceive65535
io_fetch_unittest.cc:439: Failure
Value of: result
Actual: 1
Expected: expected
Which is: 0
io_fetch_unittest.cc:454: Failure
Value of: result_buff
->getLength()
Actual: 63518
Expected: return_data.size
Which is: 65535
io_fetch_unittest.cc:462: Failure
Value of: equal, return_data
.end(), start)
Actual: false
Expected: true
[ FAILED ] IOFetchTest.TcpSendReceive65535 (4501 ms)


This was seen at
http://git.bind10.isc.org/~tester/builder/BIND10/20140404191615-NetBSD5-i386-GCC/logs/unittests.out

Only seen on NetBSD 5.2 i386 and not any other systems including not on other NetBSD systems.

The problem started at 2014-01-17 02:25:02 but not previous builds.
3388 task 1397219925639277 1397219925639277 Boss of BIND medium g—n New Tasks new Put a little note on your homepage that BIND10 is not, and cannot, be affected by “Heartbleed”. I’d say you have every right to gloat a little here, actually.

I mentioned you here: https://github.com/g—n/heartbreaking