Permalink
Browse files

On (re-)priming, fetch the root NS records

  • Loading branch information...
1 parent af72359 commit 3beb3b25c0e1900d549bf5158d4fbd63d136af5f @pieterlexis pieterlexis committed Nov 10, 2016
Showing with 46 additions and 30 deletions.
  1. +42 −29 pdns/pdns_recursor.cc
  2. +1 −1 pdns/reczones.cc
  3. +2 −0 pdns/syncres.cc
  4. +1 −0 pdns/syncres.hh
View
@@ -1937,35 +1937,9 @@ static void houseKeeping(void *)
}
if(now.tv_sec - last_rootupdate > 7200) {
- SyncRes sr(now);
- sr.setDoEDNS0(true);
- vector<DNSRecord> ret;
-
- sr.setNoCache();
- int res=-1;
- try {
- res=sr.beginResolve(DNSName("."), QType(QType::NS), 1, ret);
- }
- catch(PDNSException& e)
- {
- L<<Logger::Error<<"Failed to update . records, got an exception: "<<e.reason<<endl;
- }
-
- catch(std::exception& e)
- {
- L<<Logger::Error<<"Failed to update . records, got an exception: "<<e.what()<<endl;
- }
-
- catch(...)
- {
- L<<Logger::Error<<"Failed to update . records, got an exception"<<endl;
- }
- if(!res) {
- L<<Logger::Notice<<"Refreshed . records"<<endl;
- last_rootupdate=now.tv_sec;
- }
- else
- L<<Logger::Error<<"Failed to update . records, RCODE="<<res<<endl;
+ int res = getRootNS();
+ if (!res)
+ last_rootupdate=now.tv_sec;
}
if(!t_id) {
@@ -3145,3 +3119,42 @@ int main(int argc, char **argv)
return ret;
}
+
+int getRootNS(void) {
+ SyncRes sr(g_now);
+ sr.setDoEDNS0(true);
+ sr.setNoCache();
+ sr.d_doDNSSEC = (g_dnssecmode != DNSSECMode::Off);
+
+ vector<DNSRecord> ret;
+ int res=-1;
+ try {
+ res=sr.beginResolve(DNSName("."), QType(QType::NS), 1, ret);
+ if (g_dnssecmode != DNSSECMode::Off && g_dnssecmode != DNSSECMode::ProcessNoValidate) {
+ auto state = validateRecords(ret);
+ if (state == Bogus)
+ throw PDNSException("Got Bogus validation result for .|NS");
+ }
+ return res;
+ }
+ catch(PDNSException& e)
+ {
+ L<<Logger::Error<<"Failed to update . records, got an exception: "<<e.reason<<endl;
+ }
+
+ catch(std::exception& e)
+ {
+ L<<Logger::Error<<"Failed to update . records, got an exception: "<<e.what()<<endl;
+ }
+
+ catch(...)
+ {
+ L<<Logger::Error<<"Failed to update . records, got an exception"<<endl;
+ }
+ if(!res) {
+ L<<Logger::Notice<<"Refreshed . records"<<endl;
+ }
+ else
+ L<<Logger::Error<<"Failed to update . records, RCODE="<<res<<endl;
+ return res;
+}
View
@@ -94,7 +94,7 @@ void primeHints(void)
}
}
}
- t_RC->replace(time(0), DNSName("."), QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), true); // and stuff in the cache (auth)
+ t_RC->replace(time(0), DNSName("."), QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), false); // and stuff in the cache (auth)
}
static void makeNameToIPZone(SyncRes::domainmap_t* newMap, const DNSName& hostname, const string& ip)
View
@@ -632,8 +632,10 @@ void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vecto
LOG(prefix<<qname<<": no valid/useful NS in cache for '"<<subdomain<<"'"<<endl);
;
if(subdomain.isRoot() && !brokeloop) {
+ // We lost the root NS records
primeHints();
LOG(prefix<<qname<<": reprimed the root"<<endl);
+ getRootNS();
}
}while(subdomain.chopOff());
}
View
@@ -50,6 +50,7 @@
#include "filterpo.hh"
void primeHints(void);
+int getRootNS(void);
class RecursorLua4;
struct BothRecordsAndSignatures

0 comments on commit 3beb3b2

Please sign in to comment.