-
Notifications
You must be signed in to change notification settings - Fork 905
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Regression: Authoritative server 4.1.0 caches wrong SOA information in certain circumstances, leading to broken responses #6208
Comments
Hi, Thanks for the report, can you please provide a minimal database and configuration with instructions on how to reproduce this issue? Thanks! |
It seems that the issue was also noticed by the DNS flag day tests: https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/issues/34 You'll see how several requests can lead to this situation. |
That is an unrelated issue that was fixed in 4.1.0. |
@crystallite we have no other reports of this issue occurring in 4.0 or 4.1 - can you help us reproduce it? |
Hello! It seems that I'm facing the same issue with pdns 4.2.0rc1. I would like no to post my domains publicly, but can send them in some private way. Or do any other debug that is needed. |
Can you please post your pdns.conf and any included config files? |
Closing this as we are two major releases further, and we received no feedback. If you still see this problem, please let us know and we will reopen this ticket. |
I observe similar behaviour as per #3175 with latest versions of pdns-auth (confirmed for 4.0.3 and 4.1.0) and remote backend. My system is latest Debian 9.
The bug is reproducible when a server has a bit of load (~10-20 requests per second). When negative cache expires for a record, I can see query to a backend for a SOA record, after which subsequent A queries for the same record give empty response.
The issue does not seem to manifest itself when negquery-cache-ttl=0
It is also not reproducible with an old 3.4.4 version, but caching there seems to be working in a radically different way.
The text was updated successfully, but these errors were encountered: