Regression: Authoritative server 4.1.0 caches wrong SOA information in certain circumstances, leading to broken responses #6208
Comments
|
Hi, Thanks for the report, can you please provide a minimal database and configuration with instructions on how to reproduce this issue? Thanks! |
|
It seems that the issue was also noticed by the DNS flag day tests: https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/issues/34 You'll see how several requests can lead to this situation. |
That is an unrelated issue that was fixed in 4.1.0. |
|
@crystallite we have no other reports of this issue occurring in 4.0 or 4.1 - can you help us reproduce it? |
|
Hello! It seems that I'm facing the same issue with pdns 4.2.0rc1. I would like no to post my domains publicly, but can send them in some private way. Or do any other debug that is needed. |
|
Can you please post your pdns.conf and any included config files? |
|
Closing this as we are two major releases further, and we received no feedback. If you still see this problem, please let us know and we will reopen this ticket. |
I observe similar behaviour as per #3175 with latest versions of pdns-auth (confirmed for 4.0.3 and 4.1.0) and remote backend. My system is latest Debian 9.
The bug is reproducible when a server has a bit of load (~10-20 requests per second). When negative cache expires for a record, I can see query to a backend for a SOA record, after which subsequent A queries for the same record give empty response.
The issue does not seem to manifest itself when negquery-cache-ttl=0
It is also not reproducible with an old 3.4.4 version, but caching there seems to be working in a radically different way.
The text was updated successfully, but these errors were encountered: