plugin/file: stop doing transfer on ixfr #3176

miekg · 2019-08-22T15:30:50Z

Thanks to some nice work from @wtoorop.

CoreDNS sends out an AXFR when the remote server sends an IXFR request with a SOA. I should compare the SOA with the one it has and then answer with a (smaller) reply.

This explains the number of zone transfers I was seeing.

Respond with a sing SOA record to an IXFR request if the SOA serials match. The added test fails on the current code with: ~~~ === RUN TestIxfrResponse --- FAIL: TestIxfrResponse (0.00s) secondary_test.go:122: Expected answer section with single RR FAIL exit status 1 ~~~ And obviously passes with the new code. This should cut down on the weird number of zone transfers that I was seeing. At some point IXFR support might be cool. Fixes: #3176 Signed-off-by: Miek Gieben <miek@miek.nl>

* plugin/file: respond correctly to IXFR message Respond with a sing SOA record to an IXFR request if the SOA serials match. The added test fails on the current code with: ~~~ === RUN TestIxfrResponse --- FAIL: TestIxfrResponse (0.00s) secondary_test.go:122: Expected answer section with single RR FAIL exit status 1 ~~~ And obviously passes with the new code. This should cut down on the weird number of zone transfers that I was seeing. At some point IXFR support might be cool. Fixes: #3176 Signed-off-by: Miek Gieben <miek@miek.nl> * reuse code Signed-off-by: Miek Gieben <miek@miek.nl> * Sligtht tweaks Signed-off-by: Miek Gieben <miek@miek.nl>

miekg · 2019-08-27T06:20:52Z

def. seeing the correct thing on my server (no more nonsense transfers)

Aug 26 14:41:31 deb coredns[28010]: 2019-08-26T14:41:31.292Z [INFO] plugin/sign: Signing "miek.nl." because inception "2019-08-20T11:49:07.000Z" was more than: 144h0m0s ago from 2019-08-26T14:41:31.050Z: 146h52m24.050073511s
Aug 26 14:41:31 deb coredns[28010]: 2019-08-26T14:41:31.293Z [INFO] plugin/sign: Successfully signed zone "miek.nl." in "/var/lib/coredns/db.miek.nl.signed" with key tags "33694,5607" and 1566830491 SOA serial, elapsed 0.243471, next: 2019-08-26T19:41:31.050Z
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.048Z [INFO] plugin/file: Successfully reloaded zone "miek.nl." in "/var/lib/coredns/db.miek.nl.signed" with 1566830491 SOA serial
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.056Z [INFO] plugin/file: Sent notify for zone "miek.nl." to "37.97.149.87:53"
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.063Z [INFO] plugin/file: Sent notify for zone "miek.nl." to "185.49.141.42:53"
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.069Z [INFO] plugin/file: Outgoing transfer of 85 records of zone miek.nl. to 37.97.149.87 started with 1566830491 SOA serial
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.070Z [INFO] plugin/file: Sent notify for zone "miek.nl." to "185.49.140.62:53"
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.077Z [INFO] plugin/file: Outgoing transfer of 85 records of zone miek.nl. to 185.49.140.62 started with 1566830491 SOA serial
Aug 26 14:42:31 deb coredns[28010]: 2019-08-26T14:42:31.155Z [INFO] plugin/file: Outgoing transfer of 85 records of zone miek.nl. to 185.49.141.42 started with 1566830491 SOA serial

miekg added bug plugin/file plugin/secondary labels Aug 22, 2019

miekg mentioned this issue Aug 22, 2019

plugin/file: respond correctly to IXFR message #3177

Merged

miekg closed this as completed in #3177 Aug 26, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

plugin/file: stop doing transfer on ixfr #3176

plugin/file: stop doing transfer on ixfr #3176

miekg commented Aug 22, 2019

miekg commented Aug 27, 2019

plugin/file: stop doing transfer on ixfr #3176

plugin/file: stop doing transfer on ixfr #3176

Comments

miekg commented Aug 22, 2019

miekg commented Aug 27, 2019