From a95f897dfddc66cc9d4f9baaf66af60957b2bedd Mon Sep 17 00:00:00 2001 From: Ruben d'Arco Date: Thu, 9 May 2013 23:00:53 +0200 Subject: [PATCH] Correct inserting of ENT records --- pdns/rfc2136handler.cc | 43 +++++++---- .../1dyndns-update-deep-add-delete/command | 19 ++++- .../expected_result | 44 ++++++++++++ .../expected_result.dnssec | 55 ++++++++++++++ .../expected_result.narrow | 71 +++++++++++++++++-- .../expected_result.nsec3 | 67 +++++++++++++++-- 6 files changed, 274 insertions(+), 25 deletions(-) diff --git a/pdns/rfc2136handler.cc b/pdns/rfc2136handler.cc index 7087c4096..d5ee43626 100755 --- a/pdns/rfc2136handler.cc +++ b/pdns/rfc2136handler.cc @@ -226,24 +226,22 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * string shorter(rrLabel); bool auth=true; - set insnonterm; if (shorter != di->zone && rrType != QType::DS) { - do { + while(chopOff(shorter)) { if (shorter == di->zone) break; - bool foundShorter = false; di->backend->lookup(QType(QType::ANY), shorter); while (di->backend->get(rec)) { - if (rec.qname != rrLabel) - foundShorter = true; + foundShorter = true; if (rec.qtype == QType::NS) auth=false; } - if (!foundShorter && shorter != rrLabel && shorter != di->zone) + if (!foundShorter) insnonterm.insert(shorter); - - } while(chopOff(shorter)); + else + break; // if we find a shorter record, we can stop searching + } } if(*haveNSEC3) @@ -355,13 +353,29 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * if (recordsToDelete.size()) { // If we remove an NS which is not at apex of the zone, we need to make everthing below it auth=true as those now are not delegated anymore. if (rrType == QType::NS && rrLabel != di->zone) { - vector changeAuth; + vector belowOldDelegate, nsRecs, updateAuthFlag; di->backend->listSubZone(rrLabel, di->id); while (di->backend->get(rec)) { if (rec.qtype.getCode()) // skip ENT records, they are always auth=false - changeAuth.push_back(rec.qname); + belowOldDelegate.push_back(rec.qname); + if (rec.qtype.getCode() == QType::NS && rec.qname != rrLabel) + nsRecs.push_back(rec.qname); } - for (vector::const_iterator changeRec=changeAuth.begin(); changeRec!=changeAuth.end(); ++changeRec) { + + for(vector::const_iterator belowOldDel=belowOldDelegate.begin(); belowOldDel!= belowOldDelegate.end(); belowOldDel++) + { + bool isBelowDelegate = false; + for(vector::const_iterator ns=nsRecs.begin(); ns!= nsRecs.end(); belowOldDel++) { + if (endsOn(*ns, *belowOldDel)) { + isBelowDelegate=true; + break; + } + } + if (!isBelowDelegate) + updateAuthFlag.push_back(*belowOldDel); + } + + for (vector::const_iterator changeRec=updateAuthFlag.begin(); changeRec!=updateAuthFlag.end(); ++changeRec) { if(*haveNSEC3) { string hashed; if(! *narrow) @@ -396,6 +410,7 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * while (shorter != di->zone) { chopOff(shorter); bool foundRealRR = false; + bool foundEnt = false; // The reason for a listSubZone here is because might go up the tree and find the ENT of another branch // consider these non ENT-records: @@ -404,12 +419,16 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * // if we delete b.c.d.e.test.com, we go up to d.e.test.com and then find b.d.e.test.com because that's below d.e.test.com. // At that point we can stop deleting ENT's because the tree is in tact again. di->backend->listSubZone(shorter, di->id); + while (di->backend->get(rec)) { if (rec.qtype.getCode()) foundRealRR = true; + else + foundEnt = true; } if (!foundRealRR) - delnonterm.insert(shorter); + if (foundEnt) // only delete the ENT if we actually found one. + delnonterm.insert(shorter); else break; } diff --git a/regression-tests/1dyndns-update-deep-add-delete/command b/regression-tests/1dyndns-update-deep-add-delete/command index 66d14fa14..73f786352 100755 --- a/regression-tests/1dyndns-update-deep-add-delete/command +++ b/regression-tests/1dyndns-update-deep-add-delete/command @@ -4,6 +4,8 @@ cleandig a.b.c.d.e.f.test.dyndns A hidesoadetails dnssec cleandig a.b.d.e.f.test.dyndns A hidesoadetails dnssec cleandig x.d.e.f.test.dyndns A hidesoadetails dnssec +mysqldiff + cleannsupdate < a.b.c.d.e.f.test.dyndns A 0 127.0.0.1 3600 +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 +> b.c.d.e.f.test.dyndns NULL NULL NULL NULL +> b.d.e.f.test.dyndns NULL NULL NULL NULL +> c.d.e.f.test.dyndns NULL NULL NULL NULL +> d.e.f.test.dyndns NULL NULL NULL NULL +> e.f.test.dyndns NULL NULL NULL NULL +> f.test.dyndns NULL NULL NULL NULL +--- End: diff start step.1 --- + +Answer: +;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] +;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 +;; ZONE SECTION: +;test.dyndns. IN SOA + +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A +0 a.b.d.e.f.test.dyndns. IN A 3600 127.0.0.1 +2 . IN OPT 32768 +Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if a.b.c.d.e.f is removed correctly +--- Start: diff start step.2 --- +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 +> b.d.e.f.test.dyndns NULL NULL NULL NULL +> d.e.f.test.dyndns NULL NULL NULL NULL +> e.f.test.dyndns NULL NULL NULL NULL +> f.test.dyndns NULL NULL NULL NULL +--- End: diff start step.2 --- + Answer: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] ;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 @@ -46,3 +85,8 @@ Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if everything is removed correctly +--- Start: diff start step.3 --- +no differnce +--- End: diff start step.3 --- + diff --git a/regression-tests/1dyndns-update-deep-add-delete/expected_result.dnssec b/regression-tests/1dyndns-update-deep-add-delete/expected_result.dnssec index 70ab516bb..c7204ed1c 100644 --- a/regression-tests/1dyndns-update-deep-add-delete/expected_result.dnssec +++ b/regression-tests/1dyndns-update-deep-add-delete/expected_result.dnssec @@ -50,6 +50,56 @@ Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if records are added +--- Start: diff start step.1 --- +> a.b.c.d.e.f.test.dyndns A 0 127.0.0.1 3600 'f e d c b a' 1 +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 'f e d b a' 1 +> b.c.d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> b.d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> c.d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> f.test.dyndns NULL NULL NULL NULL NULL 1 +--- End: diff start step.1 --- + +Answer: +;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] +;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 +;; ZONE SECTION: +;test.dyndns. IN SOA + +1 a.b.d.e.f.test.dyndns. IN NSEC 86400 a.host.test.dyndns. A RRSIG NSEC +1 a.b.d.e.f.test.dyndns. IN RRSIG 86400 NSEC 8 7 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A +0 a.b.d.e.f.test.dyndns. IN A 3600 127.0.0.1 +0 a.b.d.e.f.test.dyndns. IN RRSIG 3600 A 8 7 3600 [expiry] [inception] [keytag] test.dyndns. ... +2 . IN OPT 32768 +Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A +1 a.b.d.e.f.test.dyndns. IN NSEC 86400 a.host.test.dyndns. A RRSIG NSEC +1 a.b.d.e.f.test.dyndns. IN RRSIG 86400 NSEC 8 7 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if a.b.c.d.e.f is removed correctly +--- Start: diff start step.2 --- +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 'f e d b a' 1 +> b.d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> d.e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> e.f.test.dyndns NULL NULL NULL NULL NULL 1 +> f.test.dyndns NULL NULL NULL NULL NULL 1 +--- End: diff start step.2 --- + Answer: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] ;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 @@ -83,3 +133,8 @@ Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if everything is removed correctly +--- Start: diff start step.3 --- +no differnce +--- End: diff start step.3 --- + diff --git a/regression-tests/1dyndns-update-deep-add-delete/expected_result.narrow b/regression-tests/1dyndns-update-deep-add-delete/expected_result.narrow index 966988516..d6031af7f 100644 --- a/regression-tests/1dyndns-update-deep-add-delete/expected_result.narrow +++ b/regression-tests/1dyndns-update-deep-add-delete/expected_result.narrow @@ -47,17 +47,71 @@ Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A -1 epfp6242bi1891c397kjdhsd0h04otmr.test.dyndns. IN NSEC3 86400 1 1 1 abcd EPFP6242BI1891C397KJDHSD0H04OTMT -1 epfp6242bi1891c397kjdhsd0h04otmr.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... -1 otdrjsdlb78jmsu0ic15a7u25quqphhr.test.dyndns. IN NSEC3 86400 1 1 1 abcd OTDRJSDLB78JMSU0IC15A7U25QUQPHHT -1 otdrjsdlb78jmsu0ic15a7u25quqphhr.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd IB3LD1S8C6DFQB62BFCODUG02VBAOUB3 +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 q9ck1e2e54o9cjvh84jfksvi69umn4v2.test.dyndns. IN NSEC3 86400 1 1 1 abcd Q9CK1E2E54O9CJVH84JFKSVI69UMN4V4 +1 q9ck1e2e54o9cjvh84jfksvi69umn4v2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN NSEC3 86400 1 1 1 abcd QM2M8QA1EA4HU5PLGU310CPNJ5G7BIE8 +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if records are added +--- Start: diff start step.1 --- +> a.b.c.d.e.f.test.dyndns A 0 127.0.0.1 3600 '' 1 +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 '' 1 +> b.c.d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> b.d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> c.d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> e.f.test.dyndns NULL NULL NULL NULL '' 0 +> f.test.dyndns NULL NULL NULL NULL '' 0 +--- End: diff start step.1 --- + +Answer: +;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] +;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 +;; ZONE SECTION: +;test.dyndns. IN SOA + +1 6dll36pp2pvi784nttvqc1oevi57p2k2.test.dyndns. IN NSEC3 86400 1 1 1 abcd 6DLL36PP2PVI784NTTVQC1OEVI57P2K4 +1 6dll36pp2pvi784nttvqc1oevi57p2k2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd IB3LD1S8C6DFQB62BFCODUG02VBAOUB3 +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN NSEC3 86400 1 1 1 abcd QM2M8QA1EA4HU5PLGU310CPNJ5G7BIE8 +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A +0 a.b.d.e.f.test.dyndns. IN A 3600 127.0.0.1 +0 a.b.d.e.f.test.dyndns. IN RRSIG 3600 A 8 7 3600 [expiry] [inception] [keytag] test.dyndns. ... +2 . IN OPT 32768 +Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd IB3LD1S8C6DFQB62BFCODUG02VBAOUB3 +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 q9ck1e2e54o9cjvh84jfksvi69umn4v2.test.dyndns. IN NSEC3 86400 1 1 1 abcd Q9CK1E2E54O9CJVH84JFKSVI69UMN4V4 +1 q9ck1e2e54o9cjvh84jfksvi69umn4v2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN NSEC3 86400 1 1 1 abcd QM2M8QA1EA4HU5PLGU310CPNJ5G7BIE8 +1 qm2m8qa1ea4hu5plgu310cpnj5g7bie6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 -1 u36f0tjooqv1kspatto6qns0vap731v2.test.dyndns. IN NSEC3 86400 1 1 1 abcd U36F0TJOOQV1KSPATTO6QNS0VAP731V3 NS SOA MX RRSIG DNSKEY NSEC3PARAM -1 u36f0tjooqv1kspatto6qns0vap731v2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if a.b.c.d.e.f is removed correctly +--- Start: diff start step.2 --- +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 '' 1 +> b.d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> d.e.f.test.dyndns NULL NULL NULL NULL '' 0 +> e.f.test.dyndns NULL NULL NULL NULL '' 0 +> f.test.dyndns NULL NULL NULL NULL '' 0 +--- End: diff start step.2 --- + Answer: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] ;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 @@ -97,3 +151,8 @@ Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if everything is removed correctly +--- Start: diff start step.3 --- +no differnce +--- End: diff start step.3 --- + diff --git a/regression-tests/1dyndns-update-deep-add-delete/expected_result.nsec3 b/regression-tests/1dyndns-update-deep-add-delete/expected_result.nsec3 index 8962d57fa..2acaf967f 100644 --- a/regression-tests/1dyndns-update-deep-add-delete/expected_result.nsec3 +++ b/regression-tests/1dyndns-update-deep-add-delete/expected_result.nsec3 @@ -47,17 +47,67 @@ Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A -1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN NSEC3 86400 1 1 1 abcd FQHG4B60ON9MNERF7BLIPAI4EJ9GKPDK A RRSIG -1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... -1 lresbbp3lv8blgj9fsgtdmm4q7vj3d6j.test.dyndns. IN NSEC3 86400 1 1 1 abcd Q75PNOE7PB74PND6OGN44T5BTUURBHRF A RRSIG -1 lresbbp3lv8blgj9fsgtdmm4q7vj3d6j.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd ITUDUKE14PTHSNO7II6H5SBOSHR8RFQS +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN NSEC3 86400 1 1 1 abcd R9S1CJ8DKMNMENJN95STI8NHH9UTPQ9K A RRSIG +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 -1 u36f0tjooqv1kspatto6qns0vap731v2.test.dyndns. IN NSEC3 86400 1 1 1 abcd 2GP5RDNJOQ5OOSPC5O1IH9LALI101DI8 NS SOA MX RRSIG DNSKEY NSEC3PARAM -1 u36f0tjooqv1kspatto6qns0vap731v2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if records are added +--- Start: diff start step.1 --- +> a.b.c.d.e.f.test.dyndns A 0 127.0.0.1 3600 '2u8m12oibofk0fqhk11s40k8vfnhhkug' 1 +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 'fqhg4b60on9mnerf7blipai4ej9gkpdk' 1 +> b.c.d.e.f.test.dyndns NULL NULL NULL NULL 'khlra7b5bua2jlf7ufqok3ebrjvn3l3c' 0 +> b.d.e.f.test.dyndns NULL NULL NULL NULL '9fltsdh9oa4l6nhe7hpka9o09ps71rvo' 0 +> c.d.e.f.test.dyndns NULL NULL NULL NULL '6dll36pp2pvi784nttvqc1oevi57p2k3' 0 +> d.e.f.test.dyndns NULL NULL NULL NULL 'ib3ld1s8c6dfqb62bfcodug02vbaoub2' 0 +> e.f.test.dyndns NULL NULL NULL NULL 'bt3ee6noitk5quchue5l6fqqmcku39gf' 0 +> f.test.dyndns NULL NULL NULL NULL 'otdrjsdlb78jmsu0ic15a7u25quqphhs' 0 +--- End: diff start step.1 --- + +Answer: +;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] +;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 +;; ZONE SECTION: +;test.dyndns. IN SOA + +1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN NSEC3 86400 1 1 1 abcd 8PQJV4B3M0LCFMVAE0HP394LC154L1I7 CNAME RRSIG +1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd ITUDUKE14PTHSNO7II6H5SBOSHR8RFQS +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN NSEC3 86400 1 1 1 abcd R9S1CJ8DKMNMENJN95STI8NHH9UTPQ9K A RRSIG +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.c.d.e.f.test.dyndns.', qtype=A +0 a.b.d.e.f.test.dyndns. IN A 3600 127.0.0.1 +0 a.b.d.e.f.test.dyndns. IN RRSIG 3600 A 8 7 3600 [expiry] [inception] [keytag] test.dyndns. ... +2 . IN OPT 32768 +Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN NSEC3 86400 1 1 1 abcd ITUDUKE14PTHSNO7II6H5SBOSHR8RFQS +1 ib3ld1s8c6dfqb62bfcodug02vbaoub2.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN NSEC3 86400 1 1 1 abcd R9S1CJ8DKMNMENJN95STI8NHH9UTPQ9K A RRSIG +1 q75pnoe7pb74pnd6ogn44t5btuurbhrf.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... +1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 +2 . IN OPT 32768 +Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 +Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if a.b.c.d.e.f is removed correctly +--- Start: diff start step.2 --- +> a.b.d.e.f.test.dyndns A 0 127.0.0.1 3600 'fqhg4b60on9mnerf7blipai4ej9gkpdk' 1 +> b.d.e.f.test.dyndns NULL NULL NULL NULL '9fltsdh9oa4l6nhe7hpka9o09ps71rvo' 0 +> d.e.f.test.dyndns NULL NULL NULL NULL 'ib3ld1s8c6dfqb62bfcodug02vbaoub2' 0 +> e.f.test.dyndns NULL NULL NULL NULL 'bt3ee6noitk5quchue5l6fqqmcku39gf' 0 +> f.test.dyndns NULL NULL NULL NULL 'otdrjsdlb78jmsu0ic15a7u25quqphhs' 0 +--- End: diff start step.2 --- + Answer: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id] ;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 @@ -97,3 +147,8 @@ Reply to question for qname='a.b.d.e.f.test.dyndns.', qtype=A 2 . IN OPT 32768 Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='x.d.e.f.test.dyndns.', qtype=A +Check if everything is removed correctly +--- Start: diff start step.3 --- +no differnce +--- End: diff start step.3 --- + -- 2.50.0