From: Wouter Wijngaards Date: Thu, 13 Jan 2011 10:13:01 +0000 (+0000) Subject: - Fix prefetch so it does not get stuck on old server for moved names. X-Git-Tag: release-1.4.8rc1~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=790cb517757261c0dcd1c7d966b1e902b1f15ffa;p=thirdparty%2Funbound.git - Fix prefetch so it does not get stuck on old server for moved names. git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index b69b30c49..5c44621e5 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +13 January 2011: Wouter + - Fix prefetch so it does not get stuck on old server for moved names. + 12 January 2011: Wouter - iana portlist updated. diff --git a/iterator/iterator.c b/iterator/iterator.c index 8b00e37e7..3924057ce 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -1018,10 +1018,16 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, delname = iq->qchase.qname; delnamelen = iq->qchase.qname_len; } - if(iq->qchase.qtype == LDNS_RR_TYPE_DS || iq->refetch_glue) { + if(iq->qchase.qtype == LDNS_RR_TYPE_DS || iq->refetch_glue || + (iq->qchase.qtype == LDNS_RR_TYPE_NS && qstate->prefetch_leeway)) { /* remove first label from delname, root goes to hints, * but only to fetch glue, not for qtype=DS. */ - if(dname_is_root(delname) && iq->refetch_glue) + /* also when prefetching an NS record, fetch it again from + * its parent, just as if it expired, so that you do not + * get stuck on an older nameserver that gives old NSrecords */ + if(dname_is_root(delname) && (iq->refetch_glue || + (iq->qchase.qtype == LDNS_RR_TYPE_NS && + qstate->prefetch_leeway))) delname = NULL; /* go to root priming */ else dname_remove_label(&delname, &delnamelen); iq->refetch_glue = 0; /* if CNAME causes restart, no refetch */ diff --git a/testdata/iter_prefetch_ns.rpl b/testdata/iter_prefetch_ns.rpl new file mode 100644 index 000000000..c0ffdb86c --- /dev/null +++ b/testdata/iter_prefetch_ns.rpl @@ -0,0 +1,293 @@ +; config options +server: + target-fetch-policy: "0 0 0 0 0" + prefetch: "yes" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test resolver prefetch of NS record for moved domain + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. (before sale of domain) +RANGE_BEGIN 0 20 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. (after sale of domain) +RANGE_BEGIN 30 200 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 8.8.8.8 +ENTRY_END +RANGE_END + +; ns.example.com. first owner +RANGE_BEGIN 0 200 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. new owner +RANGE_BEGIN 0 200 + ADDRESS 8.8.8.8 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 8.8.8.8 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 88.88.88.88 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 8.8.8.8 +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 5 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END + +STEP 10 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +example.com. IN NS +ENTRY_END +; recursion happens here. +STEP 15 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. 3600 IN NS ns.example.com. +SECTION AUTHORITY +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END + +; after 1800 secs still the cached answer +STEP 20 TIME_PASSES ELAPSE 1800 + +STEP 30 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 40 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 1800 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 1800 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 1800 IN A 1.2.3.4 +ENTRY_END + +STEP 44 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +example.com. IN NS +ENTRY_END +; recursion happens here. +STEP 45 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. 1800 IN NS ns.example.com. +SECTION AUTHORITY +SECTION ADDITIONAL +ns.example.com. 1800 IN A 1.2.3.4 +ENTRY_END + +; after 1440 we are 360 seconds before the expiry +STEP 50 TIME_PASSES ELAPSE 1440 + +STEP 60 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +example.com. IN NS +ENTRY_END +; recursion happens here. +STEP 70 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. 360 IN NS ns.example.com. +SECTION AUTHORITY +SECTION ADDITIONAL +ns.example.com. 360 IN A 1.2.3.4 +ENTRY_END + +STEP 80 TRAFFIC +; let traffic flow for prefetch to happen + +; after 360 + 2000 we are after the change to new owner. +STEP 100 TIME_PASSES ELAPSE 2360 + +; the NS record should have timed out. +STEP 120 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 130 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 88.88.88.88 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 8.8.8.8 +ENTRY_END + +SCENARIO_END