BIND 10 #2662: provide some post-load logs

BIND 10 Development do-not-reply at isc.org
Fri Jan 25 07:42:30 UTC 2013 

#2662: provide some post-load logs
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:
  jinmei                             |                Status:  new
                       Type:  task   |             Milestone:  Next-Sprint-
                   Priority:         |  Proposed
  medium                             |              Keywords:
                  Component:  data   |             Sensitive:  0
  source                             |           Sub-Project:  DNS
               CVSS Scoring:         |  Estimated Difficulty:  0
            Defect Severity:  N/A    |           Total Hours:  0
Feature Depending on Ticket:         |
  loadzone-ng                        |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------
 I suggest providing log messages after zone loading corresponding to
 the following BIND 9 logs:

 {{{#!c
                         } else if (!isc_serial_ge(serial, oldserial))
                                 dns_zone_log(zone, ISC_LOG_ERROR,
                                              "zone serial (%u/%u) has gone
 "
                                              "backwards", serial,
 oldserial);
                         else if (serial == oldserial && !hasinclude &&
                                  strcmp(zone->db_argv[0], "_builtin") !=
 0)
                                 dns_zone_log(zone, ISC_LOG_ERROR,
                                              "zone serial (%u) unchanged.
 "
                                              "zone may fail to transfer "
                                              "to slaves.", serial);
 }}}

 and

 {{{#!c
         if (! dns_db_ispersistent(db))
                 dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s",
 serial,
                              dns_db_issecure(db) ? " (DNSSEC signed)" :
 "");
 }}}

 I actually wanted to do this as part of completed zone-load tasks, but
 I missed the opportunities.

 While maybe less common these days now many people generate zone files
 from a tool (mainly for DNSSEC signing), forgetting to increment the
 serial is a quite common operational error.  So I believe it's pretty
 important (especially the second one).

 From a quick look this shouldn't be very difficult: I believe we can
 easily do it for the generic/DB-based data sources by updating
 `ZoneLoader` so it remembers the preload SOA and compares it to the
 new one (then produce the corresponding log).

 For in-memory, it seems possible by updating `ZoneWriterLocal`.  Or,
 if we do #2652 it'll be covered by the general case.

-- 
Ticket URL: <http://bind10.isc.org/ticket/2662>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list