TSIG for the Xfrin module?
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Mon Dec 12 18:59:05 UTC 2011
At Sat, 10 Dec 2011 03:10:13 +0000,
"Spain, Dr. Jeffry A." <spainj at countryday.net> wrote:
> > Yes, that's another known bug. But that aside, this seems strange to me...I thought it couldn't happen for a transfer from a BIND 9 master. It might be a bug in BIND 10. If you can reproduce it, can you apply the patch (which will fix the log format error) and see which RR causes the log?
>
> I rebuilt my bind10 server, including the patch you supplied. The log message in question now reads as follows:
>
> 2011-12-09 21:46:27.811 WARN [b10-xfrin.libxfrin] LIBXFRIN_DIFFERENT_TTL multiple data with different TTLs (0, 3600) on jaspain.net./IN. Adjusting 3600 -> 0.
>
> Copied below is the jaspain.net. zone file as transferred from the
> master followed by the zone data from the bind10 localhost. Note the
> record "jaspain.net. 0 IN RRSIG TYPE65534" with a TTL of zero on the
> master, and that the bind10 server has adjusted this TTL to 3600.
Ah, okay, thanks. That's a BIND 10's bug.
> jaspain.net. 3600 IN RRSIG SOA
> jaspain.net. 0 IN RRSIG TYPE65534
It should distinguish RRSIGs for different covered types.
I've created a ticket for this:
http://bind10.isc.org/ticket/1502
While it's weird, however, this shouldn't be a critical problem for
your experiments because the RRSIG TTLs won't affect validation
results (unless you heavily rely on the 0-TTL of that particular RRSIG
for some other reason).
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind10-users
mailing list