headers
Devdas Bhagat | 1 Oct 2007 13:24
Favicon

DLZ with PostgreSQL and stored procedures

I am trying to implement DLZ with a PostgreSQL backend and stored procedures.
I apologise for the lack of wrapping at 72 characters in this message.

I am getting very wierd results, where my function works in some cases but not
in others, where works implies that BIND returns a valid result.

This is a rather long email, but I am trying to provide as much information
as possible.

My schema looks likes this:

CREATE TABLE zone_soa (
	zoneid			integer		primary key,
	vsid			integer		NOT NULL,
	zone_name		varchar(255)	NOT NULL,
	is_authoritative	boolean		DEFAULT 'f',
	ttl			integer		NOT NULL	DEFAULT 28800,
	zone_serial		bigint		NOT NULL,
	refresh			integer		NOT NULL	DEFAULT 2592000,
	retry			integer		NOT NULL	DEFAULT 86400,
	expire 			integer		NOT NULL	DEFAULT 7776000,
	minimum 		integer		NOT NULL	DEFAULT 28800,
	primaryns		varchar(255)	NOT NULL,
	responsible_person	varchar(255)	NOT NULL,
	status			text		NOT NULL	DEFAULT 'Active',
	last_modified_on	timestamp	DEFAULT now(),
	created_on		timestamp	DEFAULT now(),
	CONSTRAINT	positive_ttl		CHECK	(ttl >= 0),
	CONSTRAINT	positive_serial		CHECK	(zone_serial >= 0),
	CONSTRAINT	positive_refresh	CHECK	(refresh >= 0),
(Continue reading)

Permalink | Reply | 0 comments |
headers
Rob Butler | 4 Oct 2007 00:13
Picon
Favicon

Re: DLZ with PostgreSQL and stored procedures

Sorry, I've been busy.  I wasn't able to get to your e-mail till just now.  

I suspect what may be happening is your just returning too much information in your query.  When DLZ comes in
asking about the 'ns1' and 'ns2' records after the query for 'www' you are giving it the soa record again. 
Try using the 3 query form of DLZ.  The first for the zone existence check, the second for the data the
incoming query is asking for, and the third for the authoritative information (SOA/NS records).

Rob  

----- Original Message ----
From: Devdas Bhagat <devdas.b <at> directi.com>
To: bind-dlz-testers <at> lists.sourceforge.net
Sent: Monday, October 1, 2007 7:24:55 AM
Subject: [Bind-dlz-testers] DLZ with PostgreSQL and stored procedures

I am trying to implement DLZ with a PostgreSQL backend and stored procedures.
I apologise for the lack of wrapping at 72 characters in this message.

I am getting very wierd results, where my function works in some cases but not
in others, where works implies that BIND returns a valid result.

This is a rather long email, but I am trying to provide as much information
as possible.

My schema looks likes this:

CREATE TABLE zone_soa (
    zoneid            integer        primary key,
    vsid            integer        NOT NULL,
    zone_name        varchar(255)    NOT NULL,
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michael Ayers | 17 Oct 2007 22:22
Picon

Problem with getting domain responses.

Hey all,

I am trying to get bind-dlz working here at my company.  I have compiled bind with mysql dlz support using a hacked rpm from fedora and adding the --with-dlz-mysql option in the spec file and gotten the driver working (the log messages show it loading and attaching to the database), however when I attempt to do a lookup of a hostname in the domain I created I get the following error:

[root <at> satest ~]# dig nazgul.example.com

; <<>> DiG 9.4.2rc1 <<>> nazgul.example.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10281
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;nazgul.example.com.             IN      A

;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Oct 17 13:17:40 2007
;; MSG SIZE  rcvd: 35

The domain does exist in the database, however it does not seem to be searching it right or something.  Below is the configuration in my named.conf:

view "external" {
        match-clients { any; };
        //recursion no;

        dlz "Mysql zone" {
           database "mysql
           {host=localhost dbname=dns_external user=dns pass=satest}
           {select zone from records where zone = '%zone%'}
           {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"')
                when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
                else data end from dns_records where zone = '%zone%' and host = '%record%'}";
        };
};

Does anyone have any ideas as to what can be going on here?

Thanks,

Michael J. Ayers
Senior Systems Engineer

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
Permalink | Reply | 2 comments |
headers
Jan-Piet Mens | 17 Oct 2007 22:30
Picon
Favicon
Gravatar

Re: Problem with getting domain responses.

On Wed Oct 17 2007 at 22:22:49 CEST, Michael Ayers wrote:

> The domain does exist in the database, however it does not seem to be
> searching it right or something.

Have you tried running `named' with -n 1 -g -d 1 ? That will print the
queries it is sending to the backend on the console and might show you
what is going wrong.

        -JP

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
Permalink | Reply | 1 comment |
headers
Michael Ayers | 17 Oct 2007 23:28
Picon

Re: Problem with getting domain responses.

Yes, I added a verbose logging section to my named.conf after i sent the email.  As it turns out there was a space in my sql query hitting the database.  I have fixed that issue.

Thanks for the help.

On 10/17/07, Jan-Piet Mens <jp <at> mens.de> wrote:
On Wed Oct 17 2007 at 22:22:49 CEST, Michael Ayers wrote:

> The domain does exist in the database, however it does not seem to be
> searching it right or something.

Have you tried running `named' with -n 1 -g -d 1 ? That will print the
queries it is sending to the backend on the console and might show you
what is going wrong.

        -JP

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
Permalink | Reply | 0 comments |
headers
Michael J. Ayers | 18 Oct 2007 00:30
Picon

Question about DB entries.

Hey all,

Does bind-dlz support standard bind GENERATE statements like the following:

$GENERATE 1-254          10.0.0.$.corp.boingo.com.   A       10.0.0.$

If so, how do I enter that in the database table?  I tried but it bombed on me.  If not, how would I duplicate that functionality with bind-dlz?

--
Michael J. Ayers
Senior Systems Engineer 

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
Permalink | Reply | 0 comments |
headers
Jan-Piet Mens | 18 Oct 2007 10:55
Picon
Favicon
Gravatar

LDAP driver and percent (%) in URLs: %zone% -> $zone$

The percent sign (%) used in LDAP URLs of the DLZ LDAP driver collides
with its use as a hex prefix (%20) in those URLs using newer versions
of OpenLDAP (case in point is OpenLDAP 2.3.38).

There was a thread regarding this in November 2006 with an patch which
was supposed to fix something, but I haven't as yet found the patch.

Attached is a two-line change to sdlz_helper.c which solves the
problem for me; it changes the notion of %zone% et.al. to $zone$ which
ought to be safe enough for the time being.

Is there a better way around this?

        -JP

*** bind-9.4.1-P1/contrib/dlz/drivers/sdlz_helper.c.orig	2007-10-17 22:18:42.000000000 +0200
--- bind-9.4.1-P1/contrib/dlz/drivers/sdlz_helper.c	2007-10-17 22:43:04.000000000 +0200
***************
*** 166,177 ****
  		ISC_LIST_APPEND(*tql, tseg, link);

  		/*
! 		 * split string at the first "%". set query segment to
  		 * left portion
  		 */
  		tseg->sql = isc_mem_strdup(mctx,
  					   isc_string_separate(&right_str,
! 							       "%"));
  		if (tseg->sql == NULL) {
  			/* no memory, clean everything up. */
  			result = ISC_R_NOMEMORY;
--- 166,177 ----
  		ISC_LIST_APPEND(*tql, tseg, link);

  		/*
! 		 * split string at the first "$". set query segment to
  		 * left portion
  		 */
  		tseg->sql = isc_mem_strdup(mctx,
  					   isc_string_separate(&right_str,
! 							       "$"));
  		if (tseg->sql == NULL) {
  			/* no memory, clean everything up. */
  			result = ISC_R_NOMEMORY;

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
Permalink | Reply | 0 comments |
headers
Rob Butler | 18 Oct 2007 13:57
Picon
Favicon

Re: Question about DB entries.

No, DLZ doesn't support GENERATE statements.  You have to insert each record into the DB.

You could write a simple script or stored proc to do the work for you.

Rob

----- Original Message ----
From: Michael J. Ayers <ayerslists <at> gmail.com>
To: bind-dlz-testers <bind-dlz-testers <at> lists.sourceforge.net>
Sent: Wednesday, October 17, 2007 6:30:17 PM
Subject: [Bind-dlz-testers] Question about DB entries.

Hey all,

Does bind-dlz support standard bind GENERATE statements like the following:

$GENERATE 1-254          10.0.0.$.corp.boingo.com.   A       10.0.0.$

If so, how do I enter that in the database table?  I tried but it bombed on me.  If not, how would I duplicate that functionality with bind-dlz?

--
Michael J. Ayers
Senior Systems Engineer


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Bind-dlz-testers mailing list
Bind-dlz-testers <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bind-dlz-testers
Permalink | Reply | 0 comments |

Gmane