27 Pro
2020
27 Pro
'20
11:34
Hi Sadiq,
thank you for sharing your Knot issue with us.
You might try (temporary) lowering the log level from 'info' to 'debug'
on sekhmet, in order to see potential "ACL denied" message.
Anyway, I can see in your configuration files that you are using two
'remote' instances for one machine. This has probably nothing to do with
this issue, but it can cause different kinds of issues. Idiomatic
configuration should look like (for example):
remote:
- id: horus
address: [ 192.67.222.53@53, 2620:98:400a::53@53 ]
Let us know your next findings,
Thanks,
Libor
Dne 27. 12. 20 v 2:32 Sadiq Saif napsal(a):
Hi all,
I can't quite figure this out, I have two servers running Knot DNS 3.0.3 on Ubuntu
20.04.
horus.bastetrix.net is the primary, sekhmet.bastetrix.net is the secondary.
One of the zones hosted on these servers is selfhosting.cloud.
Whenever I commit a change to selfhosting.cloud, this happens in the log. As you can see,
for some reason the IPv4 address returns a NOTAUTH error and then Knot successfully
notifies over IPv6.
Dec 27 00:53:37 horus.bastetrix.net knotd[174159]: warning: [selfhosting.cloud.] notify,
outgoing, remote 192.195.251.53@53, server responded with error 'NOTAUTH'
Dec 27 00:53:37 horus.bastetrix.net knotd[174159]: info: [selfhosting.cloud.] notify,
outgoing, remote 2620:98:400c::53@53, serial 5
Dec 27 00:53:38 horus.bastetrix.net knotd[174159]: info: [selfhosting.cloud.] IXFR,
outgoing, remote 2620:98:400c::53@36778, started, serial 4 -> 5
Dec 27 00:53:38 horus.bastetrix.net knotd[174159]: info: [selfhosting.cloud.] IXFR,
outgoing, remote 2620:98:400c::53@36778, finished, 0.00 seconds, 1 messages, 295 bytes
sekhmet only logs a successful notify and IXFR from the v6 address, nothing about the
failed v4 notify:
Dec 27 00:53:37 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] notify,
incoming, remote 2620:98:400a::53@58782, serial 5
Dec 27 00:53:38 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] refresh,
remote 2620:98:400a::53@53, remote serial 5, zone is outdated
Dec 27 00:53:38 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] IXFR,
incoming, remote 2620:98:400a::53@53, started
Dec 27 00:53:38 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] IXFR,
incoming, remote 2620:98:400a::53@53, finished, 0.00 seconds, 1 messages, 295 bytes
Dec 27 00:53:38 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] refresh,
remote 2620:98:400a::53@53, zone updated, 0.40 seconds, serial 4 -> 5
Dec 27 00:53:38 sekhmet.bastetrix.net knotd[536887]: info: [selfhosting.cloud.] zone file
updated, serial 4 -> 5
I am attaching the knot.conf for both servers. I double checked both configs multiple
times and don't see why that particular warning is happening during zone notify.
Can someone shed some light on this mystery?
--
Sadiq Saif
https://bastetrix.com