[PATCH] s4-dns: set TTL value in the NS server part of the SOA record

Wed May 29 22:07:47 MDT 2013

On Thu, May 30, 2013 at 1:36 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Thu, 2013-05-30 at 04:56 +0200, Günter Kukkukk wrote:
> > Am Donnerstag, 30. Mai 2013, 03:48:48 schrieb Andrew Bartlett:
> > > On Thu, 2013-05-30 at 03:30 +0200, Günter Kukkukk wrote:
> > > > From bc9bc355efa450d48e559f939ec124b94a7b61aa Mon Sep 17 00:00:00
> 2001
> > > > From: Guenter Kukkukk <kukks at samba.org>
> > > > Date: Thu, 30 May 2013 02:19:32 +0200
> > > > Subject: [PATCH] s4-dns: set TTL value in the NS server part of the
> > > > SOA record
> > > >
> > > > noticed this when using samba-tool to create a new zone
> > > >
> > > > Signed-off-by: Guenter Kukkukk <kukks at samba.org>
> > > > ---
> > > >
> > > >  source4/rpc_server/dnsserver/dnsdb.c |    1 +
> > > >  1 files changed, 1 insertions(+), 0 deletions(-)
> > > >
> > > > diff --git a/source4/rpc_server/dnsserver/dnsdb.c
> > > > b/source4/rpc_server/dnsserver/dnsdb.c
> > > > index b5ad470..d59edbf 100644
> > > > --- a/source4/rpc_server/dnsserver/dnsdb.c
> > > > +++ b/source4/rpc_server/dnsserver/dnsdb.c
> > > > @@ -931,6 +931,7 @@ WERROR dnsserver_db_create_zone(struct
> ldb_context
> > > > *samdb,
> > > >
> > > >         dns_rec[1].wType = DNS_TYPE_NS;
> > > >         dns_rec[1].rank = DNS_RANK_ZONE;
> > > >         dns_rec[1].dwSerial = soa.serial;
> > > >
> > > > +       dns_rec[1].dwTtlSeconds = 3600;
> > > >
> > > >         dns_rec[1].dwTimeStamp = (uint32_t)t;
> > > >         dns_rec[1].data.ns = server_fqdn;
> > >
> > > Where is this magic value defined?  (ie, what makes 1 hour the right
> > > value here by default?)
> > >
> > > Andrew Bartlett
> >
> > Hi Andrew,
> >
> > those MANY magical hardcoded TTL values are flooding around in nearly
> _all_
> > dns related samba sources - whether C or python.
> >
> > Look some lines above in the same file:
> > .....
> >       /* SOA Record - values same as defined in provision/sambadns.py */
> >       soa.serial = 1;
> >       soa.refresh = 900;
> >       soa.retry = 600;
> >       soa.expire = 86400;
> >       soa.minimum = 3600;
> >       soa.mname = server_fqdn;
> >       soa.rname = soa_email;
> >
> >       dns_rec[0].wType = DNS_TYPE_SOA;
> >       dns_rec[0].rank = DNS_RANK_ZONE;
> >       dns_rec[0].dwSerial = soa.serial;
> >       dns_rec[0].dwTtlSeconds = 3600;
> >       dns_rec[0].dwTimeStamp = (uint32_t)t;
> >       dns_rec[0].data.soa = soa;
> >
> >       /* NS Record */
>
> It's almost certainly fine, but I'll just ask that Amity or Kai pass
> their blessing over this if that's OK.
>
>
Hi,

Good catch Gunter. TTL value for SOA record is definitely missing from RPC
code.

Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Regarding the zombie records, they could be from the older provision. There
was a bug which did not set a flag on the DNS record so they were ignored
and those records could not be deleted via samba-tool.

Amitay.