3 Lis
2020
3 Lis
'20
9:32
Hello all, hello Libor,
it seems to me, that i'm hit this bug also. So i setup a new knot-dns server
with v3.0.1.
Is there a way to query the real/raw running zone configuration to see those
"misconfioguration"?
My relevant config so far is:
mod-cookies:
- id: "default"
secret-lifetime: "108000"
badcookie-slip: "3"
mod-rrl:
- id: "default"
rate-limit: "200"
slip: "2"
template:
- id: "default"
global-module: [ "mod-cookies/default", "mod-rrl/default" ]
storage: "/var/lib/knot/zones"
file: "%s"
semantic-checks: "on"
dnssec-signing: "off"
serial-policy: "unixtime"
kasp-db: "/var/lib/knot/kasp-db"
zone:
- domain: "virtion.cloud."
notify: "nicmaster-slaves-notify"
acl: [ "nicmaster-slaves-notify", "nicmaster-slaves-transfer" ]
If i query this naemserver about this domain, i got a 10 seconds timeout after
the first query:
$ time \dig @nshp.cloud.vtnx.net txt virtion.cloud.
;; BADCOOKIE, retrying.
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> @nshp.cloud.vtnx.net
txt
virtion.cloud.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28693
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 41edb01bb5d82bb1010000005fa1120d75eaf957902e35c2 (good)
;; QUESTION SECTION:
;virtion.cloud. IN TXT
;; ANSWER SECTION:
virtion.cloud. 3600 IN TXT "v=spf1 ip4:5.28.40.0/21 mx -all"
;; Query time: 13 msec
;; SERVER: 5.28.40.210#53(5.28.40.210)
;; WHEN: Tue Nov 03 09:17:17 CET 2020
;; MSG SIZE rcvd: 114
real 0m10.060s
user 0m0.010s
sys 0m0.010s
It's not clear for me, that this is the same bug.
- Frank
--
Frank Matthieß Mail: frank.matthiess(a)virtion.de
phone: +49 521 44 81 58 17
GnuPG: 9F81 BD57 C898 6059 86AA 0E9B 6B23 DE93 01BB 63D1
virtion GmbH Südring 11, DE 33647 Bielefeld
Geschäftsführer: Michael Kutzner
Handelsregister HRB 40374, Amtsgericht Bielefeld, USt-IdNr.: DE278312983