Hi,
The implementation of catalog zones in Knot DNS 3.0.x isn't mature
enough, and it doesn't fully comply with the fresh RFC
, which was released yesterday.
Daniel
On 07. 07. 23 13:09, Daniel Gröber wrote:
Hi Tuomo and David,
On Fri, Jul 07, 2023 at 12:31:50PM +0200, David Vasek wrote:
Yes, it is likely that the missing
unique-id's are the only problem. I was
able to reproduce the issue with that setup - I'm quite surprised that such
a faulty catalog zone actually worked with 3.0.5.
So, Daniel, try adding the unique-id's first.
Yeah that did it. Not sure how I missed that, I was read over that bit in
the docs like three times :)
When I set this up I was probably just too lazy to assign IDs and was happy
when it worked without.
On 2023-07-07 12:20, Tuomo Soini wrote:
you can select any method to generate uniqueid.
We originally decided
to use uuid but after initial testing we moved to md5sum of
"domain.tld.primary.server.dns-name." so we can re-generate always same
uniqueid. Problem with uuid was we'd need to have separate database to
store uuid domain.tld. combinations. you could use any "salt" instead
of primary.server.dns-name. but for our purposes server dns name was
unique.
Some kind of hash of domain is not enough in case you need to handle
moving domain from one system to another where catalog interpreter can
be secondary server for multiple different primary servers.
I write the catalog zone by hand so hashing or whatnot is a big hassle, for
now I'll just go with a-z then. AFAIU this shouldn't be a problem since I
don't do dnssec signing and don't care if zone state is purged in the
future.
Thanks,
--Daniel
--