[Opendnssec-develop] Re: [OpenDNSSEC] #247: Hang signer processes after receiving several notifies in succession
Göran Bengtson
goeran at chalmers.se
Mon Jul 4 06:45:33 UTC 2011
On Fri, 1 Jul 2011, OpenDNSSEC wrote:
> From: OpenDNSSEC <owner-dnssec-trac at kirei.se>
> Cc: "opendnssec-develop at lists.opendnssec.org"
> <opendnssec-develop at lists.opendnssec.org>
> Message-ID: <071.325be7a3618917f178fc62dab35c1c0a at kirei.se>
> Date: Fri, 1 Jul 2011 11:12:12 +0200
> Subject: Re: [OpenDNSSEC] #247: Hang signer processes after receiving several
> notifies in succession
>
> #247: Hang signer processes after receiving several notifies in succession
> -----------------------------------+----------------------------------------
> Reporter: goeran@… | Owner: matthijs
> Type: defect | Status: accepted
> Priority: major | Component: Signer
> Version: 1.3.0 | Resolution:
> Keywords: signer, hang, notifies |
> -----------------------------------+----------------------------------------
>
> Comment (by matthijs):
>
> Can I conclude that the problem does not exist in 1.2.1 (since you
> downgraded)?
I've never seen it in 1.2.1. The handling of repeated sign request are
different (notify och explicit ods-signer sign commands). If the signer
already is working with a zone the sign request returns "cmdhandler: already
performing task for zone itsnat.se".
Jul 4 08:40:51 ns-test ods-signerd: zone fetcher received NOTIFY for zone itsnat.se
Jul 4 08:40:52 ns-test ods-signerd: zone fetcher transferred zone itsnat.se serial 2011070402 successfully
Jul 4 08:40:54 ns-test ods-signerd: cmdhandler: zone itsnat.se scheduled for immediate re-sign
Jul 4 08:40:59 ns-test ods-signerd: zone fetcher received NOTIFY for zone itsnat.se
Jul 4 08:40:59 ns-test ods-signerd: zone fetcher transferred zone itsnat.se serial 2011070403 successfully
Jul 4 08:41:00 ns-test ods-signerd: cmdhandler: already performing task for zone itsnat.se
Jul 4 08:41:07 ns-test ods-auditor[26071]: Auditor started
Jul 4 08:41:07 ns-test ods-auditor[26071]: Auditor starting on itsnat.se
Jul 4 08:41:07 ns-test ods-auditor[26071]: Auditing itsnat.se zone : NSEC3 SIGNED
Jul 4 08:41:18 ns-test ods-signerd: zone fetcher received NOTIFY for zone itsnat.se
Jul 4 08:41:18 ns-test ods-signerd: zone fetcher transferred zone itsnat.se serial 2011070404 successfully
Jul 4 08:41:18 ns-test ods-signerd: cmdhandler: already performing task for zone itsnat.se
Jul 4 08:41:23 ns-test ods-signerd: zone fetcher received NOTIFY for zone itsnat.se
Jul 4 08:41:23 ns-test ods-signerd: zone fetcher transferred zone itsnat.se serial 2011070405 successfully
Jul 4 08:41:23 ns-test ods-signerd: cmdhandler: already performing task for zone itsnat.se
Jul 4 08:41:28 ns-test ods-signerd: zone fetcher received NOTIFY for zone itsnat.se
Jul 4 08:41:29 ns-test ods-signerd: zone fetcher transferred zone itsnat.se serial 2011070406 successfully
Jul 4 08:41:29 ns-test ods-signerd: cmdhandler: already performing task for zone itsnat.se
Jul 4 08:42:02 ns-test trigger-resign[26443]: Try to schedule a resign for itsnat.se (based on new unsigned file)
Jul 4 08:42:02 ns-test ods-signerd: cmdhandler: already performing task for zone itsnat.se
Jul 4 08:42:37 ns-test ods-auditor[26071]: SOA differs : from 2011070402 to 2011070407
Jul 4 08:42:38 ns-test ods-auditor[26071]: Finished auditing itsnat.se zone
Jul 4 08:42:41 ns-test my-reload[26561]: Start processing itsnat.se
Jul 4 08:42:42 ns-test my-reload[26561]: End processing itsnat.se
Jul 4 08:42:42 ns-test ods-signerd: [STATS] itsnat.se RR[count=37644 time=1(sec)] NSEC3[count=0 time=1(sec)] RRSIG[new=10 reused=73493 time=6(sec) avg=1(sig/sec)] AUDIT[time=92(sec)] TOTAL[time=108(sec)]
However, that fact also imply that it may not sign a zone that was transfered
while a signing was in progress. That is a problem that I handle with a cron-
job, and that have worked weel for some time now.
>
> --
> Ticket URL: <http://trac.opendnssec.org/ticket/247#comment:4>
> OpenDNSSEC <http://www.opendnssec.org/>
> OpenDNSSEC
/ Göran
More information about the Opendnssec-develop
mailing list