Maintained by: NLnet Labs

[Unbound-users] unbound-control flush_zone problem

W.C.A. Wijngaards
Tue Feb 15 09:50:32 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Isaac,

On 02/15/2011 09:37 AM, Isaac González wrote:
> Hi,
> 
> We manage several autoritative servers with bind. We've encountered some
> problems in the next scenario:
> 
> 1- I have a DNS zone (using BIND) with over 272 registers.
> 2- I modify a type A register for example and reload the BIND zone.
> 3- I execute the command unbound-control flush_zone domain.tld
> 4- I see the message "ok removed etc....)
> 5- If I do a query dig modified_register.domain.tld @localhost I don't
> see any changes. And doing the query to the autoritative BIND server the
> change is visible.
> 
> Using a small zone I can see  the changes immediately.

But for the large zone it does not?

Is it the case that there are multiple authority servers and they are
not in sync (or not immediately for large zones), and that unbound
re-fetches the data, but from a server with still the old data?

> Are the some limit in the unbound config? Can you guide me to solve this
> problem? Is there any configuration parameter that I've missed?

Unbound does not flush local-data, if you have configured stuff
especially for this name in the config, then this stays.

> Thanks in advance.
> Please let me know if you need some information, our unbound
> configuration, etc...our unbound version is 1.4.7 with
> llibevent-1.4.14b-stable

Can you reproduce the problem?  Could you do so with verbosity=4 and
(perhaps also logfile: "mydebug.log" because the output is large and may
not be nice and mess up your syslogs), and email me the output (offlist
if large) ?

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk1aPlgACgkQkDLqNwOhpPge2gCfQXznRCXcasofcL++Xx5flEeg
CzIAnjoGVLpU0IcD3EQhETXrSA/Rrhvy
=G26r
-----END PGP SIGNATURE-----