Skip to content

DNS servers should have NS and SOA records #8047

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 22 commits into
base: main
Choose a base branch
from
+2,531 −464
Open

DNS servers should have NS and SOA records #8047

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
a5e0264
should be the needful.. think the dns server needs soa testing too
iximeow Apr 22, 2025
084553c
ok why does the test fail though
iximeow Apr 22, 2025
5c8cded
looking basically reasonable now i think
iximeow Apr 22, 2025
2a5b875
at least one omdb test needs updating..
iximeow Apr 22, 2025
a6150a4
puzzling that the nameserver IPs are like that though
iximeow Apr 22, 2025
182f98e
actually answer NS and SOA queries, one more todo
iximeow Apr 23, 2025
086d996
actually unwind local ipcc overrides
iximeow Apr 23, 2025
af76a85
deny DNS updates that define SOA records
iximeow Apr 24, 2025
f77c4aa
no magic @ string
iximeow Apr 24, 2025
9ea1427
oops, goofy test misses
iximeow Apr 24, 2025
19907ac
openapi happy, clippy happy, maybe its ok now
iximeow Apr 25, 2025
fa47ab1
bump progenitor, this works but obviously incorrect approach
iximeow Apr 25, 2025
aa3ecae
test should clean up when it passes, rustfmt
iximeow Apr 28, 2025
69cd5d0
shuffle dns types and versions around to more suitable places
iximeow Apr 28, 2025
0f17ae6
clean up BOTH new tests actually
iximeow Apr 28, 2025
bfb25a5
dont just duplicate v1 and v2 DNS API impls
iximeow Apr 30, 2025
33ee507
make the into impls a little more reasonable
iximeow May 1, 2025
9b8c813
add a test exercising DNS server/client version combinations
iximeow May 1, 2025
d399431
move the lossy v2->v1 dns types conversions to not *Into
iximeow May 1, 2025
276356e
why was that there
iximeow May 2, 2025
069d2cd
update Crucible and bump Progenitor to go with it
iximeow May 2, 2025
8a9747d
Update nexus/db-model/src/dns.rs
iximeow May 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
514 changes: 315 additions & 199 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

12 changes: 6 additions & 6 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -387,10 +387,10 @@ crossterm = { version = "0.28.1", features = ["event-stream"] }
# NOTE: if you change the pinned revision of the `crucible` dependencies, you
# must also update the references in package-manifest.toml to match the new
# revision.
crucible-agent-client = { git = "https://github.com/oxidecomputer/crucible", rev = "da3cf198a0e000bb89efc3a1c77d7ba09340a600" }
crucible-pantry-client = { git = "https://github.com/oxidecomputer/crucible", rev = "da3cf198a0e000bb89efc3a1c77d7ba09340a600" }
crucible-smf = { git = "https://github.com/oxidecomputer/crucible", rev = "da3cf198a0e000bb89efc3a1c77d7ba09340a600" }
crucible-common = { git = "https://github.com/oxidecomputer/crucible", rev = "da3cf198a0e000bb89efc3a1c77d7ba09340a600" }
crucible-agent-client = { git = "https://github.com/oxidecomputer/crucible", rev = "e164393a88e7b62598897dc4f53315f083e25333" }
crucible-pantry-client = { git = "https://github.com/oxidecomputer/crucible", rev = "e164393a88e7b62598897dc4f53315f083e25333" }
crucible-smf = { git = "https://github.com/oxidecomputer/crucible", rev = "e164393a88e7b62598897dc4f53315f083e25333" }
crucible-common = { git = "https://github.com/oxidecomputer/crucible", rev = "e164393a88e7b62598897dc4f53315f083e25333" }
# NOTE: See above!
csv = "1.3.1"
curve25519-dalek = "4"
Expand Down Expand Up @@ -598,8 +598,8 @@ pretty_assertions = "1.4.1"
pretty-hex = "0.4.1"
prettyplease = { version = "0.2.30", features = ["verbatim"] }
proc-macro2 = "1.0"
progenitor = "0.9.1"
progenitor-client = "0.9.1"
progenitor = "0.10.0"
progenitor-client = "0.10.0"
# NOTE: if you change the pinned revision of the `bhyve_api` and propolis
# dependencies, you must also update the references in package-manifest.toml to
# match the new revision.
Expand Down
2 changes: 2 additions & 0 deletions clients/dns-service-client/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ pub type DnsError = crate::Error<crate::types::Error>;
pub const ERROR_CODE_UPDATE_IN_PROGRESS: &'static str = "UpdateInProgress";
pub const ERROR_CODE_BAD_UPDATE_GENERATION: &'static str =
"BadUpdateGeneration";
pub const ERROR_CODE_UPDATE_DEFINES_SOA_RECORD: &'static str =
"UpdateDefinesSoaRecord";

/// Returns whether an error from this client should be retried
pub fn is_retryable(error: &DnsError) -> bool {
Expand Down
4 changes: 4 additions & 0 deletions common/src/api/external/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -748,6 +748,10 @@ impl Generation {
);
Generation(next_gen)
}

pub const fn as_u64(self) -> u64 {
self.0
}
}

impl<'de> Deserialize<'de> for Generation {
Expand Down
9 changes: 8 additions & 1 deletion dev-tools/omdb/src/bin/omdb/db.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6629,7 +6629,10 @@ fn print_name(
if records.len() == 1 {
match &records[0] {
DnsRecord::Srv(_) => (),
DnsRecord::Aaaa(_) | DnsRecord::A(_) => {
DnsRecord::Aaaa(_)
| DnsRecord::A(_)
| DnsRecord::Ns(_)
| DnsRecord::Soa(_) => {
println!(
"{} {:50} {}",
prefix,
Expand All @@ -6654,6 +6657,10 @@ fn format_record(record: &DnsRecord) -> impl Display {
DnsRecord::Srv(Srv { port, target, .. }) => {
format!("SRV port {:5} {}", port, target)
}
DnsRecord::Ns(ns) => format!("NS {}", ns),
DnsRecord::Soa(soa) => {
format!("SOA {}, serial {}", soa.mname, soa.serial)
}
}
}

Expand Down
6 changes: 5 additions & 1 deletion dev-tools/omdb/tests/successes.out
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,10 @@ DNS zone: oxide-dev.test (External)
requested version: 2 (created at <REDACTED_TIMESTAMP>)
version created by Nexus: ..........<REDACTED_UUID>...........
version created because: create silo: "test-suite-silo"
changes: names added: 1, names removed: 0
changes: names added: 3, names removed: 0

+ @ NS ns1.oxide-dev.test
+ ns1 AAAA ::1
+ test-suite-silo.sys A 127.0.0.1
---------------------------------------------
stderr:
Expand All @@ -42,6 +44,8 @@ termination: Exited(0)
stdout:
External zone: oxide-dev.test
NAME RECORDS
@ NS ns1.oxide-dev.test
ns1 AAAA ::1
test-suite-silo.sys A 127.0.0.1
---------------------------------------------
stderr:
Expand Down
60 changes: 60 additions & 0 deletions dev-tools/reconfigurator-cli/tests/output/cmd-set-mgs-updates-stdout
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -665,10 +665,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down Expand Up @@ -965,10 +975,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down Expand Up @@ -1457,10 +1477,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down Expand Up @@ -1758,10 +1788,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down Expand Up @@ -2253,10 +2293,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down Expand Up @@ -2742,10 +2792,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.2
A 192.0.2.3
A 192.0.2.4
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.2
name: ns3 (records: 1)
A 198.51.100.3



Expand Down
20 changes: 20 additions & 0 deletions dev-tools/reconfigurator-cli/tests/output/cmd-set-zone-images-stdout
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -379,10 +379,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.4
A 192.0.2.2
A 192.0.2.3
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.3
name: ns3 (records: 1)
A 198.51.100.2



Expand Down Expand Up @@ -662,10 +672,20 @@ internal DNS:

external DNS:
DNS zone: "oxide.example" (unchanged)
name: @ (records: 3)
NS ns1.oxide.example
NS ns2.oxide.example
NS ns3.oxide.example
name: example-silo.sys (records: 3)
A 192.0.2.4
A 192.0.2.2
A 192.0.2.3
name: ns1 (records: 1)
A 198.51.100.1
name: ns2 (records: 1)
A 198.51.100.3
name: ns3 (records: 1)
A 198.51.100.2



Expand Down
45 changes: 40 additions & 5 deletions dns-server-api/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,6 @@
//! we'll need to stop queueing them. So why bother at all?
use dropshot::{HttpError, HttpResponseOk, RequestContext};
use internal_dns_types::config::{DnsConfig, DnsConfigParams};
use openapi_manager_types::{
SupportedVersion, SupportedVersions, api_versions,
};
Expand All @@ -107,6 +106,7 @@ api_versions!([
// | example for the next person.
// v
// (next_int, IDENT),
(2, SOA_AND_NS),
(1, INITIAL),
]);

Expand All @@ -129,17 +129,52 @@ pub trait DnsServerApi {
#[endpoint(
method = GET,
path = "/config",
operation_id = "dns_config_get",
versions = "1.0.0".."2.0.0"
)]
async fn dns_config_get(
async fn dns_config_get_v1(
rqctx: RequestContext<Self::Context>,
) -> Result<HttpResponseOk<DnsConfig>, HttpError>;
) -> Result<
HttpResponseOk<internal_dns_types::v1::config::DnsConfig>,
HttpError,
>;

#[endpoint(
method = GET,
path = "/config",
operation_id = "dns_config_get",
versions = "2.0.0"..
)]
async fn dns_config_get_v2(
rqctx: RequestContext<Self::Context>,
) -> Result<
HttpResponseOk<internal_dns_types::v2::config::DnsConfig>,
HttpError,
>;

#[endpoint(
method = PUT,
path = "/config",
operation_id = "dns_config_put",
versions = "1.0.0".."2.0.0",
)]
async fn dns_config_put_v1(
rqctx: RequestContext<Self::Context>,
rq: dropshot::TypedBody<
internal_dns_types::v1::config::DnsConfigParams,
>,
) -> Result<dropshot::HttpResponseUpdatedNoContent, dropshot::HttpError>;

#[endpoint(
method = PUT,
path = "/config",
operation_id = "dns_config_put",
versions = "2.0.0"..
)]
async fn dns_config_put(
async fn dns_config_put_v2(
rqctx: RequestContext<Self::Context>,
rq: dropshot::TypedBody<DnsConfigParams>,
rq: dropshot::TypedBody<
internal_dns_types::v2::config::DnsConfigParams,
>,
) -> Result<dropshot::HttpResponseUpdatedNoContent, dropshot::HttpError>;
}
3 changes: 3 additions & 0 deletions dns-server/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ internal-dns-types.workspace = true
omicron-common.workspace = true
pretty-hex.workspace = true
schemars.workspace = true
semver.workspace = true
serde.workspace = true
serde_json.workspace = true
sled.workspace = true
Expand All @@ -44,5 +45,7 @@ expectorate.workspace = true
omicron-test-utils.workspace = true
openapiv3.workspace = true
openapi-lint.workspace = true
progenitor.workspace = true
reqwest.workspace = true
serde_json.workspace = true
subprocess.workspace = true
34 changes: 34 additions & 0 deletions dns-server/src/bin/dnsadm.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,40 @@ async fn main() -> Result<()> {
srv.weight
);
}
DnsRecord::Ns(name) => {
println!(" NS: {:?}", name);
}
DnsRecord::Soa(soa) => {
println!(" SOA");
println!(
" mname {}",
soa.mname
);
println!(
" rname {}",
soa.rname
);
println!(
" serial {}",
soa.serial
);
println!(
" refresh {}",
soa.refresh
);
println!(
" retry {}",
soa.retry
);
println!(
" expire {}",
soa.expire
);
println!(
" minimum {}",
soa.minimum
);
}
}
}
}
Expand Down
Loading