Commit 01d8d0f1 authored by Ocean Wang's avatar Ocean Wang
Browse files

Merge branch 'master' into trac1130

parents 7fe505d1 9a866733
bind10-devel-20110819 released on August 19, 2011
281. [func] jelte
Added a new type for configuration data: "named set". This allows for
similar configuration as the current "list" type, but with strings
instead of indices as identifiers. The intended use is for instance
/foo/zones/example.org/bar instead of /foo/zones[2]/bar. Currently
this new type is not in use yet.
(Trac #926, git 06aeefc4787c82db7f5443651f099c5af47bd4d6)
280. [func] jerry
libdns++: Implement the MINFO rrtype according to RFC1035.
(Trac #1113, git 7a9a19d6431df02d48a7bc9de44f08d9450d3a37)
279. [func] jerry
libdns++: Implement the AFSDB rrtype according to RFC1183.
(Trac #1114, git ce052cd92cd128ea3db5a8f154bd151956c2920c)
......@@ -33,7 +47,7 @@
returns is str or byte.
(Trac #1021, git 486bf91e0ecc5fbecfe637e1e75ebe373d42509b)
273. [func] vorner
273. [func] vorner
It is possible to specify ACL for the xfrout module. It is in the ACL
configuration key and has the usual ACL syntax. It currently supports
only the source address. Default ACL accepts everything.
......
This diff is collapsed.
......@@ -1370,7 +1370,7 @@ what is XfroutClient xfr_client??
<para>
The main <command>bind10</command> process can be configured
to select to run either the authoritative or resolver.
to select to run either the authoritative or resolver or both.
By default, it starts the authoritative service.
<!-- TODO: later both -->
......@@ -1390,22 +1390,28 @@ what is XfroutClient xfr_client??
</para>
<para>
The resolver also needs to be configured to listen on an address
and port:
By default, the resolver listens on port 53 for 127.0.0.1 and ::1.
The following example shows how it can be configured to
listen on an additional address (and port):
<screen>
&gt; <userinput>config set Resolver/listen_on [{ "address": "127.0.0.1", "port": 53 }]</userinput>
&gt; <userinput>config add Resolver/listen_on</userinput>
&gt; <userinput>config set Resolver/listen_on[<replaceable>2</replaceable>]/address "192.168.1.1"</userinput>
&gt; <userinput>config set Resolver/listen_on[<replaceable>2</replaceable>]/port 53</userinput>
&gt; <userinput>config commit</userinput>
</screen>
</para>
<!-- TODO: later the above will have some defaults -->
<simpara>(Replace the <quote><replaceable>2</replaceable></quote>
as needed; run <quote><userinput>config show
Resolver/listen_on</userinput></quote> if needed.)</simpara>
<!-- TODO: this example should not include the port, ticket #1185 -->
<section>
<title>Access Control</title>
<para>
The <command>b10-resolver</command> daemon only accepts
By default, the <command>b10-resolver</command> daemon only accepts
DNS queries from the localhost (127.0.0.1 and ::1).
The <option>Resolver/query_acl</option> configuration may
be used to reject, drop, or allow specific IPs or networks.
......@@ -1437,6 +1443,8 @@ url="bind10-messages.html#RESOLVER_QUERY_DROPPED">RESOLVER_QUERY_DROPPED</ulink>
<!-- TODO:
/0 is for any address in that address family
does that need any address too?
TODO: tsig
-->
<para>
......
This diff is collapsed.
This diff is collapsed.
......@@ -2,12 +2,12 @@
.\" Title: bind10
.\" Author: [see the "AUTHORS" section]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\" Date: March 31, 2011
.\" Date: August 11, 2011
.\" Manual: BIND10
.\" Source: BIND10
.\" Language: English
.\"
.TH "BIND10" "8" "March 31, 2011" "BIND10" "BIND10"
.TH "BIND10" "8" "August 11, 2011" "BIND10" "BIND10"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
......@@ -107,6 +107,18 @@ Display more about what is going on for
\fBbind10\fR
and its child processes\&.
.RE
.SH "STATISTICS DATA"
.PP
The statistics data collected by the
\fBb10\-stats\fR
daemon include:
.PP
bind10\&.boot_time
.RS 4
The date and time that the
\fBbind10\fR
process started\&. This is represented in ISO 8601 format\&.
.RE
.SH "SEE ALSO"
.PP
......
......@@ -2,12 +2,12 @@
.\" Title: b10-resolver
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\" Date: February 17, 2011
.\" Date: August 17, 2011
.\" Manual: BIND10
.\" Source: BIND10
.\" Language: English
.\"
.TH "B10\-RESOLVER" "8" "February 17, 2011" "BIND10" "BIND10"
.TH "B10\-RESOLVER" "8" "August 17, 2011" "BIND10" "BIND10"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
......@@ -54,7 +54,7 @@ must be either a valid numeric user ID or a valid user name\&. By default the da
.PP
\fB\-v\fR
.RS 4
Enabled verbose mode\&. This enables diagnostic messages to STDERR\&.
Enable verbose mode\&. This sets logging to the maximum debugging level\&.
.RE
.SH "CONFIGURATION AND COMMANDS"
.PP
......@@ -77,6 +77,25 @@ string and
number\&. The defaults are address ::1 port 53 and address 127\&.0\&.0\&.1 port 53\&.
.PP
\fIquery_acl\fR
is a list of query access control rules\&. The list items are the
\fIaction\fR
string and the
\fIfrom\fR
or
\fIkey\fR
strings\&. The possible actions are ACCEPT, REJECT and DROP\&. The
\fIfrom\fR
is a remote (source) IPv4 or IPv6 address or special keyword\&. The
\fIkey\fR
is a TSIG key name\&. The default configuration accepts queries from 127\&.0\&.0\&.1 and ::1\&.
.PP
\fIretries\fR
is the number of times to retry (resend query) after a query timeout (\fItimeout_query\fR)\&. The default is 3\&.
.PP
......@@ -88,7 +107,7 @@ to use directly as root servers to start resolving\&. The list items are the
\fIaddress\fR
string and
\fIport\fR
number\&. If empty, a hardcoded address for F\-root (192\&.5\&.5\&.241) is used\&.
number\&. By default, a hardcoded address for l\&.root\-servers\&.net (199\&.7\&.83\&.42 or 2001:500:3::42) is used\&.
.PP
\fItimeout_client\fR
......@@ -121,8 +140,7 @@ BIND 10 Guide\&.
.PP
The
\fBb10\-resolver\fR
daemon was first coded in September 2010\&. The initial implementation only provided forwarding\&. Iteration was introduced in January 2011\&.
daemon was first coded in September 2010\&. The initial implementation only provided forwarding\&. Iteration was introduced in January 2011\&. Caching was implemented in February 2011\&. Access control was introduced in June 2011\&.
.SH "COPYRIGHT"
.br
Copyright \(co 2010 Internet Systems Consortium, Inc. ("ISC")
......
......@@ -20,7 +20,7 @@
<refentry>
<refentryinfo>
<date>August 16, 2011</date>
<date>August 17, 2011</date>
</refentryinfo>
<refmeta>
......@@ -178,8 +178,10 @@ once that is merged you can for instance do 'config add Resolver/forward_address
root servers to start resolving.
The list items are the <varname>address</varname> string
and <varname>port</varname> number.
If empty, a hardcoded address for F-root (192.5.5.241) is used.
By default, a hardcoded address for l.root-servers.net
(199.7.83.42 or 2001:500:3::42) is used.
</para>
<!-- TODO: this is broken, see ticket #1184 -->
<para>
<varname>timeout_client</varname> is the number of milliseconds
......
'\" t
.\" Title: b10-stats
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
.\" Date: Oct 15, 2010
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\" Date: August 11, 2011
.\" Manual: BIND10
.\" Source: BIND10
.\" Language: English
.\"
.TH "B10\-STATS" "8" "Oct 15, 2010" "BIND10" "BIND10"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.TH "B10\-STATS" "8" "August 11, 2011" "BIND10" "BIND10"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
......@@ -47,7 +38,7 @@ and so on\&. It waits for coming data from other modules, then other modules sen
\fBb10\-stats\fR
invokes "sendstats" command for
\fBbind10\fR
after its initial starting because it\*(Aqs sure to collect statistics data from
after its initial starting because it\'s sure to collect statistics data from
\fBbind10\fR\&.
.SH "OPTIONS"
.PP
......@@ -59,6 +50,84 @@ This
\fBb10\-stats\fR
switches to verbose mode\&. It sends verbose messages to STDOUT\&.
.RE
.SH "CONFIGURATION AND COMMANDS"
.PP
The
\fBb10\-stats\fR
command does not have any configurable settings\&.
.PP
The configuration commands are:
.PP
\fBremove\fR
removes the named statistics name and data\&.
.PP
\fBreset\fR
will reset all statistics data to default values except for constant names\&. This may re\-add previously removed statistics names\&.
.PP
\fBset\fR
.PP
\fBshow\fR
will send the statistics data in JSON format\&. By default, it outputs all the statistics data it has collected\&. An optional item name may be specified to receive individual output\&.
.PP
\fBshutdown\fR
will shutdown the
\fBb10\-stats\fR
process\&. (Note that the
\fBbind10\fR
parent may restart it\&.)
.PP
\fBstatus\fR
simply indicates that the daemon is running\&.
.SH "STATISTICS DATA"
.PP
The
\fBb10\-stats\fR
daemon contains these statistics:
.PP
report_time
.RS 4
The latest report date and time in ISO 8601 format\&.
.RE
.PP
stats\&.boot_time
.RS 4
The date and time when this daemon was started in ISO 8601 format\&. This is a constant which can\'t be reset except by restarting
\fBb10\-stats\fR\&.
.RE
.PP
stats\&.last_update_time
.RS 4
The date and time (in ISO 8601 format) when this daemon last received data from another component\&.
.RE
.PP
stats\&.lname
.RS 4
This is the name used for the
\fBb10\-msgq\fR
command\-control channel\&. (This is a constant which can\'t be reset except by restarting
\fBb10\-stats\fR\&.)
.RE
.PP
stats\&.start_time
.RS 4
This is the date and time (in ISO 8601 format) when this daemon started collecting data\&.
.RE
.PP
stats\&.timestamp
.RS 4
The current date and time represented in seconds since UNIX epoch (1970\-01\-01T0 0:00:00Z) with precision (delimited with a period) up to one hundred thousandth of second\&.
.RE
.PP
See other manual pages for explanations for their statistics that are kept track by
\fBb10\-stats\fR\&.
.SH "FILES"
.PP
/usr/local/share/bind10\-devel/stats\&.spec
......@@ -82,7 +151,7 @@ BIND 10 Guide\&.
.PP
The
\fBb10\-stats\fR
daemon was initially designed and implemented by Naoki Kambe of JPRS in Oct 2010\&.
daemon was initially designed and implemented by Naoki Kambe of JPRS in October 2010\&.
.SH "COPYRIGHT"
.br
Copyright \(co 2010 Internet Systems Consortium, Inc. ("ISC")
......
......@@ -71,6 +71,9 @@ is a list of zones known to the
daemon\&. The list items are:
\fIname\fR
(the zone name),
\fIclass\fR
(defaults to
\(lqIN\(rq),
\fImaster_addr\fR
(the zone master to transfer from),
\fImaster_port\fR
......@@ -125,7 +128,7 @@ to define the class (defaults to
\fImaster\fR
to define the IP address of the authoritative server to transfer from, and
\fIport\fR
to define the port number on the authoritative server (defaults to 53)\&. If the address or port is not specified, it will use the values previously defined in the
to define the port number on the authoritative server (defaults to 53)\&. If the address or port is not specified, it will use the value previously defined in the
\fIzones\fR
configuration\&.
.PP
......
......@@ -169,7 +169,7 @@ in separate zonemgr process.
and <varname>port</varname> to define the port number on the
authoritative server (defaults to 53).
If the address or port is not specified, it will use the
values previously defined in the <varname>zones</varname>
value previously defined in the <varname>zones</varname>
configuration.
</para>
<!-- TODO: later hostname for master? -->
......
......@@ -21,7 +21,7 @@ libdatasrc_la_SOURCES += memory_datasrc.h memory_datasrc.cc
libdatasrc_la_SOURCES += zone.h
libdatasrc_la_SOURCES += result.h
libdatasrc_la_SOURCES += logger.h logger.cc
libdatasrc_la_SOURCES += client.h
libdatasrc_la_SOURCES += client.h iterator.h
libdatasrc_la_SOURCES += database.h database.cc
libdatasrc_la_SOURCES += sqlite3_accessor.h sqlite3_accessor.cc
nodist_libdatasrc_la_SOURCES = datasrc_messages.h datasrc_messages.cc
......
......@@ -16,12 +16,19 @@
#define __DATA_SOURCE_CLIENT_H 1
#include <boost/noncopyable.hpp>
#include <boost/shared_ptr.hpp>
#include <exceptions/exceptions.h>
#include <datasrc/zone.h>
namespace isc {
namespace datasrc {
// The iterator.h is not included on purpose, most application won't need it
class ZoneIterator;
typedef boost::shared_ptr<ZoneIterator> ZoneIteratorPtr;
/// \brief The base class of data source clients.
///
/// This is an abstract base class that defines the common interface for
......@@ -143,6 +150,36 @@ public:
/// \param name A domain name for which the search is performed.
/// \return A \c FindResult object enclosing the search result (see above).
virtual FindResult findZone(const isc::dns::Name& name) const = 0;
/// \brief Returns an iterator to the given zone
///
/// This allows for traversing the whole zone. The returned object can
/// provide the RRsets one by one.
///
/// This throws DataSourceError when the zone does not exist in the
/// datasource.
///
/// The default implementation throws isc::NotImplemented. This allows
/// for easy and fast deployment of minimal custom data sources, where
/// the user/implementator doesn't have to care about anything else but
/// the actual queries. Also, in some cases, it isn't possible to traverse
/// the zone from logic point of view (eg. dynamically generated zone
/// data).
///
/// It is not fixed if a concrete implementation of this method can throw
/// anything else.
///
/// \param name The name of zone apex to be traversed. It doesn't do
/// nearest match as findZone.
/// \return Pointer to the iterator.
virtual ZoneIteratorPtr getIterator(const isc::dns::Name& name) const {
// This is here to both document the parameter in doxygen (therefore it
// needs a name) and avoid unused parameter warning.
static_cast<void>(name);
isc_throw(isc::NotImplemented,
"Data source doesn't support iteration");
}
};
}
}
......
......@@ -15,10 +15,12 @@
#include <vector>
#include <datasrc/database.h>
#include <datasrc/data_source.h>
#include <datasrc/iterator.h>
#include <exceptions/exceptions.h>
#include <dns/name.h>
#include <dns/rrttl.h>
#include <dns/rrclass.h>
#include <dns/rdata.h>
#include <dns/rdataclass.h>
......@@ -27,7 +29,10 @@
#include <boost/foreach.hpp>
using isc::dns::Name;
#include <string>
using namespace isc::dns;
using std::string;
namespace isc {
namespace datasrc {
......@@ -109,7 +114,7 @@ void addOrCreate(isc::dns::RRsetPtr& rrset,
if (ttl < rrset->getTTL()) {
rrset->setTTL(ttl);
}
logger.info(DATASRC_DATABASE_FIND_TTL_MISMATCH)
logger.warn(DATASRC_DATABASE_FIND_TTL_MISMATCH)
.arg(db.getDBName()).arg(name).arg(cls)
.arg(type).arg(rrset->getTTL());
}
......@@ -401,5 +406,109 @@ DatabaseClient::Finder::getClass() const {
return isc::dns::RRClass::IN();
}
namespace {
/*
* This needs, beside of converting all data from textual representation, group
* together rdata of the same RRsets. To do this, we hold one row of data ahead
* of iteration. When we get a request to provide data, we create it from this
* data and load a new one. If it is to be put to the same rrset, we add it.
* Otherwise we just return what we have and keep the row as the one ahead
* for next time.
*/
class DatabaseIterator : public ZoneIterator {
public:
DatabaseIterator(const DatabaseAccessor::IteratorContextPtr& context,
const RRClass& rrclass) :
context_(context),
class_(rrclass),
ready_(true)
{
// Prepare data for the next time
getData();
}
virtual isc::dns::ConstRRsetPtr getNextRRset() {
if (!ready_) {
isc_throw(isc::Unexpected, "Iterating past the zone end");
}
if (!data_ready_) {
// At the end of zone
ready_ = false;
LOG_DEBUG(logger, DBG_TRACE_DETAILED,
DATASRC_DATABASE_ITERATE_END);
return (ConstRRsetPtr());
}
string name_str(name_), rtype_str(rtype_), ttl(ttl_);
Name name(name_str);
RRType rtype(rtype_str);
RRsetPtr rrset(new RRset(name, class_, rtype, RRTTL(ttl)));
while (data_ready_ && name_ == name_str && rtype_str == rtype_) {
if (ttl_ != ttl) {
if (ttl < ttl_) {
ttl_ = ttl;
rrset->setTTL(RRTTL(ttl));
}
LOG_WARN(logger, DATASRC_DATABASE_ITERATE_TTL_MISMATCH).
arg(name_).arg(class_).arg(rtype_).arg(rrset->getTTL());
}
rrset->addRdata(rdata::createRdata(rtype, class_, rdata_));
getData();
}
LOG_DEBUG(logger, DBG_TRACE_DETAILED, DATASRC_DATABASE_ITERATE_NEXT).
arg(rrset->getName()).arg(rrset->getType());
return (rrset);
}
private:
// Load next row of data
void getData() {
string data[DatabaseAccessor::COLUMN_COUNT];
data_ready_ = context_->getNext(data, DatabaseAccessor::COLUMN_COUNT);
name_ = data[DatabaseAccessor::NAME_COLUMN];
rtype_ = data[DatabaseAccessor::TYPE_COLUMN];
ttl_ = data[DatabaseAccessor::TTL_COLUMN];
rdata_ = data[DatabaseAccessor::RDATA_COLUMN];
}
// The context
const DatabaseAccessor::IteratorContextPtr context_;
// Class of the zone
RRClass class_;
// Status
bool ready_, data_ready_;
// Data of the next row
string name_, rtype_, rdata_, ttl_;
};
}
ZoneIteratorPtr
DatabaseClient::getIterator(const isc::dns::Name& name) const {
// Get the zone
std::pair<bool, int> zone(database_->getZone(name));
if (!zone.first) {
// No such zone, can't continue
isc_throw(DataSourceError, "Zone " + name.toText() +
" can not be iterated, because it doesn't exist "
"in this data source");
}
// Request the context
DatabaseAccessor::IteratorContextPtr
context(database_->getAllRecords(name, zone.second));
// It must not return NULL, that's a bug of the implementation
if (context == DatabaseAccessor::IteratorContextPtr()) {
isc_throw(isc::Unexpected, "Iterator context null at " +
name.toText());
}
// Create the iterator and return it
// TODO: Once #1062 is merged with this, we need to get the
// actual zone class from the connection, as the DatabaseClient
// doesn't know it and the iterator needs it (so it wouldn't query
// it each time)
LOG_DEBUG(logger, DBG_TRACE_DETAILED, DATASRC_DATABASE_ITERATE).
arg(name);
return (ZoneIteratorPtr(new DatabaseIterator(context, RRClass::IN())));
}
}
}
......@@ -18,6 +18,7 @@
#include <datasrc/client.h>
#include <dns/name.h>
#include <exceptions/exceptions.h>
namespace isc {
namespace datasrc {
......@@ -75,6 +76,86 @@ public:
*/
virtual std::pair<bool, int> getZone(const isc::dns::Name& name) const = 0;
/**
* \brief This holds the internal context of ZoneIterator for databases
*
* While the ZoneIterator implementation from DatabaseClient does all the
* translation from strings to DNS classes and validation, this class
* holds the pointer to where the database is at reading the data.
*
* It can either hold shared pointer to the connection which created it
* and have some kind of statement inside (in case single database
* connection can handle multiple concurrent SQL statements) or it can
* create a new connection (or, if it is more convenient, the connection
* itself can inherit both from DatabaseConnection and IteratorContext
* and just clone itself).
*/
class IteratorContext : public boost::noncopyable {
public:
/**
* \brief Destructor
*
* Virtual destructor, so any descendand class is destroyed correctly.
*/
virtual ~IteratorContext() { }
/**
* \brief Function to provide next resource record
*
* This function should provide data about the next resource record
* from the iterated zone. The data are not converted yet.
*
* \note The order of RRs is not strictly set, but the RRs for single
* RRset must not be interleaved with any other RRs (eg. RRsets must be
* "together").
*
* \param columns The data will be returned through here. The order
* is specified by the RecordColumns enum.
* \param Size of the columns array. Must be equal to COLUMN_COUNT,
* otherwise DataSourceError is thrown.
* \todo Do we consider databases where it is stored in binary blob
* format?
* \throw DataSourceError if there's database-related error. If the
* exception (or any other in case of derived class) is thrown,
* the iterator can't be safely used any more.
*/
virtual bool getNext(std::string columns[], size_t column_data) = 0;
};
typedef boost::shared_ptr<IteratorContext> IteratorContextPtr;
/**
* \brief Creates an iterator context for the whole zone.
*
<