Skip to content

Notify doesn't fail over to next remote if a REFUSED or NOTAUTH error is encountered

Consider the following knot.conf:

remote:
  - id: slave
    address: [ 192.0.2.0, 192.0.2.1, 192.0.2.2 ]
zone:
  - domain: example.com
    notify: slave

In this example scenario, 192.0.2.0 is unreachable, while 192.0.2.1 doesn't accept the notification by answering REFUSED or NOTAUTH. 192.0.2.2 works.

Next, issue knotc zone-notify example.com.

Results:

2019-08-15T07:03:16 info: [example.com.] control, received command 'zone-notify'
warning: [example.com.] notify, outgoing, remote 192.0.2.0@53, failed (connection reset)
2019-08-15T07:03:26 warning: [example.com.] notify, outgoing, remote 192.0.2.0@53, failed (connection reset)
warning: [example.com.] notify, outgoing, remote 192.0.2.1@53, server responded with error 'NOTAUTH'
2019-08-15T07:03:26 warning: [example.com.] notify, outgoing, remote 192.0.2.1@53, server responded with error 'NOTAUTH'

After a ten-second timeout, it proceeds from 192.0.2.0 to 192.0.2.1, as expected.

However, it never proceeds to try 192.0.2.2. This runs counter to the documented behaviour:

The addresses are tried in sequence unless the operation is successful.

I'm using Knot 2.8.3-1~ubuntu18.04.1ppa1.