sts-sponsors team mailing list archive

Thread
Date

[Merge] ~cgrabowski/maas:backport_ensure_reverse_dns_updates_are_always_included into maas:3.3

To: mp+436479@xxxxxxxxxxxxxxxxxx
From: Christian Grabowski <mp+436479@xxxxxxxxxxxxxxxxxx>
Date: Fri, 27 Jan 2023 23:39:23 -0000
In-reply-to: <167486272954.40053.14346363520866750148.codereview@daniels.canonical.com>
Reply-to: mp+436479@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Christian Grabowski has proposed merging ~cgrabowski/maas:backport_ensure_reverse_dns_updates_are_always_included into maas:3.3.

Commit message:
better handle modified subnet values in update ownership comparison
(cherry picked from commit 89184561b25cb6c05e5d466691a67e23ad3b6265)



Requested reviews:
  Christian Grabowski (cgrabowski)

For more details, see:
https://code.launchpad.net/~cgrabowski/maas/+git/maas/+merge/436479
-- 
Your team MAAS Committers is subscribed to branch maas:3.3.

diff --git a/src/maasserver/dns/zonegenerator.py b/src/maasserver/dns/zonegenerator.py
index 3088ac9..d6630ce 100644
--- a/src/maasserver/dns/zonegenerator.py
+++ b/src/maasserver/dns/zonegenerator.py
@@ -465,7 +465,7 @@ class ZoneGenerator:
                 default_ttl=default_ttl,
                 ns_host_name=ns_host_name,
                 mapping=mapping,
-                network=IPNetwork(subnet.cidr),
+                network=network,
                 dynamic_ranges=dynamic_ranges,
                 rfc2317_ranges=glue,
                 exclude={
diff --git a/src/provisioningserver/dns/tests/test_zoneconfig.py b/src/provisioningserver/dns/tests/test_zoneconfig.py
index 5e17b38..e9f6dc1 100644
--- a/src/provisioningserver/dns/tests/test_zoneconfig.py
+++ b/src/provisioningserver/dns/tests/test_zoneconfig.py
@@ -1136,6 +1136,63 @@ class TestDNSReverseZoneConfig(MAASTestCase):
             ],
         )
 
+    def test_dynamic_updates_included_when_large_cidr_has_been_split(self):
+        patch_zone_file_config_path(self)
+        domain = factory.make_string()
+        network = IPNetwork("10.0.0.0/21")
+        ip1 = factory.pick_ip_in_network(network)
+        ip2 = factory.pick_ip_in_network(network)
+        hostname1 = f"{factory.make_string()}.{domain}"
+        hostname2 = f"{factory.make_string()}.{domain}"
+        fwd_updates = [
+            DynamicDNSUpdate(
+                operation="INSERT",
+                zone=domain,
+                name=hostname1,
+                rectype="A",
+                answer=ip1,
+            ),
+            DynamicDNSUpdate(
+                operation="INSERT",
+                zone=domain,
+                name=hostname2,
+                rectype="A",
+                answer=ip2,
+            ),
+        ]
+        rev_updates = [
+            DynamicDNSUpdate.as_reverse_record_update(update, network)
+            for update in fwd_updates
+        ]
+        # gets changed to a /24 and any other space in the original
+        # subnet is split into a separate zone for a given /24
+        zone = DNSReverseZoneConfig(
+            domain,
+            serial=random.randint(1, 100),
+            network=IPNetwork("10.0.0.0/24"),
+            dynamic_updates=rev_updates,
+        )
+        run_command = self.patch(actions, "run_command")
+        zone.write_config()
+        zone.write_config()
+        expected_stdin = "\n".join(
+            [
+                "server localhost",
+                "zone 0.0.10.in-addr.arpa",
+                f"update add {IPAddress(ip1).reverse_dns} {zone.default_ttl} PTR {hostname1}",
+                f"update add {IPAddress(ip2).reverse_dns} {zone.default_ttl} PTR {hostname2}",
+                f"update add 0.0.10.in-addr.arpa {zone.default_ttl} SOA 0.0.10.in-addr.arpa. nobody.example.com. {zone.serial} 600 1800 604800 {zone.default_ttl}",
+                "send\n",
+            ]
+        )
+        run_command.assert_called_once_with(
+            "nsupdate",
+            "-k",
+            get_nsupdate_key_path(),
+            "-v",
+            stdin=expected_stdin.encode("ascii"),
+        )
+
 
 class TestDNSReverseZoneConfig_GetGenerateDirectives(MAASTestCase):
     """Tests for `DNSReverseZoneConfig.get_GENERATE_directives()`."""
diff --git a/src/provisioningserver/dns/zoneconfig.py b/src/provisioningserver/dns/zoneconfig.py
index 93f2504..9bb6f11 100644
--- a/src/provisioningserver/dns/zoneconfig.py
+++ b/src/provisioningserver/dns/zoneconfig.py
@@ -105,6 +105,10 @@ def get_details_for_ip_range(ip_range):
     return intersecting_subnets, prefix, rdns_suffix
 
 
+def networks_overlap(net1, net2):
+    return net1 in net2 or net2 in net1
+
+
 class DomainInfo:
     """Information about a DNS zone"""
 
@@ -171,14 +175,20 @@ class DomainConfigBase:
         else:
             return True
 
-    def dynamic_update(self, zone_info):
+    def dynamic_update(self, zone_info, network=None):
         nsupdate = NSUpdateCommand(
             zone_info.zone_name,
             [
                 update
                 for update in self._dynamic_updates
                 if update.zone == zone_info.zone_name
-                or IPNetwork(update.subnet) == zone_info.subnetwork
+                or (
+                    networks_overlap(IPNetwork(update.subnet), network)
+                    if network
+                    else networks_overlap(
+                        IPNetwork(update.subnet), zone_info.subnetwork
+                    )
+                )
             ],
             serial=self.serial,
             ttl=self.default_ttl,
@@ -621,7 +631,7 @@ class DNSReverseZoneConfig(DomainConfigBase):
                 )
             )
             if not self.force_config_write and self.zone_file_exists(zi):
-                self.dynamic_update(zi)
+                self.dynamic_update(zi, network=self._network)
             else:
                 Path(f"{zi.target_path}.jnl").unlink(missing_ok=True)
                 self.requires_reload = True

References

Re: [Merge] ~cgrabowski/maas:backport_ensure_reverse_dns_updates_are_always_included into maas:3.3
From: Christian Grabowski, 2023-01-27