MethodsV2: add Get-Parent-NS-Names-and-IPs method#1418
Conversation
More than that is needed. Since the names of the parent name servers are included we must have additional scenarios that verifies that it returns the correct names in inconsistent contexts. Also context where the same IP address is used by more than one name. |
0c69ad5 to
1b6e7d8
Compare
|
Okay, so far, I made the following changes:
This spec needs some more work because the edge case where the parent has multiple NS records pointing to the same IP isn’t handled properly. |
|
As for extra test scenarios in MethodsV2, what are we potentially interested in? I’m thinking of:
Is there anything else I might’ve missed? |
Yes.
Yes.
I do not think that is needed. The purpose of the method is to collect as many parent servers as possible to get as many child servers (names and IPs) as possible.
|
| 1. For each IP address add the name server name, IP address and *Zone | ||
| Name* tuple to the *Remaining Servers* set unless the IP address is | ||
| already listed in *Handled Servers* together with *Zone Name*. |
There was a problem hiding this comment.
This will result in additional names for the same IP will get lost, won't it?
There was a problem hiding this comment.
Yes, I saw the same problem as well.
The solution is to always add name, IP and zone name tuples to Remaining Servers without checking Handled Servers. Then, right after taking such a tuple out of the set at the beginning of the loop, check Handled Servers if the IP and zone name was already processed; if so, then if there is already an entry with the same IP in Parent Name Servers, we add it to the Parent Name Servers.
This lets us avoid sending duplicate requests for the same (IP, QNAME) tuple while capturing all the names bound to the IP address.
I’ve just pushed a new version of the spec that does this.
1b6e7d8 to
bcc44eb
Compare
|
We aren’t quite there yet, because I realize there are two problems in my latest work:
|
bcc44eb to
8757726
Compare
Fixed. |
Introduce a new method that obtains the set of name server names and IP
addresses of the parent zone.
Some DNSSEC test cases need to look at information in the parent zone.
There might be problems there, and we need to report the name servers
that the information was obtained from. We’d like to report the name
servers as name server/IP pairs, for example
“ns1.parent.example/198.54.113.1”, like other test cases usually do.
However, it turns out that there is no method that returns the parent’s
name server name/IP pairs. Fortunately, there already exists one that
returns only the IP addresses, named Get-Parent-NS-IP. The outline of
that latter method is reused to define the new method that this commit
introduces, Get-Parent-NS-Names-and-IPs, then Get-Parent-NS-IP is
rewritten in order to take advantage of Get-Parent-NS-Names-and-IPs.
This approach is identical to the way Get-Del-NS-IPs and Get-Zone-NS-IPs
are specified: they use the result of a corresponding
Get-{Del,Zone}-NS-Names-and-IPs method and extract a set of IP addresses
from it.
It does add one more layer of method interdependency, but the extra cost
is negligible: the only penalty is that Get-Parent-NS-IP now iterates
over the result of Get-Parent-NS-Names-and-IPs instead of computing
its result directly.
This test case refers to an algorithm to determine the parent zone. It used to be outlined in the *Get-Parent-NS-IP* method, but a previous commit has moved it to another method, *Get-Parent-NS-Names-and-IPs*. This commit updates the link so that it points to the place where the outline now lives.
Use the plural form, in order to bring the method name in line with all other methods that all follow a Get-…-IPs naming scheme.
After introducing Get-Parent-NS-Names-and-IPs, update the test scenario specification in order to test the method appropriately. Because Get-Parent-NS-IPs is now defined in terms of Get-Parent-NS-Names-and-IPs, only the latter needs to be tested. But the existing scenarios only tested the former. This commit modifies the test zone specification, and updates the expected output for MethodsV2 to list parent NS names and IP addresses instead of only parent NS IP addresses.
There was a little mixup in the section heading levels in the test scenarios: the first scenarios used level 2 heading, then moved on to level 3 headings. This is fixed by using the test scenario specification Address03 as a template and moving all scenarios into level 3 headings. The table of contents at the beginning also needed an update. As a bonus change, clean up whitespace in the .md file, using Emacs’s M-x whitespace-cleanup command.
Fix some minor typos I’ve stumbled upon while proofreading changes in documents I touched in previous commits.
Some steps were incorrectly numbered in the .md files. While likely not to be a problem in practice because of the HTML rendering forcing the correct numbers, Emacs’s M-x markdown-cleanup-list-numbers command cleaned up the list numbering in many more places than I thought.
8757726 to
e3527a3
Compare
tgreenx
left a comment
There was a problem hiding this comment.
LGTM. Small indentation nits
e3527a3 to
54df2f9
Compare
54df2f9 to
86adb23
Compare
|
This has yet to be implemented in Engine. |
Correct. Maybe we were too fast merge. |
No, actually it’s fine. When that specification was stabilized, I went ahead and did the implementation as well in order to save time later. I have just rebased my work, did some finishing touches and created zonemaster/zonemaster-engine#1475. |
Purpose
This PR introduces a new method in MethodsV2, named Get-Parent-NS-Names-and-IPs method, which obtains the set of name server names and IP addresses of a zone’s parent zone.
Some DNSSEC test cases need to look at information in the parent zone. There might be problems there, and we need to report the name servers that the information was obtained from. For good ergonomics, it’d be nice to report the name servers as name server/IP pairs, for example “ns1.parent.example/198.54.113.1”, like we do for name servers that appear in the parent’s delegation or in the zone apex’s NS record set.
However, no such method currently exists. A method called Get-Parent-NS-IP does exist, and I could reuse its outline for the Get-Parent-NS-Names-and-IPs method. Then, Get-Parent-NS-IP can be implemented as a method that uses the result of Get-Parent-NS-Names-and-IPs, exactly like Get-Del-NS-IPs and Get-Zone-NS-IPs.
I also took the opportunity to rename Get-Parent-NS-IP to Get-Parent-NS-IPs (in plural form) in order to make the method’s name consistent with other similarly-named methods in MethodsV2.
Test scenario specifications are also updated to test Get-Parent-NS-Names-and-IPs instead of Get-Parent-NS-IP.
Context
Discussion on pull request #1412.
Changes
How to test this PR
Review. This PR is best reviewed commit by commit.