[1213] Changes to get BIND 10 to perform IXFR

At the time of commit, BIND 10 can only do IXFR if requested through
the "Xfrin retransfer" command.  Also, it only does IXFRs over TCP.
It does not do IXFRs over UDP, not can it respond to NOTIFYs or send
an IXFR request when the refresh timer expires.

In these changes:

1) Only test in-2 is finished.  (Even then, not fully: BIND 10 does
not attempt a UDP IXFR before reverting to TCP, it initiates a TCP
session immediately.) The remaining tests test features that have not
been implemented yet.

2) The BIND 10 configuration database is now copied to the nsx2
directories before each test (so there is now only one copy of it).
The zone.sqlite3 database now resides in the "ixfr" test directory.

configure.ac

@@ -971,15 +971,12 @@ AC_OUTPUT([doc/version.ent
            tests/system/ixfr/db.example.n4
            tests/system/ixfr/db.example.n6
            tests/system/ixfr/ixfr_init.sh
+           tests/system/ixfr/b10-config.db
            tests/system/ixfr/common_tests.sh
            tests/system/ixfr/in-1/setup.sh
-           tests/system/ixfr/in-1/nsx2/b10-config.db
            tests/system/ixfr/in-2/setup.sh
-           tests/system/ixfr/in-2/nsx2/b10-config.db
            tests/system/ixfr/in-3/setup.sh
-           tests/system/ixfr/in-3/nsx2/b10-config.db
            tests/system/ixfr/in-4/setup.sh
-           tests/system/ixfr/in-4/nsx2/b10-config.db
           ], [
            chmod +x src/bin/cmdctl/run_b10-cmdctl.sh
            chmod +x src/bin/xfrin/run_b10-xfrin.sh

tests/system/conf.sh.in

@@ -51,10 +51,10 @@ export RNDC=$BIND9_TOP/bin/rndc/rndc
 export TESTSOCK=$BIND9_TOP/bin/tests/system/testsock.pl
 export DIGCOMP=$BIND9_TOP/bin/tests/system/digcomp.pl
 
-export SUBDIRS="bindctl glue"
+export SUBDIRS="bindctl glue ixfr/in-2"
 # Add appropriate subdirectories to the above statement as the tests become
 # available.
-#SUBDIRS="dnssec masterfile ixfr/in-1 ixfr/in-2 ixfr/in-2 ixfr/in-4"
+#SUBDIRS="dnssec masterfile ixfr/in-1 ixfr/in-2 ixfr/in-4"
 
 # PERL will be an empty string if no perl interpreter was found.  A similar
 # comment applies to AWK.

tests/system/ixfr/b10-config.db.in

@@ -0,0 +1,22 @@
+{"version": 2,
+    "Xfrin": {
+        "zones": [{
+            "master_addr": "10.53.0.1",
+            "master_port": 53210,
+            "name": "example."
+        }]
+    },
+    "Auth": {
+        "listen_on": [{
+            "address": "10.53.0.2",
+            "port": 53210
+        }],
+        "database_file": "@abs_builddir@/zone.sqlite3"
+    },
+    "Zonemgr": {
+        "secondary_zones": [{
+            "name": "example.",
+            "class": "IN"
+        }]
+    }
+}

tests/system/ixfr/clean.sh

@@ -22,7 +22,7 @@ rm -f ns1/db.example
 rm -f ns1/named.memstats
 
 rm -f nsx2/bind10.run
-rm -f nsx2/zone.sqlite3
+rm -f ../zone.sqlite3
 
 rm -f client.dig
 rm -f server.dig

tests/system/ixfr/common_tests.sh.in

@@ -51,12 +51,12 @@ set -e
 
 # Store the SOA serial number of the BIND 10 client for later use.
 old_client_serial=`$DIG_SOA @$CLIENT_IP | $AWK '{print $3}'`
-echo "I:SOA serial of IXFR client $CLIENT_NAME is $old_client_serial"
+echo "I:$CLIENT_NAME SOA serial of IXFR client is $old_client_serial"
 
 # Load the BIND 9 system (the IXFR server) with the "n - 2" and "n" version of
 # the zones.  With ixfr-from-differences set to "yes", the nameserver should
 # generate the differences between them.
-echo "I:updating IXFR-server $SERVER_NAME for ixfr-in tests"
+echo "I:$SERVER_NAME updating IXFR-server for ixfr-in tests"
 update_server_zone $SERVER_NAME $SERVER_IP $IXFR_TOP/db.example.n2
 
 # Wait a bit - it seems that if two updates are loaded in quick succession,
@@ -64,16 +64,10 @@ update_server_zone $SERVER_NAME $SERVER_IP $IXFR_TOP/db.example.n2
 sleep 5
 update_server_zone $SERVER_NAME $SERVER_IP $IXFR_TOP/db.example.n0
 
-# TODO: Need to alter configuration of BIND 10 server such that it accepts
-# NOTIFYs from and sends IXFR requests to the BIND 9 master.
-
-# If required, get the IXFR server to notify the slave server of the new zone.
-# Do this by allowing notifies and then triggering a re-notification of the
-# server.
-echo "I:notifying IXFR-client $CLIENT_NAME of presence of new version of zone"
-cp $IXFR_TOP/named_notify.conf ns1/named.conf
-do_rndc $SERVER_NAME $SERVER_IP reconfig
-do_rndc $SERVER_NAME $SERVER_IP notify example
+echo "I:$CLIENT_NAME forcing IXFR client to retrieve new version of the zone"
+$RUN_BINDCTL << .
+Xfrin retransfer zone_name="example"
+.
 
 # Wait for the client to update itself.
 wait_for_update $CLIENT_NAME $CLIENT_IP $old_client_serial
@@ -81,3 +75,5 @@ wait_for_update $CLIENT_NAME $CLIENT_IP $old_client_serial
 # Has updated, compare the client and server's versions of the zone s- they
 # should be the same.
 compare_zones $SERVER_NAME $SERVER_IP $CLIENT_NAME $CLIENT_IP
+
+set +e

tests/system/ixfr/db.example.n4.in

@@ -15,7 +15,7 @@
 $ORIGIN example.
 $TTL 3600
 
-@       IN	SOA	ns1.example. hostmaster.example. 100 3600 900 7200 300
+@       IN	SOA	ns1.example. hostmaster.example. 96 3600 900 7200 300
 
         IN	NS	ns1.example.
         IN	NS	ns2.example.

tests/system/ixfr/db.example.n6.in

@@ -15,7 +15,7 @@
 $ORIGIN example.
 $TTL 3600
 
-@       IN	SOA	ns1.example. hostmaster.example. 100 3600 900 7200 300
+@       IN	SOA	ns1.example. hostmaster.example. 94 3600 900 7200 300
 
         IN	NS	ns1.example.
         IN	NS	ns2.example.

tests/system/ixfr/in-1/nsx2/b10-config.db.in

@@ -1,6 +0,0 @@
-{"version": 2,
- "Auth": {
-   "listen_on": [{"address": "10.53.0.2", "port": 53210}],
-   "database_file": "@abs_builddir@/zone.sqlite3"
- }
-}

tests/system/ixfr/in-1/setup.sh.in

@@ -26,4 +26,5 @@ cp -f $IXFR_TOP/named_nonotify.conf ns1/named.conf
 cp -f $IXFR_TOP/db.example.n4 ns1/db.example
 
 # Set up the IXFR client - load the same version of the zone.
-${B10_LOADZONE} -o . -d @builddir@/nsx2/zone.sqlite3 $IXFR_TOP/db.example.n4
+cp -f $IXFR_TOP/b10-config.db nsx2/b10-config.db
+${B10_LOADZONE} -o . -d $IXFR_TOP/zone.sqlite3 $IXFR_TOP/db.example.n4

tests/system/ixfr/in-2/nsx2/b10-config.db.in

@@ -1,6 +0,0 @@
-{"version": 2,
- "Auth": {
-   "listen_on": [{"address": "10.53.0.2", "port": 53210}],
-   "database_file": "@abs_builddir@/zone.sqlite3"
- }
-}

tests/system/ixfr/in-2/setup.sh.in

@@ -26,4 +26,5 @@ cp -f $IXFR_TOP/named_nonotify.conf ns1/named.conf
 cp -f $IXFR_TOP/db.example.n6 ns1/db.example
 
 # Set up the IXFR client - load an earlier version of the zone
-${B10_LOADZONE} -o . -d @builddir@/nsx2/zone.sqlite3 $IXFR_TOP/db.example.n6
+cp -f $IXFR_TOP/b10-config.db nsx2/b10-config.db
+${B10_LOADZONE} -o . -d $IXFR_TOP/zone.sqlite3 $IXFR_TOP/db.example.n6

tests/system/ixfr/in-2/tests.sh

@@ -1,4 +1,3 @@
-
 #!/bin/sh
 #
 # Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
@@ -28,18 +27,55 @@
 
 # On entry, the IXFR server is at version N-6.  The common tests assume that
 # it is an N-4, so update it.
-echo "I:updating IXFR-server $SERVER_NAME to suitable start version"
+echo "I:$SERVER_NAME updating IXFR-server to suitable start version"
 update_server_zone $SERVER_NAME $SERVER_IP $IXFR_TOP/db.example.n4
-status=$?
+if [ $? -ne 0 ];
+then
+    return $status
+fi
 
 # The pre-requisites for this test are the same as for the common tests, so
 # we can execute that directly.
-
 . ../common_tests.sh
-status=`expr $status + $?`
+if [ $? -ne 0 ];
+then
+    return $status
+fi
+
+# TEMPORARY: at the time of writing (October 2011) BIND 10 does not attempt
+# a UDP transfer first.  Therefore just check for TCP transfer.
+
+# Check that the client initiated and completed an IXFR.  Use a simple grep as
+# the syntax and capabilities of egrep may vary between systems.
+grep XFRIN_XFR_TRANSFER_STARTED nsx2/bind10.run | grep IXFR > /dev/null
+if [ $? -ne 0 ];
+then
+    echo "R:$CLIENT_NAME FAIL no 'IXFR started' message in the BIND 10 log"
+    return 1
+fi
+
+grep XFRIN_XFR_TRANSFER_SUCCESS | grep IXFR > /dev/null
+if [ $? -ne 0 ];
+then
+    echo "R:$CLIENT_NAME FAIL no 'IXFR successful' message in the BIND 10 log"
+    return 1
+fi
+
+# Look in the named log file to see if a TCP IXFR was requested.  Again use a
+# simple grep.
+grep "transfer of" ns1/named.run | grep "sending TCP message" > /dev/null
+if [ $? -ne 0 ];
+then
+    echo "R:$SERVER_NAME FAIL no 'sending TCP' message in the BIND 9 log"
+    return 1
+fi
 
-# TODO: Check the BIND 10 log, looking for the IXFR messages that indicate that
-# it has initiated an IXFR and that it received the update via TCP.
+grep "IXFR ended" ns1/named.run > /dev/null
+if [ $? -ne 0 ];
+then
+    echo "R:$SERVER_NAME FAIL no 'IXFR ended' message in the BIND 9 log"
+    return 1
+fi
 
 echo "I:exit status: $status"
 exit $status

tests/system/ixfr/in-3/nsx2/b10-config.db.in

@@ -1,6 +0,0 @@
-{"version": 2,
- "Auth": {
-   "listen_on": [{"address": "10.53.0.2", "port": 53210}],
-   "database_file": "@abs_builddir@/zone.sqlite3"
- }
-}

tests/system/ixfr/in-3/setup.sh.in

@@ -26,4 +26,5 @@ cp -f $IXFR_TOP/named_noixfr.conf ns1/named.conf
 cp -f $IXFR_TOP/db.example.n0 ns1/db.example
 
 # Set up the IXFR client - load a previous version of the zone.
-${B10_LOADZONE} -o . -d @builddir@/nsx2/zone.sqlite3 $IXFR_TOP/db.example.n2
+cp -f $IXFR_TOP/b10-config.db nsx2/b10-config.db
+${B10_LOADZONE} -o . -d $IXFR_TOP/zone.sqlite3 $IXFR_TOP/db.example.n2

tests/system/ixfr/in-4/nsx2/b10-config.db.in

@@ -1,6 +0,0 @@
-{"version": 2,
- "Auth": {
-   "listen_on": [{"address": "10.53.0.2", "port": 53210}],
-   "database_file": "@abs_builddir@/zone.sqlite3"
- }
-}

tests/system/ixfr/in-4/setup.sh.in

@@ -27,4 +27,5 @@ cp -f $IXFR_TOP/db.example.n2.refresh ns1/db.example
 
 # Set up the IXFR client - load a previous version of the zone with a short
 # refresh time.
-${B10_LOADZONE} -o . -d @builddir@/nsx2/zone.sqlite3 $IXFR_TOP/db.example.n2.refresh
+cp -f $IXFR_TOP/b10-config.db nsx2/b10-config.db
+${B10_LOADZONE} -o . -d $IXFR_TOP/zone.sqlite3 $IXFR_TOP/db.example.n2.refresh

tests/system/ixfr/ixfr_init.sh.in

@@ -136,7 +136,7 @@ wait_for_update() {
 
     # Now poll the server looking for the new serial number
 
-    echo "I:waiting for SOA serial of $name to change from $serial"
+    echo "I:$name waiting for SOA serial to change from $serial"
     for i in `seq 1 12`
     do
         if [ $i -gt 1 ];
@@ -147,6 +147,7 @@ wait_for_update() {
         new_serial=`$DIG_SOA @$ip | $AWK '{print $3}'`
         if [ "$new_serial" != "$serial" ];
         then
+            echo "I:$name SOA serial was at $serial, now at $new_serial"
             return 0
         fi
     done
@@ -215,9 +216,8 @@ update_server_zone() {
         echo "R:$name FAIL IXFR server did not update zone after reload"
         return 1
     fi
-
     new_serial=`$DIG_SOA @$ip | $AWK '{print $3}'`
-    echo "I:$name was at serial $old_serial, now at $new_serial"
+
     return 0
 }
 
@@ -313,13 +313,15 @@ compare_zones() {
     client_ip=$1
     shift
 
-    $DIG @$client_ip example. axfr | grep -v '^;' | grep -v '^$' \
+    $DIG @$client_ip -p $DNS_PORT example. axfr | grep -v '^;' | grep -v '^$' \
          | sed -e 's/ //g' -e 's/\t//g' > client.dig
-    $DIG @$server_ip example. axfr | grep -v '^;' | grep -v '^$' \
+    $DIG @$server_ip -p $DNS_PORT example. axfr | grep -v '^;' | grep -v '^$' \
          | sed -e 's/ //g' -e 's/\t//g' > server.dig
     diff client.dig server.dig
-    if [ $? -ne 0 ];
+    if [ $? -eq 0 ];
     then
+        echo "I: client and server zones identical"
+    else
         echo "R:FAIL client $client_name zone not same as server $server_name zone"
         return 1
     fi