Bugzilla – Bug 1447
ldns-verify-zone does not give constant answers between runs of the software
Last modified: 2017-10-20 13:47:14 CEST
When running several times to check a zone file, the answer would be once that the zone contains errors, or that it's all fine.
Most times, the first run gets an error. If I run the exact same test on the same zonefile 5 seconds later, the zone is validated.
This bug happens when running as casual user or root.
What failure is reported.
Could you run ldns-verify-zone with the -V 5 option to increase verbosity.
Have you tried ldns-verify-zone from version 1.7.0?
Could I perhaps try myself with your zone?
Created attachment 455 [details]
test that validate my zone
Created attachment 456 [details]
test that fail on my zone
Created attachment 457 [details]
zonefile (all created using ldns commands)
I can test only 1.6.7 on my OpenBSD server (stable). I have ran the test on my desktop (Chakra-Linux) and it bugs as well (yet the version is still 1.6.7, my distro seems to be a bit lagging).
I joined two tests on the bug and one of zonefile.
I moved my server to OpenBSD 6.2 and ldns to 1.7. I still get this error.
I suspect it is the chasing part that plays you parts here.
It is annoying that issues with that are not so clearly communicated.
I can work on this, but only after next week.
I'll keep you informed.
In the mean time, you might check with the DS records from 22decembre.eu to the issues with chasing?
$ cat 22decembre.ds.key
22decembre.eu. 85113 IN DS 49366 10 2 71A8033B1BB30E52C55A1B831F502606F0ADA53965C9B4A7D7C6A203 40A0C336
22decembre.eu. 85113 IN DS 55059 10 2 42883405DDDCFA5E7D473F07E75E17911B16518EB902851C918974C9 9B8ABD34
$ ldns-verify-zone -k 22decembre.ds.key 22decembre.eu -t 20170925000000
Zone is verified and complete