[Swan-dev] testing and unstable dns
Antony Antony
antony at phenome.org
Sat Apr 17 19:17:08 UTC 2021
On Sat, Apr 17, 2021 at 11:03:15AM -0400, Andrew Cagney wrote:
> Problem is still there :-( Anyone had some inspiration? For instance with
> nsd-4.3.2-1.fc32.x86_64
> https://testing.libreswan.org/v4.3-474-g9267a3fd5d-main/ikev2-55-ipseckey-06/
> OUTPUT/nic.console.diff
>
> On Mon, 29 Mar 2021 at 10:09, Andrew Cagney <andrew.cagney at gmail.com> wrote:
>
> Picking up an IRC discussion, I'm wondering if anyone has ideas on why DNS
> isn't robust within the KVM test environment.
I just pushed a minor fix. Let me see how ikev2-55-ipseckey-06 runs on
testing.
my last attempt to fix to dnssec tests:
https://lists.libreswan.org/pipermail/swan-dev/2020-February/003660.html
then I fixed only ikev2-55-ipseckey-01 and added namespace support.
A quick look on testing shows ikev2-55-ipseckey-01 nic is not the issue
anymore.
ls -lt v4.3*/ikev2-55-ipseckey-01/OUTPUT/nic.console.diff
all diff files are 0 bytes. which suggest my fix should work.
next dnssec issue is dns key sort order.
https://testing.libreswan.org/v4.3-474-g9267a3fd5d-main/ikev2-55-ipseckey-01/OUTPUT/east.console.diff
DNS tests should work in namespace too, atleast the NIC part.
pubkey sorting order is a different problem.
since afce9e92f nsd and unbound start is handled in swan-prep. It knows how
to handle namespace vs systemctl.
I recollect thinking, that we should add 10 sec while loop on nic like we do
for strongswan.
BTW:
6e9893ef090 comment and ./testing/guestbin/start-dns.sh are in the wrong
direction, however, lets see if ikev2-55-ipseckey-06 nic is stable after my
fix.
More information about the Swan-dev
mailing list