bloxHub

www.infoblox.com/community
24 posts / 0 new
Log in or register to post comments
topic-opened
Problem configuring DNS Sync Snap-in
#1 Tue, 09/01/2009 - 23:12
Problem configuring DNS Sync Snap-in

I had some issues getting the DNS Sync snap-in installed so I tried again on my lab system.  When I attempt to submit the schedule, I get the following error.

 

invalid crontab format: 5,10,15,20,25,30,35,40,45,50,55 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 * 1,2,3,4,5,6,7,8,9,10,11,12 1,2,3,4,5,6,7 /portal/ds/cgi-bin/ds.pl sync "dns sync" "radius.lab.local" "192.168.1.225" # ds-sync-item

 

I've tried different selections from selecting ALL times, ALL days, ALL months but each time I get the same error.  In this case, the error that popped up doesn't appear to match my last selected criteria.

 

Any suggestions?  It appears this entry may actually be in my crontab because when I refresh, I get the same error popping up.  I'd like to figure out what "acceptable" values are as well as how to get this to work based on that scheduled.

When I tried this yesterday on a different system, I was able to submit the job but I never saw any updates to the data in my Grid nor did I see any updates in the DNS Sync tool showing me it actually tried to sync.  Where do I look for this particular snap-in to see that it's working?  I couldn't find any references in the documentation.

 

+1
0
-1
Tags
Automation Change Manager
Top
Re: Problem configuring DNS Sync Snap-in
Wed, 09/02/2009 - 01:38
Re: Problem configuring DNS Sync Snap-in

Hi Dom

The problem is that your DNS view contains a space and the parser splits the fields on spaces.

This should be handled in a better way, I will fix the bug tomorrow (UK time) and post a new version of the tool.

Steve

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #2) Wed, 09/02/2009 - 04:53
Re: Problem configuring DNS Sync Snap-in

Thanks Steve.  Any recommendations on the best way to handle the polling times?  When I set this up yesterday on the "default" view, I was able to enter the schedule with no errors (like I got this time around) but it didn't appear that polling was kicking off.

Is there a specific way to check to see if polling is being attempted?  Maybe some log file or URL for checking detailed or error status?

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #2) Wed, 09/02/2009 - 07:02
Re: Problem configuring DNS Sync Snap-in

Hey Steve,

I'm experiencing problems as well. Here are my notes I tried to send into the support email listed with the snap-in:

__________________

There are a few SEs here having a challenge getting the snap-in to work. It loads just fine, pulls the View and Zone info from the appliance, and allows a schedule to be set, but it does not seem to ever kick off. I don’t see anything in my Infoblox syslog or my AD Event Viewer log to indicate an attempted transfer of the zone.

The time settings are good, the zone exists on both sides, zone transfers are allowed to any server within the MSFT config. I even tried to use the “Import From” option within the Infoblox Grid Manager GUI and it pulled over the records just fine.

Any other places I should investigate?

I’m currently running NIOS 4.3r5-0-67395.

Any ideas are appreciated.

__________________

Thanks,

 Josh

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #4) Wed, 09/02/2009 - 08:30
Re: Problem configuring DNS Sync Snap-in

I'm another having similar issues to Josh. I installed the snap-in on two different systems with the same result - no execution. The status is "unknown" and the Last Sync is "unknown".

I'm at 4.3r5-1-68755

Kevin

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #5) Wed, 09/02/2009 - 14:42
Re: Problem configuring DNS Sync Snap-in

Hi All

Just done some digging.  The problem is down to a couple of missing directories.

I moved over to a new source control method right before I built the release version.  The new source control system does not maintain empty directories by default.  As I build the release straight from this source control system the directories are not included.

Could someone try to create a "logs" and "locks" directory under the "ds/cgi-bin" directory and post if this helps?

If this is successful I will package up and post a new release immediately.

Steve

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #6) Wed, 09/02/2009 - 14:47
Re: Problem configuring DNS Sync Snap-in

Also forgot to add, if you want to confirm the sync is actually being kicked off, you can look in the system log found under the "log" directory.  You should see entries similar to the following:

 

Sep  3 08:00:02 (none) /usr/sbin/cron[7387]: (nobody) CMD (/portal/ds/cgi-bin/ds.pl sync "dr-test" "foo.com" "192.168.67.11" # ds-sync-item)

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #6) Wed, 09/02/2009 - 20:06
Re: Problem configuring DNS Sync Snap-in

Thanks for the update Steve. I'm out of the office today, but will pull what you need either tonight or tomorrow unless someone else beats me to it.

 

Josh

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #8) Wed, 09/02/2009 - 20:23
Re: Problem configuring DNS Sync Snap-in

Thanks.  I have an updated version ready to post once someone confirms.

It has bug fixes for the two problems mentioned in this post.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #9) Wed, 09/02/2009 - 20:43
Re: Problem configuring DNS Sync Snap-in

Both my setups did not have the logs or locks directory. I created them, but so far, nothing in them (I restarted my bloxtools environment as well). I do see the message in my system log as you described, but no records synch'd.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #10) Wed, 09/02/2009 - 21:22
Re: Problem configuring DNS Sync Snap-in

I created both directories and reconfigured my DNS view to remove the space and then set up the schedule again.  The sync is now operating on schedule.

Now I'm getting the following error.

error 1251979212 get zone radius.lab.local failed: Member value 'dns_sync' for field 'view' did not match any records. at /portal/ds/cgi-bin/DS/DB.pm line 187. (sync took 0s)

My DNS view is "dns_sync".  My zone is "radius.lab.local".  I have the zone configured to use a name server group with my GM as the Grid Primary and there are no secondaries.  I've double checked the AD zone and made sure I zone transfers were enabled (initially they weren't).  I tested a zone transfer from the console of my GM both before and after I edited the AD settings and the GM can do a full zone transfer of the zone.

I can't tell from the error message which "records" do not match.  I've also gone back through the documentation and can't seem to figure out why the sync is failing.

 

My conf file has "admin/infoblox" as the username and password and these are accurate (it's a lab box so no worries there).  I then took a closer look at the code and found that the default password for "admin" in Config.pm is "password".  It seems that whatever process is being used to read the config file is not working.  Perhaps it has something to do with the spaces around "password = infoblox" that is causing a problem.

Anyway, with the modified Config.pm file (I changed the default password to "infoblox"), sync is now working and is happy.

 

 

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #12) Wed, 09/02/2009 - 22:08
Re: Problem configuring DNS Sync Snap-in

The following line of code in DS/Config.pm handles spaces around keys and values in the ds.conf file:

        s/^\s+|\s+$//g for ($k, $v);

I noticed you quoted "password = infoblox", this should actually be "pass = infoblox".  Could you try that and see if it works with the old config file.

In my experience when this password is incorrect I have seen a "user is not authorized..." message.  This is the line in DS/DB.pm which reports the error:

        my ($zone) = $session->get(
            object => "Infoblox::DNS::Zone",
            view => $view,
            name => $name,
        ) or die "get zone $name failed: " . $session->status_detail;

So it's an error from the Infoblox API.  For some reason it didn't like the view that was passed to it.  I have no idea why this would happen :(

Since we already instantiated the Infoblox::Session object here (which I believe checked the username/password), the credentials would have been accepted by then.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #15) Wed, 09/02/2009 - 22:26
Re: Problem configuring DNS Sync Snap-in

[quote user="Stephen Vickers"]I noticed you quoted "password = infoblox", this should actually be "pass = infoblox".  Could you try that and see if it works with the old config file.[/quote]

It's correct in the file...I just typed it wrong when I posted the message.

 

[quote user="Stephen Vickers"]Since we already instantiated the Infoblox::Session object here (which I believe checked the username/password), the credentials would have been accepted by then.[/quote]

Does this part apply to the sync script as well?  My session is initiated just fine...it's the sync script that fails and I am only able to get it to work when the Config.pm file is updated to use the default password of "infoblox".

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #17) Wed, 09/02/2009 - 23:33
Re: Problem configuring DNS Sync Snap-in

I just went back to the original system I set up yesterday.  I added the two directories and changed Config.pm to change the password.  It's working now.  I'm not sure why the password change was required but that's what seems to be getting this to work.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #19) Fri, 09/04/2009 - 00:30
Re: Problem configuring DNS Sync Snap-in

Don, can I just confirm please that you are still having to change the password in the DS/Config.pm file to allow a sync to work?

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #20) Fri, 09/11/2009 - 04:15
Re: Problem configuring DNS Sync Snap-in

[quote user="Stephen Vickers"]Don, can I just confirm please that you are still having to change the password in the DS/Config.pm file to allow a sync to work?[/quote]

It's all working as expected now.

 

On a separate install, I have a zone with over 55,000 records.  I got an error syncing that zone.  The message is:

"save zone failed: 500 SSL read timeout: at /usr/lib/perl5/site_perl/5.8.8/Inofblox/Agent.pm in line 233. (sync took 303s)"

 

Is this an issue because of the zone size or is there something else we can look into?

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #22) Sun, 09/13/2009 - 01:28
Re: Problem configuring DNS Sync Snap-in

Don, I also had the same problem when running some performance tests.

I had a zone containing 100,000 records and the underlying LWP module the Infoblox perl modules use kept timing out.

In the "ds/cgi-bin/ds.conf" file you will find the following option:

#####################################################################
# The number of seconds we use as a timeout in the Infoblox::Session
# object during a synchronisation.  If you see SSL timeout messages
# in a Sync Item history log increase this value.
#
# NOTE: this is only used during synchronisations.
api_timeout = 300

Adjust this and it will be used on the next sync.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #19) Sun, 11/28/2010 - 08:59
Re: Problem configuring DNS Sync Snap-in

I found a small issue with the DNS views in that it doesn't like a DNS view that starts with a capital letter. As soon as I renamed it to be all lower case the sync worked successfully.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #21) Mon, 11/29/2010 - 15:43
Re: Problem configuring DNS Sync Snap-in

Hi Sheillst

Someone already ran into a similar problem.  Version 1.0.8 contains a fix.  You can download it from:

https://www.bloxtools.com/media/p/1394.aspx

Let me know if this fixes the problem for you.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #10) Wed, 09/02/2009 - 22:10
Re: Problem configuring DNS Sync Snap-in

@kpurdy: Can you copy the "ds" directory off the Infoblox appliance, zip up and send addressed to me at "support@tuscanynetworks.com"?

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #9) Thu, 09/03/2009 - 22:19
Re: Problem configuring DNS Sync Snap-in

Adding the two directories fixed my install. 

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #11) Fri, 09/04/2009 - 00:32
Re: Problem configuring DNS Sync Snap-in

[quote user="Andrew Voltmer"]

Adding the two directories fixed my install. 

[/quote]

Thanks for the update Andrew.

 

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #14) Sun, 09/06/2009 - 17:26
Re: Problem configuring DNS Sync Snap-in

Hi All, I will upload a new version of the tool shortly with bug fixes for the two problems in this post.

+1
0
-1
Top
Re: Problem configuring DNS Sync Snap-in
(Reply to #16) Tue, 09/08/2009 - 15:24
Re: Problem configuring DNS Sync Snap-in

Hi all, the new version has been uploaded and can be obtained from the same location as before.

+1
0
-1
Top