Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Azure DNS - Add additional nameserver to zone returns error about multiple entries #3088

Open
fabienmazieres opened this issue Aug 19, 2024 · 7 comments
Open

Azure DNS - Add additional nameserver to zone returns error about multiple entries #3088

fabienmazieres opened this issue Aug 19, 2024 · 7 comments
Labels
provider-AZURE_DNS

Comments

@fabienmazieres
Copy link
Contributor

Describe the bug

Adding nameserver entries to Azure public DNS zone fails to add the additionnal server, it returns error message "The list of record sets of type 'NS' may not contain multiple entries with the same 'nsdname'".
I want to add extra name server as I intend to host this zone on 2 providers.

To Reproduce

I use the following dnsconfig.js:

var REG_NONE = NewRegistrar("none");
var DNS_AZURE = NewDnsProvider("azuredns_main");

D("example.co.uk", REG_NONE, DnsProvider(DNS_AZURE),
    // Top-level domain configuration
    NAMESERVER_TTL("172800"), // 2 days

    // Azure DNS name servers
    NAMESERVER("ns1-01.azure-dns.com."),
    NAMESERVER("ns2-01.azure-dns.net."),
    NAMESERVER("ns3-01.azure-dns.org."),
    NAMESERVER("ns4-01.azure-dns.info."),

    // Other provider
    NAMESERVER("ns1.other.provider.net."),

    // Records
    A("test", "1.2.3.4"),
    END);

when using preview, it calculate the changes as expected:

PS C:\Users\DNSasCode> dnscontrol preview
******************** Domain: example.co.uk
1 correction (azuredns_main)
#1: + CREATE example.co.uk NS ns1.other.provider.net. ttl=172800
Done. 1 corrections.

but push returns an error message

PS C:\Users\N18180\source\PlatformEngineering.DNSasCode> dnscontrol push   
******************** Domain: impersotech.co.uk
2 corrections (azuredns_main)
#1: + CREATE example.co.uk NS ns1.other.provider.net ttl=172800
FAILURE! PUT https://management.azure.com/subscriptions/xxx-yyy/resourceGroups/xxx/providers/Microsoft.Network/dnsZones/example.co.uk/NS/@
--------------------------------------------------------------------------------
RESPONSE 400: 400 Bad Request
ERROR CODE: BadRequest
--------------------------------------------------------------------------------
{
  "code": "BadRequest",
  "message": "The list of record sets of type 'NS' may not contain multiple entries with the same 'nsdname'."
}
--------------------------------------------------------------------------------
[...]

Adding the extra providers in Azure Portal manually works and subsequent preview or push do validate the change was done as expected.

Expected behavior

No error message displayed, additional NS servers added to the @ NS record.

DNS Provider
Azure DNS (azuredns_main)
@tlimoncelli
Copy link
Contributor

CC @vatsalyagoel

@vatsalyagoel
Copy link
Contributor

Looking into the issue

@vatsalyagoel
Copy link
Contributor

@fabienmazieres When adding additional NAMESERVER Records, you don't need to specify the Azure records on the domain.

NAMESERVER("ns1-01.azure-dns.com."),
NAMESERVER("ns2-01.azure-dns.net."),
NAMESERVER("ns3-01.azure-dns.org."),
NAMESERVER("ns4-01.azure-dns.info.")

These will automatically be there when DNSControl gets the zone from AzureDNS

@fabienmazieres
Copy link
Contributor Author

@vatsalyagoel ,
I will have to support 2 providers, Azure and Oracle, hence why I had put the azure records in the config.
I could omit those and rely on the registrar data but I thought it would be best to be explicit in my config.

All that said, the issue still occurs to me and I am not sure how to take it.
If you have some pointer where I should look into I would be happy to also help dig a bit and see if I can find anything.

@tlimoncelli
Copy link
Contributor

Each provider handles Domain Delegation a little differently and sometimes they conflict. Often the best way to resolve this is to manually set the delegation via the provider's website.

This doc might be helpful, especially the last section where it explains that behavior is different if there are zero NAMESERVER() statements in a zone.

@vatsalyagoel
Copy link
Contributor

@tlimoncelli maybe I should add a PR to de duplicate NS/Nameserver records if we detect that there are any. But I don't know if it would go against the design. If you give your blessing, I'll create the PR

@tlimoncelli
Copy link
Contributor

@tlimoncelli maybe I should add a PR to de duplicate NS/Nameserver records if we detect that there are any. But I don't know if it would go against the design. If you give your blessing, I'll create the PR

Yes, please. (Now that Go has generics, you might find https://pkg.go.dev/slices useful)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
provider-AZURE_DNS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tlimoncelli @vatsalyagoel @fabienmazieres