[Pdns-users] Trouble with TCP requests and recursor
Sergey Belyaev
sb at iskratelecom.ru
Thu Nov 10 11:57:14 UTC 2005
Does 2.9.19 fix this behaviour?
> Hello.
> I use PowerDNS 2.9.18 and I have problems with TCP queries.
> When I make a query through UDP, PowerDNS gives me the zone. For example, I
> have the zone binary.ru which is hosted on this server:
> binary at ns:/home/binary> nslookup
>> set type=any
>> binary.ru
> Server: localhost
> Address: 127.0.0.1#53
> binary.ru mail exchanger = 20 relay1.iskratelecom.ru.
> binary.ru mail exchanger = 10 mail.binary.ru.
> Name: binary.ru
> Address: 82.199.96.133
> binary.ru
> origin = ns.binary.ru
> mail addr = postmaster.ns.binary.ru
> serial = 2005102000
> refresh = 3600
> retry = 6000
> expire = 864000
> minimum = 86400
> binary.ru nameserver = ns2.binary.ru.
> binary.ru nameserver = ns.binary.ru.
> When I query the same zone over TCP I receive the following:
> binary at ns:/home/binary> nslookup -vc
>> set type=any
>> binary.ru
> Server: 127.0.0.1
> Address: 127.0.0.1#53
> Non-authoritative answer:
> binary.ru
> origin = ns.binary.ru
> mail addr = postmaster.ns.binary.ru
> serial = 2005102000
> refresh = 3600
> retry = 6000
> expire = 864000
> minimum = 86400
> binary.ru nameserver = ns2.binary.ru.
> Name: binary.ru
> Address: 82.199.96.133
> binary.ru mail exchanger = 20 relay1.iskratelecom.ru.
> binary.ru mail exchanger = 10 mail.binary.ru.
> binary.ru nameserver = ns.binary.ru.
> Authoritative answers can be found from:
> ns.binary.ru internet address = 82.199.96.131
> relay1.iskratelecom.ru internet address = 82.199.108.4
> ns2.binary.ru internet address = 82.199.108.4
> mail.binary.ru internet address = 82.199.96.133
> That is making the query over TCP, PowerDNS immediately transmits it to
> recursor omitting the query to the database (gmysql).
> Switching on debug I see that the query to the database is performed only
> at attempt to receive the zone over UDP but at attempt to do the same
> over TCP the db query isn't performed.
> If I switch off recursor everything is all right but recursor is necessary
> to me.
> System: FreeBSD 5.4, PowerDNS 2.9.18, gmysql backend.
> Servers: 82.199.96.131, 82.199.108.4
> Config:
> #################################
> # allow-axfr-ips If disabled, DO allow zonetransfers from these IP addresses
> #
> allow-axfr-ips=82.199.108.4
> #################################
> # allow-recursion List of netmasks that are allowed to recurse
> #
> allow-recursion=82.199.96.0/19, 10.0.0.0/8, 11.11.11.0/24, 127.0.0.1
> #################################
> # cache-ttl Seconds to store packets in the PacketCache
> #
> cache-ttl=20
> #################################
> # chroot If set, chroot to this directory for more security
> #
> # chroot=
> #################################
> # config-dir Location of configuration directory (pdns.conf)
> #
> config-dir=/usr/local/etc
> #################################
> # config-name Name of this virtual configuration - will rename the binary image
> #
> # config-name=
> #################################
> # control-console Debugging switch - don't use
> #
> # control-console=no
> #################################
> # daemon Operate as a daemon
> #
> daemon=yes
> #################################
> # default-soa-name name to insert in the SOA record if none set in the backend
> #
> # default-soa-name=a.misconfigured.powerdns.server
> #################################
> # disable-axfr Disable zonetransfers but do allow TCP queries
> #
> # disable-axfr=no
> #################################
> # disable-tcp Do not listen to TCP queries
> #
> disable-tcp=no
> #################################
> # distributor-threads Default number of Distributor (backend) threads to start
> #
> # distributor-threads=3
> #################################
> # fancy-records Process URL and MBOXFW records
> #
> # fancy-records=no
> #################################
> # guardian Run within a guardian process
> #
> guardian=yes
> #################################
> # launch Which backends to launch and order to query them in
> #
> launch=gmysql
> #################################
> # lazy-recursion Only recurse if question cannot be answered locally
> #
> lazy-recursion=yes
> #################################
> # load-modules Load this module - supply absolute or relative path
> #
> #################################
> # local-address Local IP address to which we bind
> #
> local-address=0.0.0.0
> #################################
> # local-ipv6 Local IP address to which we bind
> #
> # local-ipv6=
> #################################
> # local-port The port on which we listen
> #
> local-port=53
> #################################
> # log-dns-details If PDNS should log failed update requests
> #
> log-dns-details=yes
> #################################
> # log-failed-updates If PDNS should log failed update requests
> #
> log-failed-updates=yes
> #################################
> # logfile Logfile to use
> #
> logfile=/var/log/pdns.log
> #################################
> # logging-facility Log under a specific facility
> #
> # logging-facility=
> #################################
> # loglevel Amount of logging. Higher is more. Do not set below 3
> #
> loglevel=2
> #################################
> # master Act as a master
> #
> master=yes
> #################################
> # max-queue-length Maximum queuelength before considering situation lost
> #
> # max-queue-length=5000
> #################################
> # max-tcp-connections Maximum number of TCP connections
> #
> max-tcp-connections=10
> #################################
> # module-dir Default directory for modules
> #
> # module-dir=/usr/local/bin/../lib
> #################################
> # negquery-cache-ttl Seconds to store packets in the PacketCache
> #
> negquery-cache-ttl=60
> #################################
> # only-soa Make sure that no SOA serial is less than this number
> #
> # only-soa=org
> #################################
> # out-of-zone-additional-processing Do out of zone additional processing
> #
> # out-of-zone-additional-processing=no
> #################################
> # query-cache-ttl Seconds to store packets in the PacketCache
> #
> query-cache-ttl=20
> #################################
> # query-logging Hint backends that queries should be logged
> #
> #query-logging=yes
> #################################
> # queue-limit Maximum number of milliseconds to queue a query
> #
> queue-limit=1500
> #################################
> # receiver-threads Number of receiver threads to launch
> #
> # receiver-threads=1
> #################################
> # recursive-cache-ttl Seconds to store packets in the PacketCache
> #
> recursive-cache-ttl=10
> #################################
> # recursor If recursion is desired, IP address of a recursing nameserver
> #
> recursor=127.0.0.1:5053
> #################################
> # setgid If set, change group id to this gid for more security
> #
> setgid=nogroup
> #################################
> # setuid If set, change user id to this uid for more security
> #
> setuid=nobody
> #################################
> # skip-cname Do not perform CNAME indirection for each query
> #
> # skip-cname=no
> #################################
> # slave Act as a slave
> #
> slave=yes
> #################################
> # slave-cycle-interval Reschedule failed SOA serial checks once every .. seconds
> #
> slave-cycle-interval=60
> #################################
> # smtpredirector Our smtpredir MX host
> #
> # smtpredirector=a.misconfigured.powerdns.smtp.server
> #################################
> # soa-minimum-ttl Default SOA mininum ttl
> #
> # soa-minimum-ttl=3600
> #################################
> # soa-serial-offset Make sure that no SOA serial is less than this number
> #
> # soa-serial-offset=0
> #################################
> # socket-dir Where the controlsocket will live
> #
> # socket-dir=/var/run
> #################################
> # strict-rfc-axfrs Perform strictly rfc compliant axfrs (very slow)
> #
> # strict-rfc-axfrs=no
> #################################
> # urlredirector Where we send hosts to that need to be url redirected
> #
> # urlredirector=127.0.0.1
> #################################
> # use-logfile Use a log file
> #
> use-logfile=yes
> #################################
> # webserver Start a webserver for monitoring
> #
> webserver=yes
> #################################
> # webserver-address IP Address of webserver to listen on
> #
> webserver-address=82.199.96.131
> #################################
> # webserver-password Password required for accessing the webserver
> #
> # webserver-password=
> #################################
> # webserver-port Port of webserver to listen on
> #
> webserver-port=8081
> #################################
> # webserver-print-arguments If the webserver should print arguments
> #
> webserver-print-arguments=yes
> #################################
> # wildcard-url Process URL and MBOXFW records
> #
> # wildcard-url=no
> #################################
> # wildcards Honor wildcards in the database
> #
> # wildcards=
> gmysql-host=localhost
> gmysql-user=xxxxx
> gmysql-password=xxxx
> gmysql-dbname=xxxxx
--
Sincerely yours,
Sergey Belyaev,
System Administrator,
ISP Iskratelecom, JSC.
phone: +7 (095) 540-68-64, ext. 007
sb at iskratelecom.ru, http://www.iskratelecom.ru
More information about the Pdns-users
mailing list