[Pdns-users] Recursor fails to resolve domains

Odhiambo Washington odhiambo at gmail.com
Mon Apr 8 12:50:34 UTC 2013 

I don't think that is the issue. From the recursor logs, see the bolded
part:
I therefore think I do not need to. Besides, it is answering queries for
domains other than those whose DNS servers are hosted within my forwarders
space.


Apr  8 15:48:15 jaribu pdns_recursor[87243]: Operating in 64 bits mode
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Reading random entropy from
'/dev/urandom'
*Apr  8 15:48:15 jaribu pdns_recursor[87243]: Only allowing queries from:
127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16,*
172.16.0.0/12, ::1/128, fe80::/10
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Will not send queries to:
127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 17
2.16.0.0/12, ::1/128, fe80::/10, 0.0.0.0, ::
Apr  8 15:48:15 jaribu pdns_recursor[87243]: NOT using IPv6 for outgoing
queries - set 'query-local-address6=::' to enable
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Inserting rfc 1918 private
space zones
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Listening for UDP queries on
127.0.0.1:53
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Listening for TCP queries on
127.0.0.1:53
Apr  8 15:48:15 jaribu pdns_recursor[87243]: Calling daemonize, going to
background
Apr  8 15:48:15 jaribu pdns_recursor[87247]: Launching 2 threads
Apr  8 15:48:15 jaribu pdns_recursor[87247]: Done priming cache with root
hints
Apr  8 15:48:15 jaribu pdns_recursor[87247]: Done priming cache with root
hints
Apr  8 15:48:15 jaribu pdns_recursor[87247]: Enabled 'kqueue' multiplexer
Apr  8 15:48:16 jaribu pdns_recursor[87247]: Refreshed . records



On 8 April 2013 12:45, abang <abang at t-ipnet.net> wrote:

> Don't know what went wrong. But you should add 127.0.0.1 to allow-from if
> you ask from 127.0.0.1
>
>
>
> Am 08.04.2013 11:32, schrieb Odhiambo Washington:
>
>> I have a situation with pdns-recursor that I need help with.
>>
>> I am running it on 127.0.0.1:53 <http://127.0.0.1:53>
>>
>>
>> My configuration is as below:
>>
>> allow-from=192.168.0.0/16 <http://192.168.0.0/16>
>>
>> #allow-from=
>> dont-query=
>> config-dir=/usr/local/etc/pdns
>> daemon=yes
>> quiet=yes
>> etc-hosts-file=/etc/hosts
>> export-etc-hosts=yes
>> forward-zones-recurse=.=196.**200.16.2,.=196.200.16.27
>> local-address=127.0.0.1
>> local-port=53
>> log-common-errors=yes
>> logging-facility=0
>> socket-dir=/var/run/
>> threads=18
>> trace=on
>>
>> Now, those two IPs listed in forward-zones-recurse are my ISPs DNS
>> servers.
>> The problem is that whenever I do an nslookup for any domains whose DNS
>> records are handled by my ISP, including my ISPs domain name itself, I
>> get a failure. I however get success when I query for domains outside my
>> ISPs DNS servers:
>>
>> Here are my test results:
>>
>> [root at jaribu] /usr/local/etc/pdns# nslookup www.accesskenya.com
>> <http://www.accesskenya.com>
>>
>> ;; Got SERVFAIL reply from 127.0.0.1, trying next server
>> ;; connection timed out; no servers could be reached
>>
>> [root at jaribu] /usr/local/etc/pdns# nslookup www.gmail.com
>> <http://www.gmail.com>
>>
>> Server:         127.0.0.1
>> Address:        127.0.0.1#53
>>
>> Non-authoritative answer:
>> www.gmail.com <http://www.gmail.com>   canonical name = mail.google.com
>> <http://mail.google.com>.
>> mail.google.com <http://mail.google.com> canonical name =
>> googlemail.l.google.com <http://googlemail.l.google.**com<http://googlemail.l.google.com>
>> >.
>> Name: googlemail.l.google.com <http://googlemail.l.google.**com<http://googlemail.l.google.com>
>> >
>> Address: 173.194.34.117
>> Name: googlemail.l.google.com <http://googlemail.l.google.**com<http://googlemail.l.google.com>
>> >
>>
>> Address: 173.194.34.118
>>
>> [root at jaribu] /usr/local/etc/pdns# nslookup gw.cmehtanbo.com
>> <http://gw.cmehtanbo.com>
>>
>> ;; Got SERVFAIL reply from 127.0.0.1, trying next server
>> ;; connection timed out; no servers could be reached
>>
>> [root at jaribu] /usr/local/etc/pdns# nslookup gw.kictanet.or.ke
>> <http://gw.kictanet.or.ke>
>>
>> Server:         127.0.0.1
>> Address:        127.0.0.1#53
>>
>> Non-authoritative answer:
>> Name: gw.kictanet.or.ke <http://gw.kictanet.or.ke>
>>
>> Address: 62.8.64.102
>>
>>
>>
>> Is it that my configuration is bungled or that of my ISP is? Or is this
>> something known?
>>
>>
>>
>> --
>> Best regards,
>> Odhiambo WASHINGTON,
>> Nairobi,KE
>> +254733744121/+254722743223
>> "I can't hear you -- I'm using the scrambler."
>>
>
>
> ______________________________**_________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.**com <Pdns-users at mailman.powerdns.com>
> http://mailman.powerdns.com/**mailman/listinfo/pdns-users<http://mailman.powerdns.com/mailman/listinfo/pdns-users>
>



-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20130408/c22f6a66/attachment-0001.html>

More information about the Pdns-users mailing list