[Pdns-users] PowerDNS behind NAT

Paul Roland paul.roland at cc.btn.ro
Mon May 26 11:31:08 UTC 2014 

Thank you, the issue is now solved it seems like I was missing some kernel modules in networking/filtering.

________________________________________
From: Aki Tuomi [cmouse at youzen.ext.b2.fi]
Sent: Monday, May 26, 2014 1:28 PM
To: Paul Roland
Subject: Re: [Pdns-users] PowerDNS behind NAT

I see you have omitted the list from this discussion, that is usually not a good idea, as
others won't know your reply, and also it makes it impossible for others to see the possible
solution or provide additional help.

I'm afraid this does look like iptables issue, can you provide full output of

iptables -L -n -v

and

iptables -t nat -L -n -v

you can send this directly to me, but I do encourage you to keep the list informed.

Aki

On Mon, May 26, 2014 at 07:21:30AM +0000, Paul Roland wrote:
> ok, seems like that wasn't it.
>
> tcpdump log:
>
> 10:18:23.732620 IP prana.btn.ro.43239 > ls.btn.ro.domain: 24092+ A? www.flexnet.ro. (32)
> 10:18:28.731664 IP prana.btn.ro.43239 > ls.btn.ro.domain: 24092+ A? www.flexnet.ro. (32)
>
> powerdns log:
>
> May 26 10:20:18 ls pdns[666]: Remote 82.208.181.16 wants 'www.flexnet.ro|A', do = 0, bufsize = 512: packetcache MISS
> May 26 10:20:23 ls pdns[666]: Remote 82.208.181.16 wants 'www.flexnet.ro|A', do = 0, bufsize = 512: packetcache HIT
> May 26 10:20:28 ls pdns[666]: Remote 82.208.181.16 wants 'www.flexnet.ro|A', do = 0, bufsize = 512: packetcache HIT
>
>
> [root at server ~]# dig @93.120.39.150 www.flexnet.ro
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @93.120.39.150 www.flexnet.ro
> ; (1 server found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> [root at server ~]#
>
>
> ________________________________________
> From: Aki Tuomi [cmouse at youzen.ext.b2.fi]
> Sent: Monday, May 26, 2014 12:49 PM
> To: Paul Roland
> Subject: Re: [Pdns-users] PowerDNS behind NAT
>
> On Mon, May 26, 2014 at 09:34:21AM +0000, Paul Roland wrote:
> > authoritative server, local-address=10.64.0.10
> >
> > root at cc:~# dig @10.64.0.10 www.btn.ro
> > ;; Query time: 1 msec
> > ;; SERVER: 10.64.0.10#53(10.64.0.10)
> >
>
> Is that the full output?
>
> Also, have you loaded nf_nat_proto_udplite kernel module? (or similarly named).
>
> Can you enable query logging and see if it produces any entries in the log?
>
> Have you made sure that you are not dropping the packets in INPUT filter
> table?
>
> Aki
>

More information about the Pdns-users mailing list