<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body >I think allow-recusion must be comma separated<div><br></div><div><br></div><div><br></div><br><br><br>-------- Ursprüngliche Nachricht --------<br>Von: yyovchev <yyovchev@neterra.net> <br>Datum: <br>An: pdns-users@mailman.powerdns.com <br>Betreff: [Pdns-users] pdns with pdns-recursor on IPv4 and IPv6 <br> <br><br>Hello everybody.<br>We have installed pdns with pdns-recursor.<br>Everything for ipv4 works great.<br><br>On ipv6 pdns resolve only own zones. If try to resolve external zone<br>(www.google.com for example) not work. <br>The current settings are:<br><br>pdns ipv4: 11.22.33.44 (public address) port 53 <br>pdns-recursor ipv4: 127.0.0.1 port 53<br><br>pdns ipv6: 3ffe:1900:4545:3:200:f8ff:fe21:67cf port 53<br>pdns-recursor ipv6: ::1 port 53<br><br>--------------------------------------------------------------------------------<br>pdns.conf<br>launch=gmysql<br>gmysql-host=127.0.0.1<br>gmysql-user=************<br>gmysql-password=********<br>gmysql-dbname=**********<br>allow-axfr-ips=my.another.dns.servers.<br>allow-recursion=0.0.0.0/0 ::1<br>recursor=127.0.0.1:53<br>lazy-recursion=yes<br>local-address=11.22.33.44<br>local-ipv6=3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>local-port=53<br>logging-facility=0<br>do-ipv6-additional-processing=yes<br>master=yes<br>out-of-zone-additional-processing=yes<br>query-local-address6=3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>--------------------------------------------------------------------------------<br>recursor.conf<br>setuid=pdns-recursor<br>setgid=pdns-recursor<br>allow-from=127.0.0.0/8, ::1/128, fe80::/10, ::/0<br>client-tcp-timeout=2<br>daemon=yes<br>disable-packetcache=yes<br>local-address=::1,127.0.0.1<br>local-port=53<br>log-common-errors=yes<br>logging-facility=0<br>max-cache-entries=1000000<br>max-cache-ttl=86400<br>max-tcp-clients=128<br>max-tcp-per-client=0<br>network-timeout=1500<br><br>--------------------------------------------------------------------------------<br>Test 1: works<br>--------------------------------------------------------------------------------<br>[root@dns1 ~]# dig myzone.mydomain.com @3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> myzone.mydomain.com<br>@3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18634<br>;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br>;; WARNING: recursion requested but not available<br>;; QUESTION SECTION:<br>;myzone.mydomain.com. IN A<br>;; ANSWER SECTION:<br>myzone.mydomain.com. 86400 IN A 192.168.7.22<br>;; Query time: 3 msec<br>;; SERVER:<br>3ffe:1900:4545:3:200:f8ff:fe21:67cf#53(3ffe:1900:4545:3:200:f8ff:fe21:67cf)<br>;; WHEN: Fri May 31 15:38:44 2013<br>;; MSG SIZE rcvd: 63<br>--------------------------------------------------------------------------------<br>Test 2: doesnt works.<br>--------------------------------------------------------------------------------<br>[root@dns1 ~]# dig google.com @3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> google.com<br>@3ffe:1900:4545:3:200:f8ff:fe21:67cf<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20110<br>;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<br>;; WARNING: recursion requested but not available<br>;; QUESTION SECTION:<br>;google.com. IN A<br>;; Query time: 0 msec<br>;; SERVER:<br>3ffe:1900:4545:3:200:f8ff:fe21:67cf#53(3ffe:1900:4545:3:200:f8ff:fe21:67cf)<br>;; WHEN: Fri May 31 15:41:19 2013<br>;; MSG SIZE rcvd: 28<br>--------------------------------------------------------------------------------<br>Test 3: works.<br>--------------------------------------------------------------------------------<br>[root@dns1 ~]# dig google.com @::1<br>; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> google.com @::1<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30150<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0<br>;; QUESTION SECTION:<br>;google.com. IN A<br>;; ANSWER SECTION:<br>google.com. 300 IN A 173.194.39.206<br>google.com. 300 IN A 173.194.39.198<br>google.com. 300 IN A 173.194.39.196<br>google.com. 300 IN A 173.194.39.197<br>google.com. 300 IN A 173.194.39.192<br>google.com. 300 IN A 173.194.39.194<br>google.com. 300 IN A 173.194.39.201<br>google.com. 300 IN A 173.194.39.193<br>google.com. 300 IN A 173.194.39.200<br>google.com. 300 IN A 173.194.39.199<br>google.com. 300 IN A 173.194.39.195<br>;; Query time: 35 msec<br>;; SERVER: ::1#53(::1)<br>;; WHEN: Fri May 31 15:42:32 2013<br>;; MSG SIZE rcvd: 204<br>--------------------------------------------------------------------------------<br>Test 4: works.<br>--------------------------------------------------------------------------------<br>[root@dns1 ~]# dig myzone.mydomain.com @::1<br>; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @::1<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59919<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br>;; QUESTION SECTION:<br>;myzone.mydomain.com. IN A<br>;; ANSWER SECTION:<br>myzone.mydomain.com. 86400 IN A 192.168.7.203<br>;; Query time: 4 msec<br>;; SERVER: ::1#53(::1)<br>;; WHEN: Fri May 31 15:42:43 2013<br>;; MSG SIZE rcvd: 63<br><br><br><br><br>--<br>View this message in context: http://powerdns.13854.n7.nabble.com/pdns-with-pdns-recursor-on-IPv4-and-IPv6-tp10043.html<br>Sent from the PowerDNS mailing list archive at Nabble.com.<br><br>_______________________________________________<br>Pdns-users mailing list<br>Pdns-users@mailman.powerdns.com<br>http://mailman.powerdns.com/mailman/listinfo/pdns-users<br></body>