<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: verdana,helvetica,sans-serif; font-size: 10pt; color: #000000'>><b> Sent: </b>Friday, 26 September, 2014 5:58:05 PM<br><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;">> Realy strange. Ok let's try step by step.<br>
> Does your authoritative DNS Server work? Log-in into your DNS Server
and<br>
<br>> dig -p 5300 @127.0.0.1 -x 10.20.0.4<br>
<br>The 10.20.0.4 is the DNS server, also running munki. <br>I will also dig 10.20.0.2 / 10.20.1.2 / 10.20.2.2 I guess these are the ones you are really looking for right?<br><br><br>DNS: 10.20.0.4 <br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p 5300 @127.0.0.1 -x 10.20.0.4<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57168<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;4.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>4.0.20.10.in-addr.arpa. 86400 IN PTR munki.test.localnetwork.<br><br>;; Query time: 0 msec<br>;; SERVER: 127.0.0.1#5300(127.0.0.1)<br>;; WHEN: Mon Sep 29 13:57:00 2014<br>;; MSG SIZE rcvd: 75<br><br>=============================<br><br>dig -p 5300 @127.0.0.1 -x 10.20.0.4<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p 5300 @127.0.0.1 -x 10.20.0.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50834<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.0.20.10.in-addr.arpa. 86400 IN PTR datacenter.test.openforest.<br><br>;; Query time: 1 msec<br>;; SERVER: 127.0.0.1#5300(127.0.0.1)<br>;; WHEN: Mon Sep 29 13:57:45 2014<br>;; MSG SIZE rcvd: 80<br><br>=============================<br><br>dig -p 5300 @127.0.0.1 -x 10.20.1.4<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p 5300 @127.0.0.1 -x 10.20.1.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20763<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.1.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.1.20.10.in-addr.arpa. 86400 IN PTR locatie01.test.openforest.<br><br>;; Query time: 2 msec<br>;; SERVER: 127.0.0.1#5300(127.0.0.1)<br>;; WHEN: Mon Sep 29 14:00:51 2014<br>;; MSG SIZE rcvd: 79<br><br>=============================<br><br>dig -p 5300 @127.0.0.1 -x 10.20.2.4<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p 5300 @127.0.0.1 -x 10.20.2.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36428<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.2.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.2.20.10.in-addr.arpa. 86400 IN PTR locatie02.test.openforest.<br><br>;; Query time: 3 msec<br>;; SERVER: 127.0.0.1#5300(127.0.0.1)<br>;; WHEN: Mon Sep 29 14:01:06 2014<br>;; MSG SIZE rcvd: 79<br><br>=============================<br><br><br>
> If this works, test your Recursor. Also on the same DNS Server, try<br>
<br>
dig @10.20.0.4 -x 10.20.0.4<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.20.0.4 -x 10.20.0.4<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3879<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;4.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>4.0.20.10.in-addr.arpa. 86400 IN PTR munki.test.openforest.<br><br>;; Query time: 5 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:03:07 2014<br>;; MSG SIZE rcvd: 75<br><br>=============================<br><br>
dig @10.20.0.4 -x 10.20.0.2<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.20.0.4 -x 10.20.0.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53303<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.0.20.10.in-addr.arpa. 86400 IN PTR datacenter.test.openforest.<br><br>;; Query time: 3 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:03:29 2014<br>;; MSG SIZE rcvd: 80<br><br>=============================<br>
dig @10.20.0.4 -x 10.20.1.2<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.20.0.4 -x 10.20.1.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51247<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.1.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.1.20.10.in-addr.arpa. 86400 IN PTR locatie01.test.openforest.<br><br>;; Query time: 5 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:03:49 2014<br>;; MSG SIZE rcvd: 79<br><br><br>=============================<br>dig @10.20.0.4 -x 10.20.2.2<br><br>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.20.0.4 -x 10.20.2.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40902<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.2.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.2.20.10.in-addr.arpa. 86400 IN PTR locatie02.test.openforest.<br><br>;; Query time: 3 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:04:05 2014<br>;; MSG SIZE rcvd: 79<br>=============================<br><br>
<br>
<br>
> If this works, do the same on your clients:<br>
<br>
dig @10.20.0.4 -x 10.20.0.4<br><br>; <<>> DiG 9.8.3-P1 <<>> @10.20.0.4 -x 10.20.0.4<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10954<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;4.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>4.0.20.10.in-addr.arpa. 86238 IN PTR munki.test.openforest.<br><br>;; Query time: 6 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:05:52 2014<br>;; MSG SIZE rcvd: 75<br><br>=============================<br>dig @10.20.0.4 -x 10.20.0.2<br><br>; <<>> DiG 9.8.3-P1 <<>> @10.20.0.4 -x 10.20.0.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24835<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.0.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.0.20.10.in-addr.arpa. 86400 IN PTR datacenter.test.openforest.<br><br>;; Query time: 5 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:06:36 2014<br>;; MSG SIZE rcvd: 80<br><br><br>=============================<br>
dig @10.20.0.4 -x 10.20.1.2<br><br>; <<>> DiG 9.8.3-P1 <<>> @10.20.0.4 -x 10.20.1.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61848<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;2.1.20.10.in-addr.arpa. IN PTR<br><br>;; ANSWER SECTION:<br>2.1.20.10.in-addr.arpa. 86259 IN PTR locatie01.test.openforest.<br><br>;; Query time: 2 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:06:13 2014<br>;; MSG SIZE rcvd: 79<br><br>=============================<br>
dig @10.20.0.4 -x 10.20.2.2<br>
<br>; <<>> DiG 9.8.3-P1 <<>> @10.20.0.4 -x 10.20.2.2<br>; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9597<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<br>;; WARNING: Messages has 4 extra bytes at end<br><br>;; QUESTION SECTION:<br>;2.2.20.10.in-addr.arpa. IN PTR<br><br>;; Query time: 0 msec<br>;; SERVER: 10.20.0.4#53(10.20.0.4)<br>;; WHEN: Mon Sep 29 14:07:06 2014<br>;; MSG SIZE rcvd: 44<br><br><br><br>Well these are the lines which strike me as odd:<br><br>;; WARNING: Messages has 4 extra bytes at end<br>;; Query time: 0 msec<br>;; MSG SIZE rcvd: 44<br><br>But then again I don't know what to do with it. ;)<br><br><br><br>
<div class="moz-cite-prefix"><br>
Am 26.09.2014 15:58, schrieb Bart-Jan van Hummel:<br>
</div>
<blockquote cite="mid:1326305491.30495.1411739883194.JavaMail.root@openforest.nl">
<style>p { margin: 0; }</style>
<div style="font-family: verdana,helvetica,sans-serif; font-size:
10pt; color: #000000"><br>
<div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;">
> Maybe you didn't stopped it before you restarted? In this
case config changes didn't apply to the (running) Recursor.<br>
</div>
<br>
Well I just did a service pdns-recursor restart<br>
<br>
So I did some more testing and I found something else: it
doesn't change my problem, but it does make the problem worse
;-)<br>
<br>
In the pdns.conf I turned on the module-dir like this:<br>
<br>
to:<br>
module-dir=/usr/lib/powerdns<br>
<br>
Now the module dir does not have any modules in there.<br>
but it seems that turning this on will cause the DNS to stop
answering on any reverse lookup of machines which are not in the
main router.<br>
<br>
So these wil not have an answer section:<br>
~ root# dig @10.20.0.4 -x 10.20.1.4 <br>
~ root# dig @10.20.0.4 -x 10.20.2.4 <br>
<br>
And this will:<br>
~ root# dig @10.20.0.4 -x 10.20.0.4 <br>
~ root# dig @10.20.0.4 -x 10.20.0.5<br>
<br>
I am asking in the 10.20.2.x network... <br>
<br>
</div>
</blockquote>
<br>
</div><br></div></body></html>