<div dir="ltr"><div style="font-size:12.8px">Hi Oli,</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Thank you for the quick reply.</div><div style="font-size:12.8px"><b><br></b></div><div style="font-size:12.8px"><b><u>With Issue 1:</u></b></div><div style="font-size:12.8px">I'm using Redhat 7.2. Here is my result from DNSDist version:</div><div style="font-size:12.8px">[root@my001 ~]# dnsdist --version</div><div style="font-size:12.8px">dnsdist 1.0.0</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">[root@my001 ~]# cat /proc/version</div><div style="font-size:12.8px">Linux version 3.10.0-327.36.3.el7.x86_64 (<a href="mailto:mockbuild@x86-037.build.eng.bos.redhat.com" target="_blank">mockbuild@x86-037.build.eng.<wbr>bos.redhat.com</a>) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) )</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"> I don't know exactly problem. I had used DNSDist rpm from CentOS in Redhat 7 machine before. </div><div style="font-size:12.8px"> Then I tried download another DNSDist from other website: <a href="http://dev.racf.bnl.gov/yum/snapshots/rhel7/epel7-x86_64/d/" target="_blank">http://dev.racf.bnl.gov/yum/<wbr>snapshots/rhel7/epel7-x86_64/<wbr>d/</a>. New rpm worked with makeKey(). It return encypt result.</div><div style="font-size:12.8px"> I find in website: <a href="https://repo.powerdns.com/centos/x86_64/6Server/" target="_blank">https://repo.powerdns.com/<wbr>centos/x86_64/6Server/</a> only have rpms for el6. Can you send me a website for download manually DNSDist rpm official for Redhat 7?</div><div style="font-size:12.8px"><b style="font-size:12.8px"><i><br></i></b></div><div style="font-size:12.8px"><b style="font-size:12.8px"><i> Before I got issue:</i></b><br></div><div style="font-size:12.8px"> dnsdist-1.0.0-1pdns.el7.x86_<wbr>64.rpm</div><div style="font-size:12.8px"> </div><div style="font-size:12.8px"><i><b> All rpms in my current machince:</b></i></div><div style="font-size:12.8px"> dnsdist-1.0.0-1.el7.x86_64.<wbr>rpm</div><div style="font-size:12.8px"> </div><div style="font-size:12.8px"> libsodium-1.0.5-1.el7.x86_64.<wbr>rpm</div><div style="font-size:12.8px"> luajit-2.0.4-3.el7.x86_64.rpm</div><div style="font-size:12.8px"> protobuf-2.5.0-7.el7.x86_64.<wbr>rpm</div><div style="font-size:12.8px"> libedit-3.0-12.20121213cvs.<wbr>el7.x86_64.rpm</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><b><u>With Issue 2:</u></b></div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">With do not force setUp(). My downstream is always down. setAuto() make downstream down too. </div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><i><b>Here is my systemctl </b><b>status </b><b>dnsdist:</b></i></div><div style="font-size:12.8px"><b><br></b></div><div style="font-size:12.8px">systemd: Starting DNS Loadbalancer...</div><div style="font-size:12.8px">dnsdist: Read configuration from '/etc/dnsdist/dnsdist.conf'</div><div style="font-size:12.8px">dnsdist: Added downstream server <a href="http://192.168.3.3:5353/" target="_blank">192.168.3.3:5353</a></div><div style="font-size:12.8px">dnsdist: Added downstream server <a href="http://192.168.3.4:53/" target="_blank">192.168.3.4:53</a></div><div style="font-size:12.8px">dnsdist: Listening on <a href="http://0.0.0.0:53/" target="_blank">0.0.0.0:53</a></div><div style="font-size:12.8px">dnsdist: dnsdist 1.0.0 comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2</div><div style="font-size:12.8px">dnsdist: ACL allowing queries from: <a href="http://127.0.0.0/8" target="_blank">127.0.0.0/8</a>, <a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a>, <a href="http://100.64.0.0/10" target="_blank">100.64.0.0/10</a>, <a href="http://169.254.0.0/16" target="_blank">169.254.0.0/16</a>, <a href="http://192.168.0.0/16" target="_blank">192.168.0.0/16</a>, <a href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>, ::1/128, fc00::/7, fe80::/10</div><div style="font-size:12.8px">dnsdist: Accepting control connections on <a href="http://0.0.0.0:5199/" target="_blank">0.0.0.0:5199</a></div><div style="font-size:12.8px">dnsdist: Backend <a href="http://192.168.3.3:5353/" target="_blank">192.168.3.3:5353</a> responded to health check with ServFail</div><div style="font-size:12.8px">dnsdist: Marking downstream <a href="http://192.168.3.3:5353/" target="_blank">192.168.3.3:5353</a> as 'down'</div><div style="font-size:12.8px">dnsdist: Backend <a href="http://192.168.3.4:53/" target="_blank">192.168.3.4:53</a> responded to health check with ServFail</div><div style="font-size:12.8px">dnsdist: Marking downstream <a href="http://192.168.3.4:53/" target="_blank">192.168.3.4:53</a> as 'down'</div><div style="font-size:12.8px">systemd: Started DNS Loadbalancer.</div><div style="font-size:12.8px">dnsdist: Backend <a href="http://192.168.3.3:5353/" target="_blank">192.168.3.3:5353</a> responded to health check with ServFail</div><div style="font-size:12.8px">dnsdist: Backend <a href="http://192.168.3.4:53/" target="_blank">192.168.3.4:53</a> responded to health check with ServFail</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><b><i>My "/etc/dnsdist/dnsdist.conf":</i></b></div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">setKey("TS1F3DSNUTehZBv8bpLD/<wbr>oph9TkwJw+MOwgQEePT4io=")</div><div style="font-size:12.8px">controlSocket("0.0.0.0")</div><div style="font-size:12.8px">setLocal('0.0.0.0')</div><div style="font-size:12.8px">newServer{address="<a href="http://192.168.3.3:5353/" target="_blank">192.168.3.<wbr>3:5353</a>", qps=10, order=1}</div><span class="gmail-im" style="font-size:12.8px"><div>newServer{address="192.168.3.<wbr>4", qps=10, order=2}</div><div>setServerPolicy(<wbr>firstAvailable)</div></span><div style="font-size:12.8px">setVerboseHealthChecks(true)</div><div style="font-size:12.8px"><i><br></i></div><div style="font-size:12.8px"><b><i>I opened port 53 in two machine. Here is my port in "192.168.3.3":</i></b></div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:53</div><div style="font-size:12.8px">ACCEPT udp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:53 </div><div style="font-size:12.8px">ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:5353</div><div style="font-size:12.8px">ACCEPT udp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:5353</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Am I missing anything else, Oli? Such as: rpms, port, config... . How can I make it "up" as example?</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Beside that, I tried used log file: addAction(AllRule(), LogAction("dnsdist.log", false)) but it return an error:</div><div style="font-size:12.8px">dnsdist[17049]: Fatal error: Exception thrown by a callback function called by Lua</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Do you know this error?</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><span style="font-size:12.8px">Best regards,</span><br></div><div style="font-size:12.8px"><span style="font-size:12.8px"><br></span></div><div style="font-size:12.8px"><span style="font-size:12.8px">Thao Nguyen</span></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-11-25 1:18 GMT+07:00 Oli Schacher <span dir="ltr"><<a href="mailto:oli.schacher@switch.ch" target="_blank">oli.schacher@switch.ch</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi<br>
<br>
<br>
Am 24.11.16 um 18:20 schrieb nguyen van:<br>
<span class=""><br>
> I'm using Redhat 7. I'm a newbie with DNSDist. I tried to config as<br>
> README.md but I got some issue. Can you help me?<br>
> Issue 1. I tried to makeKey but it always return plaintext:<br>
>> makeKey()<br>
> setKey("plaintext")<br>
><br>
> Here is list rpm in my system:<br>
> dnsdist-1.0.0-1pdns.el7.x86_<wbr>64.rpm<br>
> libedit-3.0-12.20121213cvs.<wbr>el7.x86_64.rpm<br>
> libsodium-1.0.5-1.el7.x86_64.<wbr>rpm<br>
> And I also added "bind "^R" em-inc-search-prev" by command: echo "bind<br>
> "^R" em-inc-search-prev" > ~/.editrc. But It still return "plaintext".<br>
<br>
</span>Does 'dnsdist --version' tell you if libsodium is found at all? For me<br>
it shows:<br>
dnsdist --version<br>
dnsdist 0.0.1306g98883b8 (Lua 5.1)<br>
Enabled features: dnscrypt libsodium protobuf re2 systemd<br>
<br>
Apart from a different dnsdist version I have the same versions, and it<br>
works on centos 7.1:<br>
rpm -qa libsodium libedit<br>
libedit-3.0-12.20121213cvs.<wbr>el7.x86_64<br>
libsodium-1.0.5-1.el7.x86_64<br>
<span class=""><br>
><br>
> Issue 2: My "dnsdist" server have both "dnsdist" and "named" so I open<br>
> and use another port for named.<br>
> My /etc/dnsdist/dnsdist.conf<br>
> setLocal('0.0.0.0')<br>
</span>> newServer{address="<a href="http://192.168.3.3:5353" rel="noreferrer" target="_blank">192.168.3.<wbr>3:5353</a> <<a href="http://192.168.3.3:5353/" rel="noreferrer" target="_blank">http://192.168.3.3:5353/</a>>", qps=10,<br>
<span class="">> order=1}<br>
> newServer{address="192.168.3.<wbr>4", qps=10, order=2}<br>
> setServerPolicy(<wbr>firstAvailable)<br>
> getServer(0):setUp()<br>
> getServer(1):setUp()<br>
> I used DNSDist via systemd service. When named in first server go to<br>
</span>> down and I run a "dig @<a href="http://192.168.3.3" rel="noreferrer" target="_blank">192.168.3.3</a> <<a href="http://192.168.3.3/" rel="noreferrer" target="_blank">http://192.168.3.3/</a>> <a href="http://myzone.com" rel="noreferrer" target="_blank">myzone.com</a><br>
> <<a href="http://myzone.com/" rel="noreferrer" target="_blank">http://myzone.com/</a>>". Query zone has been failed.I hope it can return a<br>
<span class="">> successful query by get it in second server: "192.168.3.4".<br>
> How could I config in this case without set first server to "down"?<br>
<br>
</span>don't use "setUp()", this will force dnsdist to treat this server as UP,<br>
even if it isn't. Instead, use setAuto() or just remove these lines,<br>
auto is the default. This will probe the server and automatically switch<br>
to the next server when the first one goes down.<br>
<span class=""><br>
<br>
> A minor question: Could I add comments to /etc/dnsdist/dnsdist.conf file?<br>
<br>
</span>yes, just start them with a double hyphen. The dnsdist.conf file is lua<br>
code.<br>
<br>
-- example comment<br>
<br>
Best regards<br>
Oli<br>
______________________________<wbr>_________________<br>
Pdns-users mailing list<br>
<a href="mailto:Pdns-users@mailman.powerdns.com">Pdns-users@mailman.powerdns.<wbr>com</a><br>
<a href="https://mailman.powerdns.com/mailman/listinfo/pdns-users" rel="noreferrer" target="_blank">https://mailman.powerdns.com/<wbr>mailman/listinfo/pdns-users</a><br>
</blockquote></div><br></div>