<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <div class="moz-cite-prefix">On 29/03/2021 21:34, Chhavi Mittal via

      Pdns-users wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAOy0CCFNpZih0TRQEEiTRijJd0OdQjQj+p=JY1m0doJMjMvsZA@mail.gmail.com">

      <div>I have a pdns and pdns_recursor running on the same server

        and I have one ALIAS record and one A record for the alias both

        belonging to the same domain entry but when I do 'dig' on the

        ALIAS it's not returning an answer.</div>

    </blockquote>

    <p>In that case what does it return: NXDOMAIN? NODATA? SERVFAIL?

      Timeout?</p>

    <p><br>

    </p>

    <blockquote type="cite"

cite="mid:CAOy0CCFNpZih0TRQEEiTRijJd0OdQjQj+p=JY1m0doJMjMvsZA@mail.gmail.com">

      <div> This is what I have in my mysql:</div>

      <div><br>

      </div>

      <div>Domains<br>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+-----+------+--------+------------+--------+</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">| id<span> 

            </span>| name | master | last_check | type <span>  </span>|</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+-----+------+--------+------------+--------+</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">| 274 | .<span> 

                </span>| NULL <span>  </span>| <span>      </span>NULL

            | NATIVE |</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+-----+------+--------+------------+--------+</span></p>

      </div>

      <div><br>

      </div>

      <div>Records</div>

      <div>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+---+--------------------------+------+-------------+</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">274 | <a

              href="http://mydomain.com" target="_blank"

              moz-do-not-send="true">mydomain.com</a>             | A<span> 

                 </span>| 10.1.164.107<br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+---+--------------------------+------+-------------+<br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">274 | <a

              href="http://securityservices.com" target="_blank"

              moz-do-not-send="true">securityservices.com</a> | ALIAS |

            <a href="http://mydomain.com" target="_blank"

              moz-do-not-send="true">mydomain.com</a></span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">+---+---------------------------+------+-------------+<br>

          </span></p>

      </div>

    </blockquote>

    <p>What do you get if you dig separately:</p>

    <p>dig @127.0.0.1 mydomain.com. a</p>

    <p><br>

    </p>

    <blockquote type="cite"

cite="mid:CAOy0CCFNpZih0TRQEEiTRijJd0OdQjQj+p=JY1m0doJMjMvsZA@mail.gmail.com">

      <div>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures"><br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small">I

            am expecting the final answer of '<a

              href="http://securityservices.com" target="_blank"

              moz-do-not-send="true">securityservices.com</a>' to be "</span><span

style="font-family:Arial,Helvetica,sans-serif;font-size:small;color:rgb(34,34,34)">10.1.164.107".

            I feel I have a problem in my configuration but I am not

            able to figure it out. Please help!!<br>

            <br>

            <b>pdns config:</b></span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-size:small">expand-alias=yes</span><br>

        </p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)">resolver=<a

            href="http://127.0.0.1:8699" target="_blank"

            moz-do-not-send="true">127.0.0.1:8699</a><span

            style="font-family:Arial,Helvetica,sans-serif;color:rgb(34,34,34)"><br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">setgid=pdns</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures"></span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">setuid=pdns</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures"><br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small"><b>recursor

              config:</b></span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:17px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">allow-from=<a

              href="http://0.0.0.0/0" target="_blank"

              moz-do-not-send="true">0.0.0.0/0</a><br>

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">forward-zones=.=127.0.0.1</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">local-address=127.0.0.1</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">local-port=8699</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">setgid=pdns</span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">

          </span></p>

        <p

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

            style="font-variant-ligatures:no-common-ligatures">setuid=pdns</span></p>

      </div>

    </blockquote>

    <p>Try running tcpdump at the same time:<br>

    </p>

    <p>tcpdump -i lo -nn -s0 -vX udp port 53 or udp port 8699<br>

    </p>

    <p>Then when you "dig @127.0.0.1 securityservices.com. a", look at

      the tcpdump traffic.<br>

    </p>

    <p>1. do you see the incoming request for "securityservices.com" to

      pdns-auth with dst port 53?  (You should!)<br>

      2. do you see the request for "mydomain.com" from auth to recursor

      with dst port 8699?<br>

      3. do you see the request for "mydomain.com" from recursor to auth

      with dst port 53?<br>

      4. do you see the response to (3) with src port 53?<br>

      5. do you see the response to (2) with src port 8699?<br>

      6. do you see the response to (1) with src port 53?<br>

    </p>

    <p><br>

    </p>

  </body>

</html>