[dnsdist] DNSDIST 1.3.3-3 from standard debian buster

Lichtnau Frank Frank.Lichtnau at mlands.com
Tue Aug 13 14:59:03 UTC 2019 

Hi Remi,

I think, it has to be with 'high latencies'.

I have: 
- 1 pool (winmls) for windows-ad-dns-queries
- 1 pool (mls) for rest of our internal domain
- and a dns-forwarder (with 3 listener) for external dns-queries.

The pools work fine with latencies of 0.3 - 0.8 The single dns-forwarder has latencies of 40 - 56. And there I have the drops.

For testing I reconfigure the external dns-queries over the pool(mls). 
And than I have the drops in this pool.

I would try to install dnsdist 1.3.3 in debian 9, but it works not, because some packet-dependencies was not given.
And the  dnsdist-packet in debian 9 was to old.

Your tool is importent for me, because it helps me to capture queer manner of our windows machines. 
If the dns-server is gone, windows don't switch to the second dns-server in his given list of dns-servers. 

BTW, I would build now a tool as workaround for checking dnsdist frequency.
if the quote between queries and drops too bad or grow up I restart the daemon.

I check your API api/v1/servers/localhost and see, that the value from Column "Drops" are given in field=reused.

Why ist he name reused and what means reused in this context?

~Frank

> -----Ursprüngliche Nachricht-----
> Von: dnsdist <dnsdist-bounces at mailman.powerdns.com> Im Auftrag von Remi Gacogne
> Gesendet: Montag, 12. August 2019 16:56
> An: 'dnsdist at mailman.powerdns.com' <dnsdist at mailman.powerdns.com>
> Betreff: Re: [dnsdist] DNSDIST 1.3.3-3 from standard debian buster
>
> Hi Frank,
>
> On 8/12/19 4:27 PM, Lichtnau Frank wrote:
> > I can confirm that we have the same problems under debian buster  like 
> > Chris call "dnsdist 1.4 and Debian buster".
> > https://mailman.powerdns.com/pipermail/dnsdist/2019-August/000601.html
> > 
> > The only differcence is, we installed the standard debian packet 
> > 1.3.3-3
> > 
> > It works fine for hours and than all calls with no local domain-names 
> > are dropped. We have no ACL - Dynamic - Rule and Blockfilter Drops,
> > 
> > The dns-call in direction internal DNS-Server works  fine.
> > 
> > I try to grow up the listener  for our external DNS-Server and  than I 
> > grow up also the sockets, but it helps not.
> > 
> > I active remote logging via ProtobufLogger, but can't find any 
> > interesting things.
>
> Thanks a lot for the feedback. I'm not surprised to read that you didn't see anything interesting in remote logging, since it's looking more and more like a Buster issue than a dnsdist one, especially if the issue also manifests itself with the Auth..
>
> Best regards,
> --
> Remi Gacogne
> PowerDNS.COM BV - https://www.powerdns.com/

More information about the dnsdist mailing list