[dnsdist] cache dnsdist not working for my setup
Markus Ehrlicher
Markus.Ehrlicher at komsa.de
Tue Feb 9 06:47:01 UTC 2021
Sorry to say, but the official documentation is absolutely clear about that:
https://dnsdist.org/guides/console.html
bets regards,
Markus
-----Ursprüngliche Nachricht-----
Von: dnsdist <dnsdist-bounces at mailman.powerdns.com> Im Auftrag von SAMI RAHAL via dnsdist
Gesendet: Dienstag, 9. Februar 2021 07:27
An: dnsdist at mailman.powerdns.com
Betreff: Re: [dnsdist] cache dnsdist not working for my setup
Hi
when I use dnsdist -c I have this error : "The currently configured console key is not valid, please configure a valid key using the setKey() directive "
is it mandatory to configure this key in version 1.5? if yes please show me how i should proceed thank you
________________________________________
De : dnsdist <dnsdist-bounces at mailman.powerdns.com> de la part de dnsdist-request at mailman.powerdns.com <dnsdist-request at mailman.powerdns.com>
Envoyé : lundi 8 février 2021 13:00
À : dnsdist at mailman.powerdns.com
Objet : dnsdist Digest, Vol 66, Issue 9
Send dnsdist mailing list submissions to
dnsdist at mailman.powerdns.com
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.powerdns.com/mailman/listinfo/dnsdist
or, via email, send a message with subject or body 'help' to
dnsdist-request at mailman.powerdns.com
You can reach the person managing the list at
dnsdist-owner at mailman.powerdns.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dnsdist digest..."
Today's Topics:
1. Re: cache dnsdist not working for my setup (SAMI RAHAL)
2. Re: cache dnsdist not working for my setup (Jacob Bunk Nielsen)
3. Re: cache dnsdist not working for my setup (Remi Gacogne)
----------------------------------------------------------------------
Message: 1
Date: Sun, 7 Feb 2021 19:19:00 +0000
From: SAMI RAHAL <Sami.Rahal at topnetpro.tn>
To: "dnsdist at mailman.powerdns.com" <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <1612725572676.70123 at topnetpro.tn>
Content-Type: text/plain; charset="iso-8859-1"
Thank you Jacob
I installed version 1.5
when I try to access the console with the sudo dnsdist command
I have the following error:
Fatal error: binding socket to Server_IP: 53: Address already in use.
Also the log file is empty !! knowing that I do not have these two problems with version 1.3
here is my configuration:
----------Main config---------------------------
-- listen for console connection with the given secret key
controlSocket("0.0.0.0")
--addLocal("0.0.0.0:5200")
setLocal('serverIP:53')
--addLocal('IP')
setACL('0.0.0.0/0')
newServer({name="unbound",pool={"resolverT"},address="@IP", qps=1000, order=1})
newServer({name="pdns-recursor",pool={"resolverT"},address="@IP", order=2})
----------- config cache -------------------
cacheresolv = newPacketCache(100000)
getPool("resolverT"):setCache(cacheresolv)
setStaleCacheEntriesTTL(86400)
addAction(AllRule(), PoolAction("resolverT"))
-----------config Log ---------------
--addAction(AllRule(), LogAction("/var/log/dnsdist.log", false, true, false,true))
addAction(AllRule(), LogAction("/var/log/dnsdist.log", false, true, false))
Regards
________________________________________
De : dnsdist <dnsdist-bounces at mailman.powerdns.com> de la part de dnsdist-request at mailman.powerdns.com <dnsdist-request at mailman.powerdns.com>
Envoy? : dimanche 7 f?vrier 2021 13:00
? : dnsdist at mailman.powerdns.com
Objet : dnsdist Digest, Vol 66, Issue 8
Send dnsdist mailing list submissions to
dnsdist at mailman.powerdns.com
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.powerdns.com/mailman/listinfo/dnsdist
or, via email, send a message with subject or body 'help' to
dnsdist-request at mailman.powerdns.com
You can reach the person managing the list at
dnsdist-owner at mailman.powerdns.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dnsdist digest..."
Today's Topics:
1. Re: cache dnsdist not working for my setup (SAMI RAHAL)
2. Re: cache dnsdist not working for my setup (Jacob Bunk Nielsen)
----------------------------------------------------------------------
Message: 1
Date: Sat, 6 Feb 2021 18:35:49 +0000
From: SAMI RAHAL <Sami.Rahal at topnetpro.tn>
To: "dnsdist at mailman.powerdns.com" <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <1612636581163.54074 at topnetpro.tn>
Content-Type: text/plain; charset="iso-8859-1"
Hi Remi
can I use version 1.6 in production?
________________________________________
De : dnsdist <dnsdist-bounces at mailman.powerdns.com> de la part de dnsdist-request at mailman.powerdns.com <dnsdist-request at mailman.powerdns.com>
Envoy? : samedi 6 f?vrier 2021 13:00
? : dnsdist at mailman.powerdns.com
Objet : dnsdist Digest, Vol 66, Issue 7
Send dnsdist mailing list submissions to
dnsdist at mailman.powerdns.com
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.powerdns.com/mailman/listinfo/dnsdist
or, via email, send a message with subject or body 'help' to
dnsdist-request at mailman.powerdns.com
You can reach the person managing the list at
dnsdist-owner at mailman.powerdns.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dnsdist digest..."
Today's Topics:
1. Re: cache dnsdist not working for my setup (SAMI RAHAL)
2. Re: cache dnsdist not working for my setup (Remi Gacogne)
3. Re: DNS views using DNSDIST (Jahanzeb Arshad)
----------------------------------------------------------------------
Message: 1
Date: Fri, 5 Feb 2021 18:12:55 +0000
From: SAMI RAHAL <Sami.Rahal at topnetpro.tn>
To: "dnsdist at mailman.powerdns.com" <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <1612548806918.29772 at topnetpro.tn>
Content-Type: text/plain; charset="iso-8859-1"
Hi Jacob
i use tcpdump :
tcpdump -vvv -s O -l -n port 53 | grep domaine.tld
Always dnsdist contact my two backend resolvers
________________________________________
De : dnsdist <dnsdist-bounces at mailman.powerdns.com> de la part de dnsdist-request at mailman.powerdns.com <dnsdist-request at mailman.powerdns.com>
Envoy? : vendredi 5 f?vrier 2021 13:00
? : dnsdist at mailman.powerdns.com
Objet : dnsdist Digest, Vol 66, Issue 6
Send dnsdist mailing list submissions to
dnsdist at mailman.powerdns.com
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.powerdns.com/mailman/listinfo/dnsdist
or, via email, send a message with subject or body 'help' to
dnsdist-request at mailman.powerdns.com
You can reach the person managing the list at
dnsdist-owner at mailman.powerdns.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dnsdist digest..."
Today's Topics:
1. cache dnsdist not working for my setup (SAMI RAHAL)
2. Re: cache dnsdist not working for my setup (Jacob Bunk Nielsen)
----------------------------------------------------------------------
Message: 1
Date: Fri, 5 Feb 2021 08:59:33 +0000
From: SAMI RAHAL <Sami.Rahal at topnetpro.tn>
To: "dnsdist at mailman.powerdns.com" <dnsdist at mailman.powerdns.com>
Subject: [dnsdist] cache dnsdist not working for my setup
Message-ID: <1612515606492.42376 at topnetpro.tn>
Content-Type: text/plain; charset="iso-8859-1"
Hello
dnsdist packet cache is not working form my setup
* Operating system: CentOS7 (x86_64)
* Software version: dnsdist 1.3.0
My setup:
----------- config cache -------------------
cacheresolv = newPacketCache(100000, 86400, 0, 60, 60, true)
getPool("resolverT"):setCache(cacheresolv)
setStaleCacheEntriesTTL(86400)
addAction(AllRule(), PoolAction("resolverT"))
Can somebody help me please
Cordialement, Sami Rahal Service Hosting DNS et Cloud Direction Technique & SI Si?ge Social TOPNET, Centre Urbain Nord T?l. :71185000 GSM :99 459 812
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20210205/44929ca9/attachment-0001.htm>
------------------------------
Message: 2
Date: Fri, 5 Feb 2021 10:30:49 +0100
From: Jacob Bunk Nielsen <jbn at one.com>
To: dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <db7e8b20-f15f-934f-09ce-0cbae3068ad8 at one.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Hi Sami
On 05/02/2021 09.59, SAMI RAHAL via dnsdist wrote:
>
> dnsdist packet cache is not working form my setup
>
How do you know that it's not working?
Best regards,
Jacob
------------------------------
Subject: Digest Footer
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
------------------------------
End of dnsdist Digest, Vol 66, Issue 6
**************************************
------------------------------
Message: 2
Date: Fri, 5 Feb 2021 20:00:30 +0100
From: Remi Gacogne <remi.gacogne at powerdns.com>
To: "dnsdist at mailman.powerdns.com" <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <094e68eb-694b-6505-726c-de0a0992fc56 at powerdns.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi Sami,
On 2/5/21 7:12 PM, SAMI RAHAL via dnsdist wrote:
> Hi Jacob
> i use tcpdump :
> tcpdump -vvv -s O -l -n port 53 | grep domaine.tld
> Always dnsdist contact my two backend resolvers
How are you sending the queries? If you are using dig, please check with
+nocookie since the content of EDNS cookie is busting dnsdist's packet
cache. 1.6.0 will ignore these cookies but you are running 1.3.0 which
is a bit old.
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
------------------------------
Message: 3
Date: Sat, 06 Feb 2021 13:44:56 +0500
From: Jahanzeb Arshad <jahanzeb at nayatel.com>
To: dnsdist mailing list <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] DNS views using DNSDIST
Message-ID:
<5ca871b535a54b679168591df76fc14f3a10deab.camel at nayatel.com>
Content-Type: text/plain; charset="utf-8"
Hi,
Thanks for your input. I tried the EDNS method but it doesnt seem to be
working for me. It also had a side effect of reducing the caching
performance of dnsdist from 80% to 20%, and also slightly increased the
CPU usage.
Tried the following method of replying with the SpoofAction. This seems
to be working in test environment. Am going to put it into production
and test.
match_clients_network = newNMG()
match_clients_network:addMask("192.168.122.1/32")
addAction(AndRule({NetmaskGroupRule(match_clients_network),
QNameRule('my.domain.com.'), QTypeRule(DNSQType.A)}),
SpoofAction("192.168.48.10"))
Regards
Jahanzeb
On Wed, 2021-01-27 at 10:33 +0100, frank+pdns at tembo.be wrote:
> Hi,
>
> You would have a few options to do that.
>
> I wrote a blogpost about implementing BIND views using dnsdist and
> two instances of powerdns-auth.
> See?https://www.frank.be/implementing-bind-views-with-powerdns/ for
> details.
>
> If you want to keep a single BIND as a backend, you could investigate
> EDNS client subnet support.
>
> There are other options, but the two above would my preferred way...
>
> Kind Regards,
>
> Frank
>
>
> > On 27 Jan 2021, at 10:23, Jahanzeb Arshad via dnsdist
> > <dnsdist at mailman.powerdns.com> wrote:
> >
> > Greetings,
> >
> > We have been using BIND DNS server with views to return different A
> > records for different source networks. Now we have put DNSDIST as
> > frontend to the BIND DNS servers. Now BIND DNS is seeing the
> > dnsdist as the client IP and the views are no more valid. We are
> > unable to figure out how we can we create same type of views on the
> > dnsdist application. Any help would be appreciated.?
> >
> > For example following different A records to be returned for
> > different client IPs for a specific application/domain name.
> >
> > web.domain.com -> 192.168.10.10 for client IPs 10.10.10.0/24
> > web.domain.com -> 192.168.20.20 for client IPs 10.10.20.0/24
> >
> > Regards
> >
> > Jahanzeb
> > _______________________________________________
> > dnsdist mailing list
> > dnsdist at mailman.powerdns.com
> > https://mailman.powerdns.com/mailman/listinfo/dnsdist
>
> Frank Louwers
> PowerDNS Certified Consultant @ Kiwazo.be
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20210206/f6768493/attachment-0001.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
------------------------------
End of dnsdist Digest, Vol 66, Issue 7
**************************************
------------------------------
Message: 2
Date: Sun, 7 Feb 2021 10:09:54 +0100
From: Jacob Bunk Nielsen <jbn at one.com>
To: dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <9671e417-e453-83ae-b203-55eb664a4152 at one.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi Sami
On 06/02/2021 19.35, SAMI RAHAL via dnsdist wrote:
> Hi Remi
> can I use version 1.6 in production?
You can, but it's not recommended unless you want to run an alpha
version. The latest released version is 1.5.1:
https://blog.powerdns.com/2020/10/01/dnsdist-1-5-1-released/
Best regards,
Jacob
------------------------------
Subject: Digest Footer
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
------------------------------
End of dnsdist Digest, Vol 66, Issue 8
**************************************
------------------------------
Message: 2
Date: Mon, 8 Feb 2021 07:09:12 +0100
From: Jacob Bunk Nielsen <jbn at one.com>
To: dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <0d644258-6e21-9df1-4543-61ec2e17a054 at one.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi
On 07/02/2021 20.19, SAMI RAHAL via dnsdist wrote:
> Thank you Jacob
> I installed version 1.5
> when I try to access the console with the sudo dnsdist command
> I have the following error:
> Fatal error: binding socket to Server_IP: 53: Address already in use.
Did you remember to stop dnsdist 1.3 before upgrading?
What's listening on port 53?
"sudo netstat -nlp | grep ':53'" can probably give you a good hint.
It's been a long time since I ran 1.3, and I don't remember if there
were any caveats of the 1.3->1.4 upgrade except many types getting new
names.
Best regards,
Jacob
------------------------------
Message: 3
Date: Mon, 8 Feb 2021 09:13:12 +0100
From: Remi Gacogne <remi.gacogne at powerdns.com>
To: dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <966fccfa-c741-9ce1-10ed-8c3be075da55 at powerdns.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi,
On 2/8/21 7:09 AM, Jacob Bunk Nielsen via dnsdist wrote:
> On 07/02/2021 20.19, SAMI RAHAL via dnsdist wrote:
>> Thank you Jacob
>> I installed version 1.5
>> when I try to access the console with the sudo dnsdist command
>> I have the following error:
>> Fatal error: binding socket to Server_IP: 53: Address already in use.
>
> Did you remember to stop dnsdist 1.3 before upgrading?
Note that if you are trying to access the console, not start the daemon,
you should be running "dnsdist -c" and dnsdist should not be trying to
listen to any port. Are you sure you did not forget the "-c" part?
> It's been a long time since I ran 1.3, and I don't remember if there
> were any caveats of the 1.3->1.4 upgrade except many types getting new
> names.
I don't think so, but the upgrade guide [1] should know.
[1]: https://dnsdist.org/upgrade_guide.html#x-to-1-4-0
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
------------------------------
Subject: Digest Footer
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
------------------------------
End of dnsdist Digest, Vol 66, Issue 9
**************************************
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
More information about the dnsdist
mailing list