[Pdns-dev] clarification on the minimum requirements from a pipe-backend with powerdns>=3
Ferenc Kovacs
tyra3l at gmail.com
Fri Mar 28 19:20:22 CET 2014
2014.03.28. 18:47, "Peter van Dijk" <peter.van.dijk at netherlabs.nl> ezt írta:
>
> Hello Ferenc,
>
> On 28 Mar 2014, at 18:41 , Ferenc Kovacs <tyra3l at gmail.com> wrote:
>
> > After upgrading from 2.9.22 to 3.1 We have bumped into an issue that
our resolving via the pipe backed wasn't working anymore.
> >
> > We were using something like
> > pipe-regex=^(.*).(ourcompany.com);(ANY|A)$
> > in our pdns config(ANY|ALL is suggested by the official docs:
http://doc.powerdns.com/html/backends-detail.html)
> > and our backend was only expecting HELO and Q requests, and was
responding to any Q request with an A record.
> >
> > first, we enabled the query-logging, and we were seeing a bunch of
> > Query for 'something.ourcompany.com' type 'SOA' failed regex '^(.*).(
ourcompany.com);(.*)$'
> >
> > After adding the SOA to the pipe-regex pattern (ANY|A|SOA) our backend
finally started to receive requests, but still not working, because we
started getting
> > AXFR -1
> > requests after the Q requests(even thought that those request are not
allowed by the pipe-regex and they don't appear in the query-log), and not
handling those caused the resolving to fail before sending the Q to the
backend.
> >
> > My guess is that we should handle the SOA requests properly(send the
SOA for the A r), and we are seeing the AXFR requests because pdns is
confused by the A response to the SOA request.
> >
> > Could somebody verify that this is what's happening, and it is only a
miracle that this setup was working with previous powerdns versions?
>
> That’s about right!
>
> 1) 3.0 and up require a SOA
> 2) your regex was preventing getting it
> 3) when you fixed that, your script would still not serve one
> 4) if PowerDNS doesn’t have a SOA but believes a backend has authority,
it will try to generate a SOA, but to do that it needs a serial, and for
that it tries to find out what the newest record in the zone is - hence the
AXFR
>
> > I guess it would be also nice
> > if somebody could update the documentation on
http://doc.powerdns.com/html/backends-detail.html a bit, so people would
write proper backends from the start instead of bumping into this issues
after upgrading.
>
> 5) Yes, those docs need to be fixed to reflect the 3.0 and up situation.
>
> Please file an issue at https://github.com/PowerDNS/pdns/issues/new about
the docs. Or, if you feel like it, file a pull request with an actual
documentation update to
https://github.com/PowerDNS/pdns/blob/master/pdns/docs/pdns.xml !
>
> Kind regards,
> --
> Peter van Dijk
> Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
>
>
> _______________________________________________
> Pdns-dev mailing list
> Pdns-dev at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-dev
>
thanks, I will do that!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20140328/4d23ef6e/attachment.html>
More information about the Pdns-dev
mailing list