[Pdns-users] Recused by Recursion

Hormel hormel at badcode.org
Sun Jul 27 23:07:45 UTC 2003 

 
Ok, I've read the docs, searched Usenet (which solved one prob), googled for other user's 
configs, but I still can't get recursion to work on one box. 
 
I've narrowed it down to a communications issue between pdns and pdns_recursor. 
 
if I fire up the recursor (with daemon=no and trace on, local-port=5300, local-address=box's 
ip address) then manually telnet to that port from another box, I can see the connection in 
the recursor's debug window.   
 
However when I fire up pdns  (with pdns configured to allow recursion) and then request a 
non-local name, I never see the attempted query in the recursor's log.  Requests for 
domains that pdns is authoritative for works fine, and pdns seems be working fine other than 
this issue.  If I intentionally mis-configure pdns or kill the recursor, I can see in the logs 
where pdns can't connect to the recursor, however, with the config correct (AFAIK) and the 
recusor started, I get no errors, but I see no requests from pdns to the recusor. 
 
monitor output: 
 
from pdns: 
orris:/home/snooky/pdns-2.9.10# /etc/rc.local/pdns/pdns monitor 
pdns: Jul 27 06:59:17 This is a standalone pdns 
Jul 27 06:59:17 Opened file '/usr/local/etc/pdns.conf' for configuration 
Jul 27 06:59:17 UDP server bound to 192.168.1.3:53 
Jul 27 06:59:17 TCP server bound to 192.168.1.3:53 
Jul 27 06:59:17 PowerDNS 2.9.10 (C) 2001-2003 PowerDNS.COM BV (Jul 27 2003, 
05:23:02) starting up 
Jul 27 06:59:17 PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free 
software, and you are welcome to redistribute it according to the terms of the GPL version 2. 
Jul 27 06:59:17 DNS Proxy launched, local port 14518, remote 192.168.1.3:5300 
Jul 27 06:59:17 Creating backend connection for TCP 
Jul 27 06:59:17 gmysql Connection succesful 
% Jul 27 06:59:17 About to create 3 backend threads 
Jul 27 06:59:17 gmysql Connection succesful 
Jul 27 06:59:17 gmysql Connection succesful 
Jul 27 06:59:17 gmysql Connection succesful 
Jul 27 06:59:17 Done launching threads, ready to distribute questions 
 
 
output from pdns_recursor (with debug=no and trace=yes) 
/usr/local/sbin/pdns_recursor --daemon=no --trace=yes --local-address=192.168.1.3 
--local-port=5300 
Jul 27 06:56:58 Incoming query source port: 5300 
Jul 27 06:56:58 Done priming cache with root hints 
 
 
(now on another box, request a non-local site) 
fluffy at mordikyn snuggums # host www.bad.org 192.168.1.3 
;; connection timed out; no servers could be reached 
 
 
(looking at the pdns_recursor log, I see nothing, same with the pdns monitor output) 
now request a local site 
 
fluffy at mordikyn snuggums # host www.badcode.org 192.168.1.3 
Using domain server: 
Name: 192.168.1.3 
Address: 192.168.1.3#53 
Aliases: 
 
www.badcode.org has address 67.36.137.126 
 
 
now, I manually telnet from another box to the recursor's IP/Port. 
 
fluffy at mordikyn snuggums # telnet 192.168.1.3 5330 
Trying 192.168.1.3... 
Connected to 192.168.1.3. 
Escape character is '^]'. 
 
 
It's up, and I see the connection in the recursor's log as 
"Jul 27 06:59:22 TCP Remote 192.168.1.2 connected" 
"Jul 27 06:59:30 TCP Remote 192.168.1.2 disconnected while reading question body" 
 
 
my pdns.conf (trimmed to the "important" parts) 
seems to be right, I've got  
 
allow-recursion=192.168.0.0/24, 192.168.1.0/24 
recursor=192.168.1.3:5300  
 
 
 
Anyone got a free cluepon as to what I missed?   
 
The box is a UltraSparc 1 running Debian stable, pdns 2.9.10 compiled from source, with 
config options of 
./configure --enable-pdns_server --enable-recursor --with-modules="gmysql"  
I've recompiled twice (first time I had it set to build static binaries with 
--enable-static-binaries, I wanted to make it wasn't an issue). 
 
 
 I killed my spell checker this AM, so I apologize for any spelling/grammer errors.... 
 
Hormel 
-- 
Badcode.org -- When Good Code Goes Bad

More information about the Pdns-users mailing list