[Pdns-users] problem & solution resolving domains from Worldnic, including www.kde-look.org

bert hubert bert.hubert at netherlabs.nl
Tue Jul 5 23:25:48 UTC 2005


(only interesting for users of the powerdns recursor!)

Solved! 

If you are feeling adventurous, please test 
http://ds9a.nl/pdns/pdns-2.9.18-svn.tar.gz and you'll see www.kde-look.org
working, plus perhaps some other domains hosted by 'Worldnic'.

Let me know if it solves your problems, or causes new ones.

Thanks.

On Tue, Jul 05, 2005 at 08:46:51PM +0200, bert hubert wrote:
> It turns out that Worldnic (the company that hosts the kde-look.org domain)
> implements some kind of DoS protection, only allowing UDP answers after
> having seen at least one TCP connection.
> 
> It initially sends out an empty packet that says 'this answer is truncated,
> please try via TCP'. 
> 
> And then we hit the comment on http://doc.powerdns.com/built-in-recursor.html :
> 
>   Here are the current faults, so nobody can accuse us of false advertising:
> 
>     *   May have big problems with truncated packets. 
> 
> And such has happened, we have a major bug. But at least we were honest
> about it up front!
> 
> SOLUTION: run 'dig www.kde-look.org @ns9.worldnic.com ; dig www.kde-look.org
> @ns10.worldnic.com' and restart the pdns recursor.
> 
> It is probably wise to continue running these two commands every once in a
> while until we come up with a real fix, which I expect soon.
> 
> Our apologies.
> 
> -- 
> http://www.PowerDNS.com      Open source, database driven DNS Software 
> http://netherlabs.nl              Open and Closed source services
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 
> 
> !DSPAM:42cad5d970161873824901!

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services


More information about the Pdns-users mailing list