[Pdns-users] 61 kbyte separate package of the most current powerdns recursor

Kenneth Marshall ktm at it.is.rice.edu
Wed Apr 5 12:57:53 UTC 2006


On Wed, Apr 05, 2006 at 12:45:06AM +0200, bert hubert wrote:
> > I tried out the latest pdns-recursor package to see if it had some of the
> > ADDITIONAL section information and AUTHORITY section that Bind provides.
> > We are having problems locally with Active Directory server records. Here
> > is a dig against bind-9.2.1 and pdns-recursor-2.9.2x:
> 
> Kenneth,
> 
> These records are optional and take a lot of needless time to add. Can you
> elaborate on which programs have problems because of the lack of these
> records, and how you can tell that this exact lack is a problem?
> 
> We could deal with it but I need to be sure there is a real need.
> 
> 	Bert
> 	
> -- 
> http://www.PowerDNS.com      Open source, database driven DNS Software 
> http://netherlabs.nl              Open and Closed source services
> 

I will set up two parallel pdns setups to test this. One using bind
as the recursor and the 2nd using the pdns recursor. The problem that
we were observing was a problem authenticating against the Active
Directory server. As far as my initial investigation went, the actual
SRV records were correctly returned by pdns+recursor and pdns+bind
but using bind as the recursor presented the additional records.
Assuming that the Active Directory DNS results are what it expects
here is the corresponding dig against one of the AD DNS servers. It
appears that it is only including the A records for the entries in
the SRV records:

> /usr/site/bind/bin/dig _ldap._tcp.int.rice.edu srv @int.rice.edu

; <<>> DiG 9.2.1 <<>> _ldap._tcp.int.rice.edu srv @int.rice.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44654
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4

;; QUESTION SECTION:
;_ldap._tcp.int.rice.edu. IN SRV

;; ANSWER SECTION:
_ldap._tcp.int.rice.edu. 600 IN SRV 0 100 389 xx3.int.rice.edu.
_ldap._tcp.int.rice.edu. 600 IN SRV 0 100 389 xx4.int.rice.edu.
_ldap._tcp.int.rice.edu. 600 IN SRV 0 100 389 xx6.int.rice.edu.
_ldap._tcp.int.rice.edu. 600 IN SRV 0 100 389 xx5.int.rice.edu.

;; ADDITIONAL SECTION:
xx3.int.rice.edu. 3600   IN      A       10.x.y.z1
xx4.int.rice.edu. 3600   IN      A       128.x.y.z2
xx6.int.rice.edu. 3600   IN      A       128.x.y.z3
xx5.int.rice.edu. 3600   IN      A       128.x.y.z4

;; Query time: 73 msec
;; SERVER: 128.42.18.223#53(128.42.18.223)
;; WHEN: Wed Apr  5 07:31:25 2006
;; MSG SIZE  rcvd: 317


I will try to do some more comparisons to see if in fact that is
the problem.

Ken


More information about the Pdns-users mailing list