[Pdns-users] Recursion failing on certain records?

Kirk Friggstad friggstadk at ironsolutions.com
Tue Aug 22 17:52:05 UTC 2006 

Greetings all:

I've been puzzling through some strangeness in our PowerDNS installations
here. Recursive queries for certain records/domains have been failing
consistently for a number of weeks - two examples are:
	mail.acegroup.cc
	mail.hivelocity.net

If I query the authoritative server, I get a SERVFAIL:
  $ dig @localhost mail.hivelocity.net
  ; <<>> DiG 9.2.4 <<>> @localhost mail.hivelocity.net
  ; (1 server found)
  ;; global options:  printcmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49833
  ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

  ;; QUESTION SECTION:
  ;mail.hivelocity.net.           IN      A

  ;; Query time: 1 msec
  ;; SERVER: 127.0.0.1#53(127.0.0.1)
  ;; WHEN: Tue Aug 22 11:10:21 2006
  ;; MSG SIZE  rcvd: 37

but if I query the 3.1.2 recursor directly, I get the correct answer:
  $ dig @localhost -p 4754 mail.hivelocity.net
  ; <<>> DiG 9.2.4 <<>> @localhost -p 4754 mail.hivelocity.net
  ; (1 server found)
  ;; global options:  printcmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1932
  ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

  ;; QUESTION SECTION:
  ;mail.hivelocity.net.           IN      A

  ;; ANSWER SECTION:
  mail.hivelocity.net.    300     IN      A       66.96.80.16

  ;; Query time: 206 msec
  ;; SERVER: 127.0.0.1#4754(127.0.0.1)
  ;; WHEN: Tue Aug 22 11:10:04 2006
  ;; MSG SIZE  rcvd: 53

Querying a 2.9.20 recursor directly returns a SERVFAIL.

Recursive queries for most other domains return correct answers - these two
domains (acegroup.cc and hivelocity.net) are the only ones that I've come
across that exhibit this behavior. Lookups for those two domains from
http://dnsstuff.com/ appear normal as well.

I can reproduce this on the following systems:
  System 1 - RHEL 3, pdns_server 2.9.20 (static RPM from powerdns.com)
recursing to pdns_recursor 3.1.2 (generic RPM from powerdns.com)
  System 2 - RHEL 3, pdns_server 2.9.20 (static RPM from powerdns.com)
recursing to pdns_recursor 2.9.20 (build from source, gcc 4.0.2)

Both systems have identical configuration files (except for IP address
binding), using the bind backend, and do not appear to exhibit any problems
with authoritative queries, only recursive.

Anyone have any suggestions as to what is happening here? Could there be a
bug somewhere in the recursion routines of pdns_server? Am I making some
completely stupid mistake somewhere? I'm out of answers - any help would be
greatly appreciated.

Thanks

Kirk

More information about the Pdns-users mailing list