[Pdns-users] ldap & recursor problem

Bernd Schubert bernd-schubert at gmx.de
Tue Jun 20 13:41:04 UTC 2006 

On Tuesday 20 June 2006 09:55, Bernd Schubert wrote:
> Hello,
>
> we are running pdns using the ldap backend. All local systems are in the
> ldap database. Only for non-local hosts the recursor should be used.
> Last night the URZ (university computer center) dns server went down,
> unfortunately also causing problems for our local systems:
>
> Jun 20 06:43:03 hamilton1 pdns[10323]: Error receiving packet from recursor
> backend: Connection refused Jun 20 06:43:03 hamilton1 pdns[10323]:
> Recursive query for remote 129.206.21.124 with internal id 9 was not
> answered by b ackend within timeout, reusing id
>
> The config file has "lazy-recursion=yes" and for the ldap-backend
> "ldap-method=strict"
>
>
> dig +norecursive @129.206.21.200 landau.pci.uni-heidelberg.de
>
> ; <<>> DiG 9.2.4 <<>> +norecursive @129.206.21.200
> landau.pci.uni-heidelberg.de ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54555
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;landau.pci.uni-heidelberg.de.  IN      A
>
> ;; ANSWER SECTION:
> landau.pci.uni-heidelberg.de. 3600 IN   A       129.206.21.124
>
> ;; Query time: 1 msec
> ;; SERVER: 129.206.21.200#53(129.206.21.200)
> ;; WHEN: Tue Jun 20 09:42:50 2006
> ;; MSG SIZE  rcvd: 62
>
>
> Any idea why those error messages in the log file happend? Any what should
> I do?
> Well, I wouldn't mind those error messages, but unfortunately local login,
> shells, etc. on the clients also didn't work anymore.
>

Ah, maybe I need to set allow-recursion-override=on to solve this problem? But 
when I run "dig +norecursive @129.206.21.200 129.206.21.124" the syslog still 
says:

Jun 20 15:37:04 hamilton1 pdns[2357]: Not authoritative for '129.206.21.124', 
sending servfail to 12
9.206.21.136



-- 
Bernd Schubert
Physikalisch Chemisches Institut / Theoretische Chemie
Universität Heidelberg
INF 229
69120 Heidelberg
e-mail: bernd.schubert at pci.uni-heidelberg.de

More information about the Pdns-users mailing list