[Pdns-users] pdns recursor: Howto permit a host in my network for recursive requests?

Gerhard Gaußling ggrubbish at web.de
Thu Mar 2 21:29:31 UTC 2006 

Hello all,

I got a winxp host in a network which cannot resolve internet adresses, 
because the pdns-recurser rejects all requests:

Not authoritative for 'www.linie-christina.de', sending servfail to 
172.16.240.1 (recursion was desired)


pdns.conf (exerpt):
allow-recursion=127.0.0.1, 10/8, 192.168/16, 172.16/16, 192.168.158.2, 
192.168.158.128  	# the last two entrys are new, as a try
allow-recursion-override=   #was previously commented out
recursive-cache-ttl=10
recursor=127.0.0.1:5300


recuror.conf:
daemon=yes
local-port=5300
local-address=0.0.0.0
quiet=no
delegation-only=com,net



gerhard at ubuntu:~$ netstat -nr
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags   MSS Fenster irtt 
Iface
192.168.158.0   0.0.0.0         255.255.255.0   U         0 0          0 
vmnet8
172.16.0.0      0.0.0.0         255.255.0.0     U         0 0          0 
eth1
172.16.0.0      0.0.0.0         255.255.0.0     U         0 0          0 
vmnet1
0.0.0.0         172.16.240.3    0.0.0.0         UG        0 0          0 
eth1
gerhard at ubuntu:~$ ifconfig |egrep -B1 "inet Adresse"
eth1      Protokoll:Ethernet  Hardware Adresse 00:11:D8:8A:29:23
          inet Adresse:172.16.240.1  Bcast:172.16.255.255  
Maske:255.255.0.0
--
lo        Protokoll:Lokale Schleife
          inet Adresse:127.0.0.1  Maske:255.0.0.0
--
vmnet1    Protokoll:Ethernet  Hardware Adresse 00:50:56:C0:00:01
          inet Adresse:172.16.240.2  Bcast:172.16.240.254  
Maske:255.255.0.0
--
vmnet8    Protokoll:Ethernet  Hardware Adresse 00:50:56:C0:00:08
          inet Adresse:192.168.158.1  Bcast:192.168.158.255  
Maske:255.255.255.0


WinXP:

192.168.158.128
Gateway 192.168.158.2

I can resolve www.linie-christina.home to  172.16.240.1, which is also 
the host (ubuntu) where pdnsd and pdns-recursor lives.

From that host (ubuntu) all recusions are possible.

gerhard at ubuntu:~$ dig +short linie-christina.com @localhost
217.195.36.124

further info (-short):

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar  2 22:19:45 2006
;; MSG SIZE  rcvd: 53

but:
Not authoritative for 'Ubuntu.localdomain', sending servfail to 
172.16.240.1 (recursion was desired)

gmysql Connection succesful	5	36%
Not authoritative for 'Ubuntu.localdomain', sending servfail to 
172.16.240.1 (recursion was desired)	2	14%
About to create 3 backend threads for UDP	1	7.1%
Creating backend connection for TCP	1	7.1%
Distributor misses a thread (4<3), spawning new one	1	7.1%
Done launching threads, ready to distribute questions	1	7.1%
Launched webserver on 127.0.0.1:8081	1	7.1%
Not authoritative for 'www.linie-christina.com', sending servfail to 
172.16.240.1 (recursion was desired)	1	7.1%
Not authoritative for 'www.linie-christina.de', sending servfail to 
172.16.240.1 (recursion was desired)	1	7.1%

What is wrong? 

regards

Gerhard Gaussling

More information about the Pdns-users mailing list