[Pdns-users] dnsgram tool for dns diagnostics

bert hubert bert.hubert at netherlabs.nl
Mon Apr 23 13:59:25 UTC 2007 

If the problem described below hits you, and you are on linux, try making a
tcpdump of your server, like this:

tcpdump -w dump-file -s 1600 udp and port 53

Stop this dump after a minute or so, and then run 'dnsgram', which is found
on http://svn.powerdns.com/dnsgram.bz2

Bunzip2 this file, and run:

./dnsgram dump-file

This will emit a lot of debugging, but most importantly, a file called
'failed'. This lists all queries your nameserver never answered in the dump.

This is a powerful hint which records might be broken.

To sort this 'failed' file for most failed queries, run:

sort -n -k 3 < failed

Good luck!

On Mon, Apr 23, 2007 at 03:45:20PM +0200, bert hubert wrote:
> While most users report good results with PowerDNS Authoritative Server
> 2.9.21, there are some important things you need to watch out for.
> 
> PowerDNS 2.9.20 and lower were very lenient with parsing malformed IP
> addresses, which could not be translated into valid DNS packets. These would
> be served as '255.255.255.255'.
> 
> PowerDNS 2.9.21 is very strict, and drops the question (or more precisely,
> the answer) once it finds it can't correctly parse the information from the
> database.
> 
> This leads to rapid retransmits from your client nameservers, possibly
> overloading your database!
> 
> So if your database is suddenly overloaded, verify that all your database
> records are correct.
> 
> A quick way of doing is is trying to AXFR all your zones, and see which ones
> fail.
> 
> For MySQL, a trick is to try:
> 
> select * FROM records WHERE (type='A' AND INET_ATON(content) IS NULL);
> 
> Possibly followed by:
> 
> DELETE FROM records WHERE (type='A' AND INET_ATON(content) IS NULL);
> 
> Depending on your mood of the day.
> 
> Other interesting queries are:
> 
> select * from records where content like ' %';
> 
> So keep this in mind if your servers are suddenly overloaded after upgrading
> all of them to 2.9.21!
> 
> -- 
> http://www.PowerDNS.com      Open source, database driven DNS Software 
> http://netherlabs.nl              Open and Closed source services
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 
> 
> !DSPAM:462cb88d326244495314143!

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the Pdns-users mailing list