[Pdns-users] Using root-referral
leen at consolejunkie.net
Sat Jan 30 01:51:34 UTC 2010
On 01/29/2010 03:30 PM, Joyce LAMBERT wrote:
> I'am using the option send-root-referral=lean (or yes) in my powerdns
> authoritative server.
First the import question, why do you want to send a root-referral ?
send-root-referral | --send-root-referral=yes | --send-root-referral=no
If set, PowerDNS will send out old-fashioned root-referrals when
queried for domains for which it is not authoritative. Wastes some
bandwidth but may solve incoming query floods if domains are
delegated to you for which you are not authoritative, but which are
queried by broken recursors. Available since 2.9.19.
Since 2.9.21, it is possible to specify 'lean' root referrals, which
waste less bandwidth.
You usually don't need it.
> This server isn't recursive.
> When my server need to reply with CNAME where we are not authoritative
> for the destination, the server add root server in the authority
> section, and ip address in the additional section.
> Often this reply, can't enter in a UDP packet and need a TCP reply.
> When i analyse trafic with tcpdump and wireshark i can found
> [Malformed Packet: DNS]
> For most resolver, this is not a problem, and communication continue
> in TCP
> But it look like some other resolver (or firewall) stop on this
> Malformed Packet and resolution can't finish.
> But only with PowerDNS authoritative server. With other, this type of
> resolver can switch in TCP
> One solution is the reduce the number of root server we send on
> authority and additional section to limit the packet size.
> This can't bo done in configuration file and need to patch sources file.
> Do you now this problem, and is there any other solution.
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
More information about the Pdns-users