[Pdns-users] Zone transfer MX record issue

Mon Feb 21 06:15:26 UTC 2011

Hi all,

I have been trying to get a couple of PowerDNS servers working together.
As a test I have installed PowerDNS on two different servers - Ubuntu
Lucid x64 and Debian 6 32 bit. On the Ubuntu server the version of
pdns-server is 2.9.22-3 and on the Debian server the version is 2.9.22-8
(both are from the official package repositories). I have placed the
configuration for both servers at the bottom of the email to make it
easier to read. I also have tried to switch the role of both servers
(eg. make the master the slave and the other way around) to see if that
makes any difference, but I get the same result.

The issue I am experiencing is when the secondary name server does a
zone transfer from the primary PowerDNS seems to mangle the records
slightly replacing occurrences of the domain with an "@" in some cases.
This seems to work for all of the records except for the MX record. As
an example, here is a copy of the domain from the primary server (please
note: the domain is not actually test.com, a quick sed was done):

$ORIGIN .
$TTL 3600
test.com.       86400  IN  SOA ns1.test.com. admin.test.com. 2009012803
86400 7200 3600000 86400
test.com.       86400  IN  NS ns1.test.com.
test.com.       86400  IN  NS ns2.test.com.
test.com.       14400  IN  A 123.123.123.123
test.com.       14400  IN  MX  0   test.com.
cpanel.test.com.       14400  IN  A 123.123.123.123
ftp.test.com.       14400  IN  A 123.123.123.123
localhost.test.com.       14400  IN  A 127.0.0.1
mail.test.com.       14400  IN  CNAME test.com.
webdisk.test.com.       14400  IN  A 123.123.123.123
webmail.test.com.       14400  IN  A 123.123.123.123
whm.test.com.       14400  IN  A 123.123.123.123
www.test.com.       14400  IN  CNAME test.com.

The zone works fine, and the correct MX is returned:

; <<>> DiG 9.7.0-P1 <<>> @123.123.123.123 MX test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14273
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;test.com.                      IN      MX
;; ANSWER SECTION:
test.com.               14400   IN      MX      0 test.com.
;; ADDITIONAL SECTION:
test.com.               14400   IN      A       123.123.123.123
;; Query time: 0 msec
;; SERVER: 123.123.123.123#53(123.123.123.123)
;; WHEN: Mon Feb 21 13:48:13 2011

If I check the zone after the zone transfer, the slave server has got
this zone file:

; Written by PowerDNS, don't edit!
; Zone 'test.com' retrieved from master
; at Mon Feb 21 11:39:28 2011
@       86400   SOA     ns1.test.com. admin.test.com. 2009012803 86400
7200 3600000 86400
@       14400   A       123.123.123.123
@       86400   NS      ns1.test.com.
@       86400   NS      ns2.test.com.
@       14400   MX      0 @
cpanel  14400   A       123.123.123.123
ftp     14400   A       123.123.123.123
localhost       14400   A       127.0.0.1
mail    14400   CNAME   @
webdisk 14400   A       123.123.123.123
webmail 14400   A       123.123.123.123
whm     14400   A       123.123.123.123
www     14400   CNAME   @

The MX line is the one causing the issue - the original MX was just to
test.com. and it has replaced it with an @. The other records with an
"@" are fine except for the MX. When I do a dig against the secondary
name server, the MX record is returned almost literally (with an escape
character by the looks):

; <<>> DiG 9.7.2-P3 <<>> @123.123.123.123 MX test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4876
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;test.com.                      IN      MX
;; ANSWER SECTION:
test.com.               14400   IN      MX      0 \@.test.com.
;; Query time: 1 msec
;; SERVER: 123.123.123.123#53(123.123.123.123)
;; WHEN: Mon Feb 21 13:53:11 2011
;; MSG SIZE  rcvd: 61

I thought it could be the zone transfer itself failing, but zone
transfers using dig with an AXFR query seems to spit out the correct
records:

; <<>> DiG 9.7.2-P3 <<>> @123.123.123.123 AXFR test.com
; (1 server found)
;; global options: +cmd
test.com.               86400   IN      SOA     ns1.test.com.
admin.test.com. 2009012803 86400 7200 3600000 86400
test.com.               14400   IN      A       123.123.123.123
test.com.               86400   IN      NS      ns1.test.com.
test.com.               86400   IN      NS      ns2.test.com.
test.com.               14400   IN      MX      0 \@.test.com.
cpanel.test.com.        14400   IN      A       123.123.123.123
ftp.test.com.           14400   IN      A       123.123.123.123
localhost.test.com.     14400   IN      A       127.0.0.1
mail.test.com.          14400   IN      CNAME   test.com.
webdisk.test.com.       14400   IN      A       123.123.123.123
webmail.test.com.       14400   IN      A       123.123.123.123
whm.test.com.           14400   IN      A       123.123.123.123
www.test.com.           14400   IN      CNAME   test.com.
test.com.               86400   IN      SOA     ns1.test.com.
admin.test.com. 2009012803 86400 7200 3600000 86400
;; Query time: 2 msec
;; SERVER: 123.123.123.123#53(123.123.123.123)
;; WHEN: Mon Feb 21 13:57:48 2011
;; XFR size: 15 records (messages 3, bytes 468)

Has anyone seen this issue before? Apart from the issue with transferred
zones everything else seems to be working nicely.

Any support is greatly appreciated, thanks!

=============== Master Config ===============
/etc/powerdns/pdns.conf:

allow-recursion=127.0.0.1
bind-check-interval=60
bind-config=/etc/powerdns/zones.conf
cache-ttl=20
config-dir=/etc/powerdns
daemon=yes
disable-axfr=no
disable-tcp=no
guardian=yes
launch=bind
lazy-recursion=yes
local-address=xxx.xxx.xxx.xxx
local-port=53
logfile=/var/log/pdns.log
master=yes
max-tcp-connections=30
module-dir=/usr/lib/powerdns
query-local-address=xxx.xxx.xxx.xxx
setgid=pdns
setuid=pdns
socket-dir=/var/run

/etc/powerdns/zones.conf:

zone "test.com" in {
  type master;
  file "/etc/powerdns/zones/test.com";
};

===============  Slave Config ===============
/etc/powerdns/pdns.conf:

allow-recursion=127.0.0.1
bind-check-interval=60
bind-config=/etc/powerdns/slave.conf
bind-supermaster-config=/etc/powerdns/slave.conf
bind-supermaster-destdir=/etc/powerdns/zones
bind-supermasters=/etc/powerdns/masters.conf
cache-ttl=20
config-dir=/etc/powerdns
daemon=yes
disable-axfr=no
disable-tcp=no
guardian=yes
include=/etc/powerdns/pdns.d
launch=bind
lazy-recursion=yes
local-address=xxx.xxx.xxx.xxx
local-port=53
logfile=/var/log/pdns.log
master=no
max-tcp-connections=30
module-dir=/usr/lib/powerdns
query-local-address=xxx.xxx.xxx.xxx
setgid=pdns
setuid=pdns
slave=yes
socket-dir=/var/run

/etc/powerdns/zones.conf:

zone "test.com" {
        type slave;
        file "/etc/powerdns/zones/test.com";
        masters { xxx.xxx.xxx.xxx; };
};