[Pdns-users] FORMERR when recursion flag NOT set

Titus Jose powerdns at titusjose.info
Mon Jul 9 07:13:14 UTC 2012


Hi,

I recently setup a pdns recursor from cvs 'pdns-recursor-3.5-pre'.
The recursor has been setup to forward a zone to a bind server
running on a different port. The recursor is configured with a lua
script to return custom responses to two different host under the
forwarded zone.

The lua script is as follows,

function preresolve ( remoteip, domain, qtype )
        print ("prequery handler called for: ", remoteip,
getlocaladdress(), domain, qtype)
        pdnslog("log: received query from "..remoteip.." on
"..getlocaladdress().." for "..domain.." with type "..qtype);

        if domain == "servfail.example.com." and ((qtype ~= pdns.A) or
(qtype ~= pdns.MX))
        then
                return pdns.SERVFAIL, {}
        elseif domain == "refused.example.com."
        then
                return pdns.REFUSED, {}
        else
                print "not dealing!"
                return -1, {}
        end
end

All other queries to any host at example.com is being forwarded to the
bind server and the bind server has been setup to
be authoritative to the example.com domain.

However when ever I try a query with the recursion flag NOT set to the
recursor, I get an answer but the response code
is being set to FORMERR by the pdns recursor, but the same query to
servfail.example.com. and refused.example.com.
returns the expected response codes. Only the queries that are being
answered from the forwarded servers has got its response
code re written. Is it an expected behavior or is something that I am
missing in the configuration settings.

Running a query directly to the BIND dns server gives back the
expected response.

I am also posting the configuration file that I have used,

trace=on
ignore-rd-bit=on -- I tried with this setting on and off, still the
problem persist as described above.
local-address=127.0.0.1
max-cache-ttl=0
max-negative-ttl=0
packetcache-ttl=0
packetcache-servfail-ttl=0
forward-zones=example.com=127.0.0.1:531

Hoping for some hint. Thanks

Titus



More information about the Pdns-users mailing list