[Pdns-users] Recursor fails to resolve domains

abang abang at t-ipnet.net
Mon Apr 8 09:45:49 UTC 2013


Don't know what went wrong. But you should add 127.0.0.1 to allow-from 
if you ask from 127.0.0.1



Am 08.04.2013 11:32, schrieb Odhiambo Washington:
> I have a situation with pdns-recursor that I need help with.
>
> I am running it on 127.0.0.1:53 <http://127.0.0.1:53>
>
> My configuration is as below:
>
> allow-from=192.168.0.0/16 <http://192.168.0.0/16>
> #allow-from=
> dont-query=
> config-dir=/usr/local/etc/pdns
> daemon=yes
> quiet=yes
> etc-hosts-file=/etc/hosts
> export-etc-hosts=yes
> forward-zones-recurse=.=196.200.16.2,.=196.200.16.27
> local-address=127.0.0.1
> local-port=53
> log-common-errors=yes
> logging-facility=0
> socket-dir=/var/run/
> threads=18
> trace=on
>
> Now, those two IPs listed in forward-zones-recurse are my ISPs DNS servers.
> The problem is that whenever I do an nslookup for any domains whose DNS
> records are handled by my ISP, including my ISPs domain name itself, I
> get a failure. I however get success when I query for domains outside my
> ISPs DNS servers:
>
> Here are my test results:
>
> [root at jaribu] /usr/local/etc/pdns# nslookup www.accesskenya.com
> <http://www.accesskenya.com>
> ;; Got SERVFAIL reply from 127.0.0.1, trying next server
> ;; connection timed out; no servers could be reached
>
> [root at jaribu] /usr/local/etc/pdns# nslookup www.gmail.com
> <http://www.gmail.com>
> Server:         127.0.0.1
> Address:        127.0.0.1#53
>
> Non-authoritative answer:
> www.gmail.com <http://www.gmail.com>   canonical name = mail.google.com
> <http://mail.google.com>.
> mail.google.com <http://mail.google.com> canonical name =
> googlemail.l.google.com <http://googlemail.l.google.com>.
> Name: googlemail.l.google.com <http://googlemail.l.google.com>
> Address: 173.194.34.117
> Name: googlemail.l.google.com <http://googlemail.l.google.com>
> Address: 173.194.34.118
>
> [root at jaribu] /usr/local/etc/pdns# nslookup gw.cmehtanbo.com
> <http://gw.cmehtanbo.com>
> ;; Got SERVFAIL reply from 127.0.0.1, trying next server
> ;; connection timed out; no servers could be reached
>
> [root at jaribu] /usr/local/etc/pdns# nslookup gw.kictanet.or.ke
> <http://gw.kictanet.or.ke>
> Server:         127.0.0.1
> Address:        127.0.0.1#53
>
> Non-authoritative answer:
> Name: gw.kictanet.or.ke <http://gw.kictanet.or.ke>
> Address: 62.8.64.102
>
>
>
> Is it that my configuration is bungled or that of my ISP is? Or is this
> something known?
>
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223
> "I can't hear you -- I'm using the scrambler."





More information about the Pdns-users mailing list