[Pdns-users] geo+gpgsql backend issue
Tobias Kirschstein
lev at nupfel.de
Fri Jan 4 11:56:52 UTC 2013
hi list,
since upgrading to pdns >= 3.1 we have a major issue with the combination of backends we use for iwantmyname.com.
after the geo backend is queried it returns a CNAME which is a zone that the
gpgsql backend knows about, but that second backend is not being queried anymore even though it's not a cross domain boundary.
ns04.net was running 3.2-RC3 without cross domain boundary
ns0[23].net are running 2.9 from debian squeeze with cross domain boundary (to be able to serve multiple zones)
all nameservers share the exact same DB entries replicated using postgresql 9.1.
---------------------------------------------------
$ dig @ns04.net iwantmyname.com.geo.iwantmyname.com +norec
; <<>> DiG 9.8.3-P1 <<>> @ns04.net iwantmyname.com.geo.iwantmyname.com +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26944
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;iwantmyname.com.geo.iwantmyname.com. IN A
;; ANSWER SECTION:
iwantmyname.com.geo.iwantmyname.com. 3600 IN CNAME eu.iwantmyname.com.
;; AUTHORITY SECTION:
eu.iwantmyname.com. 3600 IN NS ns02.net.
eu.iwantmyname.com. 3600 IN NS ns03.net.
eu.iwantmyname.com. 3600 IN NS ns04.net.
;; ADDITIONAL SECTION:
ns02.net. 3600 IN A 184.106.92.72
ns03.net. 3600 IN A 184.106.170.205
ns04.net. 3600 IN A 176.58.108.69
;; Query time: 47 msec
;; SERVER: 176.58.108.69#53(176.58.108.69)
;; WHEN: Fri Jan 4 12:41:40 2013
;; MSG SIZE rcvd: 178
---------------------------------------------------
and if i try to query eu.iwantmyname.com directly:
---------------------------------------------------
$ dig @ns04.net eu.iwantmyname.com +norec
; <<>> DiG 9.8.3-P1 <<>> @ns04.net eu.iwantmyname.com +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40424
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;eu.iwantmyname.com. IN A
;; AUTHORITY SECTION:
eu.iwantmyname.com. 3600 IN NS ns02.net.
eu.iwantmyname.com. 3600 IN NS ns03.net.
eu.iwantmyname.com. 3600 IN NS ns04.net.
;; ADDITIONAL SECTION:
ns02.net. 3600 IN A 184.106.92.72
ns03.net. 3600 IN A 184.106.170.205
ns04.net. 3600 IN A 176.58.108.69
;; Query time: 46 msec
;; SERVER: 176.58.108.69#53(176.58.108.69)
;; WHEN: Fri Jan 4 12:48:19 2013
;; MSG SIZE rcvd: 144
---------------------------------------------------
here is what it looks like on ns02.net:
---------------------------------------------------
$ dig @ns02.net iwantmyname.com.at.geo.domarino.com +norec
; <<>> DiG 9.8.3-P1 <<>> @ns02.net iwantmyname.com.at.geo.domarino.com +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43422
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;iwantmyname.com.at.geo.domarino.com. IN A
;; ANSWER SECTION:
iwantmyname.com.at.geo.domarino.com. 3600 IN CNAME eu.iwantmyname.com.
eu.iwantmyname.com. 1800 IN A 151.236.216.59
;; Query time: 135 msec
;; SERVER: 184.106.92.72#53(184.106.92.72)
;; WHEN: Fri Jan 4 12:45:50 2013
;; MSG SIZE rcvd: 98
---------------------------------------------------
so for me it looks like every query within a zone that the geo backend knows
about stops after the geo backend returns, even though if the answer is known
by the next backend.
pdns.conf of ns04.net:
---------------------------------------------------
allow-recursion=127.0.0.1/8
# no caching as queries come from different IPs for GEO backend
cache-ttl=0
negquery-cache-ttl=0
query-cache-ttl=0
recursive-cache-ttl=0
daemon=yes
guardian=yes
disable-axfr=yes
local-address=176.58.108.69
local-port=53
log-dns-details=yes
log-failed-updates=yes
master=no
slave=no
setgid=pdns
setuid=pdns
version-string=powerdns
launch=geo:first,gpgsql:second
geo-first-ip-map-zonefile=/etc/powerdns/geo/zz.countries.nerd.dk.rbldnsd
geo-first-maps=/etc/powerdns/geo/maps
geo-first-ns-records=ns02.net,ns03.net,ns04.net
geo-first-ns-ttl=86400
geo-first-soa-values=ns02.net,sysadmins at domarino.com
geo-first-ttl=3600
geo-first-zone=geo.iwantmyname.com
gpgsql-second-dbname=powerdns
gpgsql-second-host=localhost
gpgsql-second-password=xxxxxx
gpgsql-second-user=pdns
webserver=yes
webserver-address=127.0.0.1
webserver-password=xxxxxx
webserver-port=8053
webserver-print-arguments=yes
---------------------------------------------------
--
cheers,
tobi
More information about the Pdns-users
mailing list