[Pdns-users] Problem with how PowerDNS answers when not authoritative.
Peter van Dijk
peter.van.dijk at netherlabs.nl
Thu Mar 7 14:45:41 UTC 2013
Hello Fredrik,
On Mar 6, 2013, at 13:48 , Fredrik Dahlberg wrote:
> I have a situation where PowerDNS Authoritative server answers queries differently from how BIND does it, when it is not authoritative for a zone.
>
> PowerDNS (3.2):
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59699
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
Note the lack of 'aa' and the lack of SOA records in the AUTHORITY section. Both of these things mean a resolver should not draw any conclusions from this answer.
> Microsoft DNS (6.1):
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 42689
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> BIND (9.8.4):
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57604
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
I would love to see the full output for both of these, especially the ADDITIONAL record.
> This creates a lot of problems where for example zone transfers fail, and for example customer mail bounces because the sending mail server believes there is no MX record.
>
> Any clues on how to solve this?
Either your MSDNS and BIND both have bugs (unlikely) or something weird is happening. The empty NOERROR from PowerDNS is not known to cause these issues.
Kind regards,
--
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
More information about the Pdns-users
mailing list