[Pdns-users] pdns with pdns-recursor on IPv4 and IPv6
yyovchev
yyovchev at neterra.net
Fri May 31 13:03:42 UTC 2013
Hello everybody.
We have installed pdns with pdns-recursor.
Everything for ipv4 works great.
On ipv6 pdns resolve only own zones. If try to resolve external zone
(www.google.com for example) not work.
The current settings are:
pdns ipv4: 11.22.33.44 (public address) port 53
pdns-recursor ipv4: 127.0.0.1 port 53
pdns ipv6: 3ffe:1900:4545:3:200:f8ff:fe21:67cf port 53
pdns-recursor ipv6: ::1 port 53
--------------------------------------------------------------------------------
pdns.conf
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=************
gmysql-password=********
gmysql-dbname=**********
allow-axfr-ips=my.another.dns.servers.
allow-recursion=0.0.0.0/0 ::1
recursor=127.0.0.1:53
lazy-recursion=yes
local-address=11.22.33.44
local-ipv6=3ffe:1900:4545:3:200:f8ff:fe21:67cf
local-port=53
logging-facility=0
do-ipv6-additional-processing=yes
master=yes
out-of-zone-additional-processing=yes
query-local-address6=3ffe:1900:4545:3:200:f8ff:fe21:67cf
--------------------------------------------------------------------------------
recursor.conf
setuid=pdns-recursor
setgid=pdns-recursor
allow-from=127.0.0.0/8, ::1/128, fe80::/10, ::/0
client-tcp-timeout=2
daemon=yes
disable-packetcache=yes
local-address=::1,127.0.0.1
local-port=53
log-common-errors=yes
logging-facility=0
max-cache-entries=1000000
max-cache-ttl=86400
max-tcp-clients=128
max-tcp-per-client=0
network-timeout=1500
--------------------------------------------------------------------------------
Test 1: works
--------------------------------------------------------------------------------
[root at dns1 ~]# dig myzone.mydomain.com @3ffe:1900:4545:3:200:f8ff:fe21:67cf
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> myzone.mydomain.com
@3ffe:1900:4545:3:200:f8ff:fe21:67cf
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18634
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;myzone.mydomain.com. IN A
;; ANSWER SECTION:
myzone.mydomain.com. 86400 IN A 192.168.7.22
;; Query time: 3 msec
;; SERVER:
3ffe:1900:4545:3:200:f8ff:fe21:67cf#53(3ffe:1900:4545:3:200:f8ff:fe21:67cf)
;; WHEN: Fri May 31 15:38:44 2013
;; MSG SIZE rcvd: 63
--------------------------------------------------------------------------------
Test 2: doesnt works.
--------------------------------------------------------------------------------
[root at dns1 ~]# dig google.com @3ffe:1900:4545:3:200:f8ff:fe21:67cf
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> google.com
@3ffe:1900:4545:3:200:f8ff:fe21:67cf
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20110
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;google.com. IN A
;; Query time: 0 msec
;; SERVER:
3ffe:1900:4545:3:200:f8ff:fe21:67cf#53(3ffe:1900:4545:3:200:f8ff:fe21:67cf)
;; WHEN: Fri May 31 15:41:19 2013
;; MSG SIZE rcvd: 28
--------------------------------------------------------------------------------
Test 3: works.
--------------------------------------------------------------------------------
[root at dns1 ~]# dig google.com @::1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> google.com @::1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30150
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 173.194.39.206
google.com. 300 IN A 173.194.39.198
google.com. 300 IN A 173.194.39.196
google.com. 300 IN A 173.194.39.197
google.com. 300 IN A 173.194.39.192
google.com. 300 IN A 173.194.39.194
google.com. 300 IN A 173.194.39.201
google.com. 300 IN A 173.194.39.193
google.com. 300 IN A 173.194.39.200
google.com. 300 IN A 173.194.39.199
google.com. 300 IN A 173.194.39.195
;; Query time: 35 msec
;; SERVER: ::1#53(::1)
;; WHEN: Fri May 31 15:42:32 2013
;; MSG SIZE rcvd: 204
--------------------------------------------------------------------------------
Test 4: works.
--------------------------------------------------------------------------------
[root at dns1 ~]# dig myzone.mydomain.com @::1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @::1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59919
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;myzone.mydomain.com. IN A
;; ANSWER SECTION:
myzone.mydomain.com. 86400 IN A 192.168.7.203
;; Query time: 4 msec
;; SERVER: ::1#53(::1)
;; WHEN: Fri May 31 15:42:43 2013
;; MSG SIZE rcvd: 63
--
View this message in context: http://powerdns.13854.n7.nabble.com/pdns-with-pdns-recursor-on-IPv4-and-IPv6-tp10043.html
Sent from the PowerDNS mailing list archive at Nabble.com.
More information about the Pdns-users
mailing list