[Pdns-users] dnsdist Marking downstream as "down"

bert hubert bert.hubert at netherlabs.nl
Thu Dec 17 16:33:44 UTC 2015


These are all acl drops. Ponder using setting an acl with setACL()!

On Dec 17, 2015 5:05 PM, Federico Olivieri <lvrfrc87 at gmail.com> wrote:
>
> Ok,
> I have managed to run dnsdist. Now it is up and running, however, form the web page I can see that all packets are dropped
>
> Uptime: a minute, Number of queries: 673 (7 qps), ACL drops: 673, Dynamic drops: 0, Rule drops: 0, Blockfilter drops: 0
>  
> I have tried different configurations but the problem remain. That is my actual conf
>
> newServer{address="192.168.0.3:53", checkType="A", checkName="www.google.com.", mustResolve=true, qps=10, order=1}
> newServer{address="5.172.xx.xx:53", checkType="A", checkName="www.google.com.", mustResolve=true, qps=100, order=2}
> setServerPolicy(firstAvailable)
> webserver("192.168.0.2:8083", "supersecret")
>
> Any idea about what I have missed?
>
> Thanks
>
> Federico
>
> 2015-12-17 15:13 GMT+00:00 Federico Olivieri <lvrfrc87 at gmail.com>:
>>
>> Found by myself.
>>
>> RTFM
>>
>> I haven't read for entire the README :) 
>>
>> "By default, the availability of a downstream server is checked by regularly sending an A query for "a.root-servers.net.". A different query type and target can be specified by passing, respectively, the 'checkType' and 'checkName' parameters tonewServer. The default behavior is to consider any valid response with a RCODE different from ServFail as valid. If the 'mustResolve' parameter of newServer is set to true, a response will only be considered valid if its RCODE differs from NXDomain, ServFail and Refused."
>>
>> Still remain the question about the dnsdist+recursor...Maybe I'll find the answer before the end of the README file
>>
>> Federico
>>
>> 2015-12-17 14:44 GMT+00:00 Federico Olivieri <lvrfrc87 at gmail.com>:
>>>
>>> Hi all,
>>> I'm playing around with dnsdist on my raspberry. My idea is to use it as load balancer between 2 server. I had a look around and I have implemented this conf
>>>
>>> root at raspberrypi:/etc/dnsdist# cat dnsdist.conf
>>> newServer{address="192.168.0.3"}
>>> newServer{address="5.172.1xx.xx"}
>>>
>>> When I start dnsdist I get this message Marking downstream 192.168.0.3:53 as 'down' and seems not working
>>>
>>> Dec 17 14:26:46 raspberrypi dnsdist[2434]: Listening on 127.0.0.1:53
>>> Dec 17 14:26:46 raspberrypi dnsdist[2434]: dnsdist 0.0.523g812632e comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2
>>> Dec 17 14:26:47 raspberrypi dnsdist[2434]: Marking downstream 192.168.0.3:53 as 'down'
>>> Dec 17 14:26:48 raspberrypi dnsdist[2434]: Marking downstream 5.172.120.59:53 as 'down'
>>>
>>> Questions:
>>> there is extra conf that I need to do?
>>> How dnsdist recognizes if a server is UP or DOWN
>>> Another question. Is it possible to run dnsdist in the same server that running pdns-recursor? My understanding is that both use 127.0.0.1 in order to run and they cannot coexist. maybe there is a way to bind dnsdist to another interface
>>>
>>> Thanks!!!
>>
>>
>


More information about the Pdns-users mailing list