[Pdns-users] PDNS to answer as NON-authoritative?

Michael Loftis mloftis at wgops.com
Sun Jan 3 17:59:12 UTC 2016 

Then quit asking it for information it doesn't have. Responding with the
root NS set is correct when you're asking for Google.com which it knows
nothing about.

On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
luis.daniel.lucio at gmail.com> wrote:

> Thanks. But that's the way u don't want to use. I know how.
>
> I need to make it work in non recursive mode.
> Le 3 janv. 2016 9:29 AM, "Aki Tuomi" <cmouse at youzen.ext.b2.fi
> <javascript:_e(%7B%7D,'cvml','cmouse at youzen.ext.b2.fi');>> a écrit :
>
>> If you want to use auth as recursor, you need to configure
>>
>> recursor=<valid recursor IP>
>> allow-recursion=<list of networks that can recurse>
>>
>> On Sat, Jan 02, 2016 at 09:55:54PM -0800, Michael Loftis wrote:
>> > PowerDNS is not the same as PowerDNS Recursor. The former only does
>> > authoritative which is your problem here.
>> >
>> > On Saturday, January 2, 2016, Luis Daniel Lucio Quiroz <
>> > luis.daniel.lucio at gmail.com
>> <javascript:_e(%7B%7D,'cvml','luis.daniel.lucio at gmail.com');>> wrote:
>> >
>> > > Hello
>> > >
>> > > Wat am I missing? I have this:
>> > > launch=pipe,bind
>> > > pipe-command=/usr/local/libexec/latency.pdns.plugin
>> > > pipe-regex=^.*\.(mylocaldomain)\.(net);.*$
>> > > bind-config=/etc/named.pdns.conf
>> > > bind-check-interval=300
>> > > bind-ignore-broken-records=no
>> > > send-root-referral=lean
>> > > allow-recursion=192.168.7.0/24
>> > >
>> > > /etc/named.pdns.conf looks like this
>> > > zone "mylocaldomain.net" IN {
>> > >    type master;
>> > >    file "/var/named/data/mylocaldomain.net";
>> > > };
>> > >
>> > > zone "root-servers.net" IN {
>> > >    type master;
>> > >    file "/var/named/data/named.ca";
>> > > };
>> > >
>> > >
>> > > when I do a dig, or a host, i get this:
>> > >
>> > > dig google.com @PUBLICIP
>> > >
>> > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> . @PUBLICIP
>> > > ;; global options: +cmd
>> > > ;; Got answer:
>> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29059
>> > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
>> > > ;; WARNING: recursion requested but not available
>> > >
>> > > ;; QUESTION SECTION:
>> > > ;.                              IN      A
>> > >
>> > > ;; AUTHORITY SECTION:
>> > > .                       518400  IN      NS      a.root-servers.net.
>> > > .                       518400  IN      NS      b.root-servers.net.
>> > > .                       518400  IN      NS      c.root-servers.net.
>> > > .                       518400  IN      NS      d.root-servers.net.
>> > > .                       518400  IN      NS      e.root-servers.net.
>> > > .                       518400  IN      NS      f.root-servers.net.
>> > > .                       518400  IN      NS      g.root-servers.net.
>> > > .                       518400  IN      NS      h.root-servers.net.
>> > > .                       518400  IN      NS      i.root-servers.net.
>> > > .                       518400  IN      NS      j.root-servers.net.
>> > > .                       518400  IN      NS      k.root-servers.net.
>> > > .                       518400  IN      NS      l.root-servers.net.
>> > > .                       518400  IN      NS      m.root-servers.net.
>> > >
>> > > ;; ADDITIONAL SECTION:
>> > > a.root-servers.net.     3600000 IN      A       198.41.0.4
>> > > a.root-servers.net.     3600000 IN      AAAA    2001:503:ba3e::2:30
>> > > b.root-servers.net.     3600000 IN      A       192.228.79.201
>> > > c.root-servers.net.     3600000 IN      A       192.33.4.12
>> > > d.root-servers.net.     3600000 IN      A       199.7.91.13
>> > > d.root-servers.net.     3600000 IN      AAAA    2001:500:2d::d
>> > > e.root-servers.net.     3600000 IN      A       192.203.230.10
>> > > f.root-servers.net.     3600000 IN      A       192.5.5.241
>> > > f.root-servers.net.     3600000 IN      AAAA    2001:500:2f::f
>> > > g.root-servers.net.     3600000 IN      A       192.112.36.4
>> > > h.root-servers.net.     3600000 IN      A       128.63.2.53
>> > > h.root-servers.net.     3600000 IN      AAAA    2001:500:1::803f:235
>> > > i.root-servers.net.     3600000 IN      A       192.36.148.17
>> > >
>> > > ;; Query time: 24 msec
>> > > ;;
>> > > ;; WHEN: Sun Jan  3 05:10:27 2016
>> > > ;; MSG SIZE  rcvd: 484
>> > >
>> > >
>> > > or
>> > >
>> > > host google.com PUBLICIP
>> > > Using domain server:
>> > > Name: PUBLICIP
>> > > Address: PUBLICIP#53
>> > > Aliases:
>> > >
>> > >
>> > > As you see, there is no answer. I only get the root NS servers.
>> > >
>> > > --
>> > > Luis Daniel Lucio Quiroz
>> > > CISSP, CISM, CISA
>> > > Linux, VoIP and much more fun
>> > > www.okay.com.mx
>> > >
>> > > Need LCR? Check out LCR for FusionPBX with FreeSWITCH
>> > > Need Billing? Check out Billing for FusionPBX with FreeSWITCH
>> > >
>> >
>> >
>> > --
>> >
>> > "Genius might be described as a supreme capacity for getting its
>> possessors
>> > into trouble of all kinds."
>> > -- Samuel Butler
>>
>> > _______________________________________________
>> > Pdns-users mailing list
>> > Pdns-users at mailman.powerdns.com
>> <javascript:_e(%7B%7D,'cvml','Pdns-users at mailman.powerdns.com');>
>> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>>
>>

-- 

"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160103/49b5be09/attachment-0001.html>

More information about the Pdns-users mailing list