[Pdns-users] PDNS to answer as NON-authoritative?

Michael Loftis mloftis at wgops.com
Sun Jan 3 19:39:28 UTC 2016 

Again not a resolver. Sorry but you're the one misunderstanding. If you
want answers for data not present you need a recursive resolver.

On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
luis.daniel.lucio at gmail.com> wrote:

> Host command does not do that as well. It off on the sample output
> Le 3 janv. 2016 2:00 PM, "Aki Tuomi" <cmouse at cmouse.fi
> <javascript:_e(%7B%7D,'cvml','cmouse at cmouse.fi');>> a écrit :
>
>> That is because dig is not a resolver.
>>
>>
>>
>> ---
>> Aki Tuomi
>>
>>
>> -------- Original message --------
>> From: Luis Daniel Lucio Quiroz <luis.daniel.lucio at gmail.com
>> <javascript:_e(%7B%7D,'cvml','luis.daniel.lucio at gmail.com');>>
>> Date: 03/01/2016 20:56 (GMT+02:00)
>> To: Michael Loftis <mloftis at wgops.com
>> <javascript:_e(%7B%7D,'cvml','mloftis at wgops.com');>>
>> Cc: Aki Tuomi <cmouse at youzen.ext.b2.fi
>> <javascript:_e(%7B%7D,'cvml','cmouse at youzen.ext.b2.fi');>>,
>> pdns-users at mailman.powerdns.com
>> <javascript:_e(%7B%7D,'cvml','pdns-users at mailman.powerdns.com');>
>> Subject: Re: [Pdns-users] PDNS to answer as NON-authoritative?
>>
>> You don't pay attention.
>> My question is why the resolver doesn't continue the iterative query.
>> It just stops when it gets the ns answer
>> Le 3 janv. 2016 12:59 PM, "Michael Loftis" <mloftis at wgops.com
>> <javascript:_e(%7B%7D,'cvml','mloftis at wgops.com');>> a écrit :
>>
>>> Then quit asking it for information it doesn't have. Responding with the
>>> root NS set is correct when you're asking for Google.com which it knows
>>> nothing about.
>>>
>>> On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
>>> luis.daniel.lucio at gmail.com
>>> <javascript:_e(%7B%7D,'cvml','luis.daniel.lucio at gmail.com');>> wrote:
>>>
>>>> Thanks. But that's the way u don't want to use. I know how.
>>>>
>>>> I need to make it work in non recursive mode.
>>>> Le 3 janv. 2016 9:29 AM, "Aki Tuomi" <cmouse at youzen.ext.b2.fi> a
>>>> écrit :
>>>>
>>>>> If you want to use auth as recursor, you need to configure
>>>>>
>>>>> recursor=<valid recursor IP>
>>>>> allow-recursion=<list of networks that can recurse>
>>>>>
>>>>> On Sat, Jan 02, 2016 at 09:55:54PM -0800, Michael Loftis wrote:
>>>>> > PowerDNS is not the same as PowerDNS Recursor. The former only does
>>>>> > authoritative which is your problem here.
>>>>> >
>>>>> > On Saturday, January 2, 2016, Luis Daniel Lucio Quiroz <
>>>>> > luis.daniel.lucio at gmail.com> wrote:
>>>>> >
>>>>> > > Hello
>>>>> > >
>>>>> > > Wat am I missing? I have this:
>>>>> > > launch=pipe,bind
>>>>> > > pipe-command=/usr/local/libexec/latency.pdns.plugin
>>>>> > > pipe-regex=^.*\.(mylocaldomain)\.(net);.*$
>>>>> > > bind-config=/etc/named.pdns.conf
>>>>> > > bind-check-interval=300
>>>>> > > bind-ignore-broken-records=no
>>>>> > > send-root-referral=lean
>>>>> > > allow-recursion=192.168.7.0/24
>>>>> > >
>>>>> > > /etc/named.pdns.conf looks like this
>>>>> > > zone "mylocaldomain.net" IN {
>>>>> > >    type master;
>>>>> > >    file "/var/named/data/mylocaldomain.net";
>>>>> > > };
>>>>> > >
>>>>> > > zone "root-servers.net" IN {
>>>>> > >    type master;
>>>>> > >    file "/var/named/data/named.ca";
>>>>> > > };
>>>>> > >
>>>>> > >
>>>>> > > when I do a dig, or a host, i get this:
>>>>> > >
>>>>> > > dig google.com @PUBLICIP
>>>>> > >
>>>>> > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> . @PUBLICIP
>>>>> > > ;; global options: +cmd
>>>>> > > ;; Got answer:
>>>>> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29059
>>>>> > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
>>>>> > > ;; WARNING: recursion requested but not available
>>>>> > >
>>>>> > > ;; QUESTION SECTION:
>>>>> > > ;.                              IN      A
>>>>> > >
>>>>> > > ;; AUTHORITY SECTION:
>>>>> > > .                       518400  IN      NS      a.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      b.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      c.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      d.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      e.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      f.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      g.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      h.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      i.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      j.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      k.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      l.root-servers.net
>>>>> .
>>>>> > > .                       518400  IN      NS      m.root-servers.net
>>>>> .
>>>>> > >
>>>>> > > ;; ADDITIONAL SECTION:
>>>>> > > a.root-servers.net.     3600000 IN      A       198.41.0.4
>>>>> > > a.root-servers.net.     3600000 IN      AAAA
>>>>> 2001:503:ba3e::2:30
>>>>> > > b.root-servers.net.     3600000 IN      A       192.228.79.201
>>>>> > > c.root-servers.net.     3600000 IN      A       192.33.4.12
>>>>> > > d.root-servers.net.     3600000 IN      A       199.7.91.13
>>>>> > > d.root-servers.net.     3600000 IN      AAAA    2001:500:2d::d
>>>>> > > e.root-servers.net.     3600000 IN      A       192.203.230.10
>>>>> > > f.root-servers.net.     3600000 IN      A       192.5.5.241
>>>>> > > f.root-servers.net.     3600000 IN      AAAA    2001:500:2f::f
>>>>> > > g.root-servers.net.     3600000 IN      A       192.112.36.4
>>>>> > > h.root-servers.net.     3600000 IN      A       128.63.2.53
>>>>> > > h.root-servers.net.     3600000 IN      AAAA
>>>>> 2001:500:1::803f:235
>>>>> > > i.root-servers.net.     3600000 IN      A       192.36.148.17
>>>>> > >
>>>>> > > ;; Query time: 24 msec
>>>>> > > ;;
>>>>> > > ;; WHEN: Sun Jan  3 05:10:27 2016
>>>>> > > ;; MSG SIZE  rcvd: 484
>>>>> > >
>>>>> > >
>>>>> > > or
>>>>> > >
>>>>> > > host google.com PUBLICIP
>>>>> > > Using domain server:
>>>>> > > Name: PUBLICIP
>>>>> > > Address: PUBLICIP#53
>>>>> > > Aliases:
>>>>> > >
>>>>> > >
>>>>> > > As you see, there is no answer. I only get the root NS servers.
>>>>> > >
>>>>> > > --
>>>>> > > Luis Daniel Lucio Quiroz
>>>>> > > CISSP, CISM, CISA
>>>>> > > Linux, VoIP and much more fun
>>>>> > > www.okay.com.mx
>>>>> > >
>>>>> > > Need LCR? Check out LCR for FusionPBX with FreeSWITCH
>>>>> > > Need Billing? Check out Billing for FusionPBX with FreeSWITCH
>>>>> > >
>>>>> >
>>>>> >
>>>>> > --
>>>>> >
>>>>> > "Genius might be described as a supreme capacity for getting its
>>>>> possessors
>>>>> > into trouble of all kinds."
>>>>> > -- Samuel Butler
>>>>>
>>>>> > _______________________________________________
>>>>> > Pdns-users mailing list
>>>>> > Pdns-users at mailman.powerdns.com
>>>>> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>>>>>
>>>>>
>>>
>>> --
>>>
>>> "Genius might be described as a supreme capacity for getting its
>>> possessors
>>> into trouble of all kinds."
>>> -- Samuel Butler
>>>
>>>

-- 

"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160103/a96ee6cb/attachment-0001.html>

More information about the Pdns-users mailing list