[Pdns-users] recursive server failing
Charles Sprickman
spork at bway.net
Thu Aug 3 19:37:25 UTC 2017
> On Jul 29, 2017, at 5:19 AM, bert hubert <bert.hubert at powerdns.com> wrote:
>
> On Sat, Jul 29, 2017 at 12:19:11AM -0400, Charles Sprickman wrote:
>> Here’s a few things I’ve tried:
>>
>> - Verify with DNSVIZ: http://dnsviz.net/d/dot.nyc.gov/dnssec/
>> - Update PowerDNS to powerdns-recursor-4.0.6
>> - Remove “scrub” rules from pf configuration
>> - Change pf rules to be stateless
>> - Look for denied traffic by running tcpdump against pflog device while performing query
>> - Checked record by querying BIND on same host
>> - Checked record elsewhere (successful)
>
> Thank you for specifying this in so much detail, very appreciated.
>
>>
>> Any ideas where to start with this? Anyone else seeing the same issue with this record?
>
> We have not heard of this. What we recommend is to enable 'trace' or if that
> is too much, 'trace-regex' for dot.nyc.gov. This will give a ton of detail
> on what is going on.
FWIW, “trace-regex” gave me an error, so I just did a full trace and then cleaned up the results.
https://gist.github.com/sporkman/1b1b01a3b33ca3e2029728cb90a1eee8 <https://gist.github.com/sporkman/1b1b01a3b33ca3e2029728cb90a1eee8>
> We can then find out the problem for you, or perhaps you see it already.
I don’t see it, I can’t really follow since I’m actually seeing many of the records I want but then it all seems to fall apart at the end…
Thanks,
Charles
>
> Good luck and let us know!
>
> Bert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20170803/9903a122/attachment-0001.html>
More information about the Pdns-users
mailing list