[Pdns-users] Dig: zone queries are not answered without the ANY flag
Nikolaos Milas
nmilas at admin.noa.gr
Mon Dec 11 22:50:33 UTC 2017
Hello,
I have recently upgraded to latest versions of pdns & pdns-recursor. I
am now running (on CentOS 7.4.1708):
pdns-4.0.5-1pdns.el7.x86_64
pdns-backend-ldap-4.0.5-1pdns.el7.x86_64
pdns-recursor-4.0.7-1pdns.el7.x86_64
using the LDAP Backend. Packages have been installed from
powerdns-auth-40.repo and powerdns-rec-40.repo
It seems that the powerdns server does not reply correctly to simple
zone queries, except if someone uses the "ANY" flag.
It seems this is NOT the expected behavior.
Additionally, some of our remote slave servers (not under our control)
cannot get updated (refreshed), because they do not receive NS records
in their query results for domain noa.gr (and for our reverse zones,
i.e. for all of our hosted zones) and sync fails with errors:
error: zone noa.gr/IN: has no NS records
I believe the problem can be seen below:
-------------------------------------------------------------
# dig noa.gr @vdns.noa.gr
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.2 <<>> noa.gr @vdns.noa.gr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2507
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;noa.gr. IN A
;; AUTHORITY SECTION:
noa.gr. 3600 IN SOA vdns.noa.gr.
sysadmin.noa.gr. 2017120501 7200 180 1209600 3600
;; Query time: 4 msec
;; SERVER: 2001:648:2011:15::162#53(2001:648:2011:15::162)
;; WHEN: Sat Dec 9 15:48:13 2017
;; MSG SIZE rcvd: 74
-------------------------------------------------------------
BUT
-------------------------------------------------------------
# dig noa.gr ANY @vdns.noa.gr
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.2 <<>> noa.gr ANY
@vdns.noa.gr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39276
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 8
;; QUESTION SECTION:
;noa.gr. IN ANY
;; ANSWER SECTION:
noa.gr. 86400 IN MX 20 mailgw1.noa.gr.
noa.gr. 86400 IN MX 10 mailgw3.noa.gr.
noa.gr. 86400 IN NS vdns.noa.gr.
noa.gr. 86400 IN NS dns2.noa.gr.
noa.gr. 86400 IN NS sns0.grnet.gr.
noa.gr. 86400 IN NS sns1.grnet.gr.
noa.gr. 86400 IN TXT "MS=ms14959969"
noa.gr. 86400 IN SOA vdns.noa.gr.
sysadmin.noa.gr. 2017120501 7200 180 1209600 3600
;; ADDITIONAL SECTION:
mailgw1.noa.gr. 86400 IN AAAA 2001:648:2ffc:1115::27
mailgw1.noa.gr. 86400 IN A 83.212.5.27
mailgw3.noa.gr. 86400 IN AAAA 2001:648:2ffc:126::2
mailgw3.noa.gr. 86400 IN A 62.217.124.2
vdns.noa.gr. 86400 IN AAAA 2001:648:2011:15::162
vdns.noa.gr. 86400 IN A 194.177.195.162
dns2.noa.gr. 86400 IN AAAA 2001:648:2011:8010::213
dns2.noa.gr. 86400 IN A 195.251.204.213
;; Query time: 12 msec
;; SERVER: 2001:648:2011:15::162#53(2001:648:2011:15::162)
;; WHEN: Sat Dec 9 15:48:28 2017
;; MSG SIZE rcvd: 401
-------------------------------------------------------------
I can't tell when this behavior may have started, but it's occurring for
a couple of months. It may have been introduced after some update; we
have not changed configuration and for years we have not had any issues
with zone refresh.
NOTE: I tried downgrading to the previous versions of pdns and
pdns-recursor, but the problem persisted.
Can you please guide me on how to troubleshoot and resolve this issue?
Should I configure something differently or is this a bug?
Thanks in advance,
Nick
More information about the Pdns-users
mailing list