[Pdns-users] DiG _trace: no response, no fail, nothing

David opendak at shaw.ca
Fri Feb 17 04:04:51 UTC 2017 

On 2017-02-16 6:29 PM, stancs3 wrote:
> I have seen this problem posted in various places over the years. It is
> not clear if it is a bug, a bad config, or just non-functional.


https://github.com/PowerDNS/pdns/issues/4353

In your case (auth pointing to recursor) is a fairly broken config to 
begin with, so this may be unlikely for you to get working. In order for 
auth to respond to "NS ." without recursion you'd have to host the root 
zone on there.

Recursor in front and forwarding your internal zones to auth would  work 
(most) of the time unless your cache doesn't have the root primed already.

>
> My set up:
>
> VM running Centos 7, up to date.
> pdns install using postgresql db.
> pdns-recursor install.
>
> pdns is running as an authoritive ns, standalone, replicated via
> postgresql to a second VM, pretty much identical.
>
>
> pdns is set with recursor=local-address:5300
>
> pdns-recursor is set with local-address equal to pdns local-address
> above
>
> pdns-recursor is set with local-port equal to pdns 5300 above.
>
> It all seems to work.
>
> The authoritive nameserver is private, and is populated with a few records which work.
>
> The recursor is being tested with DiG. (and with typical surfing). I have verified that the VM has no other dns function working in parallel.
>
> All DiG commands so far work with the exception of +trace.
>
> I have logs running, and can easily see logs generated for DiG commands that work.
>
> I have attached a console example. The logs and console indicate that the DiG command with +trace doesn't fail; it just doesn't even respond.
>
> If I target the same DiG +trace command at my router's dnsmasq, it responds as expected with a whole bunch of trace info.
>
> I have tried for days/hours with all variations I can think of and all manner of surfing for solutions. If there were failure logs it would help, but absolutely zero logs with the +trace command is issued to pdns.
>
> I have also dumped my cache and it has many NS records.
>
> I am tempted to simply ignore this and just use the thing as it seems to work. I only tried DiG +trace to see how it all works......
>
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>

More information about the Pdns-users mailing list