[Pdns-users] recursor fail to resolve

Fri May 1 17:35:48 UTC 2020

That is what I herewith dig also. 
I used a packet tracer to see that after some period every first query they drop the first packet from our recursor.
And if I use bind to query I get a response on the first time.

On May 1, 2020 12:22:51 PM CDT, Aki Tuomi <cmouse at cmouse.fi> wrote:
>Can you try with 'dig' instead? Also the logs seem truncated. Although
>I'm getting SERVFAIL intermittedly too, which suggests problem at their
>end. Their servers seem unresponsive sometimes, especially if you try
>
>dig s-s.mx @mail2.alestra.net.mx.
>dig s-s.mx @dns.alestra.net.mx.
>
>and wait some time (like 10 seconds) in between.
>
>Aki
>
>
>> On 05/01/2020 7:17 PM Sergio Cesar <sergio at winc.net> wrote:
>> 
>>  
>> root at ns1:~# host s-s.mx
>> Host s-s.mx not found: 2(SERVFAIL)
>> 
>> root at ns1:~# cat /var/log/syslog | grep s-s.mx
>> May  1 09:42:51 ns1 pdns_server[16452]: Remote 216.183.32.162 wants 
>> 's-s/mx.winc.net|A', do = 1, bufsize = 1232 (4096): packetcache MISS
>> May  1 11:08:43 ns1 pdns_recursor[22995]: 3 [38702/1] question for 
>> 's-s.mx|A' from 216.183.32.182:60383
>> May  1 11:08:46 ns1 pdns_recursor[22995]: 3 [38702/1] answer to
>question 
>> 's-s.m |A': 0 answers, 1 additional, took 5 packets, 3106.89 netw ms,
>
>> 3110.29 tot ms, 0 throttled, 2 timeouts, 0 tcp connections, rcode=2
>> May  1 12:14:25 ns1 pdns_recursor[22995]: 3 [39863/1] question for 
>> 's-s.mx|A' from 216.183.32.145:35773
>> May  1 12:14:28 ns1 pdns_recursor[22995]: 3 [39863/1] answer to
>question 
>> 's-s.m |A': 0 answers, 0 additional, took 2 packets, 3006.53 netw ms,
>
>> 3010.36 tot ms, 0 throttled, 2 timeouts, 0 tcp connections, rcode=2
>> 
>> 
>> On 5/1/2020 12:12 PM, Aki Tuomi wrote:
>> > Next step, try to resolve s-s.mx and check your logs. Like
>/var/log/syslog?
>> >
>> > Aki
>> >
>> >> On 05/01/2020 7:09 PM Sergio Cesar <sergio at winc.net> wrote:
>> >>
>> >>   
>> >> Thank you for the reply.
>> >>
>> >> Here it is, not sure what that means.
>> >> The recursor is running on the same server as the PDNS with a
>different
>> >> IP address.  if that makes a difference.
>> >>
>> >> root at ns1:~# rec_control trace-regex s-s.mx
>> >> ok
>> >> ok
>> >> ok
>> >>
>> >> On 5/1/2020 11:37 AM, Aki Tuomi wrote:
>> >>>> On 05/01/2020 6:31 PM Sergio P Cesar via Pdns-users
><pdns-users at mailman.powerdns.com> wrote:
>> >>>>
>> >>>>    
>> >>>> I am new with pdns, just installed a resolver 4.3.0-rc2 to learn
>and all
>> >>>> seems to work but stumbled into an issue I cant resolve.
>> >>>>
>> >>>> My mailserver failed to deliver email to a few domains, in
>tracking it I
>> >>>> found that their DNS will drop the first packet on every new
>query  but
>> >>>> will respond on a second query ok and every one after that. (5
>minutes
>> >>>> timeout) it will drop the 1st packet again.
>> >>>> I was expecting the recursor to query the 2nd and 3rd server in
>their
>> >>>> list but it does not look like it is doing that.
>> >>>> It seems like it is caching the failure and does not query again
>at all
>> >>>> for a while.
>> >>>> I changed packetcache-servfail-ttl=0 and now it looks like after
>the 3rd
>> >>>> query attempt it will work as the far end server now respond.
>> >>>> Not sure this is correct setting  or I will have adverse effect
>setting
>> >>>> this to 0.
>> >>>>
>> >>>> Perhaps I have not set something else that will tell the
>recursor to try
>> >>>> the next server if the first one fail to respond or send a
>second packet
>> >>>> or a retry.
>> >>>> I used bind to test and it gets a response on the first try. I
>did not
>> >>>> try to trace the packets from a bind query.
>> >>>>
>> >>>> Thanks
>> >>>>
>> >>>>
>> >>> Try `rec_control trace-regex domain.com` and post that. Without
>censoring the results.
>> >>>
>> >>> Aki
>> 
>> -- 
>> --
>> Sergio Cesar
>> Technology Director
>> Wireless Net Connections
>> Network Communications & Consulting
>> (956) 380-3536 Office
>> (956) 587-2377 Mobile

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200501/1a6936cc/attachment-0001.htm>