[Pdns-users] recursor fail to resolve

Fri May 1 20:31:39 UTC 2020

I am glad you were able to duplicate the issue on your end.

Thus the question remains: what do I need to change in the recursor 
configuration to make it work as bind does and resolve even tough it 
looks like an issue at their end?

I still not able to deliver my customer's email if I use pdns recursor. 
I don't expect them to fix anything any time soon as I am the only one 
complaining so they say.

Sergio

On 5/1/2020 12:22 PM, Aki Tuomi wrote:
> Can you try with 'dig' instead? Also the logs seem truncated. Although I'm getting SERVFAIL intermittedly too, which suggests problem at their end. Their servers seem unresponsive sometimes, especially if you try
>
> dig s-s.mx @mail2.alestra.net.mx.
> dig s-s.mx @dns.alestra.net.mx.
>
> and wait some time (like 10 seconds) in between.
>
> Aki
>
>
>> On 05/01/2020 7:17 PM Sergio Cesar <sergio at winc.net> wrote:
>>
>>   
>> root at ns1:~# host s-s.mx
>> Host s-s.mx not found: 2(SERVFAIL)
>>
>> root at ns1:~# cat /var/log/syslog | grep s-s.mx
>> May  1 09:42:51 ns1 pdns_server[16452]: Remote 216.183.32.162 wants
>> 's-s/mx.winc.net|A', do = 1, bufsize = 1232 (4096): packetcache MISS
>> May  1 11:08:43 ns1 pdns_recursor[22995]: 3 [38702/1] question for
>> 's-s.mx|A' from 216.183.32.182:60383
>> May  1 11:08:46 ns1 pdns_recursor[22995]: 3 [38702/1] answer to question
>> 's-s.m |A': 0 answers, 1 additional, took 5 packets, 3106.89 netw ms,
>> 3110.29 tot ms, 0 throttled, 2 timeouts, 0 tcp connections, rcode=2
>> May  1 12:14:25 ns1 pdns_recursor[22995]: 3 [39863/1] question for
>> 's-s.mx|A' from 216.183.32.145:35773
>> May  1 12:14:28 ns1 pdns_recursor[22995]: 3 [39863/1] answer to question
>> 's-s.m |A': 0 answers, 0 additional, took 2 packets, 3006.53 netw ms,
>> 3010.36 tot ms, 0 throttled, 2 timeouts, 0 tcp connections, rcode=2
>>
>>
>> On 5/1/2020 12:12 PM, Aki Tuomi wrote:
>>> Next step, try to resolve s-s.mx and check your logs. Like /var/log/syslog?
>>>
>>> Aki
>>>
>>>> On 05/01/2020 7:09 PM Sergio Cesar <sergio at winc.net> wrote:
>>>>
>>>>    
>>>> Thank you for the reply.
>>>>
>>>> Here it is, not sure what that means.
>>>> The recursor is running on the same server as the PDNS with a different
>>>> IP address.  if that makes a difference.
>>>>
>>>> root at ns1:~# rec_control trace-regex s-s.mx
>>>> ok
>>>> ok
>>>> ok
>>>>
>>>> On 5/1/2020 11:37 AM, Aki Tuomi wrote:
>>>>>> On 05/01/2020 6:31 PM Sergio P Cesar via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
>>>>>>
>>>>>>     
>>>>>> I am new with pdns, just installed a resolver 4.3.0-rc2 to learn and all
>>>>>> seems to work but stumbled into an issue I cant resolve.
>>>>>>
>>>>>> My mailserver failed to deliver email to a few domains, in tracking it I
>>>>>> found that their DNS will drop the first packet on every new query  but
>>>>>> will respond on a second query ok and every one after that. (5 minutes
>>>>>> timeout) it will drop the 1st packet again.
>>>>>> I was expecting the recursor to query the 2nd and 3rd server in their
>>>>>> list but it does not look like it is doing that.
>>>>>> It seems like it is caching the failure and does not query again at all
>>>>>> for a while.
>>>>>> I changed packetcache-servfail-ttl=0 and now it looks like after the 3rd
>>>>>> query attempt it will work as the far end server now respond.
>>>>>> Not sure this is correct setting  or I will have adverse effect setting
>>>>>> this to 0.
>>>>>>
>>>>>> Perhaps I have not set something else that will tell the recursor to try
>>>>>> the next server if the first one fail to respond or send a second packet
>>>>>> or a retry.
>>>>>> I used bind to test and it gets a response on the first try. I did not
>>>>>> try to trace the packets from a bind query.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>>
>>>>> Try `rec_control trace-regex domain.com` and post that. Without censoring the results.
>>>>>
>>>>> Aki
>>