[Pdns-users] How to set up pdns recursor to repeat the query if it does not get an answer
abang at t-ipnet.net
Mon Sep 21 13:36:33 UTC 2020
> but an unsatisfied client will still query again.
Yes, but the Recursor will answer this client retries with SERVFAIL for <packetcache-servfail-ttl> seconds without asking the Auth again. And it will not ask an unresponsive Auth for <server-down-throttle-time> seconds.
Am 21. September 2020 15:14:49 MESZ schrieb Mira Krejci via Pdns-users <pdns-users at mailman.powerdns.com>:
>Thanks Winfried and Brian for the anwers. This appears to be a PDNS
>recursor property that cannot be configured by configuration.
>I understand that repeated query is another burden for an overloaded
>authoritative server, but an unsatisfied client will still query again.
>Dne 18. 09. 20 v 17:42 Winfried Angele napsal(a):
>> Hi Mira,
>> I think if a Resolver retries on possibly overloaded or attacked
>> authoritative DNS servers, it gets even worse for them. So I'd
>> recommend to try to contact the people in charge for that domain and
>> try to convince them to solve the problem on their side. And again,
>> the Recursor tries on each Nameservers address listed in the NS
>> So it does retries, but not on the same address. That means, in your
>> case, all DNS servers of that domain are overloaded or broken or
>> Am 18. September 2020 16:05:04 MESZ schrieb Mira Krejci
><krejci at i3.cz>:
>> Hi Winfried,
>> thank you for your reply.
>> If it's a feature and can't be changed, I have a big problem that
>> I'll have to solve by changing the software to another.
>> For example, Bind asks more than once if answer does not come.
>> Users are angry that DNS resolving does not work for them (of
>> course, it is to blame for authoritative servers of a specific
>> But I have to solve it somehow.
>> Dne 18. 09. 20 v 15:34 Winfried Angele napsal(a):
>>> Hi Mira,
>>> Yes the Recursor does no retry on *this* auth. But it tries on
>>> the other nameservers from the NS RR set. IPv4 and IPv6. So if
>>> you have only one auth, Recursor tries two times, IPv4 and IPv6
>>> if available.
>>> Am 18. September 2020 14:47:49 MESZ schrieb Mira Krejci via
>>> Pdns-users <pdns-users at mailman.powerdns.com>:
>>> I have a problem that I can't force the pdns recursor to
>>> authoritative servers repeatedly if they do not answer.
>>> the query only once and then return an error (SERVFAIL) to
>>> This is very problematic when the authoritative server is
>>> there are some problems on the network. I didn't find any
>way in the
>>> configuration to change it.
>>> Server version: 4.2.2-1 (from EPEL repo on CentOS 8)
>>> Can anyone help?
>>> Pdns-users mailing list
>>> Pdns-users at mailman.powerdns.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pdns-users