[Pdns-users] Geo DNS - Apex Alias (not resolving)

Anthony Turner tony.turner at nodemax.com
Mon Jun 14 07:05:23 UTC 2021 

Hi,

I must have made a mistake as I can resolve  geo.hotchilli.co.uk DNS to
countries pretty reliably, but not the hotchilli.co.uk set as an alias to
geo.hotchilli.co.uk, hotchilli.co.uk pretty much returns unknown IP's (
10.0.2.18 ) so i must have made some silly mistakes, is this because I have
the recursor and authoritative server running on 127.0.0.1:53 and :5300
respectively. and dnsdist on the public IP's

This is predominantly meant to be POC auth with geo IP lookup.

root at dns0-hot:/home/tony# dpkg -l | grep pdns
ii  pdns-backend-geoip               4.4.0-1pdns.bionic
         amd64        geoip backend for PowerDNS
ii  pdns-recursor
 4.5.0~alpha0+master.666.g3ee80dc3c-1pdns.bionic amd64        PowerDNS
Recursor
ii  pdns-server                            4.4.0-1pdns.bionic
               amd64        extremely powerful and versatile nameserver

Here is my config, this runs on 2 hosts currently and will be split later.

HOST SUMMARY

host 1
dns0
dnsdist  46.17.216.218 <http://46.17.216.218:32>:53
dns auth server 127.0.0.1:5300
dns recursor  127.0.0.1:53

host 2
dns1
dnsdist  46.17.217.219:53
dns auth server  127.0.0.1:5300
dns recursor  127.0.0.1:53

DNSDIST x 2

- dnsdist config dns0
setLocal("46.17.216.218")
addACL("0.0.0.0/0")
setECSOverride(true)
setECSSourcePrefixV4(24)
setECSSourcePrefixV6(128)
newServer({address="127.0.0.1:5300", useClientSubnet=true})

  - dnsdist config dns1
setLocal("46.17.217.219")
addACL("0.0.0.0/0")
setECSOverride(true)
setECSSourcePrefixV4(24)
setECSSourcePrefixV6(128)
newServer({address="127.0.0.1:5300", useClientSubnet=true})

AUTHORITATIVE x2

- pdns auth dns0
local-address=127.0.0.1
local-port=5300
cache-ttl=0
query-cache-ttl=0
launch=geoip
setgid=pdns
setuid=pdns
write-pid=yes
config-dir=/etc/powerdns
resolver=127.0.0.1:53
expand-alias=yes
log-dns-queries=yes
loglevel=9
edns-subnet-processing=yes
geoip-database-files=/usr/share/GeoIP/GeoLite2-City.mmdb,/usr/share/GeoIP/GeoLite2-ASN.mmdb
geoip-zones-file=/etc/powerdns/zone.yaml

- pdns auth dns1
local-address=127.0.0.1
local-port=5300
cache-ttl=0
query-cache-ttl=0
launch=geoip
setgid=pdns
setuid=pdns
write-pid=yes
config-dir=/etc/powerdns
resolver=127.0.0.1:53
expand-alias=yes
log-dns-queries=yes
loglevel=9
edns-subnet-processing=yes
geoip-database-files=/usr/share/GeoIP/GeoLite2-City.mmdb,/usr/share/GeoIP/GeoLite2-ASN.mmdb
geoip-zones-file=/etc/powerdns/zone.yaml


RECURSOR x2


 pdns recursor dns0
allow-from=46.17.216.218, 127.0.0.1, 127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10,
169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
forward-zones+=hotchilli.co.uk=127.0.0.1:5300
config-dir=/etc/powerdns
ecs-add-for=0.0.0.0/0, ::/0, !127.0.0.0/8, !10.0.0.0/8, !100.64.0.0/10, !
169.254.0.0/16, !192.168.0.0/16, !172.16.0.0/12, !::1/128, !fc00::/7,
!fe80::/10
ecs-cache-limit-ttl=0
ecs-ipv4-bits=24
ecs-ipv4-cache-bits=24
ecs-ipv6-bits=56
ecs-ipv6-cache-bits=56
hint-file=/usr/share/dns/root.hints
include-dir=/etc/powerdns/recursor.d
local-address=127.0.0.1
local-port=53
lua-config-file=/etc/powerdns/recursor.lua
quiet=yes
setgid=pdns
setuid=pdns

 - pdns recursor dns1
allow-from=46.17.217.219, 127.0.0.1, 127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10,
169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
forward-zones+=hotchilli.co.uk=127.0.0.1:5300
config-dir=/etc/powerdns
ecs-add-for=0.0.0.0/0, ::/0, !127.0.0.0/8, !10.0.0.0/8, !100.64.0.0/10, !
169.254.0.0/16, !192.168.0.0/16, !172.16.0.0/12, !::1/128, !fc00::/7,
!fe80::/10
ecs-cache-limit-ttl=0
ecs-ipv4-bits=24
ecs-ipv4-cache-bits=24
ecs-ipv6-bits=56
ecs-ipv6-cache-bits=56
hint-file=/usr/share/dns/root.hints
include-dir=/etc/powerdns/recursor.d
local-address=127.0.0.1
local-port=53
lua-config-file=/etc/powerdns/recursor.lua
quiet=yes
setgid=pdns
setuid=pdns

ZONE

zone.yaml

- domain: hotchilli.co.uk
  ttl: 60
  records:
    hotchilli.co.uk:
      - alias: geo.hotchilli.co.uk
      - soa: dns0.hotchilli.uk dns-admin.hotchilli.uk 2021030125 7200 3600
1209600 3600
      - NS:
           content: dns0.hotchilli.uk
           ttl: 86400
      - NS:
           content: dns1.hotchilli.uk
           ttl: 86400
    gb.geo.hotchilli.co.uk:
      - a: 46.17.220.152
    us.geo.hotchilli.co.uk:
      - a: 46.17.220.158
    de.geo.hotchilli.co.uk:
      - a: 46.17.220.159
    es.geo.hotchilli.co.uk:
      - a: 46.17.220.157
    fr.eu.geo.hotchilli.co.uk:
      - a: 46.17.220.156
    unknown.geo.hotchilli.co.uk:
      - a: 10.0.2.18
  services:
    geo.hotchilli.co.uk:
      default: [ '%cc.geo.hotchilli.co.uk', 'unknown.geo.hotchilli.co.uk' ]

]

Many Thanks

Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210614/bd093e47/attachment.htm>

More information about the Pdns-users mailing list