[Pdns-users] PDNS working on localhost but not publicly

Alan Hodgson ahodgson at lists.simkin.ca
Fri May 14 02:40:21 UTC 2021


On Thu, 2021-05-13 at 20:55 -0500, Steven Garner via Pdns-users wrote:
> Recently set up PowerDNS Authoritative Server (v 4.4.X) on 3 Ubuntu 20.04
> LTS name servers using MySQL 8 replication as a backend.  My master name
> server (ns1.opensourceserver.io) and one of the slaves
> (ns3.opensourceserver.io) are performing well, but the other slave
> (ns2.opensourceserver.io) cannot even be found.
> 
> I am wondering if it might be because of this unexpected result:
> 
> > # netstat -alnp4 | grep pdns
> > tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN
> >      53992/pdns_server
> > tcp        0      0 127.0.0.1:59010         127.0.0.1:3306        
> >  ESTABLISHED 53992/pdns_server
> > tcp        0      0 127.0.0.1:59008         127.0.0.1:3306        
> >  ESTABLISHED 53992/pdns_server
> > tcp        0      0 127.0.0.1:59012         127.0.0.1:3306        
> >  ESTABLISHED 53992/pdns_server
> > tcp        0      0 127.0.0.1:59014         127.0.0.1:3306        
> >  ESTABLISHED 53992/pdns_server
> > udp        0      0 0.0.0.0:53              0.0.0.0:*                    
> >       53992/pdns_server
> > 


The 3306 connections are pdns-server connecting to MySQL.


> > dig opensourceserver.io @ns2.opensourceserver.io
> > ; <<>> DiG 9.10.6 <<>> opensourceserver.io @ns2.opensourceserver.io
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
> > 

Your server does actually seem to answer queries from outside ... over TCP.
Not so much over UDP.

19:36:00.599475 eth0  Out IP 10.75.105.10.52535 > 207.177.51.156.53: 62512+
[1au] A? ns2.opensourceserver.io. (64)
19:36:00.678967 eth0  In  IP 207.177.51.156 > 10.75.105.10: ICMP
207.177.51.156 udp port 53 unreachable, length 36

I get a port unreachable on UDP 53. ANY queries over TCP work, though:

$ dig @207.177.51.156 any opensourceserver.io     

; <<>> DiG 9.16.15 <<>> @207.177.51.156 any opensourceserver.io
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12321
;; flags: qr aa rd; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 4
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;opensourceserver.io.           IN      ANY

;; ANSWER SECTION:
opensourceserver.io.    120     IN      A       76.76.238.10
<other answers chopped>

;; Query time: 79 msec
;; SERVER: 207.177.51.156#53(207.177.51.156)
;; WHEN: Thu May 13 19:37:01 PDT 2021
;; MSG SIZE  rcvd: 366

Recheck your UDP forwarding and firewalls.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210513/f0bdfc21/attachment-0001.htm>


More information about the Pdns-users mailing list