[Pdns-users] PDNS working on localhost but not publicly
Alan Hodgson
ahodgson at lists.simkin.ca
Fri May 14 02:40:21 UTC 2021
On Thu, 2021-05-13 at 20:55 -0500, Steven Garner via Pdns-users wrote:
> Recently set up PowerDNS Authoritative Server (v 4.4.X) on 3 Ubuntu 20.04
> LTS name servers using MySQL 8 replication as a backend. My master name
> server (ns1.opensourceserver.io) and one of the slaves
> (ns3.opensourceserver.io) are performing well, but the other slave
> (ns2.opensourceserver.io) cannot even be found.
>
> I am wondering if it might be because of this unexpected result:
>
> > # netstat -alnp4 | grep pdns
> > tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
> > 53992/pdns_server
> > tcp 0 0 127.0.0.1:59010 127.0.0.1:3306
> > ESTABLISHED 53992/pdns_server
> > tcp 0 0 127.0.0.1:59008 127.0.0.1:3306
> > ESTABLISHED 53992/pdns_server
> > tcp 0 0 127.0.0.1:59012 127.0.0.1:3306
> > ESTABLISHED 53992/pdns_server
> > tcp 0 0 127.0.0.1:59014 127.0.0.1:3306
> > ESTABLISHED 53992/pdns_server
> > udp 0 0 0.0.0.0:53 0.0.0.0:*
> > 53992/pdns_server
> >
The 3306 connections are pdns-server connecting to MySQL.
> > dig opensourceserver.io @ns2.opensourceserver.io
> > ; <<>> DiG 9.10.6 <<>> opensourceserver.io @ns2.opensourceserver.io
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
> >
Your server does actually seem to answer queries from outside ... over TCP.
Not so much over UDP.
19:36:00.599475 eth0 Out IP 10.75.105.10.52535 > 207.177.51.156.53: 62512+
[1au] A? ns2.opensourceserver.io. (64)
19:36:00.678967 eth0 In IP 207.177.51.156 > 10.75.105.10: ICMP
207.177.51.156 udp port 53 unreachable, length 36
I get a port unreachable on UDP 53. ANY queries over TCP work, though:
$ dig @207.177.51.156 any opensourceserver.io
; <<>> DiG 9.16.15 <<>> @207.177.51.156 any opensourceserver.io
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12321
;; flags: qr aa rd; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 4
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;opensourceserver.io. IN ANY
;; ANSWER SECTION:
opensourceserver.io. 120 IN A 76.76.238.10
<other answers chopped>
;; Query time: 79 msec
;; SERVER: 207.177.51.156#53(207.177.51.156)
;; WHEN: Thu May 13 19:37:01 PDT 2021
;; MSG SIZE rcvd: 366
Recheck your UDP forwarding and firewalls.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210513/f0bdfc21/attachment-0001.htm>
More information about the Pdns-users
mailing list