[Pdns-users] Recursive Forwarders
Otto Moerbeek
otto at drijf.net
Wed Aug 24 20:27:49 UTC 2022
On Wed, Aug 24, 2022 at 04:16:49PM -0400, Holmes, Timothy wrote:
> Full(er) log, I dont see any reference to the forwarders..
> Best, Tim
Indeed, no log lin wrt recursive forwarding. You do have in your config:
include-dir=/etc/powerdns/recursor.d
So it could be a file in there overriding things.
*BUT* you edited the log. Please do not do that. It makes it hard for
us to help you.
Your local address from your posted config is 127.0.0.1. But the log shows
x.x.x.x.
See https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/
-Otto
>
> Aug 24 16:12:17 cache1 systemd[1]: Stopping PowerDNS Recursor...
> Aug 24 16:12:17 cache1 systemd[1]: pdns-recursor.service: Succeeded.
> Aug 24 16:12:17 cache1 systemd[1]: Stopped PowerDNS Recursor.
> Aug 24 16:12:17 cache1 systemd[1]: Starting PowerDNS Recursor...
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Aug 24 16:12:17 Asked to run
> with pdns-distributes-queries set but no distributor threads, raising to 1
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: PowerDNS Recursor 4.2.1 (C)
> 2001-2019 PowerDNS.COM BV
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Using 64-bits mode. Built
> using gcc 9.2.1 20200202.
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: PowerDNS comes with
> ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to
> redistribute it according to the terms of the GPL version 2.
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: NOT using IPv6 for outgoing
> queries - set 'query-local-address6=::' to enable
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Only allowing queries from:
> 10.0.0.0/8, 127.0.0.1/32, 192.133.83.0/24, 192.168.0.0/16, 172.31.8.0/22,
> 172.31.12.0/22, 172.31.32.0/20, 172.31.64.0/20, 172.31.0.0/22,
> 172.31.16.0/20, 172.31.80.0/20, 172.31.48.0/20, 172.31.4.0/22
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Loaded the Public Suffix List
> from '/usr/share/publicsuffix/public_suffix_list.dat'
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Will not send queries to:
> 127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16,
> 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24,
> 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96,
> ::ffff:0:0/96, 100::/64, 2001:db8::/32, 0.0.0.0, ::
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: PowerDNS Recursor itself will
> distribute queries over threads
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Redirecting queries for zone '
> holycross.edu' to: x.x.x.x
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Inserting rfc 1918 private
> space zones
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Will not overwrite zone
> '10.in-addr.arpa' already loaded
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Listening for UDP queries on
> x.x.x.x:53
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Enabled TCP data-ready filter
> for (slight) DoS protection
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Listening for TCP queries on
> x.x.x.x:53
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Set effective group id to 121
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Set effective user id to 114
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Launching 1 distributor
> threads
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Launching 2 worker threads
> Aug 24 16:12:17 cache1 systemd[1]: Started PowerDNS Recursor.
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Done priming cache with root
> hints
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Done priming cache with root
> hints
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: message repeated 2 times: [
> Done priming cache with root hints]
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: Enabled 'epoll' multiplexer
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: 199 questions, 1279
> cache entries, 31 negative entries, 3% cache hits
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: throttle map: 0, ns
> speeds: 668, failed ns: 0, ednsmap: 269
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: outpacket/query ratio
> 248%, 0% throttled, 0 no-delegation drops
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: 3 outgoing tcp
> connections, 33 queries running, 0 outgoing timeouts
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: 145 packet cache
> entries, 7% packet cache hits
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: thread 0 has been
> distributed 109 queries
> Aug 24 16:12:17 cache1 pdns_recursor[491939]: stats: thread 1 has been
> distributed 87 queries
>
> On Wed, Aug 24, 2022 at 4:02 PM Otto Moerbeek via Pdns-users <
> pdns-users at mailman.powerdns.com> wrote:
>
> > On Wed, Aug 24, 2022 at 09:51:49PM +0200, Leendert Meyer via Pdns-users
> > wrote:
> >
> > > Hello Timothy,
> > >
> > > On Wednesday, 24 August 2022 20:09:11 CEST Holmes, Timothy via
> > Pdns-users
> > > wrote:
> > >
> > > <snip>
> > >
> > > > forward-zones-recurse=.=9.9.9.9;149.112.112.112;1.1.1.2;1.0.0.2
> > > > and also tried forward-zones-recurse=.=9.9.9.9
> > > >
> > > > Each time pushed a restart and verified. Each time the root name hints
> > seem
> > > > to still be the default behavior including after removing the
> > referenced
> > > > root hint file entry.
> > >
> > > <snip>
> > >
> > > > Am I missing something obvious, or will the root hints always take
> > > > precedence?
> > >
> > > Whithout testing, the ‘=.=’ seems odd.
> > >
> > > You probably have to change ‘=.=’ into ‘=’.
> >
> > Npe, that is the syntax to forward everything:
> >
> > forward-zones-recurse=.=9.9.9.9;1.1.1.1
> >
> > Leads to:
> >
> > Aug 24 22:00:33 Redirecting queries for zone '.' with recursion to:
> > 9.9.9.9:53, 1.1.1.1:53
> >
> > It basically turns a full recursor into just a cache. Plus you are now
> > depdendent on the forwarded-to resolvers. So there are drawbacks.
> >
> > -Otto
> >
> > >
> > > Kind regards,
> > >
> > > Leen
> >
> > > _______________________________________________
> > > Pdns-users mailing list
> > > Pdns-users at mailman.powerdns.com
> > > https://mailman.powerdns.com/mailman/listinfo/pdns-users
> >
> > _______________________________________________
> > Pdns-users mailing list
> > Pdns-users at mailman.powerdns.com
> > https://mailman.powerdns.com/mailman/listinfo/pdns-users
> >
More information about the Pdns-users
mailing list