[Pdns-users] pdns-recursur 4.4: host unknown after some time with no clear reason
frank+pdns at tembo.be
frank+pdns at tembo.be
Wed Jun 1 10:48:01 UTC 2022
Hi Jan,
I completely understand NDAs and myself (and numerous other PowerDNS Certified Consultants on this list) are happy to sign them, as part of a professional engagement. Please reach out to me off-list to discuss your options.
However, this also means that on this list, we can't help you much...
As per your questions: first we need to know what happens. The trace should tell us. Options to look at: (yes this list is long and some won't apply, but please reread the first sentence of this mail)
* https://doc.powerdns.com/recursor/settings.html#network-timeout <https://doc.powerdns.com/recursor/settings.html#network-timeout>
* https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails <https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails>
* https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-throttle-time <https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-throttle-time>
* https://doc.powerdns.com/recursor/settings.html#dont-throttle-names <https://doc.powerdns.com/recursor/settings.html#dont-throttle-names>
* https://doc.powerdns.com/recursor/settings.html#dont-throttle-netmasks <https://doc.powerdns.com/recursor/settings.html#dont-throttle-netmasks>
* https://doc.powerdns.com/recursor/settings.html#server-down-max-fails <https://doc.powerdns.com/recursor/settings.html#server-down-max-fails>
* https://doc.powerdns.com/recursor/settings.html#server-down-throttle-time <https://doc.powerdns.com/recursor/settings.html#server-down-throttle-time>
Frank
Frank Louwers
PowerDNS Certified Consultant @ Kiwazo.be
> On 1 Jun 2022, at 12:32, Jan Huijsmans via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
>
> Hi Frank,
>
> On Wed, 1 Jun 2022 11:23:16 +0200
> "frank at tembo.be" <frank at tembo.be> wrote:
>> When this fails, could you run a dig command for a domain after
>> activating trace for that domain? (See
>> https://doc.powerdns.com/recursor/manpages/rec_control.1.html?highlight=trace-regex
>> <https://doc.powerdns.com/recursor/manpages/rec_control.1.html?highlight=trace-regex>)
>>
>> I'd like to see the full trace, but my guess would be all the
>> upstream / root name servers have been marked as too slow to be
>> reliable by PowerDNS.
>
> I'm not allowed to give a full trace, NDA and stuff. The rec_control
> command can help though. I'll see what I can dig up from the
> environment when I'm able to access it again.
>
> The slow speed could be the cause, as there are low speed high latency
> links between the recursor and the root servers. How do I disable that
> speed check in PowerDNS?
>
>> Also, I would recommend upgrading to a more recent version,
>> especially as 4.5 adds goodies such as
>> https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails
>> <https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails>.
>
> Alas, upgrading is not an option, as the environment is 'frozen'. The
> environment needs to work as-is for at least 1.5 years. All we can do
> is tweak settings. I'm already happy we could abandon 4.0 last year.
>
> --
>
> Jan Huijsmans bofh at koffie.nu
>
> ... cannot activate /dev/brain, no response from main coffee server
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20220601/f9d7c41b/attachment.htm>
More information about the Pdns-users
mailing list