Hello Ferenc, On 28 Mar 2014, at 18:41 , Ferenc Kovacs <tyr...@gmail.com> wrote:
> After upgrading from 2.9.22 to 3.1 We have bumped into an issue that our > resolving via the pipe backed wasn't working anymore. > > We were using something like > pipe-regex=^(.*).(ourcompany.com);(ANY|A)$ > in our pdns config(ANY|ALL is suggested by the official docs: > http://doc.powerdns.com/html/backends-detail.html) > and our backend was only expecting HELO and Q requests, and was responding to > any Q request with an A record. > > first, we enabled the query-logging, and we were seeing a bunch of > Query for 'something.ourcompany.com' type 'SOA' failed regex > '^(.*).(ourcompany.com);(.*)$' > > After adding the SOA to the pipe-regex pattern (ANY|A|SOA) our backend > finally started to receive requests, but still not working, because we > started getting > AXFR -1 > requests after the Q requests(even thought that those request are not allowed > by the pipe-regex and they don't appear in the query-log), and not handling > those caused the resolving to fail before sending the Q to the backend. > > My guess is that we should handle the SOA requests properly(send the SOA for > the A r), and we are seeing the AXFR requests because pdns is confused by the > A response to the SOA request. > > Could somebody verify that this is what's happening, and it is only a miracle > that this setup was working with previous powerdns versions? That’s about right! 1) 3.0 and up require a SOA 2) your regex was preventing getting it 3) when you fixed that, your script would still not serve one 4) if PowerDNS doesn’t have a SOA but believes a backend has authority, it will try to generate a SOA, but to do that it needs a serial, and for that it tries to find out what the newest record in the zone is - hence the AXFR > I guess it would be also nice > if somebody could update the documentation on > http://doc.powerdns.com/html/backends-detail.html a bit, so people would > write proper backends from the start instead of bumping into this issues > after upgrading. 5) Yes, those docs need to be fixed to reflect the 3.0 and up situation. Please file an issue at https://github.com/PowerDNS/pdns/issues/new about the docs. Or, if you feel like it, file a pull request with an actual documentation update to https://github.com/PowerDNS/pdns/blob/master/pdns/docs/pdns.xml ! Kind regards, -- Peter van Dijk Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Pdns-dev mailing list Pdns-dev@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-dev
