Does it print out anything at all? Can you show a 'dig' command that shows TC:0 response and no fallback to TCP/IP?
Thanks! On Tue, Aug 25, 2015 at 02:52:33PM +0300, Burak Ozalp wrote: > Dear Bert; > > Firstly, thanks a lot for fast and illustrative replies. i learned a > lot of things. But i have a problem again :( > I change the dnsdistconf.lua file blockfilter() function as: > function blockFilter(remote, qname, qtype, dh) > > print("any query, tc=1") > dh:setTC(true) > dh:setQR(true) > > if(qname:isPartOf(block)) > then > print("Blocking *.powerdns.org") > return true > end > return false > end > > then i did re-installation and run dnsdist. However, nothing is changed.. > > > > > Alinti bert hubert <bert.hub...@powerdns.com> > > >sent from the wrong account first, sorry. > > > >>Begin forwarded message: > >> > >>Subject: Re: [Pdns-dev] How to set PowerDNS Server with option any-to-tcp > >>From: bert hubert <bert.hub...@netherlabs.nl> > >>Date: 25 Aug 2015 12:39:05 CEST > >>Cc: Aki Tuomi <cmo...@youzen.ext.b2.fi>, pdns-dev@mailman.powerdns.com > >>To: Burak Ozalp <burak.oz...@metu.edu.tr> > >> > >> > >>>On 25 Aug 2015, at 12:24, Burak Ozalp <burak.oz...@metu.edu.tr> wrote: > >>> > >>>Thanks Bert, > >>> > >>>I installed dnsdist. with addAnyTCRule() i can easily do pdns > >>>any-to-tcp(). However, i couldn't manage to do for all types > >>>of queries. Should I patch the conf file ? > >> > >> > >>Hi Burak, > >> > >>Try: > >> > >>"The blockFilter() also gets passed read/writable copy of the > >>DNS Header. If you invoke setQR(1) on that, dnsdist knows you > >>turned the packet into a response, and will send the answer > >>directly to the original client. > >> > >>If you also called setTC(1), this will tell the remote client to > >>move to TCP/IP, and in this way you can implement ANY-to-TCP > >>even for downstream servers that lack this feature.? > >> > >>See: > >>https://github.com/PowerDNS/pdns/blob/master/pdns/README-dnsdist.md#any-or-whatever-to-tc > >> > >> > >>just call setQR(1) and setTC(1) on the header field of > >>blockFilter() and you are done. > >> > >>Good luck! > >> > >> > >> > >>> > >>>Best Regards > >>>Burak Ozalp > >>> > >>>Alinti bert hubert <bert.hub...@powerdns.com> > >>> > >>>>Hi Burak, > >>>> > >>>>dnsdist can do this easily, please see http://dnsdist.org/ > >>>>for more details. > >>>>It can set TC on any criterium. > >>>> > >>>>Good luck! > >>>> > >>>> Bert > >>>> > >>>>On Tue, Aug 25, 2015 at 09:59:12AM +0300, Burak Ozalp wrote: > >>>>>Dear Tuomi, > >>>>> > >>>>>Yes it works.Does it possible to force all UDP request with > >>>>>truncated packet, and force all to use TCP ? > >>>>> > >>>>>Best Regards > >>>>>Burak Ozalp > >>>>> > >>>>> > >>>>> > >>>>>Alinti Aki Tuomi <cmo...@youzen.ext.b2.fi> > >>>>> > >>>>>>On Mon, Aug 24, 2015 at 03:36:02PM +0300, Burak Ozalp wrote: > >>>>>>>I install PowerDNS with MySql backend from here.I would like to set > >>>>>>>any-to-tcp=yes for PowerDNS Server. I tried to configure > >>>>>>>/etc/powerdns/pdns.conf file and add a line "any-to-tcp=yes". This > >>>>>>>option should reject UDP request from client and force to use tcp. > >>>>>>>But when i run dig @127.0.0.1 it doesn't set the truncated bit in > >>>>>>>response, so it doesn't work. > >>>>>>> > >>>>>>>How to set correctly any-to-tcp option ? > >>>>>>> > >>>>>> > >>>>>>It only truncates ANY query, try dig any domain.com @localhost > >>>>>> > >>>>>>> > >>>>>>>_______________________________________________ > >>>>>>>Pdns-dev mailing list > >>>>>>>Pdns-dev@mailman.powerdns.com > >>>>>>>http://mailman.powerdns.com/mailman/listinfo/pdns-dev > >>>>>>> > >>>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>_______________________________________________ > >>>>>Pdns-dev mailing list > >>>>>Pdns-dev@mailman.powerdns.com > >>>>>http://mailman.powerdns.com/mailman/listinfo/pdns-dev > >>>>> > >>>> > >>> > >>> > >>> > >>> > >> > > > > > > > > _______________________________________________ Pdns-dev mailing list Pdns-dev@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-dev