[Pdns-users] Odd Recursor/Authoritative problem with a private domain

Thu, 21 Jul 2011 11:00:19 -0700 

Hello to all on the list!
I'm seeing something kind of weird in our DNS setup, and was hoping I could bounce it off all of you to see if I could get some input. First off, structure of our system: 


6 Recursor servers, sitting behind a Foundry Load balancer, running 
pdns-recursor version 3.3-1 from the RPMs provided by PowerDNS
6 Authoritative servers, also sitting behind a Foundry Load balancer, 
running pdns-static-2.9.22-1 from the RPMs provided by PowerDNS



Other than the below problem, the setup works wonderfully.  On to the 
problem.



We set up a "private" zone named gnint.prv within our authoritative DNS 
servers to provide for private hostnames on our backend network (using 
10.1.20.0/255.255.252.0).  Within our recursors, we put the following 
into our config:


forward-zones-file=/etc/powerdns/stub-zone.conf

and within the stub-zone.conf file, we have the following:

gnint.prv=66.152.94.11, 66.152.94.12, 66.152.94.13
10.in-addr.arpa=66.152.94.11, 66.152.94.12, 66.152.94.13


The IP's referenced in the stub-zone.conf file are our load balancer 
IP's that split across all 6 authoritative servers.



When I try to do a lookup of an address I have defined within the 
gnint.prv domain using the linux "host" command, I get the following:


$ host gn-ldap01.gnint.prv
gn-ldap01.gnint.prv has address 10.1.20.1
Host gn-ldap01.gnint.prv not found: 3(NXDOMAIN)
Host gn-ldap01.gnint.prv not found: 3(NXDOMAIN)


Notice that I get 2 NXDOMAIN responses along with the valid response.  
This is what bugs me, because I think this causes *some* machines to 
fail to resolve the hostname.  If I try some other domain against the 
recursors, I only see one answer:


$ host www.gammanetworking.com
www.gammanetworking.com has address 66.152.94.25


Of course, this would not be working thru the stub-zone.conf facility, 
but instead looking up via whois record.



Also, interesting to note that reverse DNS lookups do not show a similar 
problem:


$ host 10.1.20.1
1.20.1.10.in-addr.arpa domain name pointer gn-ldap01.gnint.prv.


Does anyone have any ideas on what I'm missing?

Jeremy


_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users






















					Reply via email to