Dear Mailinglist, my problem is that if I query a non-existing DNS-record I get an empty NOERROR answer instead of a NXDOMAIN.
My Setup is a hidden Supermaster with powerdns 2.9.21.2 and the BIND Backend. And I have two superslaves which each are using an own pgsql database and are configured to be the only visible DNS servers. All of them are running on a Debian System and the default config files are merely changed but I appended them on the end. [1] If I query the hidden Supermaster everythings works as expected: ~$ dig non-existing.workstation.whnetz @dns-hidden ; <<>> DiG 9.6-ESV-R4 <<>> non-existing.workstation.whnetz @dns-hidden ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59826 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;non-existing.workstation.whnetz. IN A ;; AUTHORITY SECTION: workstation.whnetz. 3600 IN SOA dns1.idmz.whnetz. hostmaster.wh-netz.de. 2012100220 3600 900 604800 28800 ;; Query time: 2428 msec ;; SERVER: 10.99.1.3#53(10.99.1.3) ;; WHEN: Tue Nov 27 18:37:01 2012 ;; MSG SIZE rcvd: 123 That is how I expect the Query to be. But if I query one of the Superslaves in Front of this setup I get the following: ~$ dig non-existing.workstation.whnetz @dns1.idmz.whnetz ; <<>> DiG 9.6-ESV-R4 <<>> non-existing.workstation.whnetz @dns1.idmz.whnetz ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57659 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;non-existing.workstation.whnetz. IN A ;; Query time: 6 msec ;; SERVER: 10.99.1.2#53(10.99.1.2) ;; WHEN: Tue Nov 27 18:37:02 2012 ;; MSG SIZE rcvd: 49 Here I expect that I also get an NXDOMAIN output. They are both in sync. I.e. the AXFR for the domain looks the same on every server. Can you explain why there is no NXDOMAIN answer and/or no SOA for the zone? Or can you help me to debug this case further? Best Regars, Sebastian Heil [1] * Hidden Master: launch=bind bind-config=/etc/powerdns/bind-config/named.conf bind-check-interval=300 local-address=10.99.1.3 query-local-address=10.99.1.3 master=yes allow-axfr-ips=127.0.0.1 10.99.1.2 10.99.1.3 10.99.1.6 10.99.1.5 10.99.1.6 disable-axfr=no * Slave: launch=gpgsql gpgsql-dbname=dns gpgsql-host=127.0.0.1 gpgsql-port=5432 gpgsql-password=[...] gpgsql-user=powerdns local-address=10.99.1.2 query-local-address=10.99.1.2 slave=yes allow-axfr-ips=127.0.0.1 10.99.1.2 10.99.1.3 10.99.1.6 10.99.1.5 10.99.1.6 disable-axfr=no _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
