I responded a bit too quickly.

There are no firewalls between the sbc and the pdns server.
I have installed pdns straight out of the box, not added any acls anywhere.
There are no ACLs on the SBC.  (acmepacket SBC)



Bart Mueller
Director VoIP Operations
21720 Red Rum Dr Suite 122 | Ashburn, VA 20147
p. 703-348-2910
bmuel...@singlepointglobal.com<mailto:bmuel...@singlepointglobal.com>
www.singlepointglobal.com<http://www.singlepointglobal.com/>

From: Pdns-users <pdns-users-boun...@mailman.powerdns.com> on behalf of Bart 
Mueller <bmuel...@singlepointglobal.com>
Date: Wednesday, July 11, 2018 at 4:05 PM
To: Robert Dawson <rdaw...@alliedtelecom.net>, 
"pdns-users@mailman.powerdns.com" <pdns-users@mailman.powerdns.com>
Subject: Re: [Pdns-users] Using Power DNS for ENUM Server and 408 Error

Here is a tcpdump filtered on port 53 for an inbound call.

208.91.112.53 is our local ns server.

16:03:19.079954 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP 
(17), length 81)
    10.0.0.100.cap > 1067-enum-1.domain: [udp sum ok] 69+ NAPTR? 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. (53)

16:03:19.080835 IP (tos 0x0, ttl 64, id 42058, offset 0, flags [DF], proto UDP 
(17), length 69)
    1067-enum-1.44254 > 208.91.112.53.domain: [bad udp cksum 0xf027 -> 0x51c5!] 
23486+ PTR? 206.2.0.10.in-addr.arpa. (41)

16:03:19.104992 IP (tos 0x0, ttl 64, id 41958, offset 0, flags [DF], proto UDP 
(17), length 140)
    1067-enum-1.domain > 10.0.0.100.cap: [bad udp cksum 0x17bb -> 0x650f!] 69*- 
q: NAPTR? 0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. 1/0/0 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. [2m] NAPTR (112)

16:03:19.150784 IP (tos 0x0, ttl 50, id 36956, offset 0, flags [none], proto 
UDP (17), length 104)
    208.91.112.53.domain > 1067-enum-1.44254: [udp sum ok] 23486 NXDomain* q: 
PTR? 206.2.0.10.in-addr.arpa. 0/1/0 ns: 10.in-addr.arpa. [1d] SOA 
10.in-addr.arpa. . 0 28800 7200 604800 86400 (76)

16:03:19.152348 IP (tos 0x0, ttl 64, id 42101, offset 0, flags [DF], proto UDP 
(17), length 69)
    1067-enum-1.41006 > 208.91.112.53.domain: [bad udp cksum 0xf027 -> 0x8dd2!] 
11370+ PTR? 100.0.0.10.in-addr.arpa. (41)

16:03:19.222680 IP (tos 0x0, ttl 50, id 36958, offset 0, flags [none], proto 
UDP (17), length 104)
    208.91.112.53.domain > 1067-enum-1.41006: [udp sum ok] 11370 NXDomain* q: 
PTR? 100.0.0.10.in-addr.arpa. 0/1/0 ns: 10.in-addr.arpa. [1d] SOA 
10.in-addr.arpa. . 0 28800 7200 604800 86400 (76)

16:03:19.223237 IP (tos 0x0, ttl 64, id 42153, offset 0, flags [DF], proto UDP 
(17), length 72)
    1067-enum-1.51590 > 208.91.112.53.domain: [bad udp cksum 0xf02a -> 0xd445!] 
22603+ PTR? 53.112.91.208.in-addr.arpa. (44)

16:03:19.293323 IP (tos 0x0, ttl 50, id 36959, offset 0, flags [none], proto 
UDP (17), length 128)
    208.91.112.53.domain > 1067-enum-1.51590: [udp sum ok] 22603 NXDomain q: 
PTR? 53.112.91.208.in-addr.arpa. 0/1/0 ns: 112.91.208.in-addr.arpa. [1h23m19s] 
SOA ns1.fortinet.com. mis.fortinet.com. 2008061000 28800 14400 3600000 86400 
(100)

16:03:19.293970 IP (tos 0x0, ttl 64, id 42179, offset 0, flags [DF], proto UDP 
(17), length 70)
    1067-enum-1.51157 > 208.91.112.53.domain: [bad udp cksum 0xf028 -> 0x9907!] 
50287+ PTR? 65.3.19.172.in-addr.arpa. (42)

16:03:19.366560 IP (tos 0x0, ttl 50, id 36960, offset 0, flags [none], proto 
UDP (17), length 105)
    208.91.112.53.domain > 1067-enum-1.51157: [udp sum ok] 50287 NXDomain* q: 
PTR? 65.3.19.172.in-addr.arpa. 0/1/0 ns: 19.172.in-addr.arpa. [1d] SOA 
19.172.in-addr.arpa. . 0 28800 7200 604800 86400 (77)

16:03:20.080454 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP 
(17), length 81)
    10.0.0.100.cap > 1067-enum-1.domain: [udp sum ok] 69+ NAPTR? 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. (53)

16:03:20.080722 IP (tos 0x0, ttl 64, id 42372, offset 0, flags [DF], proto UDP 
(17), length 140)
    1067-enum-1.domain > 10.0.0.100.cap: [bad udp cksum 0x17bb -> 0x650f!] 69*- 
q: NAPTR? 0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. 1/0/0 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. [2m] NAPTR (112)

16:03:22.081005 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP 
(17), length 81)
    10.0.0.100.cap > 1067-enum-1.domain: [udp sum ok] 69+ NAPTR? 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. (53)

16:03:22.081364 IP (tos 0x0, ttl 64, id 43100, offset 0, flags [DF], proto UDP 
(17), length 140)
    1067-enum-1.domain > 10.0.0.100.cap: [bad udp cksum 0x17bb -> 0x650f!] 69*- 
q: NAPTR? 0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. 1/0/0 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. [2m] NAPTR (112)

16:03:26.081550 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP 
(17), length 81)
    10.0.0.100.cap > 1067-enum-1.domain: [udp sum ok] 69+ NAPTR? 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. (53)

16:03:26.081928 IP (tos 0x0, ttl 64, id 45763, offset 0, flags [DF], proto UDP 
(17), length 140)
    1067-enum-1.domain > 10.0.0.100.cap: [bad udp cksum 0x17bb -> 0x650f!] 69*- 
q: NAPTR? 0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. 1/0/0 
0.1.9.2.8.4.3.3.0.7.1.newcovoip.com. [2m] NAPTR (112)


Bart Mueller
Director VoIP Operations
21720 Red Rum Dr Suite 122 | Ashburn, VA 20147
p. 703-348-2910
bmuel...@singlepointglobal.com<mailto:bmuel...@singlepointglobal.com>
www.singlepointglobal.com<http://www.singlepointglobal.com/>

From: Robert Dawson <rdaw...@alliedtelecom.net>
Date: Wednesday, July 11, 2018 at 4:02 PM
To: Bart Mueller <bmuel...@singlepointglobal.com>, 
"pdns-users@mailman.powerdns.com" <pdns-users@mailman.powerdns.com>
Subject: Re: [Pdns-users] Using Power DNS for ENUM Server and 408 Error

Have you done packet captures to make sure that the reply is leaving the PDNS 
server and reaching the SBC?

Any firewall between the two devices? Any egress filtering on the PDNS server? 
ACL or ingress filtering on the SBC?

From: Pdns-users <pdns-users-boun...@mailman.powerdns.com> on behalf of Bart 
Mueller <bmuel...@singlepointglobal.com>
Date: Wednesday, July 11, 2018 at 3:52 PM
To: "pdns-users@mailman.powerdns.com" <pdns-users@mailman.powerdns.com>
Subject: [Pdns-users] Using Power DNS for ENUM Server and 408 Error

I have a powerdns server setup using mysql on the backend. The PDNS logs see 
the query come in: SELECT content,ttl,prio,type,domain_id,disabled,name,auth 
FROM records WHERE disabled=

Unusual Message (External, bmuel...@singlepointglobal.com)


•

First-Time Sender   
Details<https://shared.outlook.inky.com/details?id=YWxsaWVkdGVsZWNvbS9yZGF3c29uQGFsbGllZHRlbGVjb20ubmV0L2YyMDcyY2U4YmMyMDRkMzlhY2Q5NzM0ZGU5MWEyZDJjLzE1MzEzMzg3MzIuMzI=>


Report This 
Email<https://shared.outlook.inky.com/report?id=YWxsaWVkdGVsZWNvbS9yZGF3c29uQGFsbGllZHRlbGVjb20ubmV0L2YyMDcyY2U4YmMyMDRkMzlhY2Q5NzM0ZGU5MWEyZDJjLzE1MzEzMzg3MzIuMzI=>
   Powered by Inky<https://inky.com>




I have a  powerdns server setup using mysql on the backend.

The PDNS logs see the query come in:

SELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE 
disabled=0 and name=someEntry' and domain_id=3

But my SBC times out.

Jul 11 15:19:59.440 [DNS] (2) Q:NAPTR someEntry  process ENUM results 408 
Request Timeout


If I do a dig:

dig @myServer SomeEntry NAPTR

I get a good answer:

someReverseEntry. 120 IN NAPTR 100 10 "u" "E2U+sip" 
"!^.*$!sip:someEntry@someIP!" .


I have a domain set in the domains table with an id that matches the query (3)

|  3 | someDomain.com | 127.0.0.1 |       NULL | MASTER |            NULL | 
NULL    |

I have confirmed that auth=1 on the record.

Any other information you need to assist?  Let me know.

Thank you



Bart Mueller
Director VoIP Operations
21720 Red Rum Dr Suite 122 | Ashburn, VA 20147
p. 703-348-2910
bmuel...@singlepointglobal.com<mailto:bmuel...@singlepointglobal.com>
www.singlepointglobal.com<http://www.singlepointglobal.com/>
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to