Re: [Pdns-users] Resolving Domain

Mon, 17 Sep 2018 23:57:01 -0700 

On 18/09/2018 03:14, Nur Tantio Pratomo wrote:

i haven't enable logging yet when the error occurs

202.91.8.101 with nameserver oceanic.te.net.id <http://oceanic.te.net.id>
180.214.246.58 with nameserver lloyd.te.net.id <http://lloyd.te.net.id>

i use mysql backend and this is my config

launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=powerdns_user
gmysql-password=xxxxx
gmysql-dbname=powerdns
setuid=pdns
setgid=pdns
do-ipv6-additional-processing=yes
local-address=202.91.8.101
local-ipv6=2402:f080:0:4::101
It's certainly behaving problematically, returning SERVFAIL for these domains.  tcpdump shows a UDP exchange followed by two TCP exchanges. 

$ dig @202.91.8.101 radininten2-airport.org any
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.8.3-P1 <<>> @202.91.8.101 radininten2-airport.org any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19370
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;radininten2-airport.org.       IN      ANY

;; Query time: 261 msec
;; SERVER: 202.91.8.101#53(202.91.8.101)
;; WHEN: Tue Sep 18 07:22:20 2018
;; MSG SIZE  rcvd: 41

$ dig @180.214.246.58 radininten2-airport.org any
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.8.3-P1 <<>> @180.214.246.58 radininten2-airport.org any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39845
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;radininten2-airport.org.       IN      ANY

;; Query time: 234 msec
;; SERVER: 180.214.246.58#53(180.214.246.58)
;; WHEN: Tue Sep 18 07:22:43 2018
;; MSG SIZE  rcvd: 41
Since this problem is reproducible, I'd suggest your next step is to turn on logging in powerdns, and if that doesn't show the problem, enable query logging in mysql as well.
Check your schemas (SHOW CREATE TABLE ...), and manually check all your records for the affected domain.  Presumably you haven't overridden any of the queries. You could try issuing one of the queries manually to see what it returns, e.g. 

gmysql-basic-query=SELECT content,ttl,prio,type,domain_id,disabled,name,auth 
FROM records WHERE disabled=0 and type=? and name=?

Regards,

Brian.


_______________________________________________
Pdns-users mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to