Thanks for the clarification, but this scares me. How can I have
configured the server in a way it thinks it is authoritative for the
entire Internet?
It should be authoritative for zur-sonne.it and the other 2500 domains
we have, sihosting.cloud is not part of the domains we host....
Am 22.06.2021 um 17:05 schrieb Brian Candler:
On 22/06/2021 15:54, Thomas wrote:
Doing a "dig www.zur-sonne.it +nostats +nocomments +nocmd @localhost"
I (think) get correct result:
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> www.zur-sonne.it
+nostats +nocomments +nocmd @localhost
;; global options: +cmd
;www.zur-sonne.it. IN A
www.zur-sonne.it. 10800 IN CNAME cms-v2.sihosting.cloud.
And nslookup can not resolve cms-v2.sihosting.cloud as I pointed it to
localhost to query from. Correct?
I believe you're right. nslookup thinks it's talking to a recursive
nameserver, and wants to chase the CNAME record. However I would not
have expected an NXDOMAIN response here; your nameserver ought to have
returned REFUSED. It seems like you've made your nameserver
authoritative for the entire DNS (or at least, for sihosting.cloud)
For that dig command line, when talking to an authoritative nameserver,
I'd also recommend you add the "+norec" flag, which makes it explicit
that you don't want to recurse.
Am 22.06.2021 um 16:54 schrieb Thomas via Pdns-users:
Am 22.06.2021 um 16:16 schrieb Brian Candler:
On 22/06/2021 14:55, Thomas via Pdns-users wrote:
I have upgraded pdns authoritative server from version 4.3 to
version 4.4.1 on CentOS 7, MySQL is the backend.
If I query a CNAME record on both servers I get the following error
(do not remember if it worked before the upgrade):
[root@pdns1 log]# nslookup www.example.it localhost
Server: localhost
Address: ::1#53
www.example.it canonical name = cms-v2.externaldomain.cloud.
** server can't find cms-v2.externaldomain.cloud: NXDOMAIN
Firstly, please don't hide domains: see
https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/
Secondly, which of those domains is your server authoritative for?
PowerDNS will not attempt to follow CNAME records. General recursion
was removed in Authoritative Server 4.1. (It will send queries for
ALIAS records, but only if you've configured it with a recursor to use).
Sorry, was not aware of that. So let me try again....
Doing a "dig www.zur-sonne.it +nostats +nocomments +nocmd @localhost"
I (think) get correct result:
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> www.zur-sonne.it
+nostats +nocomments +nocmd @localhost
;; global options: +cmd
;www.zur-sonne.it. IN A
www.zur-sonne.it. 10800 IN CNAME cms-v2.sihosting.cloud.
And nslookup can not resolve cms-v2.sihosting.cloud as I pointed it to
localhost to query from. Correct?
Where is the stick I could hit myself? Feeling stupid....Should not do
this with more than 30° Celsius temperature.
Thanks and sorry for the noise,
Thomas
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
