On 2024-02-17 00:31, Otto Moerbeek wrote:
On Sat, Feb 17, 2024 at 12:22:06AM -0800, Bill MacAllister via
Pdns-users wrote:
I am new to Power DNS and am attempting to setup a Power DNS recursor
server. I am using Debian bookworm and I have installed the
pdns-recursor
package. The server is listening and dig can connect to the server,
but dig returns a status of SERVFAIL. What should I look at? What am
I missing?
Ahh, finally figured out how to get queries into syslog. Here is what
I am
seeing there:
2024-02-17T08:11:50.536920+00:00 zoot-bookworm pdns_recursor[10110]:
msg="Question" subsystem="syncres" level="0" prio="Info" tid="2"
ts="1708157510.535" ecs="" mtid="1" proto="udp"
qname="web.stanford.edu"
qtype="A" remote="10.0.0.32:55021"
2024-02-17T08:11:50.846316+00:00 zoot-bookworm pdns_recursor[10110]:
msg="Sending SERVFAIL during resolve" error="Server Failure while
retrieving
DS records for edu" subsystem="syncres" level="0" prio="Notice"
tid="2"
ts="1708157510.845" ecs="" mtid="1" proto="udp"
qname="web.stanford.edu"
qtype="A" remote="10.0.0.32:55021"
2024-02-17T08:11:50.846977+00:00 zoot-bookworm pdns_recursor[10110]:
msg="Answer" subsystem="syncres" level="0" prio="Info" tid="2"
ts="1708157510.846" additional="1" answers="0" dotout="0" ecs=""
mtid="1"
netms="306.381000" outqueries="28" proto="udp"
qname="web.stanford.edu"
qtype="A" rcode="2" rd="1" remote="10.0.0.32:55021" tcpout="0"
throttled="0"
timeouts="0" totms="310.015000" validationState="Indeterminate"
Thanks in advance for your help,
Bill
Your recursor is not able to get an answer from the root servers, at
least not for DS queries.
A run with --trace as a command line option will reveal more details
of what is going on.
Also: please show your config file.
-Otto
Here is my configuration file: https://pastebin.com/jatVMq42
BUT, this morning the recursor was working for a bit. Now it is
failing again. I suspect comcast, but only because I have not made
any changes to my internal network. Gremlins are other suspects.
Here is the command line that I used to get a trace:
/usr/sbin/pdns_recursor --daemon=no --write-pid=no \
--log-timestamp=no --trace --socket-dir=/run
The trace output is here: https://pastebin.com/Bke0qXtJ
Thanks for your help,
Bill
--
My heart is warm with the friends I make,
And better friends I'll not be knowing,
Yet there isn't a train I wouldn't take,
No matter where it's going.
Edna St Vincent Millay
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
