Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Frank and list case solved :-) I changed all TXT records of the affected domain directly in mysql to have a leading and a trailing " and api happily replied with the expected data on the endpoint. acme.sh now can issue v2 certificates for LE wildcard certs :-) Now the only remaining thing is to tell our pdnsgui to insert TXT records correctly into database. As this is quite an old piece of software that will be fun :-) Thanks again for your speedy support here. Have a good one tobi Am 07.05.19 um 17:45 schrieb frank+pdns--- via Pdns-users: > Hi Tobi, > >> >>> HTTP ISE for "/api/v1/servers/localhost/zones/REDACTED.tld": STL >>> Exception: Parsing record content (try 'pdnsutil check-zone'): Data >>> field in DNS should start with quote (") at position 0 of 'v=spf1 >>> -all' >> > > It seems you’ve hit https://github.com/PowerDNS/pdns/issues/6070 > > >> p.s. it's difficult to provide you with our domains and records as they >> contain customers stuff. Especially we could not do that onlist. But now >> I think the source of error is narrowed down anyway :-) > > I completely understand and am very happy to send you my standard NDA > agreement and very reasonable consulting rates if you reply to me off list. > > Kind Regards, > > Frank Louwers > Certified PowerDNS Consultant > ___ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Tobi, > >> HTTP ISE for "/api/v1/servers/localhost/zones/REDACTED.tld": STL >> Exception: Parsing record content (try 'pdnsutil check-zone'): Data >> field in DNS should start with quote (") at position 0 of 'v=spf1 >> -all' > It seems you’ve hit https://github.com/PowerDNS/pdns/issues/6070 > p.s. it's difficult to provide you with our domains and records as they > contain customers stuff. Especially we could not do that onlist. But now > I think the source of error is narrowed down anyway :-) I completely understand and am very happy to send you my standard NDA agreement and very reasonable consulting rates if you reply to me off list. Kind Regards, Frank Louwers Certified PowerDNS Consultant ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Frank think we're getting closer ;-) I added a new testdomain to pdns and that one was no problem on endpoint. After enabling debug in pdns.conf the following line jumped to my eyes > HTTP ISE for "/api/v1/servers/localhost/zones/REDACTED.tld": STL > Exception: Parsing record content (try 'pdnsutil check-zone'): Data > field in DNS should start with quote (") at position 0 of 'v=spf1 > -all' although the recommended check-zone does not show any error or warning. If I dig the SPF for that domain it properly shows > "v=spf1 -all" in dns response from pdns auth server. So my question now is how is it possible that the very same record is formatted correctly to be returned as DNS reply but it fails according to API? That does somehow not make much sense to me ;-) Cheers tobi p.s. it's difficult to provide you with our domains and records as they contain customers stuff. Especially we could not do that onlist. But now I think the source of error is narrowed down anyway :-) Am 07.05.19 um 17:11 schrieb frank+pdns--- via Pdns-users: > Hi Tobi, > >> >> is there a switch to just enable debug for api or has the debug to be >> enabled globally? Will try with debug and let the list know my findings :-) > > Pre 4.2, this has to be done globally. See the “loglevel” parameter: > https://docs.powerdns.com/authoritative/settings.html#loglevel > > Could you also show us a full copy of the pdns.conf file, and a "select *” > from the domains, records and domainsmetadata SQL tables? > > Frank > ___ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Tobi, > > is there a switch to just enable debug for api or has the debug to be > enabled globally? Will try with debug and let the list know my findings :-) Pre 4.2, this has to be done globally. See the “loglevel” parameter: https://docs.powerdns.com/authoritative/settings.html#loglevel Could you also show us a full copy of the pdns.conf file, and a "select *” from the domains, records and domainsmetadata SQL tables? Frank ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Frank yes for that endpoint ALL domains are affected. Small or big has no influence on the error. In the testdomain there are 8 records according list-zone and check-zone does not report any error > Checked 8 records of 'REDACTED', 0 errors, 0 warnings. > If that looks fine, then I would enable / increase logging of the API > component and see if the logs tell you something more. is there a switch to just enable debug for api or has the debug to be enabled globally? Will try with debug and let the list know my findings :-) Thanks and have a good one tobi Am 07.05.19 um 16:55 schrieb frank+pdns--- via Pdns-users: > Hi Tobi, >> >> curl -X GET -H 'X-API-Key: MY_API' >> http://127.0.0.1:8081/api/v1/servers/localhost/zones/mydomain.tld >> >> I get a http 500 "Internal Server Error" message. Like said it's the >> only query that fails. Any other for example >> >> >> Anyone an idea what goes wrong here? >> Can I somehow enable debug of the api part of pdns? > > > That API endpoint is certainly correct and should work. Do you only have that > problem with a particular zone or with all zones? Is the zone very large by > chance? > > The best way to start debugging this, is first to check if pdns itself can > access the zone and the zone looks “sane” (do a pdnsutil list-zone > domain.tld, and a pdnsutil check-zone domain.tld). If that looks fine, then I > would enable / increase logging of the API component and see if the logs tell > you something more. > > Kind Regards, > > Frank Louwers > PowerDNS Certified Consultant > ___ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Tobi, On 07-May-2019 16:49 CEST, wrote: > Hi list > > I have an application which access the pdns server via the api > interface. I'm using pdns 4.1.8 on a CentOS 7 with latest updates. pdns > runs with mysql backend on mariadb. > > All except one api query work as expected but when I fire such a query > > curl -X GET -H 'X-API-Key: MY_API' > http://127.0.0.1:8081/api/v1/servers/localhost/zones/mydomain.tld > > I get a http 500 "Internal Server Error" message. Like said it's the > only query that fails. Any other for example > > http://127.0.0.1:8081/api/v1/servers/localhost/zones > > lists the zones available without any problem. > > The documentation on > https://doc.powerdns.com/authoritative/http-api/zone.html specifies this > endpoint as valid > > > GET /servers/{server_id}/zones/{zone_id} > > Anyone an idea what goes wrong here? > Can I somehow enable debug of the api part of pdns? It works fine for me, also on a 4.1.8 Auth configuration. Could you paste your pdns.conf, as well as the output from the listing of all zones from the API? (just a single zone will be enough) Please do not obfuscate it [1] [1] https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/ Cheers, -- Nico ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns server api access leads to "Internal Server Error"
Hi Tobi, > > curl -X GET -H 'X-API-Key: MY_API' > http://127.0.0.1:8081/api/v1/servers/localhost/zones/mydomain.tld > > I get a http 500 "Internal Server Error" message. Like said it's the > only query that fails. Any other for example > > > Anyone an idea what goes wrong here? > Can I somehow enable debug of the api part of pdns? That API endpoint is certainly correct and should work. Do you only have that problem with a particular zone or with all zones? Is the zone very large by chance? The best way to start debugging this, is first to check if pdns itself can access the zone and the zone looks “sane” (do a pdnsutil list-zone domain.tld, and a pdnsutil check-zone domain.tld). If that looks fine, then I would enable / increase logging of the API component and see if the logs tell you something more. Kind Regards, Frank Louwers PowerDNS Certified Consultant ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] pdns server api access leads to "Internal Server Error"
Hi list I have an application which access the pdns server via the api interface. I'm using pdns 4.1.8 on a CentOS 7 with latest updates. pdns runs with mysql backend on mariadb. All except one api query work as expected but when I fire such a query curl -X GET -H 'X-API-Key: MY_API' http://127.0.0.1:8081/api/v1/servers/localhost/zones/mydomain.tld I get a http 500 "Internal Server Error" message. Like said it's the only query that fails. Any other for example http://127.0.0.1:8081/api/v1/servers/localhost/zones lists the zones available without any problem. The documentation on https://doc.powerdns.com/authoritative/http-api/zone.html specifies this endpoint as valid > GET /servers/{server_id}/zones/{zone_id} Anyone an idea what goes wrong here? Can I somehow enable debug of the api part of pdns? Thanks for any idea tobi ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] PowerDNS & Open Source
Hi everyone, First, apologies for boring you with a non-technical post. But I still think it is important. More than three years ago we announced that PowerDNS would be shipping non open source software, also known as the PowerDNS Platform. We hoped that you would understand. https://blog.powerdns.com/2016/02/23/an-important-update-on-new-powerdns-products/ I know that some of you must have worried this would lead to neglect of our open source offerings. Since that time, all our products have grown and improved, with dnsdist as a specific example - it now powers vast amounts of nameservers, protecting them against denial of service attacks & replacing costly hardware load balancers. In this new post, "How PowerDNS is Open Source & a successful business, or, why are we talking about 5G?" https://blog.powerdns.com/2019/05/07/how-powerdns-is-open-source-a-successful-business-or-why-are-we-talking-about-5g/ we explain what we are doing these days, and why we are suddenly writing stuff about things like 5G DNS or 'DNS over HTTPs for telcos'. One reason why you might care is that if you love open source, you may be aware that it is not always easy to get large companies to actually run open source. Expensive vendors however somehow are able to convince senior management to run their stuff - even if it is worse. One thing we have been able to do over the past few years is to also become good at that game. We have very good people now that are able to convince companies to run our software. This is why we talk about "5G DNS" - everyone does, so we do so as well, but we've tried hard to tell a story that actually makes sense, https://www.powerdns.com/5g.html - if you offer low latency network access, please also make sure your nameserver is fast. Meanwhile, what I think many of you feared, we have also managed not to turn into a horrible corporate company you can no longer talk to. We're still there on our IRC channel and not going anywhere. So again, apologies for perhaps boring you with this commercial stuff, but I do think it is important for everyone to know what we have been up to, and how we have been able to get our open source software deployed so much more widely. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] PowerDNS Recursor 4.2.0 Beta 1 Released
Hi, (via: https://blog.powerdns.com/2019/05/07/powerdns-recursor-4-2-0-beta-1-released/ ) The Beta 1 release comes with a lot of bug fixes, improvements and also some new features: - Add a new `max-cache-bogus-ttl` option to cap the TTL of a record that has been validated as `Bogus` in the query cache, so it is not kept around for days if the initial TTL is high, - Add options `dont-throttle-names` and `dont-throttle-netmasks` to throttle authoritative servers that do not answer queries or send responses the recursor does not like, - Add an option (`pdns-distributes-queries`) to make the distributor thread use a bounded load-balancing algorithm while distributing queries to worker threads, making sure that no thread is assigned more queries than `distribution-load-factor` times the average number of queries currently processed by all the workers. Please see the changelog[1] for details. This release was made possible by contributions from: Aki Tuomi, Chris Hofstaedtler, Shane Kerr and Sebastian. The tarball[2] (signature[3]) is available at https://downloads.powerdns.com/releases/ and packages for CentOS 6 and 7, Debian Jessie, Stretch and Buster, Ubuntu Trusty, Xenial, Bionic and Cosmic are available from https://repo.powerdns.com/. Please send us all feedback and issues you might have via the mailing list[4], or in case of a bug, via GitHub[5]. [1] https://doc.powerdns.com/recursor/changelog/4.2.html#change-4.2.0-beta1 [2] https://downloads.powerdns.com/releases/pdns-recursor-4.2.0-beta1.tar.bz2 [3] https://downloads.powerdns.com/releases/pdns-recursor-4.2.0-beta1.tar.bz2.sig [4] https://mailman.powerdns.com/mailman/listinfo/pdns-users [5] https://github.com/PowerDNS/pdns/issues/new Regards, -- Erik Winkels PowerDNS.COM BV -- https://www.powerdns.com signature.asc Description: PGP signature ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users