Re: [Pdns-users] Is it possible to un-resolve a domain?
On Tue, Aug 22, 2006 at 02:42:30AM +1000, Richard McLean wrote: Not sure if this is a wacky idea or not, but I was wondering if it's possible to add a domain to our DNS to make it NOT resolve? I know it's possible to set it to resolve to a bogus IP, but I'd like for it to give an NXDOMAIN rather than that. Is that possible? Interesting idea! An entirely empty zone would achieve most of that, consisting only of a SOA record and possibly some NS records. If you do this for the zone 'something.com', 'www.something.com' will get an NXDOMAIN. However, a query for the A record of 'something.com' with get a NOERROR with a SOA attached, which behaves almost like an NXDOMAIN in actual effect. To only blank out www.something.com, add a 'www.something.com' empty zone, which would then get the NOERROR with the SOA attached. Would this be good enough for you? Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Recursion failing on certain records?
On Tue, Aug 22, 2006 at 11:52:05AM -0600, Kirk Friggstad wrote: I've been puzzling through some strangeness in our PowerDNS installations here. Recursive queries for certain records/domains have been failing consistently for a number of weeks - two examples are: mail.acegroup.cc mail.hivelocity.net Could you run tcpdump -s 1600 -i any -w for-bert port 53 on your PowerDNS 2.9.20 server while you query it for mail.acegroup.cc, and mail me the for-bert file separately (privately)? Also, if possible, could you run the recursor your 2.9.20 server points to in --verbose --trace mode while you query, and send me the logs? It doesn't appear there is anything obviously wrong with your setup. Thanks. Querying a 2.9.20 recursor directly returns a SERVFAIL. Can you double double double check you are pointing both your auth servers at the 3.1.2 version? Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns_server 2.9.20 FreeBSD ipv6 problem
On Thu, Aug 24, 2006 at 11:31:26PM +0200, Sten Spans wrote: Powerdns authoritive has issues binding to ipv6 addresses on freebsd, bind() returns EADDRNOTAVAIL. Thanks for noticing Sten! Fixed in commits 886 and 885, http://wiki.powerdns.com/projects/trac/changeset/885 and http://wiki.powerdns.com/projects/trac/changeset/886 To apply, see http://wiki.powerdns.com/projects/trac/wiki/HACKING Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Reverse Delegation
On Mon, Sep 04, 2006 at 05:00:59PM -0500, Operations wrote: Can anyone direct me to documentation on how to implement reverse delegation on PowerDNS? Can you have a name please? I hate to communicate with 'operations'. Reverse delegation with PowerDNS is just DNS, in other words, for 10.0.0.1, make a zone called 0.0.10.in-addr.arpa, and add an entry to it for 1.0.0.10.in-addr.arpa etc. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Failing to give SOA record for slave zones
On Thu, Oct 05, 2006 at 05:04:37PM +0100, Tom Z. Napierala wrote: I'm using PDNS 2.9.20. When I'm trying to get SOA for domains configured on that server I'm getting SERVFAIL. syslog output is as follows: Oct 5 16:59:53 ns4 pdns[20758]: Not authoritative for 'domain.tld', sending servfail to xxx.xxx.xxx.xxx.(recursion was desired) Please show output of: select * from domains where name='domain.tld' and select * from records where name='domain.tld' Please supply details of the zone's master privately. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns recursor together with bind9 (IPv6 issue?)
On Sun, Oct 08, 2006 at 11:55:07AM +0200, Marco Davids wrote: Bind9 can be configured to listen on certain IPv4 addresses, but for IPv6 the possible choices are either 'any' or 'none'. It seems this is the root-cause of my problem, but I do not quite understand precisely why. It probably binds to ::0, which means it also binds to 0.0.0.0, which means to *all* IPv4 and IPv6 addresses. (netstat clearly shows that bind9 is *not* in the way on that ipv4 address though) It will probably show IPv6 ::0. good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: R: R: [Pdns-users] Pdns 2.9.20 - 21 svn crash
On Fri, Oct 27, 2006 at 04:53:39PM +0200, Marco Chiavacci wrote: Same result with this fix: Did you perhaps run 'pdns_control rediscover'? That might also have caused this crash. If you did, the log will list 'Rediscovery was requested'. The cause of that command causing a crash is fixed in commit 906: http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/906 Can you double check you are actually running the recompiled version? Thanks! I appreciate the quick feedback. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: R: R: R: [Pdns-users] Pdns 2.9.20 - 21 svn crash
On Fri, Oct 27, 2006 at 06:33:28PM +0200, Marco Chiavacci wrote: Only with load (1-2mbit/s of queries + rediscover or reload) the problem appears. Ok. I'm investigating this further, you are probably the biggest bindbackend user out there, which is why you are discovering bugs nobody has seen before. Thanks for your information, Marco! In the meantime, could you (privately) send me your PowerDNS configuration file? Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] problem with slave domains odbc backend w2000
On Fri, Nov 03, 2006 at 06:17:44AM +0100, Adam Bazylczyk wrote: I am using odbc backedn on Windows with MS Access database file. Master domains working very good with AXFR but when I input any slave domain in domains table, everytime is error and pdns service stop. Can anybody help me, I can find any idea where is problem. My system is W2000. I have over 500 master domains and can't work with slave now :( The windows version of PowerDNS is very old and stale. We'd love to ship a new version, but it is a lot of work. We've asked a few windows users if they would consider sponsoring a new Windows release, but nobody was interested. So I'm afraid we can't really help you with this old version of PowerDNS.. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] PowerDNS Recursor 3.1.4, second pre-release, please test!
Hi everybody, In a few days we want to release version 3.1.4 of the PowerDNS recursor. If you have any chance, please test the second prerelease to see if it works, and if it solves any problems you may have been seeing. Available at: http://svn.powerdns.com/snapshots/pdns-recursor-3.1.4-pre2.tar.bz2 http://svn.powerdns.com/snapshots/pdns-recursor-3.1.4pre2-1.i386.rpm http://svn.powerdns.com/snapshots/pdns-recursor_3.1.4-pre2-1_i386.deb Release notes: This is yet another release that mostly fixes minor issues. An upgrade is recommended, as the combined fixes improve the recursor considerably. Bugs: * On certain error conditions, PowerDNS would neglect to close a socket, which might therefore eventually run out. Spotted by Stefan Schmidt, fixed in commits 892, 897, 899. * Some nameservers (including PowerDNS in rare circumstances) emit a SOA record in the authority section. The recursor mistakenly interpreted this as an authoritative NXRRSET. Spotted by Bryan Seitz, fixed in commit 893. * In some circumstances, PowerDNS could end up with a useless (not working, or no longer working) set of nameserver records for a domain. This release contains logic to invalidate such broken NSSETs, without overloading authoritative servers. This problem had previously been spotted by Bryan Seitz, 'Cerb' and Darren Gamble. Invalidations of NSSETs can be plotted using the nsset-invalidations metric, available through rec_control get. Implemented in commit 896 and commit 901. * PowerDNS could crash while dumping the cache using rec_control dump-cache. Reported by Wouter of WideXS and Stefan Schmidt and many others, fixed in commit 900. * Under rare circumstances (depleted TCP buffers), PowerDNS might send out incomplete questions to remote servers. Additionally, on big-endian systems (non-Intel and non-AMD generally), sending out large TCP answers questions would not work at all, and possibly crash. Brought to our attention by David Gavarret, fixed in commit 903. * The recursor contained the potential for a dead-lock processing an invalid domain name. It is not known how this might be triggered, but it has been observed by 'Cerb' on #powerdns. Several dead-locks where PowerDNS consumed all CPU, but did not answer questions, have been reported in the past few months. These might be fixed by commit 904. Improvements: * PowerDNS has support to drop answers from so called 'delegation only' zones. A statistic (dlg-only-drops) is now available to plot how often this happens. Implemented in commit 890. * Hint-file parameter was mistakenly named hints-file in the documentation. Spotted by my Marco Davids, fixed in commit 898. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Two PowerDNS Recursor Vulnerabilities
Please find attached two PowerDNS Recursor Vulnerabilities.
PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a
buffer overflow which might be exploitable
Table 1-1. PowerDNS Security Advisory
++
| CVE | CVE-2006-4251 |
|--+-|
| Date | 13th of November 2006 |
|--+-|
| Affects | PowerDNS Recursor versions 3.1.3 and earlier, on all|
| | operating systems. |
|--+-|
| Not affected | No versions of the PowerDNS Authoritative Server|
| | ('pdns_server') are affected. |
|--+-|
| Severity | Critical|
|--+-|
| Impact | Potential remote system compromise. |
|--+-|
| Exploit | As far as we know, no exploit is available as of 11th |
| | of November 2006. |
|--+-|
| Solution | Upgrade to PowerDNS Recursor 3.1.4, or apply the|
| | patches referred below and recompile|
|--+-|
| | Disable TCP access to the Recursor. This will have |
| | slight operational impact, but it is likely that this |
| | will not lead to meaningful degradation of service. |
| | Disabling access is best performed at packet level, |
| Workaround | either by configuring a firewall, or instructing the|
| | host operating system to drop TCP connections to port |
| | 53. Additionally, exposure can be limited by|
| | configuring the allow-from setting so only trusted |
| | users can query your nameserver.|
++
PowerDNS Recursor 3.1.3 and previous miscalculate the length of incoming
TCP DNS queries, and will attempt to read up to 4 gigabytes of query into
a 65535 byte buffer.
We have not verified if this problem might actually lead to a system
compromise, but are acting on the assumption that it might.
For distributors, a minimal patch is available on the PowerDNS wiki.
Additionally, those shipping very old versions of the PowerDNS Recursor
might benefit from this patch.
The impact of these and other security problems can be lessened by
considering the advice in Chapter 7.
PowerDNS Security Advisory 2006-02: Zero second CNAME TTLs can make
PowerDNS exhaust allocated stack space, and crash
Table 1-2. PowerDNS Security Advisory
++
| CVE | CVE-2006-4252 |
|--+-|
| Date | 13th of November 2006 |
|--+-|
| Affects | PowerDNS Recursor versions 3.1.3 and earlier, on all|
| | operating systems. |
|--+-|
| Not affected | No versions of the PowerDNS Authoritative Server|
| | ('pdns_server') are affected. |
|--+-|
| Severity | Moderate|
|--+-|
| Impact | Denial of service |
|--+-|
| Exploit | This problem can be triggered by sending queries for|
| | specifically configured domains |
|--+-|
| Solution | Upgrade to PowerDNS Recursor 3.1.4, or apply commit |
| | 919.|
Re: [Pdns-users] PDNS not authoritative for it's own zones
On Fri, Nov 24, 2006 at 03:42:34PM +, Tom Z. Napierala wrote: Nov 24 15:42:55 debian pdns[714]: Not authoritative for 'testdomain.com', sending servfail to 127.0.0.1 (recursion was desired) Is that normal? Why I can't get SOA for that domain? We've been testing that problem for a long time with you, and it does not appear to go away. However, you are the only one reporting it and everything we tried did not help. Did you turn on query-logging as I requested previously? -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: Multiple Masters with MySQL backend.
On Mon, Nov 27, 2006 at 11:41:50AM -0800, Augie Schwer wrote: Nothing huh? I can alter the table to remove the unique index, but it's unclear whether the backend will be able to handle multiple domain entries with different masters. PowerDNS does not (yet) implement multiple master. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Real Stats
On Fri, Dec 01, 2006 at 01:59:26PM +, Mark Watts wrote: On 5 machines? Anybody who can top this? The highest number we've seen intesting was 8 qps on a very large Sun machine, but that was testing and not production. How does one generate these stats messages? The recursor outputs them once every 30 minutes, or whenever you send a SIGUSR1. The authoritative server has a built-in webserver that can be queried. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Re: [Pdns-dev] Re: Domains with binary (e.g. UTF-8) labels
On Sun, Dec 17, 2006 at 01:07:33PM +, Julian Mehnle wrote: Please stop patronizing me. I know what UTF-8 is. If the database (...) then why did you have me file it? (And have you actually read my ticket? Come back when you've learned to work with the open source community. I'd love to help you, but this is not going anywhere. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Installing recursor and nameserver on one server
On Sun, Dec 17, 2006 at 07:41:47PM -, Matt Cooling wrote: I would like to install both the PowerDNS authoritative server and the PowerDNS recursor on the same server. Is there any documentation which explains how to do this? If I try and install both RPMs I get a conflict message: Indeed - there is no separated out RPM for the auth server as yet, apologies for this. However, the Kees Monshouwer RPMs might help: ftp://ftp.monshouwer.com/pub/linux/ Please let us know! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: [Pdns-dev] Re: Domains with binary (e.g. UTF-8) labels
On Wed, Dec 20, 2006 at 01:20:41AM -0500, Dean Anderson wrote: Please stop patronizing me. I know what UTF-8 is. If the database (...) then why did you have me file it? (And have you actually read my ticket? Yikes. Julian has a point. If you're __planning__ to blow him off, why have him file a ticket? That isn't the open source community way of I wasn't - but I care about 'form'. I do not appreciate being spoken to in the way discribed above. If you want stuff changed, either convince an open source project, or sponsor the changes you desire. You do not berate the author, it makes no sense, it does not work. On the other hand, I was in a pretty foul mood when that message came in. But still, it is NOT the best way to get an open source project to do something. I recommend grovelling. Beating people around with quotes from the holy RFCs is not enough - especially if the author of said open source program has come to realise not all RFCs are holy. bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: Re: Domains with binary (e.g. UTF-8) labels
On Wed, Dec 20, 2006 at 09:45:09AM +0100, Benny Amorsen wrote: That won't happen. In UTF-8, all multibyte characters have the high bit set in every byte. If I understand correctly, what the new RFCs promise us, is that DNS is binary safe, including dots within a label, with the provision that queries for labels containing [a-z] characters also match labels containing [A-Z] in that same place. So, a query for \x00\x01\0x02Q\x03 would match the label \x00\0x1\0x02q\x03. Which in general means that, even if the world would be according to those newer RFCs, you cannot store *arbitrary* binary labels in DNS, since some of them might be different to you, but equal to DNS (they only differ in the 'case bit' of one or more [a-zA-Z] octets). This restriction however does allow for safe transport of UTF-8 through DNS, as seen from RFC 2181 and the case sensitivity one mentioned. An UTF-8 octet is either 7-bit clean, in which case case sensitivity is, well, not a real problem, or it has the high bit set, in which case the octet is outside of the [a-zA-Z] range. However, for a reality check, do realise the DNSSEC people decided not to take advantage of binary labels, but use base32 encoding, and packet size is of concern to them. They might've used base204 encoding, which would've led to lots smaller packets. End to end UTF-8 DNS w/o IDN is not around the corner, and not just because of PowerDNS. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Re: Domains with binary (e.g. UTF-8) labels
Certainly (IDN was invented for a reason). The Web page http://cr.yp.to/djbdns/idn.html shows an awful ignorance of both Unicode and DNS. I haven't visited that site yet, but will do so now :-) Dec 8 13:09:47 mastermind pdns[23171]: Received a malformed qdomain from X.Y.Z.T, 'SUIVI MATERIEL.local.fr': dropping Dec 8 13:09:50 mastermind pdns[23171]: Received a malformed qdomain from X.Y.Z.T, 'www;pajemploi.ursaff.fr': dropping Dec 8 13:10:09 mastermind pdns[15986]: Received a malformed qdomain from X.Y.Z.T, 'c??dric.local.fr': dropping So it seems that PowerDNS has trouble, not only with 8-bits characters but with legal DNS ASCII characters like the semicolon, as well. PowerDNS only has *real* trouble right now with the | character in DNS, as we use that internally. This could easily be fixed. The rest is the result of some scary PostgreSQL messages at one point and that we believed DNS was only supposed to contain [a-zA-Z0-9-_], a very widely held belief. In fact, up to two weeks ago, I still thought this was the case. Most people think so. So, to solve those PostgreSQL messages, we decided to disallow any and all queries with characters outside the range [a-zA-Z0-9-_], which we thought was ok. The PostgreSQL messages in turn were caused by it interpreting random queries as UTF-8, but we decided not to really tackle that issue because we thought those queries were illegal anyhow, and could safely be dropped. So now you know ;-) We'll work on both issues - the '|' thing needs to go anyhow. I'm unsure however if we'll find a way to get databases to be both case-insensitive and not care about what looks like UTF-8, but isn't. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Recursor crashes
On Wed, Dec 20, 2006 at 04:51:18PM +0100, Tobias Orlamuende wrote: since today from around 1:30 pm we are having recursor crashes on both of our nameservers. They are running pdns-recursor 2.9.17-13sarge3 and pdns-server 2.9.17-13sarge3 (as you can see, both on Debian). Brief reply, this is very possible - try upgrading at least the recursor to 3.1.4. Larger reply later on. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: Re: [Pdns-users] Recursor crashes
On Wed, Dec 20, 2006 at 06:34:24PM +0100, Tobias Orlamuende wrote: The larger reply would be very appreciated. :-) Unfortunately there are no .deb's of the new versions available (neither at Debian directly nor at backports.org). Can anybody provide them? Yes, we can: http://downloads.powerdns.com/releases/deb/pdns-recursor_3.1.4-1_i386.deb Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] mx failure scenario
On Thu, Dec 21, 2006 at 10:00:30AM -0800, gnu not unix wrote: I have a problem with my parent zone (sf.ca.us), where they are running powerdns (they used to run bind), and this change seems to have resulted in my loss of email connectivity. Something definitely is odd: $ dig +norecurs -t mx wraith.sf.ca.us @B.AUTH-NS.SONIC.NET. ; DiG 9.3.2 +norecurs -t mx wraith.sf.ca.us @B.AUTH-NS.SONIC.NET. ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 42774 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 2 ;; QUESTION SECTION: ;wraith.sf.ca.us. IN MX ;; AUTHORITY SECTION: sf.ca.us. 259200 IN SOA ns1.sonic.net. hostmaster.sonic.net. 2006122102 3600 300 1209600 3600 wraith.sf.ca.us.3600IN NS wraith.sf.ca.us. wraith.sf.ca.us.3600IN NS smidge.wraith.sf.ca.us. ;; ADDITIONAL SECTION: wraith.sf.ca.us.3600IN A 192.58.220.5 smidge.wraith.sf.ca.us. 3600IN A 192.58.220.65 ;; Query time: 163 msec ;; SERVER: 64.142.88.72#53(64.142.88.72) ;; WHEN: Thu Dec 21 22:33:18 2006 ;; MSG SIZE rcvd: 169 This SOA record should not be there. I have no easy explanation why it is there. You might want to ask your ISP to check if their domains table is up to date. One thing that looks odd, but is completely legal, is that you have an NS record pointing to the name of your zone. Conceivably, this might be confusing PowerDNS, as this is somewhat rare. People mostly have: wraith.sf.ca.us IN NS ns1.wraith.sf.ca.us wraith.sf.ca.us IN NS smidge.wraith.sf.ca.us Although this *should* not be the problem. Perhaps it is in your power to give your nameserver a different name. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Suse Linux and MS SQL
On Thu, Jan 04, 2007 at 11:13:50AM -0500, Michael C. Gates wrote: Great, I will try it out. So Suse Linux will work fine for PDNS? The problem I am having is it is crashing every 15 minutes in windows. I wrote a routine to restart it every half hour, but it is getting out of hand now. It was I don't think SQL Server support under Unix/Linux is actually working out of the box. It did work in the past but we never released the code, and it has since become outdated. It looks like it would take a few days to revive the UNIX based SQL Server support, but we are very sure it will work great as we've done work with SQL server from linux before. Sadly, we don't get a lot of requests for SQL Server based PowerDNS, so it is not very high on our agenda. (btw, the windows version has an easier time as it accesses sqlserver through the generic ODBC backend, but the windows version has other problems). Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Suse Linux and MS SQL
On Thu, Jan 04, 2007 at 05:06:42PM -0500, Michael C. Gates wrote: Great, I will power up the server later this week... Oh shoot, it already is later! I guess I am behind... Well, I will set it up in the next couple of days, and see where I get. This is also a fine option, I hadn't realised OpenDBX had FreeTDS support! Please let us know how things work out. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor -- max memory limit
On Mon, Jan 08, 2007 at 10:18:16AM -0600, Matt Patterson wrote: Thanks for the info. I was hoping someone had stats on the number of entries and memory usage. There is no hard and fast rule. As I stated earlier: Also new in this version is 'max-cache-entries' which allows you to limit the cache to say, a reasonable 1 million entries. I'd love to be able to have you specify a limit in megabytes but it is very hard to measure actual memory usage. DJBDNS can do it but it requires too much work to do it from c++. The actual usage will depend on the version of compiler, cpu type, version of 'boost' library and usage patterns. 99% of people can get away with 'max-cache-entries=100' and be on the safe side. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] using wildcards with multiple backends
On Wed, Jan 10, 2007 at 04:21:31PM -0500, Jay Coulter wrote: We've developed a custom backend for PDNS at a clients request that is authoritative for any DNS request passed to it. They would like to use real functionality of the DNS server with the GMysql backend in front of Jay, Could you go into some more detail? PowerDNS translates queries that don't match directly into a sequence of *.something quiries. But please elaborate a bit. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] problems with recursor
On Thu, Jan 11, 2007 at 09:53:11AM +0100, thomas polnik wrote: fyi: I use SuSE 10.1 with pdns-2.9.19-13.4 That is far too old I'm afraid for the recursor. Everybody is strongly urged to run 3.1.4. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] dig , trace and the recursor
On Thu, Jan 11, 2007 at 04:18:08PM +0100, thomas polnik wrote: Hello, I try the trace-option from dig, here is an example: -- snip -- $ dig www.google.de @130.149.4.20 +trace +trace and @ do not combine as you expect they would. But if I try it again to send the same request to recursor, I get an error: You are not sending it to the recursor but to the authoritative server, which states it has no knowledge of the root zone. You might find that adding --send-root-referral fixes your problem, although it is not a problem. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PowerDNS CentOS x86_64 MySQL 5 binaries
On Sun, Jan 14, 2007 at 09:18:18PM +1100, Devraj Mukherjee wrote: My server is generally used as a LAMP environment and is running MySQL 5, Apache 2 and PHP 5. These were fetched and installed using yum from the CentOSplus repository. I seem to have two versions of MySQL client and libraries installed and its because of various applications that exists on the server namely Postfix. Devrai, You might want to try the RPMs as generated by Kees Monshouwer, they are made for CentOS/RHEL: ftp://ftp.monshouwer.com/pub/linux/powerdns/ Please let us know if this works for you! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
sqlite3 support! Re: [Pdns-users] SQLite connection issues
It is not, the stock PowerDNS talks sqlite *2*. I think there is a patch floating around for sqlite 3, will see if I can find it. Found it! Thanks to Antony Lesuisse, we now have sqlite support, available as of revision 943. Snapshots can be found here: http://svn.powerdns.com/snapshots/943/ To use this backend, launch gsqlite3 instead of gsqlite. The parameters also change names. Please let us know if this works -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-dev] Re: [Pdns-users] mx failure scenario
On Thu, Jan 04, 2007 at 03:57:51PM -0800, Augie Schwer wrote: Here is where the spurious SOA gets inserted: The issue has been resolved by http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/947 Nothing in the regression test broke, so it should be safe. Also added a regression test to ensure the problem doesn't come back later. Thanks for the detailed report! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns_recursor / Solaris10 / port_getn
On Tue, Jan 16, 2007 at 01:33:14PM +0100, Christian Kuehn wrote: the new installed instance of pdns_recursor 3.1.4 on a Solaris 10/x86 stops to resolve, but running. Try running a very recent solaris 10 kernel, port_getn has had issues in the past, and we know Sun worked on it. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-2.9.21-svn.20070114.943.tar.gz
On Tue, Jan 16, 2007 at 10:52:15AM -0800, Augie Schwer wrote: On 1/15/07, Simon Pearce [EMAIL PROTECTED] wrote: I noticed that there is a new snapshot of powerdns 943 on the svn server. So i thought i would give it a try however the make process stopped complaining about a missing directory modules/gsqlite3backend. So i checked out the svn version and found the missing directory copied it over to the pdns-2.9.21-svn.20070114.943.tar.gz tarball. It then compiled fine was i doing someting wrong or is this a bug (missing files)? I believe Bert fixed this in the latest snapshot. Indeed I did. 943 should be good to go. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: Cannot compile because of MySQL even if I do not want MySql support
On Wed, Jan 17, 2007 at 03:23:21PM +0100, Stephane Bortzmeyer wrote: ./configure --with-modules=gpgsql --disable-mysql (Yes, both with-modules and disable-mysql) Brrr - will investigate. It seems to work but it fails later on: Is this from the SVN HEAD? Or from a snapshot downloaded from http://svn.powerdns.com/snapshots? Building from SVN can be tricky, and get you errors like below, based on subtle variations of the auto* toolset, and versions required. You may need a newer automake, see http://wiki.powerdns.com/cgi-bin/trac.fcgi/wiki/HACKING Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Re: Cannot compile because of MySQL even if I do not want MySql support
On Wed, Jan 17, 2007 at 03:41:33PM +0100, Stephane Bortzmeyer wrote: Building from SVN can be tricky, Yes, I see, I'll go back to releases :-) Snapshots might be the best inbetween. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Getting started with pdns
On Thu, Jan 18, 2007 at 11:47:44AM -0500, Gerald Britton wrote: Hi -- I'm just getting started with pdns on ubuntu edgy. I installed it using synaptic, which also starts the daemon. I tried a bunch of stuff, e.g. using firefox to visit several websites, then stopped firefox, lauched it again and did the same thing again. Finally, I did this: It is probably running, but it might not be in use. Check your configuration file if it is listening on the address you think it is listening on (by default, only 127.0.0.1), and check your /etc/resolv.conf to see if it is pointing at 127.0.0.1. Additionally, if you changed resolv.conf, but did not restart firefox, it might not be aware of the change. Finally, firefox contains its own cache and might simply not be performing queries that could be cached. To get accurate numbers, use 'rec_control get', see http://doc.powerdns.com/recursor-stats.html for which items you can 'get'. This may not work if your recursor is too old, unsure what 'edgy' ships. 1. Where is the cache stored? Can I vew it? 2. Why am I not getting any cache hits? You'll find instructions on how to dump the cache on or near the link I mentioned above. Additionally, try running the recursor with 'quiet=off' or even 'trace=on' for abundant detail about what is happening. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Getting started with pdns
On Thu, Jan 18, 2007 at 12:11:57PM -0500, Gerald Britton wrote: Hmm -- more trouble here: Try as root. Also, you need rec_control for the pdns_recursor. Do you actually need authoritative domains? You can run the recursor standalone without an authoritative frontend. Just starting pdns_recursor w/o parameters should do the trick. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Getting started with pdns
On Thu, Jan 18, 2007 at 12:30:53PM -0500, Gerald Britton wrote: Oh, I get it, only pdsn_recursor is running! So I used rec_control to dump the cache, which only has the basic entries. Then I did a bunch of host commands (cnn.com, powerdns.com, etc) to try to get some more in there, but when I was done, nothing had been added to the cache, which now is: Good. Try sending queries to your pdns_recursor explicitly. Take note which IP address it is listening on when you start, and send some queries its way, like this: dig www.poweredns.com @127.0.0.1 or host www.powerdns.com 127.0.0.1 By default 'dig' and 'host' etc send their queries to the address configured in /etc/resolv.conf, which may not point at 127.0.0.1. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PowerDNS 2.9.20 and TCP queries.
On Thu, Jan 18, 2007 at 03:26:51PM -0600, Jeff Fisher wrote: We've run PowerDNS on our authoritative name servers for quite some time; however, I noticed after upgrading to 2.9.20 that after the name server is running for X days, TCP queries just time out and restarting the PowerDNS service fixes the problem. It is a real issue that many people have reported. All causes we've found of this happening are fixed in snapshot http://svn.powerdns.com/snapshots/949/ However, the RPM in that snapshot has been reported to crash immediately for some people - even before answering a single packet. If that happens, try to compile from the tar.gz. in the snapshot. Has anyone experienced anything similar? Is there anything I can do to help determine if this is a real bug? If at all possible, please help verify that snapshot 949 does not have the problem. Thanks! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Classless in-addr.arpa delegation broken?
On Tue, Jan 30, 2007 at 03:22:20PM -0800, Augie Schwer wrote: It seems in certain cases PowerDNS does not volunteer the CNAME it has when asked for a PTR; which will break sites with rfc2317 (http://www.ietf.org/rfc/rfc2317.txt) setup. This is a bug in the previous bugfix we performed for you, in r950. So this does not impact the general public. We'll fix your fix. It would help tremendously if you could mail the exact zone causing the problems, as a mysqldump or as a standard zonefile. Thanks! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] How to switch bind to running on other port ?
On Wed, Jan 31, 2007 at 10:48:17AM +0800, [EMAIL PROTECTED] wrote:
Hi!
I want to use pdns as port # 53 , and bind as some other port, say 1 ,
how to do it ?
Hi James,
Within your BIND options block, add something like:
options {
port 1;
};
See:
http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html#Configuration_File_Grammar
Good luck!
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Problems with pdns-recursor
On Wed, Jan 31, 2007 at 02:09:24PM +0200, Andy Rabagliati wrote: And show us the output while querying for the domain that has the problem. Please include all logging from the start, and all 'dig' output. I verified I have no old copies of pdns_recursor lying around. Thanks. The machine musselcracker is our firewall. My desktop (quail) routes through it. From my desktop (also ubuntu dapper), I see this :- To recap: dig on desktop: can talk to 72.212.18.41, can't talk to 76.212.18.42 dig on firewall: can't talk to 72.212.18.41, no data about 42 From the trace: Jan 31 13:46:58 [1] visolve.com.: Resolved 'visolve.com.' NS ns1.visolve.com. to: 76.212.18.41 Jan 31 13:46:58 [1] visolve.com.: Trying IP 76.212.18.41, asking 'visolve.com.|A' Jan 31 13:46:58 [1] visolve.com.: error resolving Jan 31 13:46:58 [1] visolve.com.: Resolved 'visolve.com.' NS ns2.visolve.com. to: 76.212.18.42 Jan 31 13:46:58 [1] visolve.com.: Trying IP 76.212.18.42, asking 'visolve.com.|A' Jan 31 13:46:58 [1] visolve.com.: error resolving From the immediacy of the error, I'm betting you have a firewall somewhere rejecting you - this is not a timeout. Check if there are firewall rules on the pdns machine itself (iptables -L -n -v), if that is not the case, run tcpdump on the pdns machine to see if packets actually leave the computer. To summarise, I don't think this is a PowerDNS problem. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] VM image
On Thu, Feb 01, 2007 at 04:06:55PM -0500, Zack Kneisley wrote: And for those in the Americas ftp://ftp.firewireinternet.com/pub/freebsd-6.2-i386-powerdns.rar Can people write a single paragraph describing what is in this appliance? And what you need to run it? Then I can link it from the powerdns website. Thanks! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] VM image
On Fri, Feb 02, 2007 at 03:44:49AM -0500, David Rodgers wrote: I've also put together a small VM image running ubuntu 6.0.6 LTS server with powerdns/gmysql/poweradmin that I use to a couple of authoritative zones from my network at home that I would be willing to stick somewhere if anyone is interested. Yes please! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns.conf for slave server
On Tue, Feb 06, 2007 at 09:12:30PM +1100, Devraj Mukherjee wrote: Hi World, If anyone is running pdns as a slave dns server could you be kind enough to send me your configuration file. It can consist of the word word slave Plus database connectivity. There is nothing special there. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Force reload of MySQL-data
On Fri, Feb 09, 2007 at 09:42:03AM +0100, Christian Kuehn wrote: OK, I need to trigger pdns_server to see a new slave-domain in the domains-table, any idea how to do this? Perhaps pdns_control rediscover will do this. Otherwise, wait 60 seconds, it should pick up the new domain. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor cache storage?
On Thu, Feb 22, 2007 at 09:25:35AM -0500, Mike W wrote: Heya, I'm new to PDNS and I've been playing around with it the last few days. Everything works great, except I can't figure out a way to store my cached DNS entries. For example, when I stop pdns_recursor and start it again, I lose all the entries that were previously cached. I think only dnscache has a way to save/restore the cache, but I might be wrong. This is common behaviour. PowerDNS does allow one to dump the cache, but not yet to restore it. Also, is there any way I can make manual entries in the cache, say to make some entries for the hosts on my local network? --export-etc-hosts might be exactly what you want, see the documentation or manpages. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Preload the recursor?
On Wed, Feb 28, 2007 at 11:02:24AM -0500, B. Cook wrote: In dnsmasq or dnscache you can preload the cache with either domain information or where to find domain information. Yes, this is the 'hints' file, for example. Or you could use the 'auth-zones' feature to really load in authoritative zones. I'm not entirely sure if this answers your question, though. What is it exactly you want? Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns get killed my the operating system?
On Wed, Mar 07, 2007 at 10:12:22AM +0100, trietz wrote: Mar 07 09:59:43 No master domains need notifications Exiting because of STL error: Can't parse zone line '$include master/SOA.asp' This is fixed in snapshot 967, thanks for the report! See http://svn.powerdns.com/snapshots/967 Snapshot 966 fixed that this error is not fatal, 967 fixes the error itself. This problem was caused by our move to the new zone parser for the auth server as found in the recursor. Kind regards, bert hubert Mar 07 09:59:43 Exiting because of STL error: Can't parse zone line '$include master/SOA.asp' Other ideas? I will take a look at the pipe backend. Thanks for the information. Thomas bert hubert wrote: On Tue, Mar 06, 2007 at 04:36:05PM +0100, trietz wrote: When i start pdns in the monitor mode i can see it start to parse the zone files succesfully. The memory usage of pdns grows and when the system memory reach more than 4.5 gb the pdns process get killed with the following message: This looks like an unrelated bug. I'd normally tell you to try using the snapshot, but earlier today it was reported that the binaries on http://svn.powerdns.com/snapshots/959/ crashed on startup. It may work for you however. For such vast volumes of reverse zones, a specialised pipe backend might make sense, as you are now storing heaps and heaps and heaps of '1.2.3.4.in-addr.arpa' strings which use up a lot of memory. Bert !DSPAM:45ee8205273628139311174! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns get killed my the operating system?
On Thu, Mar 08, 2007 at 10:43:45AM +0100, trietz wrote: Ok, the parsing error is solved in snapshot 676. But pdns still failed on startup. From additional information it is clear PowerDNS needs more than 3G of memory on your system to host your zones, and for PowerDNS on a 32 bit system, 3G is the limit. We might be able to squeeze the new bind backend a bit more so it takes less memory to store your information though. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Re: Problems reading zones
On Thu, Mar 08, 2007 at 11:28:26PM +0100, Massimo Bandinelli wrote: massimonet.it. IN NS ns1.register.it. massimonet.it. IN NS ns2.register.it. localhost IN A 127.0.0.1 *** It seems that MX record is not well read. Oops - it appears the move to the 'next generation zone parser' was not complete yet. Please be aware that you are running snapshots, so strange things can happen. Fixed in snapshot 969, which is now compiling and will hopefully automatically be uploaded (while I sleep :)). Bert This is a dig result: ** dig @*** -t any massimonet.it ; DiG 9.3.1 @*** -t any massimonet.it ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 39835 ;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;massimonet.it. IN ANY ;; ANSWER SECTION: massimonet.it. 900 IN A 195.110.124.188 massimonet.it. 900 IN MX 0 10\009mail.register.it. massimonet.it. 900 IN NS ns1.register.it. massimonet.it. 900 IN SOA ns1.register.it. hostmaster.register.it. 2006102601 10800 3600 604800 86400 massimonet.it. 900 IN NS ns2.register.it. ** No errors during zone loading or reloading. Thanks for your work. Massimo. -Original Message- From: bert hubert [mailto:[EMAIL PROTECTED] Sent: gioved? 8 marzo 2007 10.03 To: Massimo Bandinelli Cc: pdns-users@mailman.powerdns.com Subject: Re: [Pdns-users] Segmentation fault On Thu, Mar 08, 2007 at 09:37:36AM +0100, Massimo Bandinelli wrote: About the 967. Fixed in 968, which will appear shortly. Thanks for noticing! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services !DSPAM:45f08e1657001866017729! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Re: Problems reading zones
On Fri, Mar 09, 2007 at 10:53:05AM +0100, Massimo Bandinelli wrote: Thank you for your nighlty fix. MX record now works correctly. I discover another problem reading zone. I attached two zones Fixed in 970, now being built. Perhaps we should take this patching out of the mailing list until we are done? Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Cname and Microsoft DNS problem
On Tue, Mar 13, 2007 at 10:08:10PM -0300, Andr? Muraro wrote: Domain: test.com.br WWWINCNAMEwww.remotedomain.com http://www.remotedomain.com If a dnscache or bind consult powerdns to resolve this entry www.test.com.br http://www.test.com.br the response is ok, if a Microsoft DNS consult PowerDNS the response is that entry don't exist Try setting --send-root-referral or send-root-referral in the configuration. This is a bug in Microsoft DNS then, but 'send-root-referral' should fix it. Please let us know! Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Cname and Microsoft DNS problem
On Wed, Mar 14, 2007 at 09:21:59AM -0300, Andr? Muraro wrote: Is there any special way to setting the parameter send-root-referral? No, just add that exact line to the pdns.conf. If that doesn't work, I need more detail from you, what errors windows gives you, tcpdumps from your server etc. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] some news, MOADNSParser from PowerDNS Recursor has now taken over the PowerDNS Authoritative Server!
Hi people, Some good news tonight. Firstly, EasyDNS [1] has sponsored the transition of the PowerDNS Authoritative Server to the packet parsing/generating structure as found in the PowerDNS Recursor already. This move has just been completed, and will now need a lot of testing before we release 2.9.21. [1] EasyDNS - http://www.easydns.com/ This will bring support for a host of new and exciting record types, like SSHFP, SPF, KEY and AFSDB. Snapshot 972 available on http://svn.powerdns.com/snapshots/972 contains the new code, which is still in very rough shape. It is however a lot shorter and more modern, which lowers our maintenance load - 1234 lines of code have been removed from PowerDNS, while adding functionality. Secondly, Aaldering ICT [2] and True BV [3], have sponsored a new server and colocation facility! Dave Aaldering has been implementing PowerDNS since almost the first release, True are big users of PowerDNS who provide high quality feedback, and have previously sponsored fixes. [2] Aaldering ICT - http://www.aalderingict.com/ [3] True - http://www.true.nl/index_en.html There is still some way to go to 2.9.21, but we are a lot closer than we were before the big 'MOADNSParser takeover'. If you want to help, please try out the snapshot, but be aware it might very well contain bugs at this stage! Many thanks to EasyDNS, Aaldering ICT and True for their support! Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] AFSDB records
AFSDB has been implemented in revision 978, please test! Packages will appear on http://svn.powerdns.com/snapshots shortly, pick any revision number equal to or higher than 978. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Release980 crashes
On Mon, Mar 19, 2007 at 05:56:23PM +0100, Simon Pearce wrote: I also gave the 980 snapshot a test on 2 of our production servers and it crashed within minutes with Many thanks, from this I can see what the problem is. Mar 19 14:29:33 rs2 pdns-canhost[13098]: Got a signal 6, attempting to print trace: /usr/lib/gcc/i686-pc-linux-gnu/4.1.1/libstdc++.so.6(_ZN9__gnu_cxx27__ver bose_terminate_handlerEv+0x150) [0xb7f0bbe0] /usr/sbin/pdns_server-instance(_ZN12MOADNSParser4initEPKcj+0x79) [0x81418f5] The MOADNSParser communicates its errors differently, and the main PowerDNS process doesn't catch the error, but let's it fall through, causing the process to exit. Working on a fix. Thanks for testing! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] TCP 'recursion desired' question problem fixed (ticket 118)
On Mon, Mar 19, 2007 at 11:36:26AM -0700, Jordan Tardif wrote: The whole 'tcpreceiver' subsystem has been cleaned up now, and should be more robust. Some more cleanups are pending though. The additional cleanups, plus the fix for the reported 'signal 6' problems, are available in snapshot 982. Please be very careful still with this snapshot, this code needs more testing. But please do test! http://svn.powerdns.com/snapshots/982 Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] PowerDNS on Windows will soon be supported!
Hi everybody, We're happy to report that dr Thomas Voss, one of the founders of iCOMcept GmbH, has re-ported the latest versions of PowerDNS to Windows, and that we will soon be merging their work, so we can release a full Windows version of PowerDNS again. Founded in 1997, iCOMcept is a Microsoft Gold Certified Partner, and they specialise in application development and security solutions. Please find more information about them on http://www.icomcept.de (in German). They have been operating PowerDNS on Windows for many years, and we are very happy and grateful that they have chosen to contribute their experiences and changes back to PowerDNS. The actual merge will probably be shortly after the release of 2.9.21, which is expected in April 2007. Kind regards, Bert Hubert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Possible fix for BIND-backend instability
Hi people, A possible fix for the BIND-backend stability problems has been implemented, at least one type of crash should be gone now. I'm somewhat hopeful there was only one problem, and that this should fix the issue for real. The fix in commit number 987, and is also available on http://svn.powerdns.com/snapshots/987 Please let us know if it fixes your problems! Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: [Pdns-dev] Now is the time to test the 2.9.21 snapshots + release notes.
On Mon, Apr 09, 2007 at 08:11:08PM +0200, Andy Rabagliati wrote: I would very much like to test this release against my LDAP server. And we very much want you to :-) However, the static .deb does not include LDAP support. Indeed, I've not managed to compile a static binary containing LDAP support. Anybody who has managed this trick, feel free to help out.. It appears impossible to compile in the 'SASL' details staticly. It seems the configure script lacks support selection of backends ? Try: ./configure --with-modules=ldap This should do exactly what you want. You are probably trying our Debian package building scripts? Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns 1023 linking problem Solaris 10
On Tue, Apr 10, 2007 at 10:57:47AM +0200, Christian Kuehn wrote: the newest snapshot compiles fine, but stops while linking the pdns: Good catch! Can you try revision 1025? There is no snapshot, but you can apply 1025 on top of 1024 as described in http://wiki.powerdns.com/cgi-bin/trac.fcgi/wiki/HACKING The patch to apply is: http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1025?format=diffnew=1025 You can also make the change manually to configure.in. Good luck! g++ -DSYSCONFDIR=\/opt/pdns-2.9.21/etc\ -DLIBDIR=\/opt/pdns-2.9.21/lib\ -DLOCALSTATEDIR=\/var/run\ -Ibackends/bind -D_REENTRANT -I/opt/src/build/boost_1_33_1 -Wall -O2 -o pdns_server ../modules/gmysqlbackend/gmysqlbackend.o ../modules/gmysqlbackend/smysql.o dnspacket.o nameserver.o qtype.o logger.o arguments.o packethandler.o tcpreceiver.o packetcache.o statbag.o dnsbackend.o ws.o webserver.o session.o misc.o receiver.o ueberbackend.o dynlistener.o dynhandler.o resolver.o communicator.o dnsproxy.o randombackend.o unix_utility.o common_startup.o unix_semaphore.o bindbackend2.o bindparser.o bindlexer.o huffman.o gsqlbackend.o base64.o sillyrecords.o zoneparser-tng.o dnsrecords.o dnswriter.o rcpgenerator.o dnsparser.o -L/opt/mysql/lib -lmysqlclient -ldl -lposix4 -lresolv -lnsl -lsocket -lpthread -lrt Undefined first referenced symbol in file uncompress /opt/mysql/lib/libmysqlclient.a(my_compress.o) compress /opt/mysql/lib/libmysqlclient.a(my_compress.o) ld: fatal: Symbol referencing errors. No output written to pdns_server collect2: ld returned 1 exit status The problem is the missing zlib -lz at the end. Are there any changes in the configure ?? The 998-snapshot compiles/links fine. Cheers Christian -- Christian K?hn (Technical Consultant / Hostmaster) == MCS MOORBEK COMPUTER SYSTEME GmbH Essener Bogen 17 - 22419 Hamburg - Germany Tel +49 (0)40 53773 0 - Fax: +49 (0)40 53773 200 E-Mail: [EMAIL PROTECTED] Web: http://www.mcs.de Eingetragen im Handelsregister Hamburg B62933 Gesch?ftsf?hrer: Kai Brandes Eckard Kabel GPG 8B52 41A1 4B8F 4DE7 9064 2073 6168 137A 3DDA 0F36 == ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users !DSPAM:461b51a3172255702515455! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Pdns-recursor, auth-zone and wildcards?
On Tue, Apr 10, 2007 at 03:08:53PM +0200, Jakob Borg wrote: I'm trying to deploy pdns-recursor (3.1.4) with overrides for certain domains. The auth-zones directive seems perfectly suited to this, but it seems I can't it to work together with wildcards. Goggle yields no Oops indeed, wildcards haven't yet been implemented in the pdns-recursor authoritative server. Alas, the asterisk seems literally interpreted: ; DiG 9.3.2 +nocomment *.example.com Well, that is how things should be. But in addition they should be doing a lot more.. Am I missing something obvious, or are wildcards not implemented in the current pdns-recursor? Please open a ticket on wiki.powerdns.com so we'll get around to fixing this. Apologies! In the meantime, you could forward those zones to a 'real' authoritative nameserver. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: Re: Re: [Pdns-users] Newbie Question
On Fri, Apr 13, 2007 at 12:26:36PM +0200, Tobias Orlamuende wrote:
PS: I am wondering about the fact that nobody else and/or Bert enters
this thread... Does nobody else have this problem or is it no problem at
all???
I normally stay out of a thread if other people ('the powerdns community')
are already helping. I'll take a look at your problem again tomorrow, as it
appears to be an issue that needs solving.
Bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
___
Pdns-users mailing list
[EMAIL PROTECTED]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Pdns Snapshot on Freebsd5 not compiling
On Fri, Apr 13, 2007 at 03:52:22PM -0400, Matt Gibson wrote: We are having a problem compiling the latest two snapshots on our FreeBSD box. Could you please let us know if there is a known fix for this? It is kind of urgent! :) Thanks. The recursor can't be built from the authoritative snapshots. The snapshots you are trying are of the 'authoritative' server, the recursive server has its own releases. Cannot compile the recursor for some reason. Says it is missing mplexer.hh If you really want to build the recursor from the head of subversion, check out the HEAD (instructions on http://wiki.powerdns.com) and run ./dist-recursor in the pdns/pdns directory. This will generate a recursor directory which you can build, and a tar.gz which can be distributed. The recursor was split off a year ago, but since then no separate authoritative releases have been made, so what you see is indeed new. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list [EMAIL PROTECTED] http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] powerdns segfaulting (multiple machines)
On Fri, Apr 13, 2007 at 10:27:58AM -0700, Jordan Tardif wrote: We currently have 4 powerdns frontends and 2 backends. All of the frontends seem to be segfaulting randomly not due to heavy loads or anything.. This is the only thing that we have found when it crashes.. Which version? Which backend? Which operating system? Can you recompile and manually install the binary, but not strip it? In that case the backtrace will contain more than just numbers, but actual function names. Can anyone shed some light on this? Any way i can get better information on why its crashing? Run a tcpdump concurrently, this will allow us to determine if an identifiable packet or query is causing the problem. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list [EMAIL PROTECTED] http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] mysql timeout
On Mon, Apr 16, 2007 at 06:59:55PM +0200, Maik Fuss wrote: Can you verify the problem also exists with http://svn.powerdns.com/snapshots/1029/ same shit ... Thank you for verifying, but please remain polite. Is your server a very quiet one? Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] ZoneAdmin + snapshots of 2.9.21
Hi people, On #powerdns (the PowerDNS community chat channel, see http://wiki.powerdns.com), one of our users just reported seeing ZoneAdmin on Freshmeat: ZoneAdmin is a Web interface for the powerDNS name server using the MySQL backend. It allows you to manage existing zones and add, remove, and alter new ones, supports on-the-fly input validation, and allows comments per zone and per record. Furthermore, it keeps a detailed history of changes and allows you to temporary enable or disable zones without having to remove them completely. New zones can use templates that contain predefined records. It is designed to be used with one of Apache's authentication methods. http://freshmeat.net/projects/zoneadmin/?branch_id=69304release_id=251761 Looks interesting! Secondly, 2.9.21 is *really* round the corner now. The snapshots have seen wide use and now power hundreds of millions of records and millions of zones, but we still need more testing! Please, if you have the chance, try http://svn.powerdns.com/snapshots/1035/ or beyond. Recently we've fixed issues related to the processing of notifications for master/slave operations, 'root-referral' responses, slaving of SVR records over the BIND backend, recursion over IPv6, the list goes on and on. So enough important things. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Compiling on AIX
On Thu, Apr 19, 2007 at 07:52:18AM +, [EMAIL PROTECTED] wrote: I can't seem to compile PowerDNS on AIX. My libldap.a is 64bit and I have tried various ways. Can you try: export OBJECT_MODE=64 CXXFLAGS=-I/tmp/boost_1_33_1 ./configure --with-modules= And report if that does work? But when configuring I am getting errors configure:2431: checking for C compiler default output file name configure:2434: gcc conftest.c 5 Assembler: /tmp//ccF396EO.s: line 10: Only .llong should be used for relocatable expressions. This looks like something is really wrong within your compiler toolchain. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Compiling on AIX
On Thu, Apr 19, 2007 at 10:56:35AM +, [EMAIL PROTECTED] wrote: Ok, that issue is solved now (I compiled the openldap libraries first, and did not use the AIX ldap libraries). But now there is still something wrong when compiling zone2ldap and zone2sql. It keeps mentioning the following: Try looking at the command line 'make pdns_server' emits if you delete pdns_server first. Then compare that to the command line used to link zone2sql and zone2ldap. You may need to add '-lc'. ld: 0711-317 ERROR: Undefined symbol: .toupper(int) ld: 0711-317 ERROR: Undefined symbol: .inet_pton(int, char const*, void*) ld: 0711-317 ERROR: Undefined symbol: .fcntl(int, int, ...) But I'm no AIX expert. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] split dns possible
On Sun, Apr 22, 2007 at 07:31:18PM +1000, Duane wrote: Yes and no. We don't have views, but if you only need to special case a few records, you can either use the 'geo backend', which does complete global distributing of answers based on a map of IP addresses. Ummm correct me if I'm wrong, but couldn't this person pre-load the cache with local info, and have pdns distribute normal results? Do you mean feeding the cache the 'local' data, and making sure all local computers talk to that cache? Yeah, that is one other way of solving the problem. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] build problem, bunch of errors in pdns_recursor
On Sun, Apr 22, 2007 at 07:03:46PM +0200, Martin Hierling wrote: just started building powerDNS but stumbled over an error, please see attached log. gcc version 3.4.6 (Gentoo 3.4.6-r1, ssp-3.4.5-1.0, pie-8.7.9), glibc-2.5, gentoo Distro ... The PowerDNS recursor cannot be built from the PowerDNS Authoritative Server distribution. Try downloading the recursor 3.1.4 from the www.powerdns.com website. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] allow-axfr-ips or how can I setup a special zone-transfer-policy for every domain
On Tue, May 08, 2007 at 07:33:50PM +0200, thomas polnik wrote: I must prevent, that customer B can do a zone transfer for customer-a.de. If I use allow-axfr-ips=192.168.100.10, 10.10.10.10 customer B can take a look in all data from the domain customer-a.de. Indeed - this is not currently implemented I'm afraid.. So it not possible, that customer B get the zone from customer-a.de. Have somebody a hint, how can I solve case c) with pdns? I think there is already a ticket open on http://wiki.powerdns.com, if not, please open one. It will be solved, but it is not a very high priority right now. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] wildcard throws signal 11
On Thu, May 10, 2007 at 05:24:31PM -0700, Gary W. Smith wrote: I'm running 2.9.21 under rPath. When a wildcard request is issued I'm seeing signal 11. Any ideas? Can you be a bit more precise? What kind of request exactly? From this (excellent) backtrace, I can see that your SOA record has no serial defined, and PowerDNS is trying to auto-calculate it, and is crashing in the progress. Can you send me your configuration? Did you change the gsql queries? If you fix your SOA record to contain a serial number, the problem will go away, but the underlying crash problem is then still there. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] auto serial vs gpsql backend
On Mon, Apr 30, 2007 at 04:06:49PM -0400, James Cloos wrote: I thought I had read that the gpgsql backend now supports auto serial numbers, but I cannot get it to work. It is not working as intended last time I checked. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursion was desired
On Thu, May 10, 2007 at 04:50:34PM +0200, Julian St?ver wrote: ping google.de ping: unkown host google.de Julian, You have configured your computer to send recursive queries to your authoritative powerdns server. For this to work, you need to install the recursor as well, and point the authoritative server to it, using the 'recursor=127.0.0.1' line (for example) in the configuration. The recursor runs on 127.0.0.1 by default, but make sure your auth server is not already bound to 0.0.0.0 (and thus to 127.0.0.1). Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] List archives on Nabble
On Thu, May 17, 2007 at 11:34:26AM +0200, Sebastiano Pilla wrote: I had some difficulties searching for past messages in the archives, so I had Nabble create a forum and import the pdns-users archives. The URL is: http://www.nabble.com/PowerDNS-f22536.html Nice! Although it did not appear to have imported the most recent messages, it sees this message, then another one, and then one from March 8. But still, nice to have, but perhaps you could try and see if it could import the messages in between? Thanks! I'm adding a link to Nabble on the wiki, so people can find it. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Redundant Database Connections
On Thu, Jun 07, 2007 at 11:41:58AM -0700, Max Clark wrote: Is opendbx included in the main source or only as a patch? It is in the main source, but Norbert might have a version more recent on his website. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Recursor 3.1.4 on NetBSD 3.1 (alpha architecture)
On Sat, Jun 23, 2007 at 08:46:36PM -0300, Eduardo Roldan wrote: Recursor on the described platform exhibits strange behavior. It compiles with many warnings. It runs, but at the first query received it segfaults. Also, for example: Eduardo, We'd love to resolve this issue. Please provide the output of: gdb pdns_recursor core bt Also, if you can, compile the recursor with full debugging instructions by placing -ggdb in the Makefile CXXFLAGS. The actual coredumps themselves are of limited utility for us, we need the processed data. I may ask the developers: there is any interest in resolving this issue for this some strange platform?. I can send core dumps, and if it is necessary provide access to this machine. If you could provide access, the problem could be resolved within hours instead of days, so please consider that. Let me know! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Cannot allocate memory
On Mon, Jun 25, 2007 at 12:03:20AM +0200, Schramm e.K. [ Deutschland ] wrote: I recently upgraded one of our pdns servers from 2.6.20 to 2.6.21. After 12-15 hours of operation TCP requests started to fail and the following is written to the logfile(s) : Can you run: netstat -an | grep ESTAB | grep :53 -c For a few times while running powerdns, and report if the number is growing? Is there anything special about your setup? A lot of AXFRs? Can you show me other log messages reported often? I hope there is any solution for this problem, There will be, no worries :-) Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] How to store DS Recs?
On Fri, Jun 29, 2007 at 06:44:29AM +0200, Schramm e.K. [ Deutschland ] wrote: how to store DS records in the pds database? actually i have in the content field: 50237 1 1 378929E92D7DA04267EE87E802D75C5CA1B5D280 Looks good. DS records are very rare in PowerDNS installations, let us know if they work as expected! This only works with powerdns 2.9.21. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: Re: [Pdns-users] Cannot allocate memory
On Mon, Jul 02, 2007 at 09:27:01PM +0200, Schramm e.K. [ Deutschland ] wrote: Jul 2 16:26:13 spider1 pdns[5303]: Exception: Unknown record was stored incorrectly, need 3 fields, got 1: 87.118.110.17 Jul 2 16:26:15 spider1 pdns[5303]: Exception: Unknown record was stored incorrectly, need 3 fields, got 1: ns2.domains-4u.de Jul 2 16:26:20 spider1 pdns[5303]: Exception: Unknown record was stored incorrectly, need 3 fields, got 1: ns1.domains-4u.de Jul 2 16:26:28 spider1 pdns[5303]: Exception: Unknown record was stored incorrectly, need 3 fields, got 1: ns2.domains-4u.de this is an #NS record. i use this type to make records inaktive. perhaps this causes the error? I'm almost sure it could. Please don't disable records this way, it confuses PowerDNS! If this turns out to be the cause, I'll see what I can do about it, but this is never correct. PowerDNS internally does 'ANY' queries a lot, so it will encounter the '#NS' record a lot. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] global wildcard for authoritative server
On Tue, Jul 03, 2007 at 12:44:14PM -0700, Joseph McDonald wrote: Hi, I'd like powerdns to serve up a particular A record for all A queries across all tlds, which would have otherwise been NXDOMAIN. Here is how I do it with BIND: Joe, That setup in BIND will work on powerDNS as well, but it won't do the right thing (and it won't do in BIND as well). But if you really want to, just insert the records into the database. You may need to update to the most recent subversion repository, 2.9.21 has a problem serving the 'root' zone. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] round robin pdns
On Thu, Jul 05, 2007 at 12:35:06AM +0200, Schramm e.K. [ Deutschland ] wrote: circular random hard given PowerDNS by default does random, within the interval of the packet cache. For true random, turn off the packet cache (cache-ttl=0). how will pdns handle the round robin queries? is there any posibility to change this settings for rr records ? You can turn off 'shuffling', which will give you database 'natural' order. The setting is 'dont-shuffle' I think. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] MyDNS to PowerDNS conversion script
On Thu, Jul 05, 2007 at 11:54:36AM +0200, Barry Kostjens wrote:
I wrote a php script to convert mydns sql tables to PowerDNS with gmysql
backend. Someone @ #powerdns asked me for it, and (alltough the code is
crap) I decided to share it.
Thank you Barry!
And just to clarify '#powerdns' is our IRC ('internet relay chat') channel,
where you can interact with PowerDNS developers and many PowerDNS users.
The #powerdns channel is on IRCNet (irc.nl.uu.net, irc.stealth.net, or see
http://www.ircnet.com/index.php?p=5). To join, use programs like 'xchat',
'irssi' or 'mirc'.
Feel free to drop by!
Bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Failover A Record
On Thu, Jul 05, 2007 at 10:10:32AM -0400, [EMAIL PROTECTED] wrote: I am not sure this can be done or how. It can be done, but you need to do some work. Make a script that tests if your server is up, if it isn't, execute a SQL query to make the A record point somewhere else. Is this possible, and what must I do to make it happen? People have integrated this with Nagios in the past. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Problems with NSD as slave to PowerDNS
Jul 16 13:52:36 atpcz2pc pdns[29554]: 1 domain for which we are master needs notifications Jul 16 13:52:36 atpcz2pc pdns[29554]: Queued notification of domain '7.0.3.e164.arpa' to 158.226.218.54 Jul 16 13:52:37 atpcz2pc pdns[29554]: No question section in packet from 158.226.218.54, rcode=3 Jul 16 13:52:37 atpcz2pc pdns[29554]: Unable to parse SOA notification answer from 158.226.218.54 This is NSD that answers 'NXDOMAIN' for the SOA notification (which is rcode 3). Additionally, PowerDNS can't parse the answer from NSD. Can you double check NSD knows it should slave 7.0.3.e164.arpa from you? Perhaps NSD logs something? Please let us know, interoperability with NSD is important for us. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PowerDNS on FreeBSD: CPU Hungry?
On Thu, Jul 19, 2007 at 09:44:59PM -0600, Aaron Gifford wrote: Things immediately slowed down. Painfully slow. And CPU usage climbed to 70-80%. The test queries I did, those that didn't time out, worked, so PowerDNS was in fact answering correctly for authoritative domains as well as talking to the recursor and handling recursive queries. Aaron, Thanks for your detailed report! What I'd love to know is if the recursor or the auth server was using up all that CPU. Additionally, could you run 'vmstat 1' to get the 'user', 'system' and 'idle' loads? I have no reports of PowerDNS being painfully slow, and in fact, I know some installations are doing much much more traffic than you are doing in such a configuration. Does the auth server generate any logging? It is known to be a bit chatty about problems communicating with its resolver. Please let me know! Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Re: dnsreplay mostly correct?
On Fri, Jul 20, 2007 at 11:40:06AM -0700, Augie Schwer wrote: Never mind, sorry for the spam, they are different. :) Hehe - however, do try to use the newer 'dnsreplay' from svn, it is a lot more precise and actually has options. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Mailformed qdomain errors in syslog
On Thu, Jul 26, 2007 at 02:20:56PM +1000, Chris Seufert wrote: Hey, is this normal for a production site? Yes, no reason to worry. Jul 26 11:26:19 fred pdns[22307]: Received a malformed qdomain from 66.179.175.2, '\\www.C-Cor.com.au': dropping -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] NSATC.net microsoft problem last week - did you notice?
Hi everybody, Last week something strange happened with 'nsatc.net', the domain that powers many of Microsoft's services. This affected the PowerDNS Recursor, which caused 'windows update' to be unavailable for many users behind a PowerDNS Recursor. Did anybody analyse what happened exactly? By the time we were looking into the problem it was gone already. It may have been very brief. Please let me know if you saw this problem, and if you did any analysis what might've caused it. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor required or not?
On Sat, Aug 04, 2007 at 09:09:30PM +0200, Schramm e.K. [ Deutschland ] wrote: Hi guys, i am a little bit confused at the moment of the following question: do i need a recursor or not? You only need a recursor if you have computers that want to use your IP address to gain information about domains that are not yours. So unless there are unix computers with the ip address of your nameservers in /etc/resolv.conf, or there are windows or apple machines configured to use your IP address as their resolver, you don't need a recursor. zones: 10 000 round about These days this is what we call a 'small' powerdns installation :-) my understanding of recursor is: i do not absolute need an recursor, because the recursor tells only one thing to the client: the domain is not at this dns server, but i know an dns server which you can find it. This is correct. But regular authoritative servers do not need this feature. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor required or not?
On Sun, Aug 05, 2007 at 11:14:27AM +0200, Rafa? Kupka wrote: I have question about that. There is record: cf.bankpracy.eu 3600IN CNAME m2m.money.pl Server is authoritative for bankpracy.eu but not for money.pl. This means that resolving nameservers will not believe anything your server says about m2m.money.pl anyhow. Which answers are correct? All of them, even including the 'servfail', and they will all be treated identically by resolvers talking to your authoritative server. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor can't refresh the . records
On Thu, Aug 09, 2007 at 09:46:35AM +0200, thomas polnik wrote: Until yesterday I get follow message every 2 or 3 hours: Aug 9 07:28:22 resolver01 pdns_recursor[20236]: Failed to update . records, RCODE=2 Odd - I haven't seen this happen yet. Did you truly have 6 months of recursor uptime? Has anybody an idea, what could be the reason for this problem? Should I use a static hint file (and refresh it every week manually)? No, that is not necessary. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor can't refresh the . records
On Thu, Aug 09, 2007 at 10:42:30PM +0200, thomas polnik wrote: You may want to try without the firewall. without iptables is perhaps a bad idea :), but I will change it to iptables -I INPUT 1 -p udp --dport 53 -j ACCEPT iptables -I INPUT 2 -p tcp --dport 53 -j ACCEPT This is wrong - you need to accept packets *coming* from port 53 for answers as well. Otherwise PowerDNS can't receive answers to the questions it is sending out! The trick is to rely on stateful iptables filtering. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor can't refresh the . records
On Thu, Aug 09, 2007 at 11:07:22PM +0200, thomas polnik wrote: Otherwise PowerDNS can't receive answers to the questions it is sending out! Yes, this is correct, sorry, my mistake. If I would make this changes, I would see it ... very fast :) But I understand this was not the case when you saw the powerdns . problems? -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] CNAME answer problem?
On Fri, Aug 10, 2007 at 07:34:51AM +0200, Hannes M. wrote:
i have some strange problem with CNAME records to an external domain.
For example:
This is a commonly observed oddity of the domain name system.
Indeed, powerdns returns a 'servfail' if you ask it for www3.example.com,
but it turns out that resolving nameservers ('recursors') know about that.
The reason powerdns needs to return servfail is because it cannot faithfully
answer the question - it does not know about 'www.somewhere-else.com', that
domain is 'out of its bailiwick' in DNS speak.
However, recursors get the hint and continue resolving for
'www.somewhere-else.com'.
So what you observe is the 'SERVFAIL', because you did not configure
powerdns to resolve for you.
If you'd include a line 'recursor=4.2.2.1' for example, you would get a
complete answer, because in that case powerdns would offload the processing
of www.somewhere-else.com to the configured recursor.
For www.example.com this won't work as it is a fake domain, but you get the
idea.
dig +norecurs www3.example.com delivers the CNAME as stored, but PDNS
does not resolve.
Well, that is as it should be.
Good luck!
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] WG: Installing PowerDNS on Windows
On Thu, Aug 09, 2007 at 02:58:07PM +0200, Roman Agapkin wrote: I'm trying to install PowerDNS on an WinXP SP2 machine. but it doesnt work properly. The windows version is experimental. You have to use the 'godbc' backend, not the gmysql backend. We are very sorry that our Windows support is not more mature, there are not a lot of requests for it. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] CNAME answer problem?
On Fri, Aug 10, 2007 at 01:16:50PM +0200, Joyce LAMBERT wrote: Do you know in witch RFC we can find this 'Algorithm', it seem that the cname reply with servfail is a problem for some web hosting and for DNSSTUFF It is only a problem for 'DNSSTUFF'. This has been discussed on the IETF DNS working group mailing list: http://www.ops.ietf.org/lists/namedroppers/namedroppers.2002/msg00452.html a truncated CNAME chain, where the next hop is in a zone the current server isn't authoritative for and recursion is disabled IS a problem with the name server and in this case 2 (SERVFAIL) is the appropriate answer. In practice, BIND 8 has the same behaviour as PowerDNS, so if it is a problem in PowerDNS, it is a problem the whole world shares. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Differing (incorrect) behavior in 2.9.21 for AAAA records versus 2.9.20...
On Sat, Aug 11, 2007 at 05:55:51AM -0700, Augie Schwer wrote: vote for a fix is to put a me too entry on the open ticket; that or fix it yourself, which I think is easier said then done as most likely the bug is in the DB backend code as it seems to be too greedy in what it grabs. The place to fix this is in the packethandler.cc, and not in the backend. CNAME wildcards are complicated beasts and complicate the packethandler - you could probably tweak that code to do what you want easily enough, but you might then break other things if you don't tread very carefully. I'll have a brief look now, perhaps the fix is easy. Bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
