Re: [Pdns-users] Recursor can't resolve login.authorize.net.cdn.cloudflare.net

2021-04-06 Thread Tony Finch via Pdns-users
Seth Mattinen via Pdns-users wrote: > > Here's a partial trace (list refused posting the full trace). From my eye it > looks like I'm just getting ServFail from cloudflare NS, or possibly a DNSSEC > validation problem. The SERVFAIL from the Cloudflare authoritative nameservers causes a DNSSEC

Re: [Pdns-users] Recursor can't resolve login.authorize.net.cdn.cloudflare.net

2021-04-06 Thread Seth Mattinen via Pdns-users
On 4/6/21 12:12 PM, Seth Mattinen via Pdns-users wrote: I'm having an issue where I can't resolve login.authorize.net.cdn.cloudflare.net with pdns recursor (latest version 4.4.3) Here's a partial trace (list refused posting the full trace). From my eye it looks like I'm just getting

[Pdns-users] Recursor can't resolve login.authorize.net.cdn.cloudflare.net

2021-04-06 Thread Seth Mattinen via Pdns-users
I'm having an issue where I can't resolve login.authorize.net.cdn.cloudflare.net with pdns recursor (latest version 4.4.3) Here's a partial trace (list refused posting the full trace). From my eye it looks like I'm just getting ServFail from cloudflare NS, or possibly a DNSSEC validation

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Nejedlo, Mark via Pdns-users
On Tuesday, April 6, 2021 10:04 AM, Remi Gacogne wrote: > On 4/6/21 4:18 PM, Nejedlo, Mark via Pdns-users wrote: > > Would additional distributor threads really cause additional worker > CPU usage? > > That could happen if they have to fight for the incoming socket. Do you > have reuseport=yes in

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Otto Moerbeek via Pdns-users
On Tue, Apr 06, 2021 at 02:18:33PM +, Nejedlo, Mark via Pdns-users wrote: > Both 4.4/5 and proxy protocol were on my radar, but my priority was to > address the CPU usage. If there's performance gains to be had in upgrading, > I can certainly do that. Is 4.5GA likely to happen soon?

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Remi Gacogne via Pdns-users
On 4/6/21 4:18 PM, Nejedlo, Mark via Pdns-users wrote: Would additional distributor threads really cause additional worker CPU usage? That could happen if they have to fight for the incoming socket. Do you have reuseport=yes in your configuration? Does the maintenance function block the

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Nejedlo, Mark via Pdns-users
On Tuesday, April 6, 2021 3:32 AM, Remi Gacogne wrote: > On 4/6/21 8:35 AM, Otto Moerbeek via Pdns-users wrote: > > On Mon, Apr 05, 2021 at 05:30:11PM +, Nejedlo, Mark via Pdns-users > wrote: > > 2 distributior thread feels a bit overkill, 1 distributor thread > > should be able to feed 8

Re: [Pdns-users] Planning a PowerDNS Auth Server Upgrade - 3.3.3 > Latest

2021-04-06 Thread Charlie R via Pdns-users
Thanks for the reply! On Tue, Apr 6, 2021 at 8:26 AM Brian Candler wrote: > On 06/04/2021 13:01, Charlie R via Pdns-users wrote: > > What other obvious things am I missing? What else should I be looking at / > better understanding? > > Check the upgrade guides >

Re: [Pdns-users] Planning a PowerDNS Auth Server Upgrade - 3.3.3 > Latest

2021-04-06 Thread Brian Candler via Pdns-users
On 06/04/2021 13:01, Charlie R via Pdns-users wrote: What other obvious things am I missing? What else should I be looking at / better understanding? Check the upgrade guides and changelogs

Re: [Pdns-users] PDNS with no direct access to root servers

2021-04-06 Thread Brian Candler via Pdns-users
On 06/04/2021 12:30, Eelco via Pdns-users wrote: I've setup a pdns/pdns-recursor with it's own zones. The pdns/pdns-recursor is behind a firewall with no access to any root-servers. The pdns/pdns-recursor is working for the local zones and can forward queries to a DNS server through a

[Pdns-users] Planning a PowerDNS Auth Server Upgrade - 3.3.3 > Latest

2021-04-06 Thread Charlie R via Pdns-users
Hi List, I found out that our app using powerdns is woefully out of date. We are running v. 3.3.3. Ouch, EOL'd 2017. I understand from reading the auth upgrade notes and doc that the path to upgrade looks something like 3.3.3 > 3.4.2 > 4.0.0 > latest. But really, this is an upgrade in database

[Pdns-users] PDNS with no direct access to root servers

2021-04-06 Thread Eelco via Pdns-users
Hi all I've setup a pdns/pdns-recursor with it's own zones. The pdns/pdns-recursor is behind a firewall with no access to any root-servers. The pdns/pdns-recursor is working for the local zones and can forward queries to a DNS server through a firewall. But anything outside the environment

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Remi Gacogne via Pdns-users
Hi, On 4/6/21 8:35 AM, Otto Moerbeek via Pdns-users wrote: On Mon, Apr 05, 2021 at 05:30:11PM +, Nejedlo, Mark via Pdns-users wrote: Some thoughts: 2 distributior thread feels a bit overkill, 1 distributor thread should be able to feed 8 workers. Did you do measurements to come to this

Re: [Pdns-users] CPU consumption of pdns_recursor

2021-04-06 Thread Otto Moerbeek via Pdns-users
On Mon, Apr 05, 2021 at 05:30:11PM +, Nejedlo, Mark via Pdns-users wrote: Some thoughts: 2 distributior thread feels a bit overkill, 1 distributor thread should be able to feed 8 workers. Did you do measurements to come to this value? Your maintenance function looks like it could run for a