Re: [Pdns-users] Currently using distro packages, want to update
So I've gathered now that I can get 3.4.2 from https://www.monshouwer.eu/download/3rd_party/pdns/el6/ for my CentOS 6 machine, https://www.monshouwer.eu/download/3rd_party/pdns/el7/ fro my CentOS 7 machine, and http://download.opensuse.org/repositories/server:/dns/SLE_12/ for my OpenSUSE 12 machine (or update to OpenSUSE 13 and use http://download.opensuse.org/repositories/server:/dns/openSUSE_13.2/). But the problem that doesn't solve is my impending need to install the PDNS 3.5 release candidate when it's available. I gather there will be RPMs available, but I doubt I'll be able to get it on any of these repos. Is there anyone who can answer my original 3 questions (below) about this? - Since I won't have auto dependency management, what dependencies do I need installed to install PDNS from RPM? - Does pdns-static-3.4.2-1.x86_64.rpm _just_ install the binaries, or does it install the service, too, so that I can call `service pdns start` and configure the service to start automatically on boot? If the RPM doesn't do that, is there documentation / what is the recommended way to install PDNS as a service when installed manually with an RPM? - Should I just be able to uninstall the package using my package manager and then install the RPM as a drop-in replacement? Thanks! Nick On Thu, Feb 12, 2015 at 12:02 PM, Nicholas Williams nicho...@nicholaswilliams.net wrote: I know this is off-topic, but have you ever used `zypper dist-upgrade`? It scares me, but if it would make the upgrade easier... I don't like the idea of going without security updates. Nick Sent from my iPhone, so please forgive brief replies and frequent typos On Feb 12, 2015, at 11:56, Michael Ströder mich...@stroeder.com wrote: Nicholas Williams wrote: Sorry, you're right—OpenSUSE 12.3. Upgrading is a hassle that I don't have time for right now. It'll probably be another 8-12 months before I can upgrade it. You could try SLES11SP3 packages. But you're own your own. Also note that openSUSE 12.3 does *not* receive security updates anymore. Ciao, Michael. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Windows 7 computers not getting split horizon change made by Lua script
On Thu, Feb 19, 2015 at 03:26:42PM +0100, h...@nitramlexa.com wrote: It works like a dream for everybody BUT Windows 7. Android, Linux and Windows XP all get the LAN address when asking for mail.example.com, but Windows 7 gets the public address. Check with tcpdump what answers you are really sending out. Did you remember to use setvariable() to make sure PowerDNS doesn't packetcache your lua answers? Good luck! Bert I can see in logging in the Lua script that the Windows 7 machine asks for the name, and Lua returns the LAN address, but Windows 7 still gets the public IP. Any ideas to why? I'm also running Samba on the PDNS-recursor to let Windows access the NAS shares, but there's no wins defined anywhere, and the firewall / auth dns is not running Samba. Kind regards, Henrik Woffinden ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Currently using distro packages, want to update
On Thursday, February 19, 2015 03:13:51 PM Nicholas Williams wrote: - Since I won't have auto dependency management, what dependencies do I need installed to install PDNS from RPM? You can use yum to install a local RPM, and it will resolve dependencies (yum localinstall rpmfile, I believe) - Does pdns-static-3.4.2-1.x86_64.rpm _just_ install the binaries, or does it install the service, too, so that I can call `service pdns start` and configure the service to start automatically on boot? If the RPM doesn't do that, is there documentation / what is the recommended way to install PDNS as a service when installed manually with an RPM? rpm -q -l -p pdns-static-3.4.2-1.x86_64.rpm, see if it puts a file in /etc/init.d. If it does, you still may need to chkconfig --add it, and chkconfig --level 345 service_name on to add it to boot). never used the static rpms myself. Building RPMs, deconstructing them, and even creating your own init scripts are pretty common linux system administration tasks, especially if you want to run bleeding edge software on CentOS. You might want to dig into them at some point. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] When was ordername column added to records table?
On Feb 19, 2015, at 3:37 PM, k...@rice.edu wrote: On Thu, Feb 19, 2015 at 03:34:06PM -0600, Nick Williams wrote: I'm a bit curious because, looking through the code history, I can't find any evidence of it. The schema for PDNS 3.0 shows no ordername column or orderindex index on the records table: https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/no-dnssec.schema.pgsql.sql And the upgrade instructions for 3.0 - 3.1 don't include an alter statement for adding the ordername column or orderindex index: https://doc.powerdns.com/md/authoritative/upgrading/#30-to-31 But the upgrade instructions for 3.1 - 3.2 includes an alter statement for _modifying_ the ordername column and _dropping_ the orderindex index that were never added: https://doc.powerdns.com/md/authoritative/upgrading/#31-to-32 This doesn't compute. Can someone provide me some perspective on this? Thanks, Nick Hi Nick, Please check the release documentation for the new release for the schema definitions used and add any missing tables. The ALTER TABLE will only apply to previously existing tables, not create the needed new ones. Regards, Ken Ken, you misread my email. I'm not talking about adding a new table. I'm saying that apparently a new _column_ and a new _index_ was added between 3.0 and 3.1 but not listed on the 3.0 - 3.1 upgrade instructions. Please re-read my email carefully to see the discrepancy. Thanks, Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Why was content length increased?
I'm upgrading to authoritative 3.4 and noticed that the records.content column has been increased from 255 characters to 64000 characters. Because my table is UTF-8, I get the following error: mysql ALTER TABLE records MODIFY content VARCHAR(64000); ERROR 1074 (42000): Column length too big for column 'content' (max = 21845); use BLOB or TEXT instead I know I can use latin1, but I tend to avoid any non-Unicode character sets completely, and would prefer to stick with UTF-8. Given that: - What changed that required the increase from 255 to 64,000 characters? - Is there any reason that I couldn't just use VARCHAR(21845)? - Are there any performance implications to using TEXT instead of VARCHAR(64000)? Thanks, Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] When was ordername column added to records table?
On 19 Feb 2015, at 22:37, k...@rice.edu wrote: On Thu, Feb 19, 2015 at 03:34:06PM -0600, Nick Williams wrote: The schema for PDNS 3.0 shows no ordername column or orderindex index on the records table: https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/no-dnssec.schema.pgsql.sql And the upgrade instructions for 3.0 - 3.1 don't include an alter statement for adding the ordername column or orderindex index: https://doc.powerdns.com/md/authoritative/upgrading/#30-to-31 But the upgrade instructions for 3.1 - 3.2 includes an alter statement for _modifying_ the ordername column and _dropping_ the orderindex index that were never added: https://doc.powerdns.com/md/authoritative/upgrading/#31-to-32 […] Can someone provide me some perspective on this? ordername was added in 3.0, as part of the DNSSEC schema upgrade. (see https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/dnssec.schema.pgsql.sql ) […] The ALTER TABLE will only apply to previously existing tables, not create the needed new ones. The upgrade SQL scripts in general add/modify tables and columns. The instructions for upgrading to 3.4.0 include consolidated update scripts, see https://doc.powerdns.com/md/authoritative/upgrading/#database-schema . Pick the backend and schema type you currently have (if you come from 2.9.22, it’s always the ‘non-dnssec’ type), and you’ll end up with the correct schema. Best, -- Christian Hofstaedtler / Deduktiva GmbH (FN 418592 b, HG Wien) www.deduktiva.com / +43 1 353 1707 ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] When was ordername column added to records table?
On Feb 19, 2015, at 3:05 PM, Christian Hofstaedtler wrote: On 19 Feb 2015, at 22:37, k...@rice.edu wrote: On Thu, Feb 19, 2015 at 03:34:06PM -0600, Nick Williams wrote: The schema for PDNS 3.0 shows no ordername column or orderindex index on the records table: https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/no-dnssec.schema.pgsql.sql And the upgrade instructions for 3.0 - 3.1 don't include an alter statement for adding the ordername column or orderindex index: https://doc.powerdns.com/md/authoritative/upgrading/#30-to-31 But the upgrade instructions for 3.1 - 3.2 includes an alter statement for _modifying_ the ordername column and _dropping_ the orderindex index that were never added: https://doc.powerdns.com/md/authoritative/upgrading/#31-to-32 […] Can someone provide me some perspective on this? ordername was added in 3.0, as part of the DNSSEC schema upgrade. (see https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/dnssec.schema.pgsql.sql ) […] The ALTER TABLE will only apply to previously existing tables, not create the needed new ones. The upgrade SQL scripts in general add/modify tables and columns. The instructions for upgrading to 3.4.0 include consolidated update scripts, see https://doc.powerdns.com/md/authoritative/upgrading/#database-schema . Pick the backend and schema type you currently have (if you come from 2.9.22, it’s always the ‘non-dnssec’ type), and you’ll end up with the correct schema. Best, -- Christian Hofstaedtler / Deduktiva GmbH (FN 418592 b, HG Wien) www.deduktiva.com / +43 1 353 1707 Thanks, Christian. Interesting that the ordername column was added in 3.0, but the schema file in the 3.0 tag (https://github.com/PowerDNS/pdns/blob/auth-3.0/pdns/no-dnssec.schema.pgsql.sql) doesn't include that column. Thanks for clearing it up from me. Interestingly, I'm coming from 3.0.1 and my database does not have that column in it. But the consolidated script definitely helped. Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor works but pdns discards responses
We had a similar report from a Solaris SPARC user; a fix for his problem went into the 3.4.0 release, but we never got an answer about whether it helped. Can you please try with pens-server 3.4.0 or higher, and let us know if that fixes it? Kind regards, -- Peter van Dijk Hi again Peter, I downloaded, compiled and installed the recently released 3.4.2 from the PowerDNS releases web page but I was unable to get it to launch. :( The error I am getting is “Unable to launch, no backends configured for querying” which is very odd since when I did the compile, I explicitly compiled with the bind module option. Also, my local config file does have “launch=bind” parameter set. host - PowerPC 32bit, ubuntu 14.04 LTS release -- ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] LUA iputils netmaskgroup match
Hello, I’m using a netmaskgroup to see if a given IP matches: if nmg:match(ca) then .. This works very well but I would like to know which specific netmask matched. E.g. by having :match (also) return the matching netmask rather than (just) returning true. Am I correct that this is currently not possible? If so, could this be considered for a future release? Thanks, Niels ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Windows 7 computers not getting split horizon change made by Lua script
My setup is as follows: All servers are Centos 7 x86_64 running under VMware ESXi 5.1. My DNS/firewall running PDNS 3.4.1 and PDNS-RECURSOR 3.6.2 has 2 NICs. 1 has one static public IP (79.142.xx.yy), and the other is on my LAN (192.168.3.1/24). The IP in my DNS for the mail server is the public, and ports are then forwarded. mail server is at 192.168.3.50 internal PDNS-recursor (3.6.2) with a Lua script to change address to LAN address is located at 192.168.3.51, and it's the only DNS specified in all workstations network setup. It works like a dream for everybody BUT Windows 7. Android, Linux and Windows XP all get the LAN address when asking for mail.example.com, but Windows 7 gets the public address. I can see in logging in the Lua script that the Windows 7 machine asks for the name, and Lua returns the LAN address, but Windows 7 still gets the public IP. Any ideas to why? I'm also running Samba on the PDNS-recursor to let Windows access the NAS shares, but there's no wins defined anywhere, and the firewall / auth dns is not running Samba. Kind regards, Henrik Woffinden ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor works but pdns discards responses
On 2015-01-26, at 5:38 PM, rooster yawowb+pdns-us...@nuclei.ca wrote: Hello list, I have pdns-recursor and pdns on the same host and port but on different IP’s. When I query pdns and it can not answer, so it passes the query on to pdns-recursor, which then responds with the answer but then pdns discards the packets. What did I do wrong? I have tried this with the firewall both on and off and the result is the same. Below is a snippet of the log file with the error, followed by my configuration for the recursor and pdns itself. The host is a PowerPC computer running ubuntu 14.04 LTS. /var/log/syslog Jan 26 16:45:55 host pdns_recursor[29993]: 0 question answered from packet cache from 127.0.0.1 Jan 26 16:45:55 host pdns[26791]: Discarding untracked packet from recursor backend with id 49601. Conntrack table size=1 Jan 26 16:46:00 host pdns_recursor[29993]: 1 [42] question for ‘google.com.|A' from 127.0.0.1 Jan 26 16:46:01 host pdns[26791]: Discarding untracked packet from recursor backend with id 49345. Conntrack table size=2 Jan 26 16:46:01 host pdns_recursor[29993]: 1 [42] answer to question ‘google.com.|A': 1 answers, 0 additional, took 2 packets, 0 throttled, 0 timeouts, 0 tcp connections, rcode=0 Jan 26 16:46:05 host pdns_recursor[29993]: 0 question answered from packet cache from 127.0.0.1 Jan 26 16:46:05 host pdns[26791]: Discarding untracked packet from recursor backend with id 50113. Conntrack table size=3 snip Here is a final update with success. I removed recursor=127.0.0.1 from pdns.local.conf. I will also note that, my original problem was not so much a problem caused by a bug or some other such issue but more precisely, it was a configuration error. I theorize that the error I was seeing in my logs was not so much an error but an indication of the configuration error. In short, I had misconfigured the auth server to allow recursion. As such, when a non-authorized query came in, auth server passed it on to the recursor like it was configured to do and the recursor would respond correctly but the auth server then would drop the packets instead of routing them back to the source of the query. If anyone else has theories or additional input, please feel free to post a message to the list. As I mentioned, I’d mark this as solved and not as a bug in the pdns auth server code (big endian vs. little endian) but instead a user configuration error. Thank you everyone for your assistance on this problem. -- ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor works but pdns discards responses
We had a similar report from a Solaris SPARC user; a fix for his problem went into the 3.4.0 release, but we never got an answer about whether it helped. Can you please try with pens-server 3.4.0 or higher, and let us know if that fixes it? Kind regards, -- Peter van Dijk Hi again Peter, Here are my results of the installation I did tonight. I grabbed the following files : ftp://ftp.debian.org//debian/pool/main/p/pdns/pdns_3.4.1-4.debian.tar.xz ftp://ftp.debian.org//debian/pool/main/p/pdns/pdns_3.4.1-4.dsc ftp://ftp.debian.org//debian/pool/main/p/pdns/pdns_3.4.1.orig.tar.bz2 Compiled, built and installed pdns-server_3.4.1. PowerDNS version now reports as the following : Jan 30 01:55:06 PowerDNS Authoritative Server 3.4.1 (jenk...@autotest.powerdns.com) (C) 2001-2014 PowerDNS.COM BV Jan 30 01:55:06 Using 32-bits mode. Built on 20150130004723 by root@host, gcc 4.8.2. Jan 30 01:55:06 PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2. Jan 30 01:55:06 Features: botan1.10 cryptopp libdl lua Jan 30 01:55:06 Built-in modules: Now when I do a lookup from the host (dig @IPADDRESS google.com), I see this in the syslog : Jan 30 01:54:40 host pdns_recursor[995]: 1 question answered from packet cache from 127.0.0.1 Jan 30 01:54:40 host pdns[23000]: Discarding untracked packet from recursor backend with id 24672. Conntrack table size=1 End result, same as before. :( I will go looking for a version higher than 3.4.1 and try again. -- ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Why was content length increased?
DNSSEC and DKIM. On Thursday, February 19, 2015, Nick Williams nicho...@nicholaswilliams.net wrote: I'm upgrading to authoritative 3.4 and noticed that the records.content column has been increased from 255 characters to 64000 characters. Because my table is UTF-8, I get the following error: mysql ALTER TABLE records MODIFY content VARCHAR(64000); ERROR 1074 (42000): Column length too big for column 'content' (max = 21845); use BLOB or TEXT instead I know I can use latin1, but I tend to avoid any non-Unicode character sets completely, and would prefer to stick with UTF-8. Given that: - What changed that required the increase from 255 to 64,000 characters? - Is there any reason that I couldn't just use VARCHAR(21845)? - Are there any performance implications to using TEXT instead of VARCHAR(64000)? Thanks, Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com javascript:; http://mailman.powerdns.com/mailman/listinfo/pdns-users -- Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds. -- Samuel Butler ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor works but pdns discards responses
I had an e-mail client issue and this message was never sent. Sending now. There are three other messages with the same problem. *** On 2015-01-29, at 8:02 AM, Peter van Dijk peter.van.d...@powerdns.com wrote: Hello Rooster, snip We had a similar report from a Solaris SPARC user; a fix for his problem went into the 3.4.0 release, but we never got an answer about whether it helped. Can you please try with pens-server 3.4.0 or higher, and let us know if that fixes it? Kind regards, -- Peter van Dijk Hi there Peter, Thank you for this information. I had seen talk about big endian versus little endian and I think I saw that same sparc post. I will install pdns-server 3.4.0 or higher and report back. Thank you again. -- ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] pdns-recursor works but pdns discards responses
I downloaded, compiled and installed the recently released 3.4.2 from the PowerDNS releases web page but I was unable to get it to launch. :( The error I am getting is “Unable to launch, no backends configured for querying” which is very odd since when I did the compile, I explicitly compiled with the bind module option. Also, my local config file does have “launch=bind” parameter set. host - PowerPC 32bit, ubuntu 14.04 LTS release Here is an update to this new problem that Habbie and ahu on the IRC channel helped me with. What was happening was when pdns was launched, it would look in /usr/local/etc/ for it’s configuration files. Of course this was wrong. After some short deliberation and with a hint from Fusl in the IRC channel, I modified /etc/default/pdns to add --config-dir=/etc/powerdns in the DAEMON_ARGS=“” line. The two other options are : add this same modification to the init.d script that was generated from the compile or at the time of compile, add --sysconfdir=/etc/powerdns to the ./configure command. Now I have a running 3.4.2 pdns but I still have the problem of the precursor responses being discarded. Right ha has me running a testrunner. -- ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Why was content length increased?
Hi Nick, We use TEXT (utf-8) and have had no performance issues so far. My understanding is that the innodb engine handles text efficiently - the “content” data is stored inline in the general case, and only stored on a separate page if it’s above a certain size for a given row. Cheers, Rob On Feb 20, 2015, at 5:12 AM, Nick Williams nicho...@nicholaswilliams.net wrote: I'm upgrading to authoritative 3.4 and noticed that the records.content column has been increased from 255 characters to 64000 characters. Because my table is UTF-8, I get the following error: mysql ALTER TABLE records MODIFY content VARCHAR(64000); ERROR 1074 (42000): Column length too big for column 'content' (max = 21845); use BLOB or TEXT instead I know I can use latin1, but I tend to avoid any non-Unicode character sets completely, and would prefer to stick with UTF-8. Given that: - What changed that required the increase from 255 to 64,000 characters? - Is there any reason that I couldn't just use VARCHAR(21845)? - Are there any performance implications to using TEXT instead of VARCHAR(64000)? Thanks, Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
