date:20160103

Re: [Pdns-users] PDNS to answer as NON-authoritative?

2016-01-03 Thread Michael Loftis

Two people have answered your question and told you what you're missing.
I'm not going to try to guess at whatever misconfiguration or
misunderstanding resulted in you getting (or seemingly getting) recursive
results from bind when you were attempting to disable them. PowerDNS fully
and completely separates all authoritative functionality from recursive
 functionality (and any associated caches). This is in contrast to bind
which merges all such functionality.


On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
luis.daniel.lu...@gmail.com> wrote:

> No because in bind, when you turn off recursive resolution it resolves. I
> can't figure out the missing part to have the same behavior.
> Le 3 janv. 2016 2:39 PM, "Michael Loftis"  > a écrit :
>
>> Again not a resolver. Sorry but you're the one misunderstanding. If you
>> want answers for data not present you need a recursive resolver.
>>
>> On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
>> luis.daniel.lu...@gmail.com
>> > wrote:
>>
>>> Host command does not do that as well. It off on the sample output
>>> Le 3 janv. 2016 2:00 PM, "Aki Tuomi"  a écrit :
>>>
 That is because dig is not a resolver.



 ---
 Aki Tuomi


  Original message 
 From: Luis Daniel Lucio Quiroz 
 Date: 03/01/2016 20:56 (GMT+02:00)
 To: Michael Loftis 
 Cc: Aki Tuomi ,
 pdns-users@mailman.powerdns.com
 Subject: Re: [Pdns-users] PDNS to answer as NON-authoritative?

 You don't pay attention.
 My question is why the resolver doesn't continue the iterative query.
 It just stops when it gets the ns answer
 Le 3 janv. 2016 12:59 PM, "Michael Loftis"  a
 écrit :

> Then quit asking it for information it doesn't have. Responding with
> the root NS set is correct when you're asking for Google.com which it 
> knows
> nothing about.
>
> On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
> luis.daniel.lu...@gmail.com> wrote:
>
>> Thanks. But that's the way u don't want to use. I know how.
>>
>> I need to make it work in non recursive mode.
>> Le 3 janv. 2016 9:29 AM, "Aki Tuomi"  a
>> écrit :
>>
>>> If you want to use auth as recursor, you need to configure
>>>
>>> recursor=
>>> allow-recursion=
>>>
>>> On Sat, Jan 02, 2016 at 09:55:54PM -0800, Michael Loftis wrote:
>>> > PowerDNS is not the same as PowerDNS Recursor. The former only does
>>> > authoritative which is your problem here.
>>> >
>>> > On Saturday, January 2, 2016, Luis Daniel Lucio Quiroz <
>>> > luis.daniel.lu...@gmail.com> wrote:
>>> >
>>> > > Hello
>>> > >
>>> > > Wat am I missing? I have this:
>>> > > launch=pipe,bind
>>> > > pipe-command=/usr/local/libexec/latency.pdns.plugin
>>> > > pipe-regex=^.*\.(mylocaldomain)\.(net);.*$
>>> > > bind-config=/etc/named.pdns.conf
>>> > > bind-check-interval=300
>>> > > bind-ignore-broken-records=no
>>> > > send-root-referral=lean
>>> > > allow-recursion=192.168.7.0/24
>>> > >
>>> > > /etc/named.pdns.conf looks like this
>>> > > zone "mylocaldomain.net" IN {
>>> > >type master;
>>> > >file "/var/named/data/mylocaldomain.net";
>>> > > };
>>> > >
>>> > > zone "root-servers.net" IN {
>>> > >type master;
>>> > >file "/var/named/data/named.ca";
>>> > > };
>>> > >
>>> > >
>>> > > when I do a dig, or a host, i get this:
>>> > >
>>> > > dig google.com @PUBLICIP
>>> > >
>>> > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> .
>>> @PUBLICIP
>>> > > ;; global options: +cmd
>>> > > ;; Got answer:
>>> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29059
>>> > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL:
>>> 13
>>> > > ;; WARNING: recursion requested but not available
>>> > >
>>> > > ;; QUESTION SECTION:
>>> > > ;.  IN  A
>>> > >
>>> > > ;; AUTHORITY SECTION:
>>> > > .   518400  IN  NS
>>> a.root-servers.net.
>>> > > .   518400  IN  NS
>>> b.root-servers.net.
>>> > > .   518400  IN  NS
>>> c.root-servers.net.
>>> > > .   518400  IN  NS
>>> d.root-servers.net.
>>> > > .   518400  IN  NS
>>> e.root-servers.net.
>>> > > .   518400  IN  NS
>>> f.root-servers.net.
>>> > > .   518400  IN  NS
>>> g.root-servers.net.
>>> > > .   518400  IN

Re: [Pdns-users] PDNS to answer as NON-authoritative?

2016-01-03 Thread Michael Loftis

Again not a resolver. Sorry but you're the one misunderstanding. If you
want answers for data not present you need a recursive resolver.

On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
luis.daniel.lu...@gmail.com> wrote:

> Host command does not do that as well. It off on the sample output
> Le 3 janv. 2016 2:00 PM, "Aki Tuomi"  > a écrit :
>
>> That is because dig is not a resolver.
>>
>>
>>
>> ---
>> Aki Tuomi
>>
>>
>>  Original message 
>> From: Luis Daniel Lucio Quiroz > >
>> Date: 03/01/2016 20:56 (GMT+02:00)
>> To: Michael Loftis > >
>> Cc: Aki Tuomi > >,
>> pdns-users@mailman.powerdns.com
>> 
>> Subject: Re: [Pdns-users] PDNS to answer as NON-authoritative?
>>
>> You don't pay attention.
>> My question is why the resolver doesn't continue the iterative query.
>> It just stops when it gets the ns answer
>> Le 3 janv. 2016 12:59 PM, "Michael Loftis" > > a écrit :
>>
>>> Then quit asking it for information it doesn't have. Responding with the
>>> root NS set is correct when you're asking for Google.com which it knows
>>> nothing about.
>>>
>>> On Sunday, January 3, 2016, Luis Daniel Lucio Quiroz <
>>> luis.daniel.lu...@gmail.com
>>> > wrote:
>>>
 Thanks. But that's the way u don't want to use. I know how.

 I need to make it work in non recursive mode.
 Le 3 janv. 2016 9:29 AM, "Aki Tuomi"  a
 écrit :

> If you want to use auth as recursor, you need to configure
>
> recursor=
> allow-recursion=
>
> On Sat, Jan 02, 2016 at 09:55:54PM -0800, Michael Loftis wrote:
> > PowerDNS is not the same as PowerDNS Recursor. The former only does
> > authoritative which is your problem here.
> >
> > On Saturday, January 2, 2016, Luis Daniel Lucio Quiroz <
> > luis.daniel.lu...@gmail.com> wrote:
> >
> > > Hello
> > >
> > > Wat am I missing? I have this:
> > > launch=pipe,bind
> > > pipe-command=/usr/local/libexec/latency.pdns.plugin
> > > pipe-regex=^.*\.(mylocaldomain)\.(net);.*$
> > > bind-config=/etc/named.pdns.conf
> > > bind-check-interval=300
> > > bind-ignore-broken-records=no
> > > send-root-referral=lean
> > > allow-recursion=192.168.7.0/24
> > >
> > > /etc/named.pdns.conf looks like this
> > > zone "mylocaldomain.net" IN {
> > >type master;
> > >file "/var/named/data/mylocaldomain.net";
> > > };
> > >
> > > zone "root-servers.net" IN {
> > >type master;
> > >file "/var/named/data/named.ca";
> > > };
> > >
> > >
> > > when I do a dig, or a host, i get this:
> > >
> > > dig google.com @PUBLICIP
> > >
> > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> . @PUBLICIP
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29059
> > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
> > > ;; WARNING: recursion requested but not available
> > >
> > > ;; QUESTION SECTION:
> > > ;.  IN  A
> > >
> > > ;; AUTHORITY SECTION:
> > > .   518400  IN  NS  a.root-servers.net
> .
> > > .   518400  IN  NS  b.root-servers.net
> .
> > > .   518400  IN  NS  c.root-servers.net
> .
> > > .   518400  IN  NS  d.root-servers.net
> .
> > > .   518400  IN  NS  e.root-servers.net
> .
> > > .   518400  IN  NS  f.root-servers.net
> .
> > > .   518400  IN  NS  g.root-servers.net
> .
> > > .   518400  IN  NS  h.root-servers.net
> .
> > > .   518400  IN  NS  i.root-servers.net
> .
> > > .   518400  IN  NS  j.root-servers.net
> .
> > > .   518400  IN  NS  k.root-servers.net
> .
> > > .   518400  IN  NS  l.root-servers.net
> .
> > > .   518400  IN  NS  m.root-servers.net
> .
> > >
> > > ;; ADDITIONAL SECTION:
> > > a.root-servers.net. 360 IN  A   198.41.0.4
> > > a.root-servers.net. 360 IN  
> 2001:503:ba3e::2:30
> > >

Re: [Pdns-users] PDNS to answer as NON-authoritative?

Re: [Pdns-users] PDNS to answer as NON-authoritative?

2 matches

Site Navigation

Mail list logo

Footer information