Re: [Pdns-users] Recursor: Black list

There is no need to restart the Recursor. See http://doc.powerdns.com/html/recursor-scripting.html "At runtime, rec_control reload-lua-script can be used to either reload the script from its current location, or, when passed a new file name, load one from a new location. A failure to parse the

Re: [Pdns-users] High CPU load with no traffic

Hi Ciro, > https://iriarte.it/?p=354 > Testing & suggestions are welcome! Consider if it isn't more efficient to open the database outside from a function. This is cheaper because this way it must only open once at startup or at "rec-control reload-lua-script": cdb = require("cdb") db = assert(c

Re: [Pdns-users] Recursor QPS ceiling

Hi Ciro, Tried it quickly with dnsperf (http://nominum.com/measurement-tools/): # echo -e "localhost.\tA" > datafile # pdns_recursor --threads=4 --pdns-distributes-queries=no # dnsperf -c2 -n 1000 -l 10 -d datafile Statistics: Queries sent: 3314870 Queries completed:3314870

Re: [Pdns-users] Recursor QPS ceiling

u can improve it a bit if you run the clients on another machine and set the Recursor threads to 6 or 8. I tested with HT switched off. Winfried Am 22.12.2014 um 05:50 schrieb Ciro Iriarte: 2014-12-18 4:19 GMT-03:00 abang : Hi Ciro, Tried it quickly with dnsperf (http://nominum.com/measurement-

Re: [Pdns-users] Recursor QPS ceiling

Am 22.12.2014 um 17:36 schrieb Ciro Iriarte: Hi Winfried, the machine has 1 Opteron 6386 SE processor, with 16 cores + 16GB of memory. AMD doesn't sport HT. Ah, I see. But I have no explanation. I have tested with a Intel Xeon CPU with 8 cores. ___

Re: [Pdns-users] Problem to notify slave from different ip than master

Hi Fabien, Don't know how to send notifications from 2.2.2.2 but I guess it works with trusted-notification-proxy 1.1.1.1 on your slave. https://doc.powerdns.com/md/authoritative/settings/#trusted-notification-proxy Winfried Am 17. Oktober 2015 14:00:56 MESZ, schrieb Fabien Fab : >Hi all >

Re: [Pdns-users] PDN Recursor doesn't run at startup

Hi Federico, maybe there is a root cause hint in your syslog. Winfried Am 10. November 2015 16:33:28 MEZ, schrieb Federico Olivieri : >Hi All, > >I installed from PowerDNS recursor 3.7.3 from scratch some days ago. >However seems that it doesn't run at startup. If I reboot the server I >need to

Re: [Pdns-users] pdns-recursor: Only two threads used when threads=4

Hi Grace, Since 3.7.0, Recursor distributes queries to the threads itself. See https://doc.powerdns.com/md/recursor/settings/#pdns-distributes-queries Additional it hashes the queries with the goal to send the same query to the same thread. This improves the cache hit rate and thus the average

Re: [Pdns-users] Some question about DNSDist

> responded to health check with ServFail You have to define a health check which works! >From documentation: newServer({address="ip:port", qps=1000, order=1, weight=10, pool="abuse", retries=5, tcpSendTimeout=30, tcpRecvTimeout=30, checkName="a.root-servers.net.", checkType="A", setCD=false,

Re: [Pdns-users] pdns recursor edns-client-subnet caching problems

Hello Shawn, root@DFW01-CPS01:~# dig @localhost +subnet=52.57.28.138 morpheus-ien.insnw.net local-address=127.0.0.1 dig asks ::1 if available! Try dig @127.0.0.1 or local-address=127.0.0.1,::1 -- Winfried ___ Pdns-users mailing list Pdns-user

Re: [Pdns-users] Newbie questions

Hi Rokkhan, I am installing pdns auth an recursor on my server to make some tests but I have a question. Could it be possible to configure recursor to handle all the request from computers and configure only to forward internal domains to auth server? Does it make sense? Yes, in any case.

Re: [Pdns-users] sassc.home.pl treated as DNSSec signed by pdns recursor 4.1.8, but isn't

Hello Thomas, I did not investigate, but have you already seen the errors and warnings at dnsviz? http://dnsviz.net/d/sassc.home.pl/dnssec/ Winfried Am 25. Februar 2019 23:27:44 MEZ schrieb Thomas Mieslinger : >Hi, > >I have pdns_recusor 4.1.8 querying sassc.home.pl and it is marked as >bog

Re: [Pdns-users] Investigating performance in pdns-recursor

Hi Pedro, There is always a bottleneck. Wether you notice it depends on the load against the system. You will notice it if your system drops packets from a certain load on. From there you can try to improve by tuning "things" such as Recursor config, NIC config, kernel parameter, firewall ...

Re: [Pdns-users] Rate-Limit for NXDOMAIN

Hello Klaus, Am 4. Mai 2019 23:37:40 MESZ schrieb Klaus Darilion : >I though about loading the bind Backend and semi-automated export the >"attacke" zone (and all subzones) from the SQL backend to the bind >backend. Then, patch PDNS to not check all backends for the best zone >match (getSOA()

Re: [Pdns-users] About unreachables this indicator

Hello 姜伯洋, If the Recursor does not reach an authoritative nameserver when resolving a domain, this counter is incremented by 1. The cause is usually not the Recursor. See https://doc.powerdns.com/recursor/metrics.html Winfried Am 31. Juli 2019 05:51:36 MESZ schrieb "姜伯洋" <1513...@163.com>

Re: [Pdns-users] About unreachables this indicator

Hello 姜伯洋, Logging of "unreachables" is not possible as far as I know. Although it would be a handy feature. You could try "rec_control trace-regex '.*'". But this produces a huge amount of log and possibly decreases the Recursor performance. Winfried Am 31. Juli 2019 08:41:00 MESZ schrieb "姜伯

Re: [Pdns-users] About unreachables this indicator

In my experience, ~0,06% (unreachables/all-outqueries) is normal. Winfried Am 31. Juli 2019 10:21:09 MESZ schrieb "姜伯洋" <1513...@163.com>: > > > >Can I understand the unreachables indicator as a normal count? > > > >At 2019-07-31 14:24:47, ab...@t-ipnet.net wrote: >Hello 姜伯洋, > >If the Recurs

Re: [Pdns-users] How to avoid to be redirected to ad by my ISP if NXDOMAIN?

Gerhard Gaußling schrieb: Hello, I'm using powerdns since a long time on ubuntu/hardy amd64. My ISP changed his behaviour and now I get on NXDOMAIN an ad site with a search form. But I prefer to get the firefox error page. How do I configure pdns or the recursor to avoid this behaviour? t

Re: [Pdns-users] Howto use pdns as DNS proxy with multiple recursion servers as source

Hi Hubert, is it possible to use pdns as something like a DNS-Proxy plus autoritative part? In our environment we have a backend server, which is able to contact three DNS-Servers wich work as forwarders and autoritative Server in one. Some times one of this server is down. At the moment we ha

Re: [Pdns-users] Howto use pdns as DNS proxy with multiple recursion servers as source

Stefan Schmidt schrieb: On Thu, Jan 14, 2010 at 03:34:37PM +0100, ab...@t-ipnet.net wrote: maybe you can use the PowerDNS recursing nameserver (3.1.7.2) with this configuration: auth-zones=your_domain=your_zone_file forward-zones=.=1.2.3.4;1.2.3.5;1.2.3.6 So all except your_domain will forward

Re: [Pdns-users] pdns-recursor returning bad data intermittently

> mydomain.net=172.17.18.241;172.17.18.242 maybe you have different zone data on your auth servers. What is the result of # dig @172.17.18.241 smtp.mydomain.net. and # dig @172.17.18.242 smtp.mydomain.net. ___ Pdns-users mailing list Pdns-users@mai

Re: [Pdns-users] Recursor not working

Hi Adam, ... It seems like pdns is working, but not communicating with the recursor. recursor.conf http://pastebin.com/MiL9xbXM independent of your VPN setup I noticed that your "local-address" statement in the recursor.conf isn't filled correct. Your recursor only listening on localhost. It

Re: [Pdns-users] blocked by 'dont-query' setting

Hi, 'dont-query' is an config option. If not set, the default ist to block "127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10" Winfried Am 13.08.2010 10:10, schrieb Angel Bosch Mora: hi, i've configured a forward zone: forward-zones=example1.com=10.215.2.4 but i ca

Re: [Pdns-users] blocked by 'dont-query' setting

this is not on the manual page. should i file a bug? why not. You can do that on http://wiki.powerdns.com/trac "TO FILE BUGS, OR CHANGE THE WIKI, CLICK 'LOGIN' ABOVE, USERNAME anon PASSWORD "No Spam" without quotes or the space in between" how do you know default settings? I saw it in the s

Re: [Pdns-users] pdns and default-ttl option

See http://doc.powerdns.com/built-in-recursor.html max-cache-ttl Maximum number of seconds to cache an item in the DNS cache, no matter what the original TTL specified. Available since 3.2. "Derrik Pates" schrieb: >On 11/4/10 1:32 PM, Dmitriy Lyfar wrote: >> Thank you. Is th

Re: [Pdns-users] pdns and default-ttl option

>You should be able to do that will a lua script in version 3.3 with >the no-cache directive and set the TTL for the packet manually. I >have not tested it personally, but that sounds like it would work. The lua hooks are nxdomain and preresolve. As far as I know there is no possibility to manip

Re: [Pdns-users] Custom backend quit problem

Can anyone give me any clues as to why this might happen? Is there a quit command (I'm already exiting on "QUIT" or empty line from stdin) that the pipe backend sends? Or maybe this is a bug? I found this in our perl pipe backend: LINE: while( <> ) { exit if getppid() == 1; #Exit, cause my p

[Pdns-users] PowerDNS and multiple backends

Hi, I'm trying to setup PowerDNS Authoritativ Server 3.0 with three backends: launch=gmysql,bind,pipe It seems all works as expected. But every time I reload or start PowerDNS, my syslog shows for each bind zone (we have 791) which is loaded these two lines: ...gmysql Connection successful

Re: [Pdns-users] PowerDNS and multiple backends

Hi, now we have verified our setup with version 2.9.22 and it starts in 2 seconds. 3.0 takes 30 seconds! Since this is a very long time we think this could be a bug in 3.0 and we filed a ticket: http://wiki.powerdns.com/trac/ticket/383 Winfried Am 19.08.2011 09:33, schrieb abang: Hi

Re: [Pdns-users] Cannot turn off webserver and bind.version

Is it just me or option 'webserver=no' has no effect at all in latest stable authoritative version ?I am running multiple vhost instances and the port 8081 keeps conflicting. Running pdns_server --webserver=no also is of no use! I can confirm that. But as a workaround this config statement prev

Re: [Pdns-users] Pdns Authoritative + Recursor

my recursor.conf -additional-processing=on allow-from=My local and network ranges local-address=my local and external IPv4 and external IPv6 Maybe you didn't set the local-address 127.0.0.1 in recursor: local-address=127.0.0.1, -- Winfried __

Re: [Pdns-users] CNAME to other nameserver, what should a recursor do?

Hello, we have version 3.4 and it also didn't resolve webmail.deictvereniging.nl: ; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46897 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;webmail.deictvereniging.nl.IN A ;; ANSWER SEC

Re: [Pdns-users] pdns not forwarding query to root server

pdnsd is not PowerDNS! See http://members.home.nl/p.a.rombouts/pdnsd/ for informations. Am 14.05.2012 09:41, schrieb Muhammad Yousuf Khan: i am using debian 6.0.4 and PowerDNS as a caching server in to facilitate Squid cache. in the begining things were working fine (about 2 monts or so) but

Re: [Pdns-users] pdns not forwarding query to root server

oh then i think due to the name confusion i installed something else would you please give me a good link where i can lean the deplyoument of powerdns on debian sqeeze ... Packages for PowerDNS Authoritative and PowerDNS Recursor are available in Debians Squeeze repository: http://packages.de

Re: [Pdns-users] changing root server to local DNS

What you see is the DNS traffic initiated from tcpdump itself ;-) Try # tcpdump -n ... Am 15.05.2012 14:38, schrieb Muhammad Yousuf Khan: i want to mark the root server to my local server however powerdns is hitting j.root-server.net.domain but i want it to hit the local server secondly it is

Re: [Pdns-users] changing root server to local DNS

Try threads=1 Default is 2 which means you have two independent caches in your pdns process. Am 15.05.2012 16:06, schrieb Muhammad Yousuf Khan: ok, after searching internet i have found some of my answers but my question is still there. because there is a parameter # max-cache-ttl maximum

Re: [Pdns-users] changing root server to local DNS

The ttl of geo.tv is 60s. So it works as designed. You can not increase the ttl of a RR in your cache. This is not allowed. But you can set a upper limit with max-cache-ttl. ^^^ Am 15.05.2012 16:35, schrieb Muhammad Yousuf Khan: nope it didnt work either ;; ANSWER SECTION: geo.tv.

Re: [Pdns-users] changing root server to local DNS

Am 15.05.2012 17:16, schrieb Muhammad Yousuf Khan: but just one more question. i want my isp or my internal DNS server to be root. how can i stop powerDNS to query outside. i think my ISP DNS would be more good enough See http://doc.powerdns.com/built-in-recursor.html#recursor-settings example

Re: [Pdns-users] Not working forward-zones=abc.com=10.51.100.8

Am 18.05.2012 12:48, schrieb Muhammad Yousuf Khan: any one can help plz? Now I am using reporting tool sarg which i hope your are aware of, that is generating reports against SQUID log by default sarg generates IP base reports, further more there is an option in sarg report by which we can co

Re: [Pdns-users] Not working forward-zones=abc.com=10.51.100.8

>ok done forward-zones=100.51.10.in-addr.arpa=10.51.100.8 >above line worked or me. but still farword lookup is not working can >you please help me in this Please try # dig ykhan.abc.com @10.51.100.8 and post the output. ___ Pdns-users mailing list

Re: [Pdns-users] Not working forward-zones=abc.com=10.51.100.8

e is empty. On Fri, May 18, 2012 at 8:51 PM, abang wrote: > > >>ok done forward-zones=100.51.10.in-addr.arpa=10.51.100.8 >>above line worked or me. but still farword lookup is not working can >>you please help me in this > > Ple

Re: [Pdns-users] Not working forward-zones=abc.com=10.51.100.8

Hello, would you please explain RR a bit. i am new to Advance DNS controlling Sorry for the abbreviation. RR = DNS Resource Record http://en.wikipedia.org/wiki/Resource_record#DNS_resource_records A DNS resource record is a data record in a DNS zone. You need to store DNS RRs in your windows

Re: [Pdns-users] Notify all domains

is there any easy way how can i send notification about all zones/domains? http://tinydns.org/dnsnotify ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

[Pdns-users] MSG SIZE exceeds 512 bytes

Hi, I wonder how can a answer packet from our PowerDNS Recursor (3.4-pre) exceeds 512 bytes. I thought this is the limit and it should be truncated. The MSG SIZE in the example below is 701. Has someone a explanation for this? Winfried dig +notcp +ignore . NS @217.0.43.145 ; <<>> DiG 9.8

Re: [Pdns-users] MSG SIZE exceeds 512 bytes

rsion: 0, flags:; udp: 512 ;; QUESTION SECTION: ;. IN NS Am 05.12.2012 14:16, schrieb Peter van Dijk: Hello Winfried, On Dec 5, 2012, at 10:07 , abang wrote: I wonder how can a answer packet from our PowerDNS Recursor (3.4-pre) exceeds 512 bytes. I thought this is the limit and it should be

Re: [Pdns-users] Few query about PDNS

It seems to be modern, to try to solve all problems with DNS. But DNS is neither a router nor a load balancer and certainly not a HA cluster. "Always use the proper tool. If the proper tool isn't available, use a hammer." (Lt. Commander Montgomery „Scotty“ Scott) Am 17.12.2012 12:59, schrieb

Re: [Pdns-users] Pipe Backend not working correctly

Hi, your pipe-timeout is 5 *ms*. This is possibly too less (depending on your pipe-backend). See http://doc.powerdns.com/from3.1to3.2.html Am 27.01.2013 23:17, schrieb Roman Gaufman: Hi :) This is the pipe-command related stuff in my pdns.conf (rest is default): launch=pipe,bind pipe-comma

Re: [Pdns-users] Recursor errors

Hi, > Since a few days, entries like these are showing up in my logs: > > pdns_recursor[17287]: Error processing or aging answer packet: out of > bounds: 12 >= 12 > But I've got no clue what they mean. > > Does this sound familiar to anyone of you? 10/24/2010 Bert Hubert wrote to me: "This erro

Re: [Pdns-users] Recursor fails to resolve domains

Don't know what went wrong. But you should add 127.0.0.1 to allow-from if you ask from 127.0.0.1 Am 08.04.2013 11:32, schrieb Odhiambo Washington: I have a situation with pdns-recursor that I need help with. I am running it on 127.0.0.1:53 My configuration is as below:

Re: [Pdns-users] PowerDNS & Recursor IPv6

Am 10.05.2013 09:27, schrieb Florian Auproux: recursor= fd01:1:1:120::54:5400 Try this: recursor= [fd01:1:1:120::54]:5400 Winfried ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] pdns with pdns-recursor on IPv4 and IPv6

I think allow-recusion must be comma separated Ursprüngliche Nachricht Von: yyovchev Datum: An: pdns-users@mailman.powerdns.com Betreff: [Pdns-users] pdns with pdns-recursor on IPv4 and IPv6 Hello everybody. We have installed pdns with pdns-recursor. Everything for ip

[Pdns-users] pdns-3.3-rc1 autoreconf fails

# tar -xzf pdns-3.3-rc1.tar.gz && cd pdns-3.3-rc1 && autoreconf -i configure.ac:8: warning: macro `AM_SILENT_RULES' not found in library libtoolize: `./ltmain.sh' is newer: use `--force' to overwrite libtoolize: `m4/ltversion.m4' is newer: use `--force' to overwrite configure.ac:8: warning: macro

Re: [Pdns-users] pdns-3.3-rc1 autoreconf fails

Could you try: autoreconf -v -f -i # autoreconf -v -f -i autoreconf: Entering directory `.' autoreconf: configure.ac: not using Gettext autoreconf: running: aclocal --force -I m4 configure.ac:8: warning: macro `AM_SILENT_RULES' not found in library autoreconf: configure.ac: tracing autoreconf: r

Re: [Pdns-users] pdns-3.3-rc1 autoreconf fails

It works if I revert https://github.com/PowerDNS/pdns/commit/61a7fac366cbf6e25ea6f005d094dc4c95550578 So my workaround is: $ sed -i 's/^AM_SILENT_RULES(\[yes\])/dnl AM_SILENT_RULES([yes])/' configure.ac Am 18.06.2013 15:28, schrieb abang: Could you try: autoreconf -v -f -i #

Re: [Pdns-users] pdns-3.3-rc1 autoreconf fails

For the record, it's fixed: https://github.com/PowerDNS/pdns/commit/ae8bd630eac25f5f4d521e405d9a8c89553d219e ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] 1 sec delay before DNS-answer at pdns-recursor

Hi Shamus, PowerDNS Recursor not listening at ::1 by default. But localhost resolves (/etc/hosts) to ::1 at the first try. So dig's first query fails. After 1 second (don't know why 1 second because default timeout is 3s), dig tries again at 127.0.0.1 and it works. You have 3 possibilities:

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

Hi Gerald, > Weiß jemand wo der zu finden ist? aktuelle Pakete gibts hier: https://www.powerdns.com/downloads.html Winfried___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

Hi Gerald, aber ich brauche eines für Debian auf Raspberry Pi. wo du ein fertiges Binary für armv6l bekommst weiß ich nicht. Aber du könntest versuchen, selbst zu kompilieren. apt-get install libboost-dev wget http://downloads.powerdns.com/releases/pdns-recursor-3.5.2.tar.bz2 tar -xjf pdns-re

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

Am 16.08.2013 13:58, schrieb Marc Haber: pdns-users is an english language mailing list. He asked in german Sorry for this. We have further witten offlist. I will inform the list if we find new discoveries. The PowerDNS recursor cannot be compiled on arm architectures. It needs a feature

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

8 msec ;; SERVER: 192.168.10.233#53(192.168.10.233) ;; WHEN: Fri Aug 16 14:13:11 2013 ;; MSG SIZE rcvd: 30 I have a Raspberry Pi Type B with Debian Wheezy. kind regards Gerald On 2013-08-16 13:58, Marc Haber wrote: pdns-users is an english language mailing list. On Fri, Aug 16, 2013 at 10:0

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

Am 16.08.2013 15:55, schrieb Gerald: I have started recursor now with trace (/usr/sbin/pdns_recursor --daemon=no --trace=yes) The listing is long and therefore here to download: http://www.pechoc.eu/download/recursor_trace.txt Can you dig the root nameservers form your Pi? It seems to me you ha

Re: [Pdns-users] Installation PDNS Server auf Raspberry Pi (weezy)

Am 16.08.2013 16:08, schrieb Gerald: Here is the result: Ok. Try this config: query-local-address=192.168.10.233 in your recursor.conf OR on command line: --query-local-address=192.168.10.233 ___ Pdns-users mailing list Pdns-users@mailman.powerdn

Re: [Pdns-users] Related to recent DoS attacks: Recursor configuration file guidance

Hello Bert, Would you also provide the patch for the current version 3.5.3? Winfried Am 06.02.2014 13:10, schrieb bert hubert: Hi everybody, Over the past week we've been contacted by a few users reporting their PowerDNS Recursor became unresponsive under a moderate denial of service attack,

Re: [Pdns-users] PDNS does not send info for reverse DNS

In addition to Peter's hint: I assume your dig is asking your Recursor on Port 53. So you have to advise the Recursor to forward queries for your local zones to your authoritative server on Port 5300. Try this in the rcursor.conf: forward-zones=10.in-addr.arpa=127.0.0.1:5300 Winfried On

Re: [Pdns-users] PDNS does not send info for reverse DNS

Hi, Am 25.09.2014 15:51, schrieb Bart-Jan van Hummel: > |Exception: Resolver binding to server socket on port 53 for 10.20.0.4: > Address already in use| Please try first to solve this. Your Recursor can not listen on|||10.20.0.4:53! There must be another process which is listen on this port. #

Re: [Pdns-users] PDNS does not send info for reverse DNS

Am 25.09.2014 21:24, schrieb abang: > > forward-zones=10.in-addr.arpa <http://10.in-addr.arpa>=127.0.0.1:5300 Oh, you did that already. > > On 25. September 2014 15:51:21 MESZ, Bart-Jan van Hummel > wrote: > > > |When starting the re

Re: [Pdns-users] PDNS does not send info for reverse DNS

Am 26.09.2014 09:38, schrieb Bart-Jan van Hummel: > I don't know why he gives that resonse, since only pdns-recursor is > using port 53 on UDP/TCP: > > ~ root# netstat -tulpn | grep 10.20.0.4:53 > tcp0 0 10.20.0.4:530.0.0.0:* > LISTEN 3134/pdns_recursor >

Re: [Pdns-users] PDNS does not send info for reverse DNS

Realy strange. Ok let's try step by step. Does your authoritative DNS Server work? Log-in into your DNS Server and dig -p 5300 @127.0.0.1 -x 10.20.0.4 dig -p 5300 @127.0.0.1 -x 10.20.1.4 dig -p 5300 @127.0.0.1 -x 10.20.2.4 And please provide the whole output. If this works, test your Recursor.

Re: [Pdns-users] PDNS does not send info for reverse DNS

Am 29.09.2014 14:11, schrieb Bart-Jan van Hummel: ;; WARNING: Messages has 4 extra bytes at end ;; Query time: 0 msec ;; MSG SIZE rcvd: 44 This would mean your DNS Server (PowerDNS) is broken. But I exclude this in this case. My guess is that you are using virtualbox (right?) and have a pro

Re: [Pdns-users] PDNS does not send info for reverse DNS

Hi Bart-Jan, Am 30.09.2014 10:42, schrieb Bart-Jan van Hummel: > I am running DNS on a physical machine on Debian 7.6| > The requests are comming from Mac OS X. > The routers I use are Draytec which are connected with VPN IPSec > > So I did not yet use VirtualBox. I will try to see if I can find m

Re: [Pdns-users] Slow downloads google drive

It *might* be worth to give this setting a try: edns-subnet-whitelist=0.0.0.0/0, ::/0 But it depends on whether the client is talking to the Recursor over public or private IP addresses. https://doc.powerdns.com/recursor/settings.html#edns-subnet-allow-list https://en.m.wikipedia.org/wiki/EDNS

Re: [Pdns-users] PowerDNS Recursor RPZ issues

Hi Luke, You have to host the RPZ zone on a authoritative nameserver (PowerDNS Authoritative for example) in order to load it using the rpzPrimary function. The Recursor does not provide zonetransfers. Winfried ___ Pdns-users mailing list Pdns-users@m

Re: [Pdns-users] Overlay or pass-through support in PDNS?

Hi Eli, To keep it simple, you could implement the solution outside the DNS server by generating the different zones from a unified source, that contains both information about each RR. Winfried Am 3. August 2022 01:43:38 MESZ schrieb eli glynn via Pdns-users : >I've recently inherited a re

Re: [Pdns-users] [dnsdist] Dnsdist not reading from the cache

> getPool("resolverTopnet"):getCache():printStats() In one of your previous mails the pool name was "resolver". Am 9. September 2022 17:38:10 MESZ schrieb SAMI RAHAL via Pdns-users : >Hi Remi > >The server is in production it receives requests as shown in this summary > >Uptime: 17 days, Number

Re: [Pdns-users] pdns-recursor (4.6) empty response after expiration of the TTL of the cached record

The "NSEC3 proving non-existence" of this zone is broken. See https://dnsviz.net/d/riecis.nl/dnssec/?rr=all&a=all&ds=all&doe=on&ta=.&tk= You can workaround this issue by setting a NTA for it on your Recursors. It is recommended to inform the owner of the zone in order to fix the root cause. Win

Re: [Pdns-users] pdns-recursor (4.6) empty response after expiration of the TTL of the cached record

True, TCP is broken as well. Am 22. September 2022 10:01:58 MESZ schrieb Otto Moerbeek : >On Thu, Sep 22, 2022 at 09:41:57AM +0200, abang--- via Pdns-users wrote: > >> The "NSEC3 proving non-existence" of this zone is broken. See >> https://dnsviz.net/d/riecis.nl/dns

Re: [Pdns-users] Increased CPU usage after upgrade to MariaDB 10.6.11

Hi, We recently had a similar problem when we updated from 10.5.12 to 10.6.10. The cause was that the default behavior changed from innodb_flush_method = fsync to innodb_flush_method = O_DIREC Which means, no kernel file caching. If you have a too small innodb_buffer_pool_size in this ca

Re: [Pdns-users] Recursor Cache entries per record

Hi Giovanni, As far as I know, the Recursor is exactly doing what you want. IP addresses are not part of the hash. Only the query name is base of the hash. Identical query names are routed to the same thread and thus to the same cache. Winfried Am 28. November 2022 18:37:19 MEZ schrieb Giovan

Re: [Pdns-users] Warning in syslog after upgrade to PowerDNS Authoritative Server 4.7

Possibly related: https://github.com/PowerDNS/pdns/issues/9112 Winfried ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Blocklist file format

Am 7. März 2023 18:17:32 MEZ schrieb Adrian Minta via Pdns-users : >Thank you Otto ! > >RPZ seems to be a very nice feature for malware domains blocking and other >legal blocking requirements. > >Do you have a link with some examples on how it should be used ? https://raw.githubusercontent.com