Hi,
Can you query the recursor with dig @::1 -p 5301 ... ?
If you get a timeout, it is likely an ACL isue on the recursor side,
recursor will drop queries from non permitted clients. See
https://docs.powerdns.com/recursor/settings.html#allow-from
If so, use setVerboseHealthChecks(true) in the dnsdist configuraion
to get detailed health check information to diagnose further.
-Otto
On Sat, Jan 14, 2023 at 08:48:56PM -0500, Larry Wapnitsky via dnsdist wrote:
> I have dnsdist running on my powerdns server, and have just started adding
> in my IPv6 configurations. All seems well until I add in the v6 address for
> my recursor:
>
> [image: image.png]
>
> My config is as follows:
>
> newServer({address="127.0.0.1:53", name="primary", pool={"primary",
> "auth"}})
> newServer({address="[::1]", name="primary", pool={"primary", "auth"}})
> newServer({address='127.0.0.1:5301', pool='recursor'})
> newServer({address='[::1]:5301', pool='recursor'})
>
> and my ports are live:
>
> root@ns1:~# ss -tlpn | grep 53
> LISTEN 04096 10.150.33.5:530.0.0.0:*
> users:(("dnsdist",pid=4041,fd=10))
>
> LISTEN 0128 127.0.0.1:5301 0.0.0.0:*
> users:(("pdns_recursor",pid=1223,fd=6))
>
> LISTEN 0128 10.150.33.15:530.0.0.0:*
> users:(("pdns_server",pid=304,fd=10))
>
> LISTEN 0128 127.0.0.1:530.0.0.0:*
> users:(("pdns_server",pid=304,fd=9))
>
> LISTEN 04096127.0.0.53%lo:530.0.0.0:*
> users:(("systemd-resolve",pid=101,fd=13))
>
> LISTEN 0128 [::1]:5301 [::]:*
> users:(("pdns_recursor",pid=1223,fd=7))
>
> LISTEN 0128 [::1]:53 [::]:*
> users:(("pdns_server",pid=304,fd=12))
>
>
> Advice is welcome.
>
> Thank you,
>
> *Larry G. Wapnitsky*
> ___
> dnsdist mailing list
> dnsdist@mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
___
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
