Re: [Pdns-users] DNSsec DS trouble in single server TLD setup
On Thu, Apr 21, 2011 at 11:13:00AM +0200, Niek wrote: Couldn't get it to work with the TLD and the child zone on the same server. I was wondering whether this could be a bug in PowerDNS Server or whether I'm maybe trying to do something the wrong way. (And I was wondering if it also affects subdomains on the same server as the parent domain, I didn't investigate) Thank you for your investigation! Build 2181 is up which fixes your initial DS bug. Can you check if things are ok now? Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] mysql-tests
On Sat, Apr 23, 2011 at 01:04:51AM +0200, erkan yanar wrote: As Im missing any good data I created 6*10^6 entries for domains and for every domain some entries in the records-table (about 66*10^6) That is a pretty good test! 6 million domains is around 2 million domains smaller than the largest deployment we know of. Queries per second: 10923.212970 qps Interesting. Post 3.0 we will be focussing on performance for a few releases. It may well be that we'll add guidance on which indexes to use. As I miss live/real data I would like to get into contact with some live/real-data. You can use tcpdump dnsreplay perhaps? Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] mysql-tests
Moin Bert, On Wed, Apr 27, 2011 at 03:15:27PM +0200, bert hubert wrote: On Sat, Apr 23, 2011 at 01:04:51AM +0200, erkan yanar wrote: As Im missing any good data I created 6*10^6 entries for domains and for every domain some entries in the records-table (about 66*10^6) That is a pretty good test! 6 million domains is around 2 million domains smaller than the largest deployment we know of. Queries per second: 10923.212970 qps Interesting. Post 3.0 we will be focussing on performance for a few releases. It may well be that we'll add guidance on which indexes to use. In fact I did a new test (on sunday azlev forced me to use -q :): # ./dnsperf -d /var/tmp/pdns.list -q 4000 -s localhost DNS Performance Testing Tool Nominum Version 1.0.1.0 [Status] Processing input data [Status] Sending queries (to 127.0.0.1) [Status] Testing complete Statistics: Parse input file: once Ended due to: reaching end of file Queries sent: 494969 queries Queries completed:494969 queries Queries lost: 0 queries Avg request size: 55 bytes Avg response size:81 bytes Percentage completed: 100.00% Percentage lost:0.00% Started at: Sun Apr 24 02:50:44 2011 Finished at: Sun Apr 24 02:51:05 2011 Ran for: 21.518132 seconds Queries per second: 23002.414894 qps With pdns-cache it was easy doubled (with up to 1% Packet lost). As I miss live/real data I would like to get into contact with some live/real-data. You can use tcpdump dnsreplay perhaps? Naa Im just a little dba. In fact I own 5 domains:) Erkan ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] DNSsec DS trouble in single server TLD setup
Bert, Build 2181 is up which fixes your initial DS bug. Can you check if things are ok now? r2181 fixes this for me, but I note that DS records are served only when querying with +dnssec. Omitting the switch gives NOERROR and NODATA. (This behaviour differs from that of BIND and NSD.) For example: dig +nodnssec powerdnssec.org ds Regards, -JP ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] DNSsec DS trouble in single server TLD setup
Great job Bert! I can confirm that build 2181 fixes this problem completely. And it also fixes [Pdns-users] Delegating a subdomain with DNSsec fails if child and parent zone are on same server On Wed, Apr 27, 2011 at 10:59:00AM +0200, bert hubert wrote: On Thu, Apr 21, 2011 at 11:13:00AM +0200, Niek wrote: Couldn't get it to work with the TLD and the child zone on the same server. I was wondering whether this could be a bug in PowerDNS Server or whether I'm maybe trying to do something the wrong way. (And I was wondering if it also affects subdomains on the same server as the parent domain, I didn't investigate) Thank you for your investigation! Build 2181 is up which fixes your initial DS bug. Can you check if things are ok now? Bert Grtz, -- Niek ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] DNSsec DS trouble in single server TLD setup
Hi JP, Overhere it looks okay: ; DiG 9.6.1-P2 +nodnssec powerdnssec.org ds ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 16718 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;powerdnssec.org. IN DS ;; ANSWER SECTION: powerdnssec.org. 86332 IN DS 2224 5 1 CD79B0D2639AAA5AE5ABDC80003836E5E5E0C506 On Wed, Apr 27, 2011 at 04:58:43PM +0200, Jan-Piet Mens wrote: Bert, Build 2181 is up which fixes your initial DS bug. Can you check if things are ok now? r2181 fixes this for me, but I note that DS records are served only when querying with +dnssec. Omitting the switch gives NOERROR and NODATA. (This behaviour differs from that of BIND and NSD.) For example: dig +nodnssec powerdnssec.org ds Regards, -JP ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users Grtz, -- Niek ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] lookup failing only with pdns recursor
Wait, found that this is the same problem as in thread DNS resolution problem with pdns-recursor-3.3 I am sorry, but I think this has been a wild goose chase regarding a bug in the recursor. The existing 3.3 version works just fine with resolving cdn4.digitalconcerthall.com from a system outside our network. I am going to start looking into a firewall or networking problem. Thank you for your assistance and I will let you know what I find and hopefully it will help someone else. I also found this works on the same recursor on a machine outside the network. Now I'm rapidly hunting down the problem. Regards, Mark ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
