Re: [Pdns-users] PDNS Recursor and reverse lookup
Can you show your exact dig command line and the result from powerdns and bind? This is all supposed to work :) Sent from my phone. - Reply message - From: Uroš Gruber uros.gru...@gmail.com Date: Wed, Jun 16, 2010 10:01 Subject: [Pdns-users] PDNS Recursor and reverse lookup To: pdns-users@mailman.powerdns.com ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PDNS Recursor and reverse lookup
Hi, here is result from one of IP [r...@host1 ~]#dig @91.185.194.202 118.167.130.182 ; DiG 9.4.3-P2 @91.185.194.202 118.167.130.182 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7121 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;118.167.130.182. IN A ;; AUTHORITY SECTION: . 10774 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2010061600 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 91.185.194.202#53(91.185.194.202) ;; WHEN: Wed Jun 16 10:31:49 2010 ;; MSG SIZE rcvd: 108 [r...@host1 ~]#dig @91.185.194.206 118.167.130.182 ; DiG 9.4.3-P2 @91.185.194.206 118.167.130.182 ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached [r...@host1 ~]#host 118.167.130.182 91.185.194.202 Using domain server: Name: 91.185.194.202 Address: 91.185.194.202#53 Aliases: 182.130.167.118.in-addr.arpa domain name pointer 118-167-130-182.dynamic.hinet.net. [r...@host1 ~]#host 118.167.130.182 91.185.194.206 ;; connection timed out; no servers could be reached One thing I didn't quite understand is that bind have root.hint file but powerdns does not. Could this be a problem? regards Uros On Wed, Jun 16, 2010 at 10:14 AM, bert.hub...@netherlabs.nl bert.hub...@netherlabs.nl wrote: Can you show your exact dig command line and the result from powerdns and bind? This is all supposed to work :) Sent from my phone. - Reply message - From: Uroš Gruber uros.gru...@gmail.com Date: Wed, Jun 16, 2010 10:01 Subject: [Pdns-users] PDNS Recursor and reverse lookup To: pdns-users@mailman.powerdns.com Hi, I've set up pdns_recursor and everything works as expected except one thing. dig-ing reverse lookups returns nothing. With bind i have no such problems. I've tested a bunch of IPs and I didn't get any answers. Is this normal and pdns_recursor does not support this or there is a secret setting I need to enable. I'm using latest PDNS_recursor on FreeBSD and i only set local-ip in config. regards Uros ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PDNS Recursor and reverse lookup
On Wed, Jun 16, 2010 at 10:34:30AM +0200, Uroš Gruber wrote: Hi, here is result from one of IP Try adding -x to the command line. From the 'dig' manpage: 'The default query type is A, unless the -x option is supplied to indicate a reverse lookup.' [r...@host1 ~]#dig @91.185.194.202 118.167.130.182 ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7121 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 This answer is correct. One thing I didn't quite understand is that bind have root.hint file but powerdns does not. Could this be a problem? PowerDNS Recursor has a built-in root.hint file (and can also load one from disk), so this is not the problem. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PDNS Recursor and reverse lookup
On 06/16/2010 10:34 AM, Uroš Gruber wrote: Hi, Hello Uroš, here is result from one of IP [r...@host1 ~]#dig @91.185.194.202 http://91.185.194.202 118.167.130.182 I think you might have a mistake there. The proper command with dig would be, -x is for reverse address lookup: dig @91.185.194.202 http://91.185.194.202 -x 118.167.130.182 ; DiG 9.4.3-P2 @91.185.194.202 http://91.185.194.202 118.167.130.182 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7121 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;118.167.130.182. IN A As you can see above it does an A-record query, not a PTR-record (reverse address) query. ;; AUTHORITY SECTION: . 10774 IN SOA a.root-servers.net http://a.root-servers.net. nstld.verisign-grs.com http://nstld.verisign-grs.com. 2010061600 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 91.185.194.202#53(91.185.194.202) ;; WHEN: Wed Jun 16 10:31:49 2010 ;; MSG SIZE rcvd: 108 [r...@host1 ~]#dig @91.185.194.206 http://91.185.194.206 118.167.130.182 ; DiG 9.4.3-P2 @91.185.194.206 http://91.185.194.206 118.167.130.182 ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached [r...@host1 ~]#host 118.167.130.182 91.185.194.202 Using domain server: Name: 91.185.194.202 Address: 91.185.194.202#53 Aliases: 182.130.167.118.in-addr.arpa domain name pointer 118-167-130-182.dynamic.hinet.net http://118-167-130-182.dynamic.hinet.net. [r...@host1 ~]#host 118.167.130.182 91.185.194.206 ;; connection timed out; no servers could be reached I'm really surprised this does not work. I've never seen that happen. Normally PowerDNS works just fine with that. Do you made any 'forward-zones' settings ? I would look at these settings first: allow-from Comma separated netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses, like 10.0.0.0/8. Due to the agressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. allow-from-file Like allow-from, except reading from file. Overrides the 'allow-from' setting. To use this feature, supply one netmask per line, with optional comments preceeded by a #. Available since 3.1.5. As it seems you didn't get any answer at all. Maybe you could send us the output of the following command: grep -v '^#' recursor.conf | grep -v '^$' that way we can see what settings you've used. One thing I didn't quite understand is that bind have root.hint file but powerdns does not. Could this be a problem? Their is a default root.hint built-in, you can specify 'your own' with the 'hint-file' option. regards Hope this helps, Leen. Uros On Wed, Jun 16, 2010 at 10:14 AM, bert.hub...@netherlabs.nl mailto:bert..hub...@netherlabs.nl bert.hub...@netherlabs.nl mailto:bert.hub...@netherlabs.nl wrote: Can you show your exact dig command line and the result from powerdns and bind? This is all supposed to work :) Sent from my phone. - Reply message - From: Uroš Gruber uros.gru...@gmail.com mailto:uros.gru...@gmail.com Date: Wed, Jun 16, 2010 10:01 Subject: [Pdns-users] PDNS Recursor and reverse lookup To: pdns-users@mailman.powerdns.com mailto:pdns-users@mailman.powerdns.com Hi, I've set up pdns_recursor and everything works as expected except one thing. dig-ing reverse lookups returns nothing. With bind i have no such problems. I've tested a bunch of IPs and I didn't get any answers. Is this normal and pdns_recursor does not support this or there is a secret setting I need to enable. I'm using latest PDNS_recursor on FreeBSD and i only set local-ip in config. regards Uros ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] PDNS Recursor and reverse lookup
dig ptr @91.185.194.202 118.167.130.182.in-addr.arpa # dig ptr 60.42.39.24.in-addr.arpa ; DiG 9.4.3-P5 ptr 60.42.39.24.in-addr.arpa ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 52636 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;60.42.39.24.in-addr.arpa. IN PTR ;; ANSWER SECTION: 60.42.39.24.in-addr.arpa. 86400 IN PTR acolyte.xyonet.com. ;; Query time: 87 msec ;; SERVER: 10.0.1.3#53(10.0.1.3) ;; WHEN: Wed Jun 16 13:45:23 2010 ;; MSG SIZE rcvd: 74 Curtis On 6/16/2010 4:53 AM, bert hubert wrote: On Wed, Jun 16, 2010 at 10:34:30AM +0200, Uroš Gruber wrote: Hi, here is result from one of IP Try adding -x to the command line. From the 'dig' manpage: 'The default query type is A, unless the -x option is supplied to indicate a reverse lookup.' [r...@host1 ~]#dig @91.185.194.202 118.167.130.182 ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7121 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 This answer is correct. One thing I didn't quite understand is that bind have root.hint file but powerdns does not. Could this be a problem? PowerDNS Recursor has a built-in root.hint file (and can also load one from disk), so this is not the problem. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
