Is it possible for you to provide actual data? Also, - have you turned on dnssec support? gmysql-dnssec=yes - can you provide the actual line(s) from mysql database - can you run pdnssec check-zone zone
Aki On Thu, Oct 29, 2015 at 08:18:29PM +0100, Martin wrote: > > > Hi, > > Thanks for your reply. I'm using Poweradmin and everything seems to be > ok in the database, no mixup of types and content or anything. > > I forgot to add that if I query the authoritative nameserver for the > domain directly, dig works as expected: > > dig a abc.example.com @ns1.mynsserver > > gives me the expected NXDOMAIN result. > > I have enabled MySQL query log and it appears that some queries are > fired but somehow the requesting client is unable to determine who is > authoritative or something. You see, when I use nslookup in debug mode > this happens: > > ------------ > QUESTIONS: > abc.example.com, type = A, class = IN > ANSWERS: > AUTHORITY RECORDS: > ADDITIONAL RECORDS: > ------------ > ** server can't find abc.example.com: SERVFAIL > > I would expect to at least get some authority records. Again, > www.example.com is working fine in nslookup & dig. > > Martin > > On 29-10-2015 18:12, bert hubert wrote: > > > Hi Martin, > > > > You appear to have put domain names in the type field! The error messages > > say the type is example.example.com. > > > > Bert > > > > On Oct 29, 2015 17:10, Martin <[email protected]> wrote: > > > >> Hi, I have setup a simple MySQL backend for a domain with a few MX > >> records, a couple of A records, two NS records and a SOA record for the > >> domain. All dig commands are run from a completely unrelated server: dig a > >> www.example.com [1] is working: it returns the right A record dig a > >> example.com is working: it returns the right A record Now this is where > >> things go wrong: dig a abc.example.com returns a SERVFAIL but I am > >> expecting a NXDOMAIN response because there is no A record for > >> abc.example.com I checked the PowerDNS logs and this is there: Oct 29 > >> 16:44:45 ns1 pdns[27687]: Exception building answer packet (Unknown DNS > >> type 'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >> pdns[27687]: Exception building answer packet (Unknown DNS type > >> 'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >> pdns[27687]: Exception building answer packet (Unknown DNS type > >> 'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >> pdns[27687]: Exception building answ > > er > packet (Unknown DNS type 'example.example.com') sending out servfail Oct 29 > 16:44:45 ns1 pdns[27687]: Exception building answer packet (Unknown DNS type > 'example.example.com') sending out servfail Five messages with unknow dns > type 'domain.domain.tld'. I have tried an online tool like > http://www.kloth.net/services/dig.php [2] as well and it generates the same > error in the logs but only once instead of five times. Can anyone point me in > the right direction? I'm stumped. I'm running the latest version on Debian. > Thanks, Martin > > > Links: > ------ > [1] http://www.example.com > [2] http://www.kloth.net/services/dig.php > _______________________________________________ > Pdns-users mailing list > [email protected] > http://mailman.powerdns.com/mailman/listinfo/pdns-users _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
