Can you show your custom queries? Aki
On Sun, Nov 01, 2015 at 03:41:41PM +0100, Martin wrote: > Yes, but I have checked and double checked all custom queries, and > all fields in the SELECT clauses are in the correct order (correct = > order of fields as in the Powerdns source code queries). I have no > idea where that malformed type is coming from. When I disable the > backend with the custom queries everything is ok with this domain, > but like I said, I cannot figure out why Powerdns does what it does > when both backends are active. > > Martijn > > > On 30-10-2015 17:41, Aki Tuomi wrote: > >That, again, means that you have dns name in type column. > > > >On Thu, Oct 29, 2015 at 09:32:48PM +0100, Martin wrote: > >>No, except for the aforementioned ' unknown dns type > >>'hoofdluis.hoofdluis.nl' ' message which is probably why the queries > >>fail but I am unable to track down where this error is coming from. > >>I'm guessing Powerdns tries to build a query and decided something > >>is wrong, but since it is never actually executed in the database it > >>doesn't show up in the MySQL query logs. > >> > >>Martijn > >> > >> > >>On 29-10-2015 21:22, Aki Tuomi wrote: > >>>When you get SERVFAIL, do you see anything in > >>> > >>>/var/log/syslog or /var/log/messages > >>> > >>>Aki > >>> > >>>On Thu, Oct 29, 2015 at 09:11:16PM +0100, Martin wrote: > >>>> > >>>> > >>>>Hi, > >>>> > >>>>Sure, one of the domains that is giving me trouble is hoofdluis.nl > >>>> > >>>>- dnssec is disabled for this backend in Powerdns config > >>>> > >>>>- here's a few lines from the 'records' table: > >>>> > >>>>| id | domain_id | name | type | content | ttl | prio | change_date | > >>>>disabled | ordername | auth | > >>>>+-----+-----------+------------------------+------+------------------------------------------------------------------------+-------+------+-------------+----------+-----------+------+ > >>>>| 349 | 38 | hoofdluis.nl | SOA | ns1.sonexo.eu info.sonexo.nl > >>>>2015102902 10800 3600 604800 3600 | 86400 | 0 | 1446148124 | 0 | > >>>>NULL | > >>>>1 | > >>>>| 350 | 38 | hoofdluis.nl | NS | ns1.sonexo.eu | 86400 | 0 | > >>>>1446122706 > >>>>| 0 | NULL | 1 | > >>>>| 351 | 38 | hoofdluis.nl | NS | ns2.sonexo.com | 86400 | 0 | > >>>>1446122706 > >>>>| 0 | NULL | 1 | > >>>>| 352 | 38 | www.hoofdluis.nl | A | 185.27.174.120 | 86400 | 0 | > >>>>1446122706 | 0 | NULL | 1 | > >>>>| 353 | 38 | hoofdluis.nl | A | 185.27.174.120 | 86400 | 0 | > >>>>1446122706 > >>>>| 0 | NULL | 1 | > >>>>| 355 | 38 | localhost.hoofdluis.nl | A | 127.0.0.1 | 86400 | 0 | > >>>>1446122706 | 0 | NULL | 1 | > >>>> > >>>>- root@ns1:/etc/powerdns/pdns.d# pdnssec check-zone hoofdluis.nl > >>>>Checked 12 records of 'hoofdluis.nl', 0 errors, 0 warnings. > >>>> > >>>>I should probably add that we are running two backends, both MySQL on > >>>>the same server, spread out over two different databases. One > >>>>backend is > >>>>more advanced and uses custom queries and dnssec but has no records > >>>>whatsoever for any of the domains in the second backend, and > >>>>vice versa. > >>>>Advanced backend is queried first, regular one next. It'd be easy to > >>>>point to this as the source of the problem but I cannot find any clue > >>>>that it is causing problems since MySQL queries are ok and the first > >>>>(more advanced) backend does not return any data at all for the domain > >>>>hoofdluis.nl so the second backend is definitely in control. > >>>> > >>>>Martin > >>>> > >>>>On 29-10-2015 20:39, Aki Tuomi wrote: > >>>> > >>>>> Is it possible for you to provide actual data? Also, > >>>>> - have you turned on dnssec support? gmysql-dnssec=yes > >>>>> - can you provide the actual line(s) from mysql database > >>>>> - can you run pdnssec check-zone zone > >>>>> > >>>>> Aki > >>>>> > >>>>> On Thu, Oct 29, 2015 at 08:18:29PM +0100, Martin wrote: > >>>>> Hi, Thanks for your reply. I'm using Poweradmin and everything seems to > >>>>> be ok in the database, no mixup of types and content or anything. I > >>>>> forgot to add that if I query the authoritative nameserver for the > >>>>> domain directly, dig works as expected: dig a abc.example.com > >>>>> @ns1.mynsserver gives me the expected NXDOMAIN result. I have enabled > >>>>> MySQL query log and it appears that some queries are fired but somehow > >>>>> the requesting client is unable to determine who is authoritative or > >>>>> something. You see, when I use nslookup in debug mode this happens: > >>>>> ------------ QUESTIONS: abc.example.com, type = A, class = IN ANSWERS: > >>>>> AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ ** server can't > >>>>> find abc.example.com: SERVFAIL I would expect to at least get some > >>>>> authority records. Again, www.example.com [1]is working fine in > >>>>> nslookup & dig. Martin On 29-10-2015 18:12, bert hubert wrote: Hi > >>>>> Martin, You appear to have put domain names in the type field! The > >>>>> error messages say the type is > >>>>example.example.com. Bert On Oct 29, 2015 17:10, Martin > >>>><[email protected]> wrote: Hi, I have setup a simple MySQL > >>>>backend for a domain with a few MX records, a couple of A > >>>>records, two NS records and a SOA record for the domain. All dig > >>>>commands are run from a completely unrelated server: dig a > >>>>www.example.com [1] [1] is working: it returns the right A > >>>>record dig a example.com is working: it returns the right A > >>>>record Now this is where things go wrong: dig a abc.example.com > >>>>returns a SERVFAIL but I am expecting a NXDOMAIN response > >>>>because there is no A record for abc.example.com I checked the > >>>>PowerDNS logs and this is there: Oct 29 16:44:45 ns1 > >>>>pdns[27687]: Exception building answer packet (Unknown DNS type > >>>>'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >>>>pdns[27687]: Exception building answer packet (Unknown DNS type > >>>>'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >>>>pdns[27687]: Exception building answer packet (Unknown DNS type > >>>>'example.example.com') sending out servfail Oct 29 16:44:45 ns1 > >>>>pdns[27687]: Exception building answ > >>>> er packet (Unknown DNS type 'example.example.com') sending out > >>>>servfail > >>>>Oct 29 16:44:45 ns1 pdns[27687]: Exception building answer packet > >>>>(Unknown DNS type 'example.example.com') sending out servfail Five > >>>>messages with unknow dns type 'domain.domain.tld'. I have tried an > >>>>online tool like http://www.kloth.net/services/dig.php [3] [2] as well > >>>>and it generates the same error in the logs but only once instead of > >>>>five times. Can anyone point me in the right direction? I'm > >>>>stumped. I'm > >>>>running the latest version on Debian. Thanks, Martin Links: ------ [1] > >>>>http://www.example.com [1] [2] > >>>>http://www.kloth.net/services/dig.php [3] > >>>> > >>>> > >>>>> _______________________________________________ Pdns-users mailing list > >>>>> [email protected] > >>>>> http://mailman.powerdns.com/mailman/listinfo/pdns-users [2] > >>>> > >>>> > >>>>Links: > >>>>------ > >>>>[1] http://www.example.com > >>>>[2] http://mailman.powerdns.com/mailman/listinfo/pdns-users > >>>>[3] http://www.kloth.net/services/dig.php > >>> > >>>>_______________________________________________ > >>>>Pdns-users mailing list > >>>>[email protected] > >>>>http://mailman.powerdns.com/mailman/listinfo/pdns-users > >> > >>_______________________________________________ > >>Pdns-users mailing list > >>[email protected] > >>http://mailman.powerdns.com/mailman/listinfo/pdns-users > >> > > _______________________________________________ > Pdns-users mailing list > [email protected] > http://mailman.powerdns.com/mailman/listinfo/pdns-users > _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
