7 Čec
2015
7 Čec
'15
21:26
Oh I made it work after debugging enough I could get the info needed.
Without debug is very hard to understand why AXFR fails, it only returns
"connection refused".
Thanks for the attention anyway :)
On Tue, Jul 7, 2015 at 3:10 PM, Ondřej Surý <ondrej.sury(a)nic.cz> wrote:
Also what does the Knot DNS logs say at debug level?
We definitely have a user with similar setup (I'm Bccing him, so he can
respond at his will) - PowerDNS as a primary and Knot DNS as a secondary.
If you are into a deeper debugging, could you capture the packets between
Knot secondary and PowerDNS primary?
Cheers,
Ondrej
--
Ondřej Surý -- Chief Science Officer
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@nic.cz https://nic.cz/
--------------------------------------------
------------------------------
*From: *"Filipe Cifali" <cifali.filipe(a)gmail.com>
*Cc: *knot-dns-users(a)lists.nic.cz
*Sent: *Tuesday, July 7, 2015 5:41:17 PM
*Subject: *Re: [knot-dns-users] AXFR - RFC1912
Yes, w/ aa flag and all the SOA record
On Tue, Jul 7, 2015 at 12:12 PM, Jan Včelák <jan.vcelak(a)nic.cz> wrote:
--
[ ]'s
Filipe Cifali Stangler
Hello Filipe,
does the PowerDNS server respond to SOA queries over TCP?
$ dig +tcp @127.0.0.1 zone.name SOA
Cheers,
Jan
On Tuesday, July 07, 2015 11:59:00 AM Filipe Cifali wrote:
--
[ ]'s
Filipe Cifali Stangler
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
Thanks, I finished fixing all the zones now,
finally.
Anyone has ever used PowerDNS as master of a Knotd slave? I'm missing
something since PowerDNS returns connection refused after the initial
transfer, like it's not responding correctly to PowerDNS.
Since I can dig AXFR @127.0.0.1 (which has PowerDNS running) I don't
see
how he can be wrong.
I'm not sure where to go looking for the problem here.
Best Regards,
[ ]'s
On Thu, Jul 2, 2015 at 8:49 AM, Jan Včelák <jan.vcelak(a)nic.cz> wrote:
> Hello Filipe,
>
> On Thursday, July 02, 2015 07:57:46 AM Filipe Cifali wrote:
> > it's only failing for the zones w/ problems w/ CNAMEs, ignoring the
> > semantic-check off on the config.
>
> I have just taken a look to make sure: This particular check is
mandatory
> and
> cannot be disabled. And I'm quite sure I want to keep it that way. The
> CNAME
> in apex is not allowed. And we would have to define some behavior how
to
> answer when this happens, which makes a
little sense.
>
> You should rather urge your clients to fix their zones because this
> problem
> can lead to random resolution failures.
>
> Cheers,
>
> Jan
> _______________________________________________
> knot-dns-users mailing list
> knot-dns-users(a)lists.nic.cz
> https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users