Skip to content

Instantly share code, notes, and snippets.

@gwillem

gwillem/axfr

Last active August 29, 2015 14:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gwillem/8686d364e2d9cad92c62 to your computer and use it in GitHub Desktop.
Save gwillem/8686d364e2d9cad92c62 to your computer and use it in GitHub Desktop.
Download ZIP
PowerDNS unexpected NXDomain
Raw
axfr
$ dig @10.1.1.60 internal -t AXFR
; <<>> DiG 9.7.3 <<>> @10.1.1.60 internal -t AXFR
; (1 server found)
;; global options: +cmd
internal. 600 IN SOA nsa.byte.nl. hostmaster.byte.nl. 2009121500 10800 3600 604800 3600
localhost.internal. 604800 IN A 127.0.0.1
internal. 43200 IN NS nsa.byte.nl.
internal. 43200 IN NS nsb.byte.nl.
internal. 43200 IN NS nsc.byte.nl.
[...]
;; Query time: 706 msec
;; SERVER: 10.1.1.60#53(10.1.1.60)
;; WHEN: Mon Jul 14 16:18:49 2014
;; XFR size: 52990 records (messages 532, bytes 1419469)
Raw
check-zone
$ pdnssec check-zone internal
Checked 52985 records of 'internal', 0 errors, 0 warnings.
Raw
db-rows.sh
# Using percona-server-server-5.5 @ Debian Squeeze
$ mysql pdns -e 'select domain_id, name, type, content, ttl from records where name in ("internal","dbint039487.c1.internal","database33.c1.internal")'
+-----------+-------------------------+-------+----------------------------------------------+-------+
| domain_id | name | type | content | ttl |
+-----------+-------------------------+-------+----------------------------------------------+-------+
| 5247 | database33.c1.internal | A | 10.1.2.243 | 3600 |
| 5247 | dbint039487.c1.internal | CNAME | database33.c1.internal | 60 |
| 5247 | internal | SOA | nsa.byte.nl. hostmaster.byte.nl. 2009121500 | 600 |
| 5247 | internal | NS | nsa.byte.nl | 43200 |
| 5247 | internal | NS | nsb.byte.nl | 43200 |
| 5247 | internal | NS | nsc.byte.nl | 43200 |
| 5247 | internal | A | 82.94.214.144 | 600 |
+-----------+-------------------------+-------+----------------------------------------------+-------+
Raw
pdns.conf
# Running pdns-static 3.3.1-1 amd64 (deb pkg from site)
local-address=82.94.214.141,82.94.214.142,82.94.214.110,10.1.1.60
negquery-cache-ttl=0
query-cache-ttl=0
loglevel=9
allow-recursion=no
config-dir=/etc/powerdns
daemon=yes
disable-axfr=yes
guardian=yes
launch=gmysql
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
slave=yes
socket-dir=/var/run
gmysql-host=127.0.0.1
gmysql-user=pdns_read
gmysql-dbname=pdns
gmysql-password=xxxxxx
webserver=yes
webserver-address=0.0.0.0
webserver-port=8081
distributor-threads=5
Raw
stats
PowerDNS 3.3.1
Uptime: 7.7 minutes
Queries/second, 1, 5, 10 minute averages: 179, 122, 80.5. Max queries/second: 179
Cache hitrate, 1, 5, 10 minute averages: 41.4%, 39.3%, 39.0%
Backend query cache hitrate, 1, 5, 10 minute averages: 65.5%, 64.6%, 64.5%
Backend query load, 1, 5, 10 minute averages: 260, 187, 125. Max queries/second: 275
Total queries: 67066. Question/answer latency: 0.004ms
Raw
tcpdump
$ tcpdump -nvvr pcap-dns08 | grep -v AAAA | grep -B1 dbint039487.c1. | less
13:37:32.372046 IP (tos 0x0, ttl 64, id 24351, offset 0, flags [DF], proto UDP (17), length 69)
10.1.2.39.9903 > 10.1.1.60.53: [udp sum ok] 553+ A? dbint039487.c1.internal. (41)
13:37:32.373650 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 152)
10.1.1.60.53 > 10.1.2.39.9903: [udp sum ok] 553 NXDomain*- q: A? dbint039487.c1.internal. 1/1/0 dbint039487.c1.internal. CNAME database33.c1.internal. ns: internal. SOA nsa.byte.nl. hostmaster.byte.nl. 2009121500 10800 3600 604800 3600 (124)
13:37:32.373660 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 152)
10.1.1.60.53 > 10.1.2.39.9903: [udp sum ok] 553 NXDomain*- q: A? dbint039487.c1.internal. 1/1/0 dbint039487.c1.internal. CNAME database33.c1.internal. ns: internal. SOA nsa.byte.nl. hostmaster.byte.nl. 2009121500 10800 3600 604800 3600 (124)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment