• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DNS-server: Resolution issues with TinyDNS/dnscache

DHCP and DNS
5
11
6.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    minus
    last edited by Feb 22, 2008, 7:07 PM

    So, I installed the dns-server package on 1.2RC4 and the setup went smooth. I populated about 76 records for our internal domain, and made sure that the SOA record for domain is setup correctly. A dig on our domain shows that the pfsense server is indeed returning the records I gave it…but that's all it will return. If a lookup of www.google.com goes through, I get the following in the logs:

    2008-02-22 12:20:28.452055500      10.1.0.116:3486 A        not_authority            mail.google.com
    2008-02-22 12:20:30.364022500      10.1.0.116:3487 A        responded                www.digg.com.mydomain.net
    2008-02-22 12:20:30.364599500      10.1.0.116:3487 A        not_authority            www.digg.com
    2008-02-22 12:20:33.451714500      10.1.0.116:3487 A        responded                mail.google.com.mydomain.net
    2008-02-22 12:20:33.455924500      10.1.0.116:3487 A        not_authority            mail.google.com
    2008-02-22 12:20:35.348065500      10.1.0.116:3487 A        not_authority            www.google.com
    2008-02-22 12:20:35.367486500      10.1.0.116:3487 A        not_authority            www.digg.com
    2008-02-22 12:20:38.455287500      10.1.0.116:3487 A        not_authority            mail.google.com
    2008-02-22 12:20:40.347193500      10.1.0.116:3487 A        not_authority            www.google.com
    2008-02-22 12:20:40.367155500      10.1.0.116:3487 A        responded                www.digg.com.mydomain.net
    

    Eventually the lookup times out. Here are my related settings:

    • DNS Forwarder: Off

    • DNS Cacher server forwarders: On

    • General Setup|DNS Servers: Set for 127.0.0.1

    Any clues as to why it will only return records for the one domain I have an SOA for?

    1 Reply Last reply Reply Quote 0
    • D
      dotdash
      last edited by Feb 22, 2008, 8:39 PM

      It sounds like it is operating correctly. Per design, TinyDNS does not act as recursive caching server. See this post: http://forum.pfsense.org/index.php/topic,7812.0.html

      1 Reply Last reply Reply Quote 0
      • M
        minus
        last edited by Feb 22, 2008, 9:00 PM

        TinyDNS itself doesn't but dnscache (another part of djbdns) is supposed to be doing the recursive lookups. I'm thining this is a config issue or a bug.

        See here: http://cr.yp.to/djbdns/dnscache.html

        And this is what's running on my pfsense box:

        Gtinydns 23922  0.0  0.0  1396   724  ??  I    12:53PM   0:00.01 /usr/local/bin/tinydns
        root     52631  0.0  0.0  1264   624  ??  I     6:53PM   0:00.01 supervise tinydns
        root     52633  0.0  0.0  1264   624  ??  S     6:53PM   0:42.81 supervise dnscache
        Gdnslog  52649  0.0  0.0  1292   656  ??  S     6:53PM   0:04.14 multilog t ./main
        Gdnslog  52654  0.0  0.0  1276   528  ??  I     6:53PM   0:00.01 multilog t ./main
        root      3078  0.0  0.1  1596  1048  p0  S+    2:58PM   0:00.00 grep dns
        

        I'm not super familiar with BSD, but something tells me that "supervise dnscache" doesn't mean that it's running as it is should be.

        1 Reply Last reply Reply Quote 0
        • V
          velosity
          last edited by Mar 2, 2008, 9:57 PM

          I am having the same issue.  TinyDNS is getting the request for the non auth domain, it's just is not forwarding it.  I also have supervise running, don't know what that means.

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by Mar 11, 2008, 12:20 AM

            Turn off the DNS forwarder service?

            1 Reply Last reply Reply Quote 0
            • V
              velosity
              last edited by Mar 11, 2008, 3:37 AM

              DNS forwarder service is off.

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by Mar 11, 2008, 3:48 AM

                Okay, the dnscache portions are sorta experimental (is the polite way to put it).  Have not heard from the developer for quite a while now that was adding those features.

                1 Reply Last reply Reply Quote 0
                • V
                  velosity
                  last edited by Mar 11, 2008, 3:52 AM

                  Ok, thanks for the response.  I'm still a bsd noob, but i will see what i can do to get it working.  What does the supervise mean?

                  1 Reply Last reply Reply Quote 0
                  • S
                    sullrich
                    last edited by Mar 11, 2008, 3:59 AM

                    That is the DJB way.  I suggest reading up on the "DJB" way :)

                    1 Reply Last reply Reply Quote 0
                    • M
                      minus
                      last edited by Apr 7, 2008, 10:41 PM

                      Anyone ever figure out some new info about this one?

                      1 Reply Last reply Reply Quote 0
                      • N
                        nexusone
                        last edited by May 13, 2008, 12:44 AM

                        I'm also seeing this problem.

                        I have to disable DNS forwarding to get tinydns to correctly bind to the interface and start. With DNS forwarder disabled I get no external resolution. Re-enable DNS forwarder, and disable tinydns and external resolution comes back.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.