[talk] NSD and reverse zone files

Patrik Lundin patrik at sigterm.se
Thu Jun 30 02:23:04 EDT 2016


On Tue, Jun 28, 2016 at 01:19:36PM +0000, Mark Saad wrote:
>   Some further checking . I have unbound in front of nsd; and it appears that unbound is the issue.
> 

Just a quick hint: it was possible to see something was in front of NSD
becuase your drill output contained "flags: [...] ra". Since NSD is
authoritative only it should never set the Recursion Available bit.

> > [msaad at ny4-c108-nocbox ~]$ drill -x 192.168.221.1
> > ;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 20754
> > ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 
> > ;; QUESTION SECTION:
> > ;; 1.221.168.192.in-addr.arpa.  IN      PTR
> > 

You could try running unbound-host with your configuration file:
===
unbound-host -v -dd -C /path/to/unbound.conf 192.168.221.1
===

The -dd will result in very detailed output showing what the unbound
code is doing. You may get by with less debug as well.

-- 
Patrik Lundin




More information about the talk mailing list