我在不同的服务器上有 Powerdns recursor(来自 ubuntu repo 的 4.4.2)和 PowerDNS Authoritative(来自 ubuntu repo 的 4.4.1)。
递归器配置:
allow-from-file=/etc/pwrdnsallowfrom.acl
any-to-tcp=yes
forward-zones-file=/etc/pwrdnsforwaders.conf
log-common-errors=yes
log-timestamp=yes
new-domain-log=yes
unique-response-log=yes
loglevel=3
logging-facility=0
disable-syslog=no
max-negative-ttl=1
/etc/pwrdnsforwaders.conf内容:
cat /etc/pwrdnsforwaders.conf
.=192.168.60.10
权威配置:
gmysql-host=localhost
gmysql-port=3306
gmysql-user=powerdns
gmysql-password=password
gmysql-dbname=powerdns
gmysql-dnssec
local-address=192.168.60.10
api=yes
api-key=apikey
allow-axfr-ips=127.0.0.1
allow-dnsupdate-from=127.0.0.1
allow-notify-from=127.0.0.1
disable-axfr=yes
any-to-tcp=yes
cache-ttl=60
master=yes
max-tcp-connections=20
non-local-bind=no
有时,递归器会一遍又一遍地响应 nslookup 请求并返回 SERVFAIL。只有重新启动才有帮助:
systemctl restart pdns-recursor.service
当出现问题时,递归日志中没有任何异常:
Mar 18 09:09:54 pwrdnsrec pdns_recursor [5524]: 2 [1888/1] question for 'example.com | A' from 11.22.33.44:39530
Mar 18 09:09:54 pwrdnsrec pdns_recursor [5524]: 2 [1888/1] answer to non-rd question 'example.com | A': 1 answers, 0 additional, took 0 packets, 0 netw ms, 0 tot ms , 0 throttled, 0 timeouts, 0 tcp connections, rcode = 0
可能是什么问题呢?
答案1
这些是递归器和授权之间的网络问题。通过在递归器配置中添加以下内容可以解决此问题:
network timeout: 5000