Am 09.01.19 um 10:53 schrieb Nico CARTRON: > On 09-Jan-2019 10:46 CET, <[email protected]> wrote: > >> Hi, >> >> Am 09.01.19 um 09:53 schrieb Nico CARTRON: >>> On 09-Jan-2019 09:39 CET, <[email protected]> wrote: >>> >>>> Hi Nico, >>>> >>>> Am 09.01.19 um 09:33 schrieb Nico CARTRON: >>>>> Hi Stefan, >>>>> >>>>> On 09-Jan-2019 09:19 CET, <[email protected]> wrote: >>>>> >>>>>> Dear List, >>>>>> >>>>>> i'm trying to get max-negative-ttl to work but i can't. >>>>>> >>>>>> # dpkg -s pdns-recursor | grep Version >>>>>> Version: 4.1.8-1pdns.stretch >>>>>> >>>>>> # grep max-negative-ttl /etc/powerdns/recursor.conf >>>>>> max-negative-ttl=30 >>>>>> >>>>>> # dig -t A unknowndomainxyz.multi.hiddendomain.de >>>>>> ... >>>>>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26437 >>>>>> ... >>>>>> >>>>>> dumped cache: >>>>>> >>>>>> # grep "unknowndomainxyz.multi.hiddendomain.de" /cachefile >>>>>> unknowndomainxyz.multi.hiddendomain.de. 3588 A ; tag 0 >>>>>> >>>>>> Why is the TTL 3588 when max-negative-ttl is set to 30? >>>>> >>>>> Just did a quick check on one of my Recursor, version 4.1.8 running on >>>>> FreeBSD, and max-negative-ttl works as expected (i.e. if I set it to 30 >>>>> seconds, I correctly get this back, should it be with a dig or when >>>>> dumping the cache). >>>>> >>>>> Did you forget to restart the recursor after having changed the value in >>>>> the recursor.conf? Cause the 3600 value is the default one. >>>> >>>> No it was def. restarted after changing the config. >>>> >>>> See below: >>>> # rec_control get-parameter max-negative-ttl >>>> max-negative-ttl="30" >>>> >>>> Greets, >>>> Stefan >>>> >>> >>> So I did the test on a Debian Stretch, with the same version as you: >>> >>> root@vm-pdns1-lab:/etc/powerdns# dpkg -s pdns-recursor |grep Version >>> Version: 4.1.8-1pdns.stretch >>> >>> and I also got it working. >>> >>> Do you mind sharing your entire recursor.conf configuration file? >> >> Do i can provide it - just an idea. I'm talking about a Subdomain wich >> is missing / NXDOAIN - the domain itself exists with a TTL of 3600. > > Please share it :)
Config is this one: allow-from=127.0.0.0/8 dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32 local-address=127.0.0.1 max-negative-ttl=30 quiet=yes setgid=pdns setuid=pdns threads=2 version-string=SomeDNS 1.0 $Id $ > Also, please share the domain name you are testing with, not > "hiddendomain.de" - see > https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/ > >> Did you test a subdomain, where the real domain exists? > > Yes, the domain I tested with exists indeed. OK i retested with a different subdomain and indeed it works fine - but i've no idea what's different. Real test is / was: mydomain.multi.uribl.rblserver.de-nserver.de This is a subdomain DNS delegation to a server running rbldnsd. It seems it has something todo with rbldnsd - but i understood the option in powerdns like it ALWAYS overwrites the ttl no matter what kind of answer it gets. Greets, Stefan _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
