On 22/08/2019 09:10, 姜伯洋 wrote:
When the parsing fails, it’s like this But if there are a total of ten
resolutions, there may be 3-4 failures.
user.test.com This domain name is the internal domain name. I
specified that if it is the resolution of the internal domain name, it
will go to my internal authoritative server.
Therefore: show your pdns-recursor configuration. Are you using
"forward-zones" or "forward-zones-files" perhaps? What have you put in
the them? Are you forwarding to a single authoritative server, or to
several?
Then: what authoritative server are you using? How is it configured it
for this zone?
Show the "dig" output from:
- a successful lookup from pdns-recursor (you only showed an empty one)
- direct dig to the authoritative server. What happens if you repeat
it? Do you get the same answers, or different ones? What's the TTL
returned?
It's possible that the authoritative server(s) are not returning
consistent answers, and are returning them with a very low TTL. But this
sort of thing is very hard to diagnose without seeing actual
configurations, actual dig output and/or actual packet captures.
Please read the support statement I linked to before. If you're not
prepared to post the actual domain you're using, then reproduce the
problem with another domain: for example, create the actual domain
"example.com" on your authoritative nameserver and configure forwarding
to it from your recursor. Then you can post real dig output and packet
captures without having to mangle them.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
