Hi Frank, On Wed, 1 Jun 2022 11:23:16 +0200 "fr...@tembo.be" <fr...@tembo.be> wrote: > When this fails, could you run a dig command for a domain after > activating trace for that domain? (See > https://doc.powerdns.com/recursor/manpages/rec_control.1.html?highlight=trace-regex > <https://doc.powerdns.com/recursor/manpages/rec_control.1.html?highlight=trace-regex>) > > I'd like to see the full trace, but my guess would be all the > upstream / root name servers have been marked as too slow to be > reliable by PowerDNS.
I'm not allowed to give a full trace, NDA and stuff. The rec_control command can help though. I'll see what I can dig up from the environment when I'm able to access it again. The slow speed could be the cause, as there are low speed high latency links between the recursor and the root servers. How do I disable that speed check in PowerDNS? > Also, I would recommend upgrading to a more recent version, > especially as 4.5 adds goodies such as > https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails > <https://doc.powerdns.com/recursor/settings.html#non-resolving-ns-max-fails>. Alas, upgrading is not an option, as the environment is 'frozen'. The environment needs to work as-is for at least 1.5 years. All we can do is tweak settings. I'm already happy we could abandon 4.0 last year. -- Jan Huijsmans b...@koffie.nu ... cannot activate /dev/brain, no response from main coffee server _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
