Re: [Pdns-users] PowerDNS Recursor server stopped resolving about half of all domains last night; I built a new server and it's doing the same thing

Ultimately, a comment on this page[1] about Comcast's "SecurityEdge" product helped me, after beating my head against the wall for more than 12 hours over this. I logged into my Comcast Business account, went to my internet service tab, scrolled to the bottom, and disabled the SecurityEdge produ

[Pdns-users] PowerDNS Recursor server stopped resolving about half of all domains last night; I built a new server and it's doing the same thing

Hello, I have an existing PowerDNS Recursor 4.0.4 server running on Debian Jessie 8 (I know, I know, out of date ... I'm getting to that). It handles all DNS requests for my home lab network. It has a fairly simple config and has worked without interruption for literally years at a time. It als

Re: [Pdns-users] gmysql: Is latin1 really necessary? What are the consequences of using UTF-8?

ably the "lowest common denominator" > between various (My)SQL versions, flavours etc. > > Frank > > > >> On 30 Oct 2020, at 13:43, Nicholas Williams via Pdns-users >> mailto:pdns-users@mailman.powerdns.com>> >> wrote: >> >> Nob

Re: [Pdns-users] gmysql: Is latin1 really necessary? What are the consequences of using UTF-8?

Nobody has any thoughts here? Thanks, Nick > On Oct 25, 2020, at 11:51 AM, Nicholas Williams > wrote: > > In the past 4-5 years, I’ve gotten into the habit of defaulting all MySQL > tables to this: > >DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_5

[Pdns-users] gmysql: Is latin1 really necessary? What are the consequences of using UTF-8?

In the past 4-5 years, I’ve gotten into the habit of defaulting all MySQL tables to this: DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_520_ci Looking at the latest PowerDNS schema (I’m about to start up a second environment), I noticed that the entire schema has this:

Re: [Pdns-users] PowerDNS Recursor (+PDNS?) and auto-update of local hostname DNS

> On Oct 17, 2020, at 3:38 PM, Brian Candler wrote: > > On 17/10/2020 20:54, Nicholas Williams wrote: >> First, the concern. I run MySQL in master/slave replication mode. I have a >> master MySQL server that I write to, and the PowerDNS servers connect to the >>

Re: [Pdns-users] PowerDNS Recursor (+PDNS?) and auto-update of local hostname DNS

updated with Dynamic DNS so that my administrative console can differentiate between those and explicit records. Thanks, Nick > On Oct 17, 2020, at 06:22, Nicholas Williams > wrote: > > Thanks, everyone! I knew about DDNS and how it works, but I just thought it > was how pu

Re: [Pdns-users] PowerDNS Recursor (+PDNS?) and auto-update of local hostname DNS

the VyOS forums. Thanks! Nick > On Oct 17, 2020, at 02:49, Brian Candler wrote: > > On 17/10/2020 03:22, Nicholas Williams via Pdns-users wrote: >> Hello all, >> >> For background/context, I currently run a geographically-dispersed PowerDNS >> infrastructure w

[Pdns-users] PowerDNS Recursor (+PDNS?) and auto-update of local hostname DNS

Hello all, For background/context, I currently run a geographically-dispersed PowerDNS infrastructure with a MySQL backend publicly, and then on a private network I run PowerDNS Recursor for name resolution. My router software is VyOs , which is the base OS on which UniFi

Re: [Pdns-users] Can I filter AAAA DNS requests for Netflix?

07AM -0400, Aleksandr Rogozin via Pdns-users > wrote: >> Hi Nick, >> >> Since your request was to filter based on specific domains for qtype >> with custom response, I suggest looking into Response Policy Zone (RPZ) or >> LUA script. >> >> Best

[Pdns-users] Can I filter AAAA DNS requests for Netflix?

I’ve got a conundrum that has kind of come to a head for me. It may be 2019, but Comcast is still too incompetent to provide me with properly-working IPv6, so I’ve resorted to using a Hurricane Electric tunnel for IPv6 access. However, Netflix blocks all Hurricane Electric and similar tunnels un

Re: [Pdns-users] Confused about PDNS versions in distro package repos

Thanks, all! I'll use repo.powerdns.com. Pretty disappointing about the messed up history of the Ubuntu repo and how many important bug fixes it's missing. I get that they don't update minor versions between Ubuntu releases, but they really should stay up to date with patch versions. On Mon, Jan 7

Re: [Pdns-users] pdns_recursor suddenly decided ALL dnssec queries were bogus

HAHAHAHAHAHA. Thanks for sharing that with me. It made my day. :-) Nick On Fri, Oct 12, 2018 at 11:55 AM Jan-Piet Mens wrote: > >All fixed now. > > You made the news, at least in this German IT "magazine" [1]. It > basically reports what you already said in your first message. :-) > >

[Pdns-users] Some feedback of pdns_recursor web server

Some general feedback on the pdns_recursor web server: - This thing is awesome. Thank you. I've been a loyal use of Authoritative for 11 years, but this is my first use of Recursor. I love it. - The configuration in `recursor.conf` for the web server only has a config value for password; no usern

Re: [Pdns-users] Alternative way to log in pdns_recursor when OS holds Syslog hostage

I believe it was just some kind of facility conflict related to my quickly switching between running it directly and running it via systemd. I changed the facility to a different value and it started logging (running via systemd). But then I restarted pdns_recursor to test something else and it sto

[Pdns-users] Alternative way to log in pdns_recursor when OS holds Syslog hostage

So, best I can figure, there are two options for logging in PowerDNS Recursor: - Use --disable-syslog, and it will log to stdout, which systemd will send to journald - Use --disable-syslog=no, and it will log to syslog (optionally with logging-facility=N so that you can use syslog.conf to control

[Pdns-users] Re: Dynamic DNS update not supported in 3.4.6?

Yes, I realized this about five minutes after sending my original email. So, how “experimental” is this still in 3.4.6? Is it fairly safe to use in a non-critical setup (the server IS serving other critical records, but the dynamic DNS need itself is non-critical)? Other than this setting name dr

Re: [Pdns-users] Setting up intentionally invalid DNSSEC record in auto-secure environment

Sent from my iPhone, so please forgive brief replies and frequent typos > On Jan 9, 2016, at 14:22, Pieter Lexis wrote: > > Hi William, > > On Sat, 9 Jan 2016 13:41:51 -0600 > Nick Williams wrote: > >> I can’t think of anything I missed. And, clearly, PowerDNS is >> correctly generating NSE

Re: [Pdns-users] Setting up intentionally invalid DNSSEC record in auto-secure environment

k On Wed, Jan 6, 2016 at 1:34 PM, Pieter Lexis wrote: > Hi Nick, > > On Wed, 6 Jan 2016 13:26:59 -0600 > Nicholas Williams wrote: > > > Yea, but that's the rub. I want to do this WITHOUT 'presigned zones.' > > I want everything else to be live-signed (

Re: [Pdns-users] Setting up intentionally invalid DNSSEC record in auto-secure environment

Nick On Wed, Jan 6, 2016 at 1:12 PM, bert hubert wrote: > On Wed, Jan 06, 2016 at 12:46:38PM -0600, Nicholas Williams wrote: > > Out of curiosity, what DOES PowerDNS do if it finds an both an A and an > > RRSIG record for a.b.c.com in the database? > > Hi Nicholas, >

Re: [Pdns-users] Setting up intentionally invalid DNSSEC record in auto-secure environment

Out of curiosity, what DOES PowerDNS do if it finds an both an A and an RRSIG record for a.b.c.com in the database? Nick On Wed, Jan 6, 2016 at 12:33 PM, Aki Tuomi wrote: > The code does not support this but you might be able to use postresolve > Lua hook to break the reply signature. > > --- >

Re: [Pdns-users] Is recursor needed ?

Based on previous discussions, it sounds like recursion in the authoritative server will not do what you want it to do, and does not do what it used to do. See my response just a few minutes ago on the thread with subject "recursing for records which are missing from authoritative zones." On Tue,

Re: [Pdns-users] recursing for records which are missing from authoritative zones

Correct me if I'm wrong, because I'm no PDNS Recursor expert. But I believe you would want to set this up like this: - Create a PDNS Authoritative server running on a different IP address (ideal) or different port (not 100% sure this can work). Make it authoritative for the zones you want served l

Re: [Pdns-users] different type of replication

I use MySQL replication between central US and western US and between central US and Germany. Never had a problem—not even once. I _did_ have occasional problems when I was replicating between the central US and the Netherlands, but those problems went away when I moved my Netherlands-based DNS ser

Re: [Pdns-users] PowerDNS development plans: 4.x DNSSEC, C++ 2011!

This is exciting news, Bert! Some follow-up questions/comments: - Will 3.x development end on the 3.4 track, or is there still a plan for 3.5? If 3.4 is it, what's the plan for features (such as ALIAS) that were scheduled for 3.5? Are they delayed to 4.0 (if so, sad face)? - Currently, PowerDNS

Re: [Pdns-users] Currently using distro packages, want to update

as > a service when installed manually with an RPM? > > - Should I just be able to uninstall the package using my package manager and > then install the RPM as a drop-in replacement? Thanks! Nick On Thu, Feb 12, 2015 at 12:02 PM, Nicholas Williams wrote: I know this is off-topic, but hav

Re: [Pdns-users] Please test: ALIAS/ANAME apex record in PowerDNS

I'm not clear on how y'all do releases in relation to your GitHub branches. What is the next version that code in master today can be expected to be released? Is there an estimated timeline/date for that release? Thanks, Nick Sent from my iPhone, so please forgive brief replies and frequent ty

Re: [Pdns-users] PHP API - $500 Sponsorship Offered

I've been considering tackling this for some time but my major problem is that I only have production servers and don't have a good dev server for testing stuff. Your $500 peaks my interest more because I could get that testing server and put it to good use testing this and some PHP/Pear projec

Re: [Pdns-users] PHP API

pdns-users -- */Nicholas Williams/* "An idea, I have. Share it with you, I will. Change the world, we will together." ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] TXT record length

Thanks, Paul ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users -- */Nicholas Williams/* Associate Web Developer, Bondware, Inc. W: (615) 333-7775 C: (931) 808-5725 H: (615) 278-9415 "An idea, I have. Share it with you

Re: [Pdns-users] ZoneTransfers

bad response. we figures it would be because of the SOA deal. Any idea's? On Tue, Jul 29, 2008 at 5:50 PM, Nicholas Williams <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: Jeff, I wondered about this at first, too. Then I discovered dig

Re: [Pdns-users] ZoneTransfers

ns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users -- */Nicholas Williams/* Associate Web Developer, Bondware, Inc. W: (615) 333-7775 C: (931) 808-5725 H: (615) 278-9415 "An idea, I have. Share it with you, I will. Change the world, we will together." _

Re: [Pdns-users] "host" command returning weird results. Anyone know what I'm doing wrong?

dns1.bondware.com.domain: 1109+ MX? www.test.com. (30) 17:53:30.509351 IP dns1.bondware.com.domain > 192.168.0.179.32796: 1109 ServFail- 0/0/0 (30) This is the source of your two ServFail answers. ---- Kees Nicholas Williams wrote: I consistently get correct results with "dig" no mat

Re: [Pdns-users] "host" command returning weird results. Anyone know what I'm doing wrong?

I consistently get correct results with "dig" no matter what options I choose (including +norecurs) but consistently get weird results with "host" no matter what options I choose. *scratches head* Thanks, Nick bert hubert wrote: On Wed, Jul 09, 2008 at 11:45:44AM -050

[Pdns-users] "host" command returning weird results. Anyone know what I'm doing wrong?

.test.com.120INA199.198.197.196 ;; Query time: 1 msec ;; SERVER: 66.18.125.148#53(66.18.125.148) ;; WHEN: Wed Jul 9 11:43:25 2008 ;; MSG SIZE rcvd: 46 I tend to think this is something I'm doing wrong, or perhaps a configuration setting I need to change, but I can't find