Saturday, October 31, 2015

nslookup - PowerDNS authoritative name server works but non-authoritative name server servfail

In my current role as Devops I have been assigned a few tasks that are new to me including setting up a PDNS server with MySQL backend. After initial setup of the server I tested responses from the new PDNS server with DIG and NSLOOKUP while specifying the ip of my server. All responses came back positively as I was hoping they would.



After initial setup I waited for some time to allow the records time to be updated on other non-authoritative name servers. Unfortunately the records do not appear to be noticed by other name servers out there. Every attempt to do a normal NSLOOKUP or DIG on any of my domains resulted in a SERVFAIL from non-authoritative name servers.




I apologize for my ignorance of the DNS system. I have been doing some research and have tried multiple times to change some settings to get things to work properly, but unfortunately all changes I have made have been unsuccessful.



I am hoping that someone can help me understand a little more about how a non-authoritative name server gets record information from an authoritative name server. I think I understand properly how a domain name is found from the TLD down to the individual server, but I am not sure why my name servers are not being found. They appear to be responding properly when queried directly.



I am running:



CentOS
pdns 3.3.1
pdns-backend-mysql




I have my SOA record set to point to my primary name server:




SOA Record Example



commissionconverter.com
origin = ns3.myebiz.com
mail addr = hostmaster.myebiz.com
serial = 2014030401
refresh = 28800

retry = 7200
expire = 604800
minimum = 86400




thank you for your help.

No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...