hints-file format

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

hints-file format

Peter Fern-3
Could someone please tell me what the format is for the new hints-file
parameter of pdns_recursor?  I'm wanting to get pdns_recursor to return
some custom internal domains that we have set up so that I can drop
djbdns entirely from the network and run purely on pdns.

Thanks in advance,
Pete
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

bert hubert-2
On Sat, Nov 19, 2005 at 01:30:29PM +1100, Peter Fern wrote:
> Could someone please tell me what the format is for the new hints-file
> parameter of pdns_recursor?  I'm wanting to get pdns_recursor to return
> some custom internal domains that we have set up so that I can drop
> djbdns entirely from the network and run purely on pdns.

It takes both the "regular" root.hints and the ORSN hints file directly, so
like this:

.                       3600000 IN NS   A.ORSN-SERVERS.NET.
A.ORSN-SERVERS.NET.     3600000 IN A    217.146.128.77
...

I don't think it deals with non-numerical TTLs yet.

--
http://www.PowerDNS.com      Open source, database driven DNS Software
http://netherlabs.nl              Open and Closed source services
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

Peter Fern-3
Beautiful, thanks

bert hubert wrote:

>On Sat, Nov 19, 2005 at 01:30:29PM +1100, Peter Fern wrote:
>  
>
>>Could someone please tell me what the format is for the new hints-file
>>parameter of pdns_recursor?  I'm wanting to get pdns_recursor to return
>>some custom internal domains that we have set up so that I can drop
>>djbdns entirely from the network and run purely on pdns.
>>    
>>
>
>It takes both the "regular" root.hints and the ORSN hints file directly, so
>like this:
>
>..                       3600000 IN NS   A.ORSN-SERVERS.NET.
>A.ORSN-SERVERS.NET.     3600000 IN A    217.146.128.77
>....
>
>I don't think it deals with non-numerical TTLs yet.
>
>  
>
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

Peter Fern-3
Umm, ok, excuse my ignorance - I was hoping that this would allow me to
enable 'fake' domains from the recursor by specifying our servers in the
list, but obviously it won't respond to the '' NS query, so a better
question that I might have asked is:

How difficult would it be to support a scheme similar to the djbdns
'root/servers/' list of NS to query on a per tld basis, for example we
currently use:

$ cat root/servers/@
198.41.0.4
128.9.0.107
192.33.4.12
128.8.10.90
192.203.230.10
192.5.5.241
192.112.36.4
128.63.2.53
192.36.148.17
198.41.0.10
193.0.14.129
198.32.64.12
202.12.27.33

$ cat root/servers/ispname
xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx

to make our fake internal addresses available to local users.  I realise
that I could run instances of the full pdns server that allow recursion
and query the backend for these answers using
'allow-recursion-override', but I would prefer not to have the recursors
querying the backend directly - they should really only do recursion,
and running the full pdns just to do this really seems like overkill -
especially since this increases hits to the backend for non-existant
domains.

I would think this moderately trivial to implement using something like
a 'forward-file' in the format of:

.ispname                  xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

or similar...thoughts?

Cheers,
Pete

Peter Fern wrote:

> Beautiful, thanks
>
> bert hubert wrote:
>
>> On Sat, Nov 19, 2005 at 01:30:29PM +1100, Peter Fern wrote:
>>  
>>
>>> Could someone please tell me what the format is for the new
>>> hints-file parameter of pdns_recursor?  I'm wanting to get
>>> pdns_recursor to return some custom internal domains that we have
>>> set up so that I can drop djbdns entirely from the network and run
>>> purely on pdns.
>>>  
>>
>>
>> It takes both the "regular" root.hints and the ORSN hints file
>> directly, so
>> like this:
>>
>> ..                       3600000 IN NS   A.ORSN-SERVERS.NET.
>> A.ORSN-SERVERS.NET.     3600000 IN A    217.146.128.77
>> ....
>>
>> I don't think it deals with non-numerical TTLs yet.
>>
>>  
>>
> _______________________________________________
> Pdns-users mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

bert hubert-2
On Sun, Nov 20, 2005 at 02:31:27AM +1100, Peter Fern wrote:
> How difficult would it be to support a scheme similar to the djbdns
> 'root/servers/' list of NS to query on a per tld basis, for example we
> currently use:

Not something we are planning to add, I'm afraid, there is not a lot of
demand for this feature, and a lot of public demand for other things.

> querying the backend directly - they should really only do recursion,
> and running the full pdns just to do this really seems like overkill -
> especially since this increases hits to the backend for non-existant
> domains.

It is still free though :-)

> I would think this moderately trivial to implement using something like
> a 'forward-file' in the format of:
>
> .ispname                  xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

No, it is not easy, it requires 'immortal' records that have a special flag
to make sure they aren't overwritten by public answers. The records must
also not time out etc.

Sorry!

--
http://www.PowerDNS.com      Open source, database driven DNS Software
http://netherlabs.nl              Open and Closed source services
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

Peter Fern-3
Hehe, alright then - just idle thoughts, I'll do some benchmarking and
stress-testing and decide whether to stick with djb for the recursors,
thanks for your help.

Pete

bert hubert wrote:

>On Sun, Nov 20, 2005 at 02:31:27AM +1100, Peter Fern wrote:
>  
>
>>How difficult would it be to support a scheme similar to the djbdns
>>'root/servers/' list of NS to query on a per tld basis, for example we
>>currently use:
>>    
>>
>
>Not something we are planning to add, I'm afraid, there is not a lot of
>demand for this feature, and a lot of public demand for other things.
>
>  
>
>>querying the backend directly - they should really only do recursion,
>>and running the full pdns just to do this really seems like overkill -
>>especially since this increases hits to the backend for non-existant
>>domains.
>>    
>>
>
>It is still free though :-)
>
>  
>
>>I would think this moderately trivial to implement using something like
>>a 'forward-file' in the format of:
>>
>>.ispname                  xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
>>    
>>
>
>No, it is not easy, it requires 'immortal' records that have a special flag
>to make sure they aren't overwritten by public answers. The records must
>also not time out etc.
>
>Sorry!
>
>  
>
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

Frank Louwers
In reply to this post by bert hubert-2
On Sat, Nov 19, 2005 at 04:46:32PM +0100, bert hubert wrote:
> On Sun, Nov 20, 2005 at 02:31:27AM +1100, Peter Fern wrote:
> > How difficult would it be to support a scheme similar to the djbdns
> > 'root/servers/' list of NS to query on a per tld basis, for example we
> > currently use:
>
> Not something we are planning to add, I'm afraid, there is not a lot of
> demand for this feature, and a lot of public demand for other things.

I second that demand! We use (under a bit of RIPE presure) quite a lot
of RFC1918 space for internal stuff (vpn connections, but also non-VRRP
ip-addresses of the routers, switches, ...). It would be very nice to be
able to resolve those!



Kind Regards,
Frank Louwers

--
Openminds bvba                www.openminds.be
Tweebruggenstraat 16  -  9000 Gent  -  Belgium
Reply | Threaded
Open this post in threaded view
|

Re: hints-file format

Federico87
Hi All,

I'm trying to use hint file on pdsn-recursor

hint-file=/etc/powerdns/orsn.hint

you can find the file here http://www.orsn.org/roothint/

When I configure that file has hint my machine is not able to forward the DNS request. Below a tcpdump

14:00:08.283282 IP 192.168.0.24.50232 > raspberrypi.local.domain: 26143+ A? teredo.ipv6.microsoft.com. (43)
14:00:08.688155 IP 192.168.0.24.58921 > raspberrypi.local.domain: 9980+ A? data-cdn.mbamupdates.com. (42)
14:00:09.218517 IP 192.168.0.24.64812 > raspberrypi.local.domain: 60431+ A? d.dropbox.com. (31)
14:00:09.296492 IP 192.168.0.24.50232 > raspberrypi.local.domain: 26143+ A? teredo.ipv6.microsoft.com. (43)
14:00:09.848997 IP 192.168.0.25.54372 > raspberrypi.local.domain: 10+ A? feedr.search.sky.com. (38)
14:00:10.232477 IP 192.168.0.24.64812 > raspberrypi.local.domain: 60431+ A? d.dropbox.com. (31)
14:00:10.310465 IP 192.168.0.24.50232 > raspberrypi.local.domain: 26143+ A? teredo.ipv6.microsoft.com. (43)
14:00:12.244879 IP 192.168.0.24.64812 > raspberrypi.local.domain: 60431+ A? d.dropbox.com. (31)
14:00:12.322922 IP 192.168.0.24.50232 > raspberrypi.local.domain: 26143+ A? teredo.ipv6.microsoft.com. (43)
14:00:12.814965 IP 192.168.0.24.63470 > raspberrypi.local.domain: 41385+ A? data-cdn.mbamupdates.com. (42)
14:00:13.820485 IP 192.168.0.24.63470 > raspberrypi.local.domain: 41385+ A? data-cdn.mbamupdates.com. (42)
14:00:14.834462 IP 192.168.0.24.63470 > raspberrypi.local.domain: 41385+ A? data-cdn.mbamupdates.com. (42)
14:00:16.254265 IP 192.168.0.24.64812 > raspberrypi.local.domain: 60431+ A? d.dropbox.com. (31)
14:00:16.332093 IP 192.168.0.24.50232 > raspberrypi.local.domain: 26143+ A? teredo.ipv6.microsoft.com. (43)
14:00:16.846978 IP 192.168.0.24.63470 > raspberrypi.local.domain: 41385+ A? data-cdn.mbamupdates.com. (42)
14:00:19.849124 IP 192.168.0.25.55766 > raspberrypi.local.domain: 11+ A? feedr.search.sky.com. (38)

Any idea?

Thanks