pdns_recursor DNS access

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

pdns_recursor DNS access

a b-38
When pdns_recursor first fires up, it fetches what I assume to be root server zone name information. Then it connects to the following hosts:

nl1.dnsnode.net.
ns1.pine.nl.
xs.powerdns.com.

"xs.powerdns.com" I am assuming is the security vulnerability "phone home" feature, but what are these other two hosts? Why is it "phoning home" to those?
     
_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_recursor DNS access

Peter van Dijk
Hello,

On 16 Jul 2015, at 12:22, a b wrote:

> When pdns_recursor first fires up, it fetches what I assume to be root
> server zone name information. Then it connects to the following hosts:
>
> nl1.dnsnode.net.
> ns1.pine.nl.
> xs.powerdns.com.
>
> "xs.powerdns.com" I am assuming is the security vulnerability "phone
> home" feature, but what are these other two hosts? Why is it "phoning
> home" to those?

The name servers for ‘powerdns.com’ are in the ds9a.nl domain; nl is
hosted on nl1.dnsnode.net (amongst others) and ds9a.nl is hosted at
ns1.pine.nl.

Simplifying our delegation chain is on the TODO!

Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_recursor DNS access

bert hubert-3
In reply to this post by a b-38
On Thu, Jul 16, 2015 at 12:22:47PM +0200, a b wrote:

> nl1.dnsnode.net.
> ns1.pine.nl.
> xs.powerdns.com.
>
> "xs.powerdns.com" I am assuming is the security vulnerability "phone home" feature, but what are these other two hosts? Why is it "phoning home" to those?

These are the .NL servers, the PowerDNS.COM parent nameservers and finally a
PowerDNS nameserver. It is recursing to get the security status.

        Bert

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_recursor DNS access

a b-38
> These are the .NL servers, the PowerDNS.COM parent nameservers and finally a
> PowerDNS nameserver. It is recursing to get the security status.

Got it, thank you!
     
_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users