geo dns not resolving properly
57 views
Skip to first unread message
Bursuc Sergiu
Apr 7, 2013, 9:07:50 AM4/7/13
to ruby-pd...@googlegroups.com
Hi,
I use the payed version of the maxmind country db with ruby-pdns. I have this geo zone defined:
[code]
module Pdns
   newrecord("zone.domain.com") do |query, answer|
       case country(query[:remoteip])
       when "DZ", "AO", "BJ", "BW", "BF", "BI", "CM", "CV", "CF", "TD", "KM", "CD", "CG", "CI", "DJ", "EG", "GQ", "ER", "ET", "GA", "GM", "GH", "GN", "GW", "KE", "LS", "LR", "LY", "MG", "MW", "ML", "MR", "MU", "MA", "MZ", "NA", "NE", "NG", "RW", "ST", "SN", "SC", "SL", "SO", "ZA", "SD", "SZ", "TZ", "TG", "TN", "UG", "EH", "ZM", "ZW", "AL", "AD", "AT", "BY", "BE", "BA", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "GE", "DE", "GR", "HU", "IS", "IE", "IT", "LV", "LI", "LT", "LU", "MK", "MT", "MD", "MC", "ME", "NL", "NO", "PL", "PT", "RO", "RU", "SM", "RS", "SK", "SI", "ES", "SE", "CH", "UA", "GB", "VA"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "US", "CA", "MX", "AR", "BO", "BR", "CL", "CO", "EC", "GY", "PY", "PE", "SR", "UY", "VE", "AG", "BS", "BB", "BZ", "KY", "CR", "CU", "DM", "DO", "SV", "GL", "GD", "GT", "HT", "HN", "JM", "NI", "PA", "PR", "KN", "LC", "VC", "TT", "TC"
           answer.content "2.2.2.2" #5
           answer.ttl 3600
       when "AM", "IR", "IQ", "ID", "IL"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "ZW", "YE", "PK", "HK"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "IN", "DE"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       else
           answer.content "2.2.2.2" #5
           answer.ttl 120
       end
   end
end
[/code]
I have 3 dns servers, one master the other slaves. I use the rsync command to propagate changes from master to slaves.
I used this command on a server from US for testing:
[code]
[root@secure3 ~]# dig zone.domain.com @ns1.dnsserver.com
[/code]
Now the problem is that the DNS server responds randomly with either 1.1.1.1 or 2.2.2.2 regardless that the US source country should resolve to 2.2.2.2.
Can you please tell me if I am doing something wrong?
Thanks
I use the payed version of the maxmind country db with ruby-pdns. I have this geo zone defined:
[code]
module Pdns
   newrecord("zone.domain.com") do |query, answer|
       case country(query[:remoteip])
       when "DZ", "AO", "BJ", "BW", "BF", "BI", "CM", "CV", "CF", "TD", "KM", "CD", "CG", "CI", "DJ", "EG", "GQ", "ER", "ET", "GA", "GM", "GH", "GN", "GW", "KE", "LS", "LR", "LY", "MG", "MW", "ML", "MR", "MU", "MA", "MZ", "NA", "NE", "NG", "RW", "ST", "SN", "SC", "SL", "SO", "ZA", "SD", "SZ", "TZ", "TG", "TN", "UG", "EH", "ZM", "ZW", "AL", "AD", "AT", "BY", "BE", "BA", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "GE", "DE", "GR", "HU", "IS", "IE", "IT", "LV", "LI", "LT", "LU", "MK", "MT", "MD", "MC", "ME", "NL", "NO", "PL", "PT", "RO", "RU", "SM", "RS", "SK", "SI", "ES", "SE", "CH", "UA", "GB", "VA"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "US", "CA", "MX", "AR", "BO", "BR", "CL", "CO", "EC", "GY", "PY", "PE", "SR", "UY", "VE", "AG", "BS", "BB", "BZ", "KY", "CR", "CU", "DM", "DO", "SV", "GL", "GD", "GT", "HT", "HN", "JM", "NI", "PA", "PR", "KN", "LC", "VC", "TT", "TC"
           answer.content "2.2.2.2" #5
           answer.ttl 3600
       when "AM", "IR", "IQ", "ID", "IL"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "ZW", "YE", "PK", "HK"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       when "IN", "DE"
           answer.content "1.1.1.1" #5
           answer.ttl 3600
       else
           answer.content "2.2.2.2" #5
           answer.ttl 120
       end
   end
end
[/code]
I have 3 dns servers, one master the other slaves. I use the rsync command to propagate changes from master to slaves.
I used this command on a server from US for testing:
[code]
[root@secure3 ~]# dig zone.domain.com @ns1.dnsserver.com
[/code]
Now the problem is that the DNS server responds randomly with either 1.1.1.1 or 2.2.2.2 regardless that the US source country should resolve to 2.2.2.2.
Can you please tell me if I am doing something wrong?
Thanks
Bursuc Sergiu
Apr 10, 2013, 7:10:57 AM4/10/13
to ruby-pd...@googlegroups.com
anything please?
R.I.Pienaar
Apr 10, 2013, 7:55:27 AM4/10/13
to ruby-pd...@googlegroups.com
----- Original Message -----
> From: "Bursuc Sergiu" <izg...@gmail.com>
> To: ruby-pd...@googlegroups.com
> Sent: Sunday, April 7, 2013 2:07:50 PM
> Subject: [ruby-pdns-users] geo dns not resolving properly
>
> Hi,
>
> I use the payed version of the maxmind country db with ruby-pdns. I have
Did you verify using tcpdump perhaps the source IP of the dns request when
you test and then used the maxmind lookup tools to verify the db is correct?
what does it say?
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ruby-pdns-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ruby-pdns-use...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
George
Apr 11, 2013, 3:04:29 AM4/11/13
to ruby-pd...@googlegroups.com
Hi,
I verified the source IP using tcpdump and queried the maxmind DB and
it shows US.
Anyway, the default IP that it should show is 2.2.2.2 and the IP for
US is the same 2.2.2.2. But for unknown reasons it shows randomly the
IP that has nothing to do with US or default.
Anything else I can look into to determine the cause?
Please help
Thanks
2013/4/10 R.I.Pienaar <r...@devco.net>:
--
Server Surgeon Support
sup...@serversurgeon.com
http://www.serversurgeon.com
System Administration Services
Toll Free 1-877-E-SURGEON (877-378-7436)
International 623-374-6848
Get the system support you need when you need it.
I verified the source IP using tcpdump and queried the maxmind DB and
it shows US.
Anyway, the default IP that it should show is 2.2.2.2 and the IP for
US is the same 2.2.2.2. But for unknown reasons it shows randomly the
IP that has nothing to do with US or default.
Anything else I can look into to determine the cause?
Please help
Thanks
2013/4/10 R.I.Pienaar <r...@devco.net>:
Server Surgeon Support
sup...@serversurgeon.com
http://www.serversurgeon.com
System Administration Services
Toll Free 1-877-E-SURGEON (877-378-7436)
International 623-374-6848
Get the system support you need when you need it.
R.I.Pienaar
Apr 11, 2013, 4:58:57 AM4/11/13
to ruby-pd...@googlegroups.com
----- Original Message -----
> From: "George" <izg...@gmail.com>
> To: ruby-pd...@googlegroups.com
> Sent: Thursday, April 11, 2013 8:04:29 AM
> Subject: Re: [ruby-pdns-users] geo dns not resolving properly
>
> Hi,
>
>
> I verified the source IP using tcpdump and queried the maxmind DB and
> it shows US.
>
> Anyway, the default IP that it should show is 2.2.2.2 and the IP for
> US is the same 2.2.2.2. But for unknown reasons it shows randomly the
> IP that has nothing to do with US or default.
>
> Anything else I can look into to determine the cause?
you can log to a file what query[:remoteip] is and also what country()
> it shows US.
>
> Anyway, the default IP that it should show is 2.2.2.2 and the IP for
> US is the same 2.2.2.2. But for unknown reasons it shows randomly the
> IP that has nothing to do with US or default.
>
> Anything else I can look into to determine the cause?
returns to see if that is consistent with your expectation
ie. you've verified the raw network source, you've verified the db
integrity, now see if the pdns side agrees
George
Apr 11, 2013, 6:32:53 AM4/11/13
to ruby-pd...@googlegroups.com
R.I.Pienaar
Apr 11, 2013, 6:48:57 AM4/11/13
to ruby-pd...@googlegroups.com
----- Original Message -----
> From: "George" <izg...@gmail.com>
> To: ruby-pd...@googlegroups.com
> Sent: Thursday, April 11, 2013 11:32:53 AM
> Subject: Re: [ruby-pdns-users] geo dns not resolving properly
>
> Can you please tell me how do I enable that logging?
You can just log it in your record:
Pdns.debug("the remote ip is: %s" % query[:remoteip])
make sure your log level is set to debug and you'll get it
George
Apr 11, 2013, 3:19:40 PM4/11/13
to ruby-pd...@googlegroups.com
loglevel is set to 9
I put:
anything else I need to do?
I put:
Pdns.debug("the remote ip is: %s" % query[:remoteip])
just after the newrecord line but nothing shows up in the logs.
anything else I need to do?
R.I.Pienaar
Apr 11, 2013, 4:35:40 PM4/11/13
to ruby-pd...@googlegroups.com
----- Original Message -----
> From: "George" <izg...@gmail.com>
> To: ruby-pd...@googlegroups.com
> Sent: Thursday, April 11, 2013 8:19:40 PM
> Subject: Re: [ruby-pdns-users] geo dns not resolving properly
>
> loglevel is set to 9
> I put:
> Pdns.debug("the remote ip is: %s" % query[:remoteip])
> just after the newrecord line but nothing shows up in the logs.
> anything else I need to do?
9 is not a valid log level, 'debug' would be though, as in the example
> I put:
> Pdns.debug("the remote ip is: %s" % query[:remoteip])
> just after the newrecord line but nothing shows up in the logs.
> anything else I need to do?
config files.
George
Apr 11, 2013, 5:50:16 PM4/11/13
to ruby-pd...@googlegroups.com
according to the powerdns docs loglevel=9 means it logs everything.
Or are you talking about some other loglevel setting?
Or are you talking about some other loglevel setting?
R.I.Pienaar
Apr 11, 2013, 5:58:41 PM4/11/13
to ruby-pd...@googlegroups.com
----- Original Message -----
> From: "George" <izg...@gmail.com>
> To: ruby-pd...@googlegroups.com
> Sent: Thursday, April 11, 2013 10:50:16 PM
> Subject: Re: [ruby-pdns-users] geo dns not resolving properly
>
> according to the powerdns docs loglevel=9 means it logs everything.
>
> Or are you talking about some other loglevel setting?
you're adding logging to the ruby module records, seems most
>
> Or are you talking about some other loglevel setting?
likely you should adjust its logging level?
George
Apr 11, 2013, 9:47:29 PM4/11/13
to ruby-pd...@googlegroups.com
Ok, implemented the debug and finally found and fixed the issue.
It was the powerdns cache causing it, completely disabling the cache fixed it.
Basically when a country from europe made a query and it replied with
1.1.1.1, all future replies for any other clients would be the same
1.1.1.1 for another 60 seconds(the default cache setting in powerdns).
Thanks a lot for your help
2013/4/12 R.I.Pienaar <r...@devco.net>:
It was the powerdns cache causing it, completely disabling the cache fixed it.
Basically when a country from europe made a query and it replied with
1.1.1.1, all future replies for any other clients would be the same
1.1.1.1 for another 60 seconds(the default cache setting in powerdns).
Thanks a lot for your help
2013/4/12 R.I.Pienaar <r...@devco.net>:
Reply all
Reply to author
Forward
0 new messages