Some problems with pdnsd

Thorsten Reinbold · 2014-09-08 12:16:32

Hi there!

I have a small problem with pdnsd. I've followed the instructions from the Wiki, pdnsd is running. But whenever I try to open a page that is not in the cache, I get the message "This Website is not available". When I restart pdnsd with

systemctl restart pdnsd

and reload the page, it works. I have to do this multiple times in the same session.

Status from pdnsd after booting is

● pdnsd.service - proxy name server
   Loaded: loaded (/usr/lib/systemd/system/pdnsd.service; enabled)
   Active: active (running) since Mon 2014-09-08 14:07:31 CEST; 6min ago
 Main PID: 7306 (pdnsd)
   CGroup: /system.slice/pdnsd.service
           └─7306 /usr/bin/pdnsd

Here is the pdnsd.conf:

// Sample pdnsd configuration file. Must be customized to obtain a working pdnsd setup!
// Read the pdnsd.conf(5) manpage for an explanation of the options.
// Add or remove '#' in front of options you want to disable or enable, respectively.
// Remove '/*' and '*/' to enable complete sections.

global {
	perm_cache=8192;
	cache_dir="/var/cache/pdnsd";
#	pid_file = /var/run/pdnsd.pid;
	run_as="pdnsd";
	server_ip = 127.0.0.1;  # Use eth0 here if you want to allow other
				# machines on your network to query pdnsd.
	status_ctl = on;
#	paranoid=on;       # This option reduces the chance of cache poisoning
	                   # but may make pdnsd less efficient, unfortunately.
	query_method=udp_tcp;
	min_ttl=15m;       # Retain cached entries at least 15 minutes.
	max_ttl=1w;        # One week.
	timeout=10;        # Global timeout option (10 seconds).
	neg_domain_pol=on;
	neg_rrs_pol=on;
	par_queries=1;
	udpbufsize=1024;   # Upper limit on the size of UDP messages.
}

# The following section is most appropriate if you have a fixed connection to
# the Internet and an ISP which provides good DNS servers.
server {
	label= "KD_LAN";
	ip = 8.8.4.4, 8.8.8.8;  # Put your ISP's DNS-server address(es) here.
#	proxy_only=on;     # Do not query any name servers beside your ISP's.
	                   # This may be necessary if you are behind some
	                   # kind of firewall and cannot receive replies
	                   # from outside name servers.
	timeout=8;         # Server timeout; this may be much shorter
			   # that the global timeout option.
	uptest=query;         # Test if the network interface is active.
	interface=enp0s25;    # The name of the interface to check.
	interval=10m;      # Check every 10 minutes.
	purge_cache=off;   # Keep stale cache entries in case the ISP's
			   # DNS servers go offline.
#	edns_query=yes;    # Use EDNS for outgoing queries to allow UDP messages
			   # larger than 512 bytes. May cause trouble with some
			   # legacy systems.
}

source {
	owner=localhost;
	file="/etc/hosts";
	authrec=off;
}

rr {
	name=localhost;
	reverse=on;
	a=127.0.0.1;
	owner=localhost;
	soa=localhost,root.localhost,42,86400,900,86400,86400;
}

I'm using Gnome-Shell with Network-Manager. Does anyone has an Idea what could be wrong here?

Thanks in advance (and sorry for possible bad english).

nomorewindows · 2014-09-08 12:38:48

Did you create your pdnsd user?

Last edited by nomorewindows (2014-09-08 12:42:19)

Thorsten Reinbold · 2014-09-08 12:52:22

Not manually. The user/group exists in /etc/passwd and the Wiki-Page is not saying to do so. I know that this had to be done a while ago, but I thought that this isn't necessary longer. Also (correct me if I'm wrong) pdnsd wouldn't run at all, if that would be the problem.

Entry from /etc/passwd:

pdnsd:x:184:184:Proxy DNS server:/var/cache/pdnsd:/bin/nologin

nomorewindows · 2014-09-08 13:06:20

Is this just your machine or a whole network using it? If others are using it, you can point them to your pdnsd server in dhcpd.conf or a dd-wrt router. It looks like the line of server_ip would need your interfaces to adjust for that also. Then what does the wiki says drill but I'm thinking of something else I've used report? I even have squid tied to pdnsd.

Last edited by nomorewindows (2014-09-08 13:21:08)

Thorsten Reinbold · 2014-09-09 09:52:55

No, I have only my own machine using the DSL-Connection.

nomorewindows · 2014-09-09 15:13:51

Dig was the utility I was thinking of. Any output from either dig or drill?

Thorsten Reinbold · 2014-09-10 00:16:20

drill www.google.com

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 2909
;; flags: qr rd ra ; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; www.google.com.	IN	A

;; ANSWER SECTION:
www.google.com.	818	IN	A	64.15.112.84
www.google.com.	818	IN	A	64.15.112.104
www.google.com.	818	IN	A	64.15.112.94
www.google.com.	818	IN	A	64.15.112.88
www.google.com.	818	IN	A	64.15.112.119
www.google.com.	818	IN	A	64.15.112.89
www.google.com.	818	IN	A	64.15.112.103
www.google.com.	818	IN	A	64.15.112.98
www.google.com.	818	IN	A	64.15.112.114
www.google.com.	818	IN	A	64.15.112.93
www.google.com.	818	IN	A	64.15.112.118
www.google.com.	818	IN	A	64.15.112.109
www.google.com.	818	IN	A	64.15.112.123
www.google.com.	818	IN	A	64.15.112.113
www.google.com.	818	IN	A	64.15.112.99
www.google.com.	818	IN	A	64.15.112.108

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; SERVER: 127.0.0.1
;; WHEN: Wed Sep 10 02:15:40 2014
;; MSG SIZE  rcvd: 288

nomorewindows · 2014-09-10 01:35:46

That shows the records were processed through localhost pdnsd server.

Thorsten Reinbold · 2014-09-11 10:27:06

Yes, but I visited google.com before, so it was already cached. With new pages, it does not work, I'm not able to get the adress solved. When that happens, I have to restart the pdnsd-service and reload the page. And I have to do this every time I want to access a not cached website.

Thorsten Reinbold · 2014-09-11 10:58:40

Ok. I'm starting all over. After removing pdnsd, I couldn't establish a network at all, so I replayed my fresh backup from /.

Again, step for step:

I now installed pdnsd freshly and edited pdnsd.conf as followed:

global {
	perm_cache=4096;
	cache_dir="/var/cache/pdnsd";
#	pid_file = /var/run/pdnsd.pid;
	run_as="pdnsd";
	server_ip = 127.0.0.1;  # Use eth0 here if you want to allow other
				# machines on your network to query pdnsd.
	status_ctl = on;
#	paranoid=on;       # This option reduces the chance of cache poisoning
	                   # but may make pdnsd less efficient, unfortunately.
	query_method=udp_tcp;
	min_ttl=15m;       # Retain cached entries at least 15 minutes.
	max_ttl=1w;        # One week.
	timeout=10;        # Global timeout option (10 seconds).
	neg_domain_pol=on;
	udpbufsize=1024;   # Upper limit on the size of UDP messages.
}

# The following section is most appropriate if you have a fixed connection to
# the Internet and an ISP which provides good DNS servers.
server {
	label= "myisp";
	ip = 192.168.0.1;  # Put your ISP's DNS-server address(es) here.
#	proxy_only=on;     # Do not query any name servers beside your ISP's.
	                   # This may be necessary if you are behind some
	                   # kind of firewall and cannot receive replies
	                   # from outside name servers.
	timeout=4;         # Server timeout; this may be much shorter
			   # that the global timeout option.
	uptest=if;         # Test if the network interface is active.
	interface=enp0s25;    # The name of the interface to check.
	interval=10m;      # Check every 10 minutes.
	purge_cache=off;   # Keep stale cache entries in case the ISP's
			   # DNS servers go offline.
	edns_query=yes;    # Use EDNS for outgoing queries to allow UDP messages
			   # larger than 512 bytes. May cause trouble with some
			   # legacy systems.
#	exclude=.thepiratebay.org,  # If your ISP censors certain names, you may
#		.thepiratebay.se,   # want to exclude them here, and provide an
#		.piratebay.org,	    # alternative server section below that will
#		.piratebay.se;	    # successfully resolve the names.
}

The only things I've changed to the original config file are "perm_cache" and "Interface". Then I started the net configuration via nm-connection-editor and pointed the dns-entry to 127.0.0.1 and restarted the network. One thing I am wondering about is that NM now shows me "192.168.0.1 127.0.0.1" on the DNS-Infofield. But for now, it seems to work as I could see with dig.

Thorsten Reinbold · 2014-09-12 12:38:05

Update: And the same error as described above happens again. Where is the error?

nomorewindows · 2014-09-13 01:26:56

Oops! Now you've referenced back to your pdnsd. Better change the server_ip back to a real DNS server (your ISPs DNS or some other well known DNS). The configuration shows that it is pointing back to itself.

Last edited by nomorewindows (2014-09-14 00:54:11)

Arch Linux

#1 2014-09-08 12:16:32

Some problems with pdnsd

#2 2014-09-08 12:38:48

Re: Some problems with pdnsd

#3 2014-09-08 12:52:22

Re: Some problems with pdnsd

#4 2014-09-08 13:06:20

Re: Some problems with pdnsd

#5 2014-09-09 09:52:55

Re: Some problems with pdnsd

#6 2014-09-09 15:13:51

Re: Some problems with pdnsd

#7 2014-09-10 00:16:20

Re: Some problems with pdnsd

#8 2014-09-10 01:35:46

Re: Some problems with pdnsd

#9 2014-09-11 10:27:06

Re: Some problems with pdnsd

#10 2014-09-11 10:58:40

Re: Some problems with pdnsd

#11 2014-09-12 12:38:05

Re: Some problems with pdnsd

#12 2014-09-13 01:26:56

Re: Some problems with pdnsd

Board footer