[MaraDNS list] Deadwood timing out on lookup

Sam Trenholme strenholme.usenet at gmail.com
Fri Aug 5 18:41:16 EDT 2011 

Works for me:

[root at cartomancy etc]# cat /etc/dwood3rc.upstream
bind_address="0.0.0.0" # IP we bind to
chroot_dir = "/etc/maradns" # Directory we run program from (not used in Win32)
upstream_servers = {}
upstream_servers["."]="8.8.8.8, 4.2.2.2"
recursive_acl = "127.0.0.1/16"
[root at cartomancy etc]# /usr/local/sbin/Deadwood -f dwood3rc.upstream
Deadwood version 3.0.03
Deadwood: A DNS UDP non-recursive cache (IPv4-only)
We bound to 1 addresses

Then, in another window:

[set at cartomancy ~]$ dig @127.0.0.1 -t txt 84.211.52.72.list.dnswl.org

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> @127.0.0.1 -t txt
84.211.52.72.list.dnswl.org
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59100
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;84.211.52.72.list.dnswl.org.   IN      TXT

;; AUTHORITY SECTION:
list.dnswl.org.         900     IN      SOA     ns0.dnswl.org.
admins.dnswl.org. 1312582870 3600 300 432000 43200

;; Query time: 125 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Aug  5 17:36:47 2011
;; MSG SIZE  rcvd: 92

Conclusion:

Look elsewhere for the problem.  I would start with /etc/resolv.conf
and go from there.

Another thing: Check your recursive_acl to make sure the IP in
question has permission to contact Deadwood.  Deadwood will act like
it never got the query if the IP isn't in recursive_acl.  Yes, this is
a little paranoid, and sometimes makes it hard to troubleshoot
problems, but I'm not getting enough sponsorship right now to make it
worth my time to add the ability to return a "REFUSED" to IPs not in
the recursive_acl.

- Sam

2011/8/5 Steve Fatula <compconsultant at yahoo.com>:
> I have Deadwood 3.0.03 on Centos. I key in the following command:
>
> dig -t txt 84.211.52.72.list.dnswl.org
>
> And I get, after 30 seconds or so:
>
> ;; connection timed out; no servers could be reached
>
>
> I am using deadwood as a caching nameserver. So, using upstream_servers as follows:
>
> upstream_servers = {}
> upstream_servers["."] = "8.8.8.8, 4.2.2.2"
>
> If I dig @8.8.8.8  -t txt 84.211.52.72.list.dnswl.org, I get a response. Same for the other server. So... it's not the upstream servers.
>
> All our other servers that do not use deadwood work just fine with this dig. So, not sure what the issue is. In this case, there is no txt record for the query. When there is a txt record, it works fine (for other IPs).
>
> So, why would it take so very long and then timeout?
>
> Steve
>

More information about the list mailing list