Upstream servers

Sam Trenholme strenholme.usenet at gmail.com
Mon Jun 21 01:41:58 EDT 2010


Chris,

For the record, MaraDNS has had upstream_servers support for over
eight years and no one else has ever reported this problem.

If you are having difficulty with MaraDNS 1.0's recursive resolver,
and you are only using upstream_servers[] but not root_servers[], the
best way to resolve your problem is to use Deadwood, the codebase for
MaraDNS 2.0's recursive resolver.

Right now, Deadwood does not support root_servers[] (but I am very
close to having that support--right now I'm working on getting
glueless NS referrals to work), but it fully supports
upstream_servers.

Here is how I would resolve your issue:

* Download Deadwood 2.5.02 from http://maradns.org/deadwood/stable/

* Install this program

* Rename your mararc file to have the name dwood2rc.  Depending on
your mararc, you may or may not be able to use it as-is with Deadwood;
I have gone to some effort to have Deadwood be mararc compatible, but
there are a lot of mararc parameters (csv2, ipv4_alias, etc) which
Deadwood does not support.

* Once you have converted your mararc file, Deadwood should work fine.

Please note that Deadwood does not support having authoritative zone
files.   Please also note that if you need to resolve names with IPs
like 192.168.1.42, to set the filter_rfc1918 parameter.

Let us know how Deadwood works for you.

- Sam

Note: I do not answer MaraDNS (including Deadwood) support requests
sent by private email without being compensated for my time. A MaraDNS
support request is any and all discussion you may wish to have about
MaraDNS in private email; if you want to email me to talk about
MaraDNS then, yes, that is a support request. I will discuss rates if
you want this kind of support. Thank you for your understanding.

MaraDNS security vulnerability reports, however, will be dealt with
without charge and kept confidential. If you don't know what Bugtraq
is, then, no, your email is not a security report. It is not a
security report unless you've done due diligence to determine how the
security bug you think you found can reasonably be exploited.


More information about the list mailing list