1. Forums
  2. Support
  3. Networking
  4. No DNS server is working on Alpine 3.6.2

No DNS server is working on Alpine 3.6.2

2 posts / 0 new
Log in or register to post comments
Last post
#1 Thu, 2017-11-30 07:02
itistoday
  • itistoday's picture
  • Offline
  • Last seen: 3 weeks 3 days ago
  • Joined: 2017-11-30

I've installed Alpine 3.6.2 with UFW firewall (which, during debugging, I've disabled completely, enabled with open port 53 etc.).

I've spent the past ~48 hours trying to get PowerDNS or Unbound working.

Neither work, and both seem to be encountering the same sort of weird problem, and I have no idea what's causing it.

PowerDNS, for example, will do:

Nov 29 20:57:29 PowerDNS Recursor 4.0.4 (C) 2001-2016 PowerDNS.COM BV
Nov 29 20:57:29 Using 64-bits mode. Built using gcc 6.3.0 on May  4 2017 11:46:17 by buildozer@build-3-6-x86_64.
Nov 29 20:57:29 PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
Nov 29 20:57:29 Reading random entropy from '/dev/urandom'
Nov 29 20:57:29 If using IPv6, please raise sysctl net.ipv6.route.max_size, currently set to 4096 which is < 16384
Nov 29 20:57:29 NOT using IPv6 for outgoing queries - set 'query-local-address6=::' to enable
Nov 29 20:57:29 Only allowing queries from: 0.0.0.0/0
Nov 29 20:57:29 PowerDNS Recursor itself will distribute queries over threads
Nov 29 20:57:29 Inserting rfc 1918 private space zones
Nov 29 20:57:29 Listening for UDP queries on 0.0.0.0:53
Nov 29 20:57:29 Enabled TCP data-ready filter for (slight) DoS protection
Nov 29 20:57:29 Listening for TCP queries on 0.0.0.0:53
Nov 29 20:57:29 Raised soft limit on number of filedescriptors to 1049 to match max-mthreads and threads settings
Nov 29 20:57:29 Set effective group id to 103
Nov 29 20:57:29 Set effective user id to 101
Nov 29 20:57:29 Launching 3 threads
Nov 29 20:57:29 Done priming cache with root hints
Nov 29 20:57:29 Enabled 'epoll' multiplexer
Nov 29 20:57:29 Done priming cache with root hints
Nov 29 20:57:29 Done priming cache with root hints
Nov 29 20:57:37 Failed to update . records, got an exception
Nov 29 20:57:37 Failed to update . records, RCODE=-1
Nov 29 20:57:37 Failed to update . records, got an exception
Nov 29 20:57:37 Failed to update . records, RCODE=-1
Nov 29 20:57:37 Failed to update . records, got an exception
Nov 29 20:57:37 Failed to update . records, RCODE=-1
Nov 29 20:59:00 Failed to update . records, got an exception
Nov 29 20:59:00 Failed to update . records, RCODE=-1
Nov 29 21:00:23 Failed to update . records, got an exception
Nov 29 21:00:23 Failed to update . records, RCODE=-1
^C

Meanwhile, Unbound outputs (in verbose mode):

unbound[11:0] info: mesh_run: end 2 recursion states (1 with reply, 0 detached), 1 waiting replies, 0 recursion replies sen
t, 0 replies dropped, 0 states jostled out
unbound[11:0] info: 0pvCD mod1  . NS IN
unbound[11:0] info: 1RDdc mod1 rep apple.com. A IN
unbound[11:0] debug: cache memory msg=66072 rrset=66072 infra=10626 val=66344
unbound[11:0] debug: svcd callbacks end
unbound[11:0] debug: timeout udp
unbound[11:0] debug: try edns1xx0 <.> 192.58.128.30#53
unbound[11:0] debug: EDNS lookup known=0 vs=0
unbound[11:0] debug: serviced query UDP timeout=376 msec
unbound[11:0] debug: inserted new pending reply id=ddf6
unbound[11:0] debug: opened UDP if=0 port=47241
unbound[11:0] debug: comm point start listening 43
unbound[11:1] debug: timeout udp
unbound[11:1] debug: try edns1xx0 <.> 198.41.0.4#53
unbound[11:1] debug: EDNS lookup known=0 vs=0
unbound[11:1] debug: serviced query UDP timeout=752 msec
unbound[11:1] debug: inserted new pending reply id=e80c
unbound[11:1] debug: opened UDP if=0 port=44093
unbound[11:1] debug: comm point start listening 44
unbound[11:0] debug: timeout udp
unbound[11:0] debug: svcd callbacks start
unbound[11:0] debug: worker svcd callback for qstate 0x4230d6563a0
unbound[11:0] debug: mesh_run: start
unbound[11:0] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_noreply
unbound[11:0] info: iterator operate: query . NS IN
unbound[11:0] debug: process_response: new external response event
unbound[11:0] debug: iter_handle processing q with state QUERY RESPONSE STATE
unbound[11:0] debug: query response was timeout
unbound[11:0] debug: iter_handle processing q with state QUERY TARGETS STATE
unbound[11:0] info: processQueryTargets: . NS IN
unbound[11:0] debug: processQueryTargets: targetqueries 0, currentqueries 0 sentcount 10
unbound[11:0] info: DelegationPoint<.>: 13 names (0 missing), 26 addrs (26 result, 0 avail) parentNS
unbound[11:0] info:   A.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   B.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   C.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   D.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   E.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   F.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   G.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   H.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   I.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   J.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   K.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   L.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] info:   M.ROOT-SERVERS.NET. * A AAAA
unbound[11:0] debug:    ip4 198.41.0.4 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:503:ba3e::2:30 port 53 (len 28)
unbound[11:0] debug:    ip4 199.9.14.201 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:200::b port 53 (len 28)
unbound[11:0] debug:    ip4 192.33.4.12 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:2::c port 53 (len 28)
unbound[11:0] debug:    ip4 199.7.91.13 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:2d::d port 53 (len 28)
unbound[11:0] debug:    ip4 192.203.230.10 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:a8::e port 53 (len 28)
unbound[11:0] debug:    ip4 192.5.5.241 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:2f::f port 53 (len 28)
unbound[11:0] debug:    ip4 192.112.36.4 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:12::d0d port 53 (len 28)
unbound[11:0] debug:    ip4 198.97.190.53 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:1::53 port 53 (len 28)
unbound[11:0] debug:    ip4 192.36.148.17 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:7fe::53 port 53 (len 28)
unbound[11:0] debug:    ip4 192.58.128.30 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:503:c27::2:30 port 53 (len 28)
unbound[11:0] debug:    ip4 193.0.14.129 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:7fd::1 port 53 (len 28)
unbound[11:0] debug:    ip4 199.7.83.42 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:500:9f::42 port 53 (len 28)
unbound[11:0] debug:    ip4 202.12.27.33 port 53 (len 16)
unbound[11:0] debug:    ip6 2001:dc3::35 port 53 (len 28)
unbound[11:0] debug: servselect ip4 193.0.14.129 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 192.58.128.30 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 192.112.36.4 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 192.203.230.10 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 199.7.91.13 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 198.41.0.4 port 53 (len 16)
unbound[11:0] debug:    rtt=752
unbound[11:0] debug: servselect ip4 192.33.4.12 port 53 (len 16)
unbound[11:0] debug:    rtt=1504
unbound[11:0] debug: servselect ip4 198.97.190.53 port 53 (len 16)
unbound[11:0] debug:    rtt=1504
unbound[11:0] debug: servselect ip4 202.12.27.33 port 53 (len 16)
unbound[11:0] debug:    rtt=1504
unbound[11:0] debug: selrtt 376
unbound[11:0] info: sending query: . NS IN
unbound[11:0] debug: sending to target: <.> 192.112.36.4#53
unbound[11:0] debug: dnssec status: expected
unbound[11:0] debug: EDNS lookup known=0 vs=0
unbound[11:0] debug: serviced query UDP timeout=752 msec
unbound[11:0] debug: inserted new pending reply id=1fba
unbound[11:0] debug: opened UDP if=0 port=21060
unbound[11:0] debug: comm point start listening 45
unbound[11:0] debug: mesh_run: iterator module exit state is module_wait_reply
unbound[11:0] info: mesh_run: end 2 recursion states (1 with reply, 0 detached), 1 waiting replies, 0 recursion replies sen
t, 0 replies dropped, 0 states jostled out
unbound[11:0] info: 0pvCD mod1  . NS IN
unbound[11:0] info: 1RDdc mod1 rep apple.com. A IN
unbound[11:0] debug: cache memory msg=66072 rrset=66072 infra=10626 val=66344
unbound[11:0] debug: svcd callbacks end

Here are the UDP packets sent during PowerDNS's startup:

-> # ss -u -E
Recv-Q Send-Q      Local Address:Port             Peer Address:Port
0      -1                      *:*                           *:*
0      -1                      *:*                           *:*
0      -1                      *:*                           *:*
0      -1        192.184.xxx.xxx:48854             192.5.5.241:domain
0      -1        192.184.xxx.xxx:39077              198.41.0.4:domain
0      -1        192.184.xxx.xxx:30356          192.203.230.10:domain
0      -1        192.184.xxx.xxx:50676             199.7.91.13:domain
0      -1        192.184.xxx.xxx:19617             199.7.91.13:domain
0      -1        192.184.xxx.xxx:24483              198.41.0.4:domain
0      -1        192.184.xxx.xxx:42323              198.41.0.4:domain
0      -1        192.184.xxx.xxx:3732             202.12.27.33:domain
0      -1        192.184.xxx.xxx:5997            198.97.190.53:domain
0      -1        192.184.xxx.xxx:64457            202.12.27.33:domain
0      -1        192.184.xxx.xxx:55273             192.5.5.241:domain
0      -1        192.184.xxx.xxx:45939            192.112.36.4:domain
0      -1        192.184.xxx.xxx:58584           192.36.148.17:domain
0      -1        192.184.xxx.xxx:22233           198.97.190.53:domain
0      -1        192.184.xxx.xxx:13054             192.33.4.12:domain
0      -1        192.184.xxx.xxx:10901           192.36.148.17:domain
0      -1        192.184.xxx.xxx:62253            193.0.14.129:domain
0      -1        192.184.xxx.xxx:14663             192.33.4.12:domain
0      -1        192.184.xxx.xxx:13577            192.112.36.4:domain
0      -1        192.184.xxx.xxx:45027            199.9.14.201:domain
0      -1       ::ffff:127.0.0.1:42337        ::ffff:127.0.0.1:65535
0      -1                    ::1:37162                     ::1:65535
0      -1                      *:domain                      *:*
^C

EDIT: and here's a tcpdump of another PowerDNS run attempt:

-> # tcpdump -s 1500 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
22:34:48.667303 IP myhost.company.com.17907 > l.root-servers.net.53: 14751 [1au] NS? . (28)
22:34:48.667526 IP myhost.company.com.55254 > resolver1.opendns.com.53: 11450+ PTR? 42.83.7.199.in-addr.arpa. (42)
22:34:48.667547 IP myhost.company.com.55254 > resolver2.opendns.com.53: 11450+ PTR? 42.83.7.199.in-addr.arpa. (42)
22:34:48.667557 IP myhost.company.com.55254 > ordns.he.net.53: 11450+ PTR? 42.83.7.199.in-addr.arpa. (42)
22:34:48.668016 IP myhost.company.com.30296 > i.root-servers.net.53: 4210 [1au] NS? . (28)
22:34:48.668111 IP resolver2.opendns.com.53 > myhost.company.com.55254: 11450 1/0/0 PTR l.root-servers.net. (74)
22:34:48.668280 IP myhost.company.com.45559 > resolver1.opendns.com.53: 52608+ PTR? xxx.xxx.184.192.in-addr.arpa. (45)
22:34:48.668300 IP myhost.company.com.45559 > resolver2.opendns.com.53: 52608+ PTR? xxx.xxx.184.192.in-addr.arpa. (45)
22:34:48.668310 IP myhost.company.com.45559 > ordns.he.net.53: 52608+ PTR? xxx.xxx.184.192.in-addr.arpa. (45)
22:34:48.668576 IP resolver1.opendns.com.53 > myhost.company.com.55254: 11450 1/0/0 PTR l.root-servers.net. (74)
22:34:48.668701 IP myhost.company.com.41765 > l.root-servers.net.53: 51874 [1au] NS? . (28)
22:34:48.668820 IP resolver2.opendns.com.53 > myhost.company.com.45559: 52608 1/0/0 PTR myhost.company.com. (79)
22:34:48.668859 IP resolver1.opendns.com.53 > myhost.company.com.45559: 52608 1/0/0 PTR myhost.company.com. (79)
22:34:48.669007 IP myhost.company.com.40157 > resolver1.opendns.com.53: 59049+ PTR? 222.222.67.208.in-addr.arpa. (45)
22:34:48.669029 IP myhost.company.com.40157 > resolver2.opendns.com.53: 59049+ PTR? 222.222.67.208.in-addr.arpa. (45)
22:34:48.669038 IP myhost.company.com.40157 > ordns.he.net.53: 59049+ PTR? 222.222.67.208.in-addr.arpa. (45)
22:34:48.669601 IP resolver2.opendns.com.53 > myhost.company.com.40157: 59049 1/0/0 PTR resolver1.opendns.com. (80)
22:34:48.669848 IP myhost.company.com.37141 > resolver1.opendns.com.53: 42174+ PTR? 220.220.67.208.in-addr.arpa. (45)
22:34:48.669875 IP myhost.company.com.37141 > resolver2.opendns.com.53: 42174+ PTR? 220.220.67.208.in-addr.arpa. (45)
22:34:48.669886 IP myhost.company.com.37141 > ordns.he.net.53: 42174+ PTR? 220.220.67.208.in-addr.arpa. (45)
22:34:48.669976 IP resolver1.opendns.com.53 > myhost.company.com.40157: 59049 1/0/0 PTR resolver1.opendns.com. (80)
22:34:48.670316 IP resolver2.opendns.com.53 > myhost.company.com.37141: 42174 1/0/0 PTR resolver2.opendns.com. (80)
22:34:48.670353 IP resolver1.opendns.com.53 > myhost.company.com.37141: 42174 1/0/0 PTR resolver2.opendns.com. (80)
22:34:48.670521 IP myhost.company.com.55244 > resolver1.opendns.com.53: 57279+ PTR? 42.42.82.74.in-addr.arpa. (42)
22:34:48.670542 IP myhost.company.com.55244 > resolver2.opendns.com.53: 57279+ PTR? 42.42.82.74.in-addr.arpa. (42)
22:34:48.670552 IP myhost.company.com.55244 > ordns.he.net.53: 57279+ PTR? 42.42.82.74.in-addr.arpa. (42)
22:34:48.671008 IP resolver2.opendns.com.53 > myhost.company.com.55244: 57279 1/0/0 PTR ordns.he.net. (68)
22:34:48.671153 IP myhost.company.com.46272 > resolver1.opendns.com.53: 36063+ PTR? 17.148.36.192.in-addr.arpa. (44)
22:34:48.671174 IP myhost.company.com.46272 > resolver2.opendns.com.53: 36063+ PTR? 17.148.36.192.in-addr.arpa. (44)
22:34:48.671182 IP myhost.company.com.46272 > ordns.he.net.53: 36063+ PTR? 17.148.36.192.in-addr.arpa. (44)
22:34:48.671462 IP resolver1.opendns.com.53 > myhost.company.com.55244: 57279 1/0/0 PTR ordns.he.net. (68)
22:34:48.671716 IP resolver2.opendns.com.53 > myhost.company.com.46272: 36063 1/0/0 PTR i.root-servers.net. (76)
22:34:48.672072 IP resolver1.opendns.com.53 > myhost.company.com.46272: 36063 1/0/0 PTR i.root-servers.net. (76)
22:34:48.674105 IP ordns.he.net.53 > myhost.company.com.55254: 11450 1/0/0 PTR l.root-servers.net. (74)
22:34:48.674328 IP ordns.he.net.53 > myhost.company.com.45559: 52608 1/0/0 PTR myhost.company.com. (79)
22:34:48.674478 IP ordns.he.net.53 > myhost.company.com.37141: 42174 1/0/0 PTR resolver2.opendns.com. (80)
22:34:48.674537 IP ordns.he.net.53 > myhost.company.com.40157: 59049 1/0/0 PTR resolver1.opendns.com. (80)
22:34:48.674557 IP ordns.he.net.53 > myhost.company.com.55244: 57279 1/0/0 PTR ordns.he.net. (68)
22:34:48.674707 IP ordns.he.net.53 > myhost.company.com.46272: 36063 1/0/0 PTR i.root-servers.net. (76)
22:34:50.169865 IP myhost.company.com.61752 > M.ROOT-SERVERS.NET.53: 64001 [1au] NS? . (28)
22:34:50.170038 IP myhost.company.com.52070 > M.ROOT-SERVERS.NET.53: 31046 [1au] NS? . (28)
22:34:50.170246 IP myhost.company.com.41301 > resolver1.opendns.com.53: 5318+ PTR? 33.27.12.202.in-addr.arpa. (43)
22:34:50.170263 IP myhost.company.com.41301 > resolver2.opendns.com.53: 5318+ PTR? 33.27.12.202.in-addr.arpa. (43)
22:34:50.170274 IP myhost.company.com.41301 > ordns.he.net.53: 5318+ PTR? 33.27.12.202.in-addr.arpa. (43)
22:34:50.170566 IP myhost.company.com.60501 > M.ROOT-SERVERS.NET.53: 63331 [1au] NS? . (28)
22:34:50.173261 IP ordns.he.net.53 > myhost.company.com.41301: 5318 1/0/0 PTR M.ROOT-SERVERS.NET. (75)
22:34:50.173321 IP resolver1.opendns.com.53 > myhost.company.com.41301: 5318 1/0/0 PTR M.ROOT-SERVERS.NET. (75)
22:34:50.173328 IP resolver2.opendns.com.53 > myhost.company.com.41301: 5318 1/0/0 PTR M.ROOT-SERVERS.NET. (75)
22:34:51.671950 IP myhost.company.com.43172 > e.root-servers.net.53: 25652 [1au] NS? . (28)
22:34:51.672081 IP myhost.company.com.18072 > G.ROOT-SERVERS.NET.53: 34048 [1au] NS? . (28)
22:34:51.672255 IP myhost.company.com.51757 > resolver1.opendns.com.53: 22081+ PTR? 10.230.203.192.in-addr.arpa. (45)
22:34:51.672277 IP myhost.company.com.51757 > resolver2.opendns.com.53: 22081+ PTR? 10.230.203.192.in-addr.arpa. (45)
22:34:51.672287 IP myhost.company.com.51757 > ordns.he.net.53: 22081+ PTR? 10.230.203.192.in-addr.arpa. (45)
22:34:51.672417 IP myhost.company.com.17487 > 198.97.190.53.53: 26148 [1au] NS? . (28)
22:34:51.672637 IP resolver2.opendns.com.53 > myhost.company.com.51757: 22081 1/0/0 PTR e.root-servers.net. (77)
22:34:51.672681 IP ordns.he.net.53 > myhost.company.com.51757: 22081 1/0/0 PTR e.root-servers.net. (77)
22:34:51.672688 IP resolver1.opendns.com.53 > myhost.company.com.51757: 22081 1/0/0 PTR e.root-servers.net. (77)
22:34:51.672848 IP myhost.company.com.34048 > resolver1.opendns.com.53: 30818+ PTR? 4.36.112.192.in-addr.arpa. (43)
22:34:51.672887 IP myhost.company.com.34048 > resolver2.opendns.com.53: 30818+ PTR? 4.36.112.192.in-addr.arpa. (43)
22:34:51.672897 IP myhost.company.com.34048 > ordns.he.net.53: 30818+ PTR? 4.36.112.192.in-addr.arpa. (43)
22:34:51.673242 IP resolver1.opendns.com.53 > myhost.company.com.34048: 30818 1/0/0 PTR G.ROOT-SERVERS.NET. (75)
22:34:51.673276 IP ordns.he.net.53 > myhost.company.com.34048: 30818 1/0/0 PTR G.ROOT-SERVERS.NET. (75)
22:34:51.673283 IP resolver2.opendns.com.53 > myhost.company.com.34048: 30818 1/0/0 PTR G.ROOT-SERVERS.NET. (75)
22:34:51.673499 IP myhost.company.com.55482 > resolver1.opendns.com.53: 23829+ PTR? 53.190.97.198.in-addr.arpa. (44)
22:34:51.673523 IP myhost.company.com.55482 > resolver2.opendns.com.53: 23829+ PTR? 53.190.97.198.in-addr.arpa. (44)
22:34:51.673533 IP myhost.company.com.55482 > ordns.he.net.53: 23829+ PTR? 53.190.97.198.in-addr.arpa. (44)
22:34:51.757935 IP resolver1.opendns.com.53 > myhost.company.com.55482: 23829 NXDomain 0/0/0 (44)
22:34:51.760428 IP resolver2.opendns.com.53 > myhost.company.com.55482: 23829 NXDomain 0/0/0 (44)
22:34:51.768514 IP ordns.he.net.53 > myhost.company.com.55482: 23829 NXDomain 0/0/0 (44)
22:34:53.174089 IP myhost.company.com.23938 > j.root-servers.net.53: 46725 [1au] NS? . (28)
22:34:53.174230 IP myhost.company.com.49369 > c.root-servers.net.53: 18019 [1au] NS? . (28)
22:34:53.174272 IP myhost.company.com.40919 > a.root-servers.net.53: 60934 [1au] NS? . (28)
22:34:53.174398 IP myhost.company.com.59844 > resolver1.opendns.com.53: 24271+ PTR? 30.128.58.192.in-addr.arpa. (44)
22:34:53.174423 IP myhost.company.com.59844 > resolver2.opendns.com.53: 24271+ PTR? 30.128.58.192.in-addr.arpa. (44)
22:34:53.174436 IP myhost.company.com.59844 > ordns.he.net.53: 24271+ PTR? 30.128.58.192.in-addr.arpa. (44)
22:34:53.174943 IP resolver2.opendns.com.53 > myhost.company.com.59844: 24271 1/0/0 PTR j.root-servers.net. (76)
22:34:53.174967 IP resolver1.opendns.com.53 > myhost.company.com.59844: 24271 1/0/0 PTR j.root-servers.net. (76)
22:34:53.175139 IP myhost.company.com.49220 > resolver1.opendns.com.53: 51632+ PTR? 12.4.33.192.in-addr.arpa. (42)
22:34:53.175163 IP myhost.company.com.49220 > resolver2.opendns.com.53: 51632+ PTR? 12.4.33.192.in-addr.arpa. (42)
22:34:53.175177 IP myhost.company.com.49220 > ordns.he.net.53: 51632+ PTR? 12.4.33.192.in-addr.arpa. (42)
22:34:53.175258 IP ordns.he.net.53 > myhost.company.com.59844: 24271 1/0/0 PTR j.root-servers.net. (76)
22:34:53.175576 IP ordns.he.net.53 > myhost.company.com.49220: 51632 1/0/0 PTR c.root-servers.net. (74)
22:34:53.175611 IP resolver2.opendns.com.53 > myhost.company.com.49220: 51632 1/0/0 PTR c.root-servers.net. (74)
22:34:53.175776 IP resolver1.opendns.com.53 > myhost.company.com.49220: 51632 1/0/0 PTR c.root-servers.net. (74)
22:34:53.175821 IP myhost.company.com.35245 > resolver1.opendns.com.53: 9212+ PTR? 4.0.41.198.in-addr.arpa. (41)
22:34:53.175830 IP myhost.company.com.35245 > resolver2.opendns.com.53: 9212+ PTR? 4.0.41.198.in-addr.arpa. (41)
22:34:53.175851 IP myhost.company.com.35245 > ordns.he.net.53: 9212+ PTR? 4.0.41.198.in-addr.arpa. (41)
22:34:53.176456 IP resolver2.opendns.com.53 > myhost.company.com.35245: 9212 1/0/0 PTR a.root-servers.net. (73)
22:34:53.176520 IP resolver1.opendns.com.53 > myhost.company.com.35245: 9212 1/0/0 PTR a.root-servers.net. (73)
22:34:53.177943 IP ordns.he.net.53 > myhost.company.com.35245: 9212 1/0/0 PTR a.root-servers.net. (73)
22:34:54.676224 IP myhost.company.com.20715 > b.root-servers.net.53: 40095 [1au] NS? . (28)
22:34:54.676344 IP myhost.company.com.53714 > l.root-servers.net.53: 36681 [1au] NS? . (28)
22:34:54.676472 IP myhost.company.com.44674 > resolver1.opendns.com.53: 51297+ PTR? 201.14.9.199.in-addr.arpa. (43)
22:34:54.676484 IP myhost.company.com.44674 > resolver2.opendns.com.53: 51297+ PTR? 201.14.9.199.in-addr.arpa. (43)
22:34:54.676493 IP myhost.company.com.44674 > ordns.he.net.53: 51297+ PTR? 201.14.9.199.in-addr.arpa. (43)
22:34:54.686581 IP myhost.company.com.13317 > f.root-servers.net.53: 9688 [1au] NS? . (28)
22:34:54.687259 IP resolver1.opendns.com.53 > myhost.company.com.44674: 51297 1/0/0 PTR b.root-servers.net. (75)
22:34:54.687596 IP myhost.company.com.44094 > resolver1.opendns.com.53: 23880+ PTR? 241.5.5.192.in-addr.arpa. (42)
22:34:54.687618 IP myhost.company.com.44094 > resolver2.opendns.com.53: 23880+ PTR? 241.5.5.192.in-addr.arpa. (42)
22:34:54.687626 IP myhost.company.com.44094 > ordns.he.net.53: 23880+ PTR? 241.5.5.192.in-addr.arpa. (42)
22:34:54.691624 IP ordns.he.net.53 > myhost.company.com.44094: 23880 1/0/0 PTR f.root-servers.net. (74)
22:34:54.691693 IP resolver1.opendns.com.53 > myhost.company.com.44094: 23880 1/0/0 PTR f.root-servers.net. (74)
22:34:54.691701 IP resolver2.opendns.com.53 > myhost.company.com.44094: 23880 1/0/0 PTR f.root-servers.net. (74)
22:34:54.744647 IP ordns.he.net.53 > myhost.company.com.44674: 51297 1/0/0 PTR b.root-servers.net. (75)
22:34:54.794281 IP resolver2.opendns.com.53 > myhost.company.com.44674: 51297 1/0/0 PTR b.root-servers.net. (75)
22:34:56.204982 IP myhost.company.com.57454 > 198.97.190.53.53: 48941 [1au] TXT? recursor-4.0.4.security-status.secpoll.powerdns.com. (80
)
22:34:57.707158 IP myhost.company.com.48572 > a.root-servers.net.53: 53672 [1au] TXT? recursor-4.0.4.security-status.secpoll.powerdns.com
. (80)
^C
107 packets captured
109 packets received by filter
0 packets dropped by kernel

I've been banging my head against the wall for a while now, kinda losing hope almost, and but still holding out that perhaps someone might be able to help me out here.

Any help at all is greatly appreciated!!

Thu, 2017-11-30 08:21
itistoday
  • itistoday's picture
  • Offline
  • Last seen: 3 weeks 3 days ago
  • Joined: 2017-11-30

Success! Sorta! At least I was able to figure out what the problem is with some help from the wonderful folks on #alpine-linux and #powerdns IRC channels. :)

It was suggested that I try querying the root dns servers to see if I was able to get anything from them at all using dig: `dig @192.43.172.30 com ns`

That timed out.

But `dig +tcp @192.43.172.30 com ns` worked!

So the current working hypothesis is that either my host is blocking UDP traffic to the root servers, or the root servers are blocking UDP traffic from my host. I will contact them to figure out what's going on, but in the meantime I have a workaround which is the `tcp-upstream: yes` option in Unbound. :)

The good news is that this *does not* seem like an Alpine Linux problem, and neither is it a Docker or DNS server problem either. :)

Log in or register to post comments