[Pdns-users] PowerDNS Recursor Question
Clint Martin
clintm at laplink.com
Fri Jan 16 17:28:39 UTC 2004
actually,
If the PDNS server is authoritative for a zone (clint.nt in my example)
and a query comes in for a record which is not located in the zone
(bob.clint.nt for example) the server checks it's SQL backend, doesn't
find the record, and passes the query to the recursor. Since PDNS is
authoritative for the zone, I don't think it should pass the query to
the recursor at all, rather it should return NXDOMAIN directly. If you
send a query with the no-recurse option, the PDNS server does return
NXDOMAIN without passing to the recursor.
make sense?
I really appreciate how responsive this list is! It's a breath of fresh
air!
Clint
-----Original Message-----
From: Norbert Sendetzky [mailto:norbert at linuxnetworks.de]
Sent: Friday, January 16, 2004 8:49 AM
To: bert hubert; Clint Martin
Cc: Pdns-Users (E-mail)
Subject: Re: [Pdns-users] PowerDNS Recursor Question
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 16 January 2004 16:03, bert hubert wrote:
> On Thu, Jan 15, 2004 at 08:46:45AM -0800, Clint Martin wrote:
> > And queries to non existant hosts in the zone still result in the
> > query being passed to the recursor (although doing the query with
> > the no-recurse option does return an authoritative NXDOMAIN)
>
> Hmyes, tricky. This would hurt performance quite a lot as any
> recursive question for which no answer is available leads to a
> potentially very large number of SQL queries.
>
> I added a feature for this in 2.9.14:
> arg().setSwitch("recursion-check-nxdomain","Set this to double
> check if recursive queries really don't exist")="";
Have I understood the problem right?
Recursing is done even if pdns is authoritive for the domain, as long
as the recursor isn't disabled?
Norbert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAkAIFfMACgkQxMLs5v5/7eAhngCgi8PIz+4KTeyOWCFafDmLaeBr
NhYAn3OGLvbpimWYJ3fWfsQat6yRTRh1
=KdcE
-----END PGP SIGNATURE-----
More information about the Pdns-users
mailing list