[Pdns-users] Newbie Question

Tom Rossi trossi at msites.com
Tue Apr 10 20:28:11 UTC 2007 

Okay, I've tried out my newfound knowledge and here are my results.  First I
tried adding the "allow-recursion-override=yes" to my config file.  I left
the recursor key set to my other production DNS.  I then started pdns with
"sudo /etc/init.d/pdns monitor".  I used nslookup to try and resolve
www.test.com which is set up with a CNAME.  The result was not the IP of the
CNAME value but that of the true public ip for www.test.com.  What did I do
wrong?  Also, is there a switch to have pdns monitor show me each query?  A
debug logging maybe?

The second thing I tried was to remove the recursor key and use the pdns as
strictly authoritative.  The database remains the same -- a CNAME for
www.test.com.  Again, I used nslookup to try and resolve, but now I get a
"** server can't find www.test.com: SERVFAIL"  Shouldn't it have responded
with the value of the CNAME even if it couldn't recurse to resolve it?

Thanks for your patience guys!
--Tom

On 4/10/07, Tom Rossi <trossi at msites.com> wrote:
>
> Thanks for the great explanation!
>
> On 4/10/07, Derrik Pates <demon at devrandom.net> wrote:
> >
> > Tom Rossi wrote:
> > > Thank you so much for helping me out.  I think I may be showing my
> > > ignorance.  I thought it would have to be configured with a recursor
> > to
> > > be able to resolve something it is not authoritative.  So in my
> > > scenario, the DNS is the authority for mydomain.com
> > > <http://mydomain.com> and I have an MX record that points to
> > > mx.google.com.  My authoritative DNS for mydomain.com needs to be
> > > able to resolve mx.google.com.
> >
> > No, your authoritative nameserver doesn't have to care what
> > 'mx.google.com' points to; it just returns the MX record by itself to
> > the recursor. If the MX happened to be in a local zone, it could provide
> > the A record that it points to, but that's not required. The recursor
> > may (optionally) do additional processing, i.e., resolve where
> > 'mx.google.com' points to, but this is not required either.
> >
> > > Do I need to configure a recursor
> > > to make that happen?
> >
> > Your mailserver should either be running a local recursor (good for
> > high-demand mailservers to prevent excessive waiting around for
> > recursive lookups), or referring to one or more central recursors, which
> >
> > handle the task of recursive lookups for it.
> >
> > --
> > Derrik Pates
> > demon at devrandom.net
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20070410/f446140a/attachment-0001.html>

More information about the Pdns-users mailing list