[Pdns-users] PDNS-Recursor Not Providing DNS Lookups?

bert hubert bert.hubert at netherlabs.nl
Fri Aug 22 17:42:31 UTC 2008

On Fri, Aug 22, 2008 at 12:30:36PM -0400, Steve Chapman wrote:
> I'm working in an environment that uses split DNS (some parentcompany.com
> servers we want resolved from corporate DNS servers, others from Internet
> DNS servers).  I've installed the pdns-recursor RPM (3.1.7-1) on my RHEL 5
> bind DNS server and configured the recursor, all defaults except:

Very good!

> If I run an "nslookup Server2.parentcompany.com <IP of Corporate DNS
> server>", I get a valid IP address, and then if I subsequently re-run the
> nslookup against the PDNS Recursor, it provides the answer from then on.
> Why isn't it providing the answer initially?  Any ideas would be helpful.

The reason is that PowerDNS is expecting you to forward queries to an
authoritative server.

It appears you are forwarding them to a server that is not authoritative for
Server2.parentcompany.com, but is in itself a caching resolver.

PowerDNS is sending so called 'non-recursion desired' questions to your
internal nameserver, and this internal server is therefore not recursing for
your questions.

Once you've triggered the internal server to look the question up, it keeps
the answer in the cache.

The second time PowerDNS asks, no recursion is needed, since the answer is
there already.

I'm not sure what to do now - it might be good for PowerDNS to set the 'rd'
bit in forwarded queries.

Any ideas?


