[Pdns-users] PDNS doesn't feel authoritative?
Stefan Schmidt
zaphodb at zaphods.net
Thu Feb 11 00:55:38 UTC 2010
On Thu, Feb 11, 2010 at 01:44:38AM +0100, Chris wrote:
> >Try putting 'hallo.foo.bar.' in the content column of that CNAME.
>
> I already tried this. I still get the same error:
>
> Not authoritative for 'hallo.foo.bar.', sending servfail to
> 10.30.0.0 (recursion was desired)
Ah right, you did not specify a recursor= option, this means that your
pdns_server will be authoritative-only.
Your recursive nameserver (for example pdns_recursor) will take care of
resolving this cname subsequently.
For testing an authoritative-only server you should try
dig @10.20.30.42 hier.foo.bar. +norec
and
dig @10.20.30.42 hallo.foo.bar. +norec
which will not set the recursion desired (RD) flag for this query.
It is best current practice to seperate recursive and authoritative servers. [1]
However if you need to do both just specify your recursive dns IP address with
the recursor=<ip> in pdns.conf. This will cause the authoritative server to
proxy all questions that it cannot ask from its database to the recursive
server for you.
Stefan
[1] http://cr.yp.to/djbdns/separation.html
--
Jones' Law: The man who smiles when things go wrong has thought of someone he
can blame it on.
More information about the Pdns-users
mailing list