[Pdns-users] PDNS doesn't feel authoritative?

Chris lists at proquariat.de
Thu Feb 11 01:28:53 UTC 2010

Earlier I set this the recursor to some random dns server on the 
internet. But there's the problem that pdns should serve some private 
zone that's not resolvable through the root servers.

So, what's the best practice with the pds_recursor here? Should I use 
forward-zones= to point back to my (should be)authoritative pdns 

Thanks a lot for your help.


Stefan Schmidt wrote:
> On Thu, Feb 11, 2010 at 01:44:38AM +0100, Chris wrote:
>>> Try putting 'hallo.foo.bar.' in the content column of that CNAME.
>> I already tried this. I still get the same error:
>> Not authoritative for 'hallo.foo.bar.', sending servfail to
>> (recursion was desired)
> Ah right, you did not specify a recursor= option, this means that your
> pdns_server will be authoritative-only.
> Your recursive nameserver (for example pdns_recursor) will take care of
> resolving this cname subsequently.
> For testing an authoritative-only server you should try
> dig @ hier.foo.bar. +norec
> and
> dig @ hallo.foo.bar. +norec
> which will not set the recursion desired (RD) flag for this query.
> It is best current practice to seperate recursive and authoritative servers.  [1]
> However if you need to do both just specify your recursive dns IP address with
> the recursor=<ip> in pdns.conf. This will cause the authoritative server to
> proxy all questions that it cannot ask from its database to the recursive
> server for you.
> 	Stefan
> [1] http://cr.yp.to/djbdns/separation.html

More information about the Pdns-users mailing list