[Pdns-users] PDNS doesn't feel authoritative?
Chris
lists at proquariat.de
Thu Feb 11 01:28:53 UTC 2010
Earlier I set this the recursor to some random dns server on the
internet. But there's the problem that pdns should serve some private
zone that's not resolvable through the root servers.
So, what's the best practice with the pds_recursor here? Should I use
forward-zones= to point back to my (should be)authoritative pdns
installation?
Thanks a lot for your help.
Chris
Stefan Schmidt wrote:
> On Thu, Feb 11, 2010 at 01:44:38AM +0100, Chris wrote:
>
>>> Try putting 'hallo.foo.bar.' in the content column of that CNAME.
>>>
>> I already tried this. I still get the same error:
>>
>> Not authoritative for 'hallo.foo.bar.', sending servfail to
>> 10.30.0.0 (recursion was desired)
>>
>
> Ah right, you did not specify a recursor= option, this means that your
> pdns_server will be authoritative-only.
> Your recursive nameserver (for example pdns_recursor) will take care of
> resolving this cname subsequently.
> For testing an authoritative-only server you should try
> dig @10.20.30.42 hier.foo.bar. +norec
> and
> dig @10.20.30.42 hallo.foo.bar. +norec
> which will not set the recursion desired (RD) flag for this query.
>
> It is best current practice to seperate recursive and authoritative servers. [1]
> However if you need to do both just specify your recursive dns IP address with
> the recursor=<ip> in pdns.conf. This will cause the authoritative server to
> proxy all questions that it cannot ask from its database to the recursive
> server for you.
>
> Stefan
>
> [1] http://cr.yp.to/djbdns/separation.html
>
More information about the Pdns-users
mailing list