[Pdns-users] Recursor sends SERVFAIL instead of REFUSED

Tibor Benke ihrwein at gmail.com
Thu Apr 26 14:19:08 UTC 2012

Hi Peter,

I have an authoritative server with version 2.9.22 and a recursor with
3.2. These run on debian squezee. I have a network and the hosts of
this network have public IP addresses. I would like to run the
recursive and the authoritative server on the same host. Currently the
authoritative server is in front of the recursor. The authoritative
listens on the port 53 and if the request is not authoritative for the
query it passes it to the recursor that listens on [::1]:10053 and

I would like to enable the recursion only on my network, meanwhile the
whole world should reach the authoritative server.


2012/4/26 Peter van Dijk <peter.van.dijk at netherlabs.nl>:
> Hi Tibor,
> On Apr 26, 2012, at 13:54 , Peter van Dijk wrote:
>> Hi Tibor,
>> On Apr 26, 2012, at 12:41 , Tibor Benke wrote:
>>> I have a recursor behind the authoritative server. The recursion is
>>> only authorized internally.
>>> If I make an external query recursion I get a SERVFAIL answer not a REFUSED.
>>> I would like to get a REFUSED answer. It is possible?
>>> The version of my recursor is 3.2.
>> Recursor 3.4(-pre) drops the query instead of returning anything. This is not configurable.
> I misread - I missed that you said 'behind the authoritative server'.
> When I test here (with auth 3.1-RC2) I get NOERROR, not SERVFAIL. Can you tell us more
> about your setup (version of auth, configs of both)?
> Kind regards,
> --
> Peter van Dijk
> Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users

More information about the Pdns-users mailing list