[Pdns-users] Managing pdns-recursors forward.zones file

Peter van Dijk peter.van.dijk at netherlabs.nl
Fri Jan 4 08:06:11 UTC 2013

Hello Thomas,

On Jan 3, 2013, at 20:21 , Thomas Mieslinger wrote:

> currently my team mates and I use a script to build a (currently) 423 lines long forward.zones file.
> Every time we need to touch it we have fear to break things really fast.


> So I'm thinking about two solutions:
> - I could add functionality to my employers new ip address and dns management tool to manage forward.zone files.
> - I could regular download the root-zone file, strip dnssec from it, append information for the 423 forward.zones and load it into our pdns-authoritative servers and shorten the forward.zones to
> ".=<pdns-authoritative-IPs>"
> Has anyone already tried the second method? Do you think that could work?

A simplified version of that file might look like this (I presume, please correct me if I'm wrong!)
. SOA ....
com. IN NS a.gtld-servers.net.
hotmail.com. IN NS ns.pc-h.de.

If the recursor asks for www.google.com, it will get the com referral, and cache that. If it *then* needs www.hotmail.com, it will presumably use that cached com referral. I have not tried this but I have the feeling this is where it would go wrong.

Kind regards,
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/

More information about the Pdns-users mailing list