[Pdns-users] recursing for records which are missing from authoritative zones
ktm at rice.edu
ktm at rice.edu
Tue Apr 28 15:30:40 UTC 2015
On Tue, Apr 28, 2015 at 06:22:02PM +0300, Kiki wrote:
> Hi all,
>
> I want to setup a NS to "shadow" a zone on an internal LAN. Basically to
> add private records for the machines on the LAN to an otherwise public zone.
>
> According to https://doc.powerdns.com/md/authoritative/recursion/ even if
> the NS thinks it's authoritative for a domain it should still consult the
> recursor for an recursive query if the record is not found in the database.
>
> I have set both an "allow-recursion" and "recursor" option and it works for
> queries for which are not considered authoritative like google.com, but I
> get NXDOMAIN for queries for the "shadowed" zone which are not in the local
> database
>
> It seems like "lazy-recursion" was the option which would do that but it's
> been removed. The docs also mention "allow-recursion-override" which is
> also not available anymore
>
> What am I missing? Should I downgrade to an earlier version?
>
> PowerDNS version: 3.4.3 w/ gmysql backend
> OS: CentOS 7
>
> Thanks,
Hi,
The authoritative server is considered authoritative and if an entry is
not present, an NXDOMAIN will be returned. The recursion described in the
manual only applies to items that DO EXIST in the authoritative system.
I suspect that you need to be using the pdns-recursor at the front with
some Lua scripting to handle the local private addresses.
Regards,
Ken
More information about the Pdns-users
mailing list