[Pdns-users] recursing for records which are missing from authoritative zones
Kiki
kixx.tm at gmail.com
Wed Apr 29 08:26:41 UTC 2015
Thanks for the info. I'm stull confused about the meaning of "for questions
for which there is no answer", in the following paragraph:
This means that for questions for which there is no answer, PowerDNS will
consult the recursor for an recursive query, even if PowerDNS is
authoritative for a domain!
I thought "an answer" means a record in the PowerDNS database
On Tue, Apr 28, 2015 at 6:30 PM, ktm at rice.edu <ktm at rice.edu> wrote:
> On Tue, Apr 28, 2015 at 06:22:02PM +0300, Kiki wrote:
> > Hi all,
> >
> > I want to setup a NS to "shadow" a zone on an internal LAN. Basically to
> > add private records for the machines on the LAN to an otherwise public
> zone.
> >
> > According to https://doc.powerdns.com/md/authoritative/recursion/ even
> if
> > the NS thinks it's authoritative for a domain it should still consult the
> > recursor for an recursive query if the record is not found in the
> database.
> >
> > I have set both an "allow-recursion" and "recursor" option and it works
> for
> > queries for which are not considered authoritative like google.com, but
> I
> > get NXDOMAIN for queries for the "shadowed" zone which are not in the
> local
> > database
> >
> > It seems like "lazy-recursion" was the option which would do that but
> it's
> > been removed. The docs also mention "allow-recursion-override" which is
> > also not available anymore
> >
> > What am I missing? Should I downgrade to an earlier version?
> >
> > PowerDNS version: 3.4.3 w/ gmysql backend
> > OS: CentOS 7
> >
> > Thanks,
>
> Hi,
>
> The authoritative server is considered authoritative and if an entry is
> not present, an NXDOMAIN will be returned. The recursion described in the
> manual only applies to items that DO EXIST in the authoritative system.
> I suspect that you need to be using the pdns-recursor at the front with
> some Lua scripting to handle the local private addresses.
>
> Regards,
> Ken
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20150429/39890825/attachment-0001.html>
More information about the Pdns-users
mailing list