[Pdns-users] rec_control reload-zones undocumented behavior, POLA breakage
sthaug at nethelp.no
sthaug at nethelp.no
Mon Aug 20 10:20:54 UTC 2018
Background: We're using the "forward-zones-file" functionality of
PowerDNS recursor to forward some queries to a BIND server.
I see the following behavior for PowerDNS recursor 4.1.3 running on
a FreeBSD 11.2-STABLE server:
- Zone added to the list in forward-zones-file: The forwarding takes
effect immediately.
- Zone removed from the list in forward-zones-file: Forwarding takes
effect immediately *for names not in the PowerDNS cache*. For names in
the PowerDNS cache, forwarding doesn't take effect until TTL expires.
Is this behavior (removal of names already cached vs. names not
cached) intentional? From my point of view it certainly breaks POLA,
and means we have to restart the recursor (and thus throw away the
cache) to ensure that changes to the list in forward-zones-file take
effect right away.
If the behavior is intentional it should be documented.
Steinar Haug, AS2116
More information about the Pdns-users
mailing list