[Pdns-users] recursor: no reverse lookups

Sig Pam spam at itserv.de
Sun Nov 18 15:00:53 UTC 2018 

Hi all!

 
I have trouble with reverse lookup of IP addresses. Reverse lookups work when I directly request my Bind9, but not pdns-recursor forwarding the request to the same Bind9. I do this because I want to use the lua-script facility to filter incoming requests, allowing only the lookup of named zones and domains.

 
I run pdns-recursor (4.0.4, Debian) on the same machine as my Bind9. Bind9 listens to port 53, pdns-recurser to 5300 (should be interchanged in the future). The Bind is able to resolve either local zones or looks up any IP-address on the web.

 
Here is my config file for pdns-recursor:

 
root at host:/etc/powerdns# grep -v '#' recursor.conf |grep -v '^$' 

config-dir=/etc/powerdns

forward-zones-recurse=.=127.0.0.1:53

hint-file=/usr/share/dns/root.hints

local-address=0.0.0.0

local-port=5300

quiet=yes

security-poll-suffix=

setgid=pdns

setuid=pdns

 
With this setup, I can forward lookup all IP addresses - my local zones as well as Internet addresses, both by directly asking Bind9 as well as pdns-recursor.

 
However, the reverse lookup does only work when I directly talk to Bind, but not when asking pdns-recursor.

 
This is the answer from Bind (port 53) (192.168.94.66 is the Bind/pdns-recursor test server)

[root at hallo ~]# nslookup - 192.168.94.66

> set port=53

> 192.168.94.66

Server:         192.168.94.66

Address:   192.168.94.66#53

 
66.94.168.192.in-addr.arpa name = sixtysix.corp.mydomain.de.

 
And this from pdns-recursor (port 5300)

[root at hallo ~]# nslookup - 192.168.94.66

> set port=5300

> 192.168.94.66

Server:         192.168.94.66

Address:   192.168.94.66#5300

 
** server can't find 66.94.168.192.in-addr.arpa.: NXDOMAIN

 
I don’t understand what might be wrong with the lookup of IP addresses through pdns-recursor, as I (think I) forward all requests to my Bind with the forward-zones-recurse=.

 
Can somebody please help me and tell me what’s wrong?

 
Thank you very much!

 
    Sig

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20181118/33c030c6/attachment.html>

More information about the Pdns-users mailing list