[Pdns-users] pdns forward nested recurse possible?
Brian Candler
b.candler at pobox.com
Fri Apr 19 09:22:12 UTC 2019
On 19/04/2019 09:48, abubin wrote:
> Is it possible to use recursor to forward all queries to pdns
> authoritative server and if that query fails, it will forward all to
> public DNS such as 8.8.8.8?
I don't think so. (In any case, define what you mean by "failure" -
REFUSED? SERVFAIL? NXDOMAIN? Something else?)
You might be able to do something funky like that with dnsdist, but I
prefer DNS to work deterministically.
>
> For example, in my pdns, I have create a domain called mydomain.com
> <http://mydomain.com> and yourdomain.moc.
>
> So instead of creating:
> forward-zones=mydomain=127.0.0.1:5300 <http://127.0.0.1:5300>
> forward-zones+=yourdomain.moc=127.0.0.1:5300 <http://127.0.0.1:5300>
> forward-zones-recurse=.=8.8.8.8
>
> I would like to create:
> forward-zones-recurse=.=127.0.0.1:5300 <http://127.0.0.1:5300>
> forward-zones-recurse+=.=8.8.8.8
>
> However, tried second method and it does not work. Please advise.
You could try using forward-zones-file to list all your domains which
need to be forwarded:
mydomain.com=127.0.0.1:5300
yourdomain.moc=127.0.0.1:5300
+.=8.8.8.8
I am not sure about the last line, as I've never used pdns-recursor as a
dumb forwarding cache. I prefer to let it do its own recursion and not
trust a third-party cache.
Also see the note about negative trust anchors at
https://doc.powerdns.com/recursor/settings.html#forward-zones
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190419/23f941ff/attachment.html>
More information about the Pdns-users
mailing list